I will be on Redacted shortly.
https://www.youtube.com/live/8BqVnOu1WBs
See here after interview airs for updated info.
I read that as 'I will be redacted shortly', and then I noticed the stream ended abruptly.
How you can be deanonymized through Tor
Tor is an excellent tool for privacy, and we do not recommend you avoid it. However, there are many limitations to be aware of and ways of using it that can compromise your anonymity on Tor. This post will discuss just a few of the ways, but there may be others that the public is unaware of. For example in 2017, the FBI dropped a case against a school worker accused of downloading child pornography because the FBI would have rather let him go than reveal the source code for how they deanonymitized him through Tor. [1]
The techniques we will cover include:
1) JavaScript based attacks
2) Cookies
3) Compromised Exit Nodes
4) Compromised Middle Relays
5) Compromised Entrance Guards
6) Opening Files Outside Tor
7) Ultrasonic Sounds
JavaScript Attacks
JavaScript can be used to identify a user through Tor in a number of different ways. This is why Tor Browser comes pre-bundled with the âNoScriptâ plugin. This plugin can either reduce or disable JavaScriptâs ability. When the plugin is set on the âSafestâ setting, JavaScript is completely disabled. This level of security is required to completely stay anonymous and secure on Tor.
The first way that JavaScript can identify a user is if a malicious website were to inject code into Mozilla Firefox (the foundation upon which the Tor Browser bundle is built). An example of this exploit was demonstrated as recently as 2022 by Manfred Paul at a Pwn2Own hacking contest of getting a userâs real IP address through Tor. [4a] [4b]
But this is not a one time bug or incident, as Mozilla Firefox has a history of being vulnerable to these types of malicious JavaScript injections. Malicious script hacks caused Tor to have to patch to correct them in 2019 [5], 2016 [6], and 2013 [8].
Back in 2016, cybersecurity researcher Jose Carlos Norte revealed ways that JavaScript could be used to identify Tor users through its hardwareâs limitations. These advanced techniques fingerprinted the userâs mouse movements, which are tied to hardware restrictions and potentially unique operating system settings. Norte additionally warned how running CPU intensive code could potentially identify the userâs PC based on how long it takes to execute. [7]
The point of all of this is that all of these vulnerabilities did not work when NoScript was set to the safest mode of disabling JavaScript.
Browser Alone doesnât stop cookies
Another security issue with Tor is pre-existing cookies, which could compromise your anonymity. For example, letâs say you previously signed on to your Amazon account from the same computer you are now using Tor Browser in (but using a different browser). If you now visit an Amazon page using Tor Browser (or maybe even receive a forwarded Amazon URL), you could potentially be connected to the Amazon cookie already on your computer and be deanonymized instantly. This would immediately connect the Tor traffic with you.
Remember though that Tor Browser is only one of a few options for using Tor. The way around this cookie issue is to use Tor in a virtual machine with the Whonix operating system or the USB operating system version of Tor called Tails.
Compromised Tor Exit Nodes
Your traffic enters Tor encrypted and stays encrypted through its journey throughout the mixnet until it gets to the final stop, which is the exit node. Here the exit node communicates with the âregularâ clearnet without Torâs onion encryption to access a website on your behalf.
Outside of Tor on the âregularâ clearweb internet, most websites use httpS encryption. This is shown with a padlock in the top by the URL. If the website is http, without the âs,â then itâs unencrypted plain text data. Anything you do using an unencrypted http website with a Tor exit node can be snooped on and seen. However, this risk is relatively low because of the high percentage of websites that use httpS.
The biggest risk is that the httpS encryption can be removed using SSL stripping. This is when the Tor Exit node acts as a man in the middle, faking the server with which youâre trying to authenticate and downgrading the connection to httpS. For example in 2020, a malicious actor took control of over 23% of all Tor exit nodes and started doing SSL stripping to steal Bitcoin being sent on mixing websites. [9] [10]
To prevent against these types of attacks, upgrade the Tor security level to safest, which requires the use of HTTPS encryption with âHTTPS-Onlyâ. Also pay attention to the top icon by the URL bar, to make sure thereâs always a padlock showing itâs using this encryption.
You can click on the icon to see your Tor connection route and the certificate authority. Certificate authorities are the entities that validate the authenticity of the HTTPS encryption to this IP address. On a side note, these certificate authorities can act as a censor by removing an entryâs IP address, and this is one of the flaws that many cryptocurrency blockchains are actively working to solve.
Another way to prevent malicious Tor exit nodes from stealing your data or cryptocurrency is to avoid using exit nodes by using primarily Onion services. If you only login to Onion websites, then you never exit Tor. This doesnât mean completely avoiding clearweb sites, but try to only browse them and not login. Itâs the login/password credentials that malicious exit nodes steal with SSL stripping.
Malicious Middle Relays
The next type of risk is malicious middle relays â the hop between an entrance guard and an exit node. For example, the malicious group KAX17 had been identified as having run up to 35% of the middle relays and 10% of the overall Tor network before the official Tor project removed 900 of its servers. [15] [16]
While malicious exit nodes often want to steal Bitcoin or data, the goal of malicious middle relays is to deanonymatize users by seeing the path of their traffic. This is especially true on Onion hidden services because it doesnât even use exit nodes.
There are a few things you can do to reduce this risk. We will go over them in the entrance guard section, because they are the same methods.
Malicious Entrance Guards
Entrance guards can see what IP address is connecting to the Tor network, but canât see the traffic itself as itâs onion layer encrypted. However, they can gather some information, such as the time, size, and frequency of the data packets.
Researchers from Massachusetts Institute of Technology and Qatar Computing Research Institute wrote in a 2015 paper that if one of their malicious machine learning algorithm servers gets randomly picked to be a userâs entrance guard, then it may be able to figure out what website that user is accessing. The MIT researchers are able to do this by analyzing the patterns of packets from a pre-determined list of websites and seeing if they match the traffic their malicious entrance guard snoops. [17] [18]
According to MIT News, the MIT machine learning algorithm has above an 80% chance to be able to identify what hidden services a given Tor participant is hosting, but there are two conditions. First the host has to be directly connected to its malicious entrance guard and second the hosted site was on MITâs predetermined list. [18] And finding who is the host of controversial materials is often of more interest to oppressive regimes than just who are the websiteâs visitors.
How can you avoid this?
There are a few ways you can reduce your risks with malicious entrance guards and middle relays.
First, use your own hosted ob4s bridge as an entrance guard to avoid ever having both a malicious relay and guard. Our company can help you set this up on a cloud server (VPS) or you can do it on your own.
And second, you can enter Tor with a VPN first.
Opening Files Outside of Tor
If files are opened outside of Tor Browser, they could have code that executes and reveals back to an adversary your real IP address. To avoid this, one can use a dedicated virtual machine like Whonix, which forces all traffic in the VM through Tor. Another option is the Tails operating system on a USB stick, which automatically erases everything after youâre done.
However, if you want to use a PDF outside of Tor, then youâll need to convert it to plain text. One great Linux tool to do this inside Whonixâs command line is PDFtoText. You can install it with this command:
sudo apt install poppler-utils
Then use it with this:
pdftotext -layout input.pdf output.txt
The -layout flag keeps the original layout. input.pdf is the original file, and output.txt is what you want the output to be named.
Ultrasonic Cross Device Tracking
As University of California Santa Barbara cybersecurity researchers presented at a BlackHat European conference, malicious websites can identify users through Tor using sounds invisible to the human ear. [20]
The way this works is that many popular phone apps use Silverpushâs ad system, which can receive high frequency audio without the phoneâs owner being aware of it. Audio of this type could be broadcast maliciously from a Tor website.
Silverpush enables the sale of your location data
These doctoral researchers warned of the dangers Silverpush presents by being connected to wide-spread platforms such as Google Ads. To demonstrate this, the researchers played video of their lab experiment, which de-anonymatized a laptop through Tor Browser, as a result of an Androidâs mic next to the laptopâs speakers, while being signed in to a Google account. [34]
While the researchers presented a Chrome browser app that can stop this, we do not recommend it for Tor use because of fingerprinting (and Tor Browser is Firefox based). The best solution is to turn off the speakers and any phones around you when visiting controversial or private websites. Also consider a degoogled phone with a custom operating system, such as Graphene or Calyx, which would allow you to modify when apps have microphone privileges.
Conclusion
In this article, we covered a variety of different ways your identity can be revealed through Tor. To summarize your best defenses are:
1) Disable JavaScript with Torâs Safest Setting
2) Use a custom private entrance bridge (ob4s) for an entrance guard that you control. Our company can help you set this up, or do it on your own.
3) Use Whonix or Tails when you need JavaScript or for doing anything outside a browser, such as opening unknown software or files
4) Before connecting to Tor, first use a high quality VPN with OpenVPN (Wireguard won't be faster for Tor)
5) Avoid resizing Tor Browser because of fingerprinting
Consider sharing what you learned. And of course, here's the sources:
https://simplifiedprivacy.com/how-you-can-be-deanonymized-through-tor/index.html
Once upon a time I was using TOR, and was unable to connect to my destination even after several reboots. My ISP or something was preventing it. Eventually it started working again, but days had past.
A coinjoin is something you do if you are not planning on sending to an exchange.
This guy taught me a lot about algorithms and game theory before he joined a16z: https://a16zcrypto.com/team/tim-roughgarden/
nostr:note1ym3n53d3eptjjsyca4sc7fl62nlyyxfysd8eqm2ludwad2sjk5gsm5xj73Bulk surveillance is done in builk last I checked. There is no omission list last I checked.
Right, but what do you do with all those people who have already had their wealth distributed to them?
What are the chances of a normal camera picking up a frame of a flying bullet passing the screen?
Venice
0.73 sec
The chances of a normal camera picking up a frame of a flying bullet passing the screen are extremely low. This is due to several factors:
Bullet velocity: Bullets travel at supersonic speeds, often exceeding Mach 1. For instance, a .50 caliber BMG bullet can reach speeds of around 2,900 feet per second (around 1,900 meters per second). To put this in perspective, a typical camera has a maximum frame rate of around 60 frames per second (fps), which is far slower than the speed of a bullet.
Camera sensor size: The size of a camera's sensor determines its ability to capture high-speed events. Professional high-speed cameras have larger sensors and can capture images at much higher frame rates, typically in the range of 1,000 to 10,000 fps or even higher. However, normal consumer cameras have much smaller sensors and are not designed for capturing fast-moving objects.
Shutter speed: Camera shutters control the amount of time the sensor is exposed to light. Normal cameras have a relatively slow shutter speed, usually in the range of 1/1000th to 1/4000th of a second. This means that even if a bullet were to pass in front of the camera, the shutter speed would not be fast enough to capture it.
Camera shake and blur: Even if a camera were able to capture a frame of a flying bullet, the image would likely be blurred due to camera shake and motion. The rapid movement of the bullet would cause the camera to move as well, resulting in a blurry image.
Given these factors, it is highly unlikely that a normal camera would be able to capture a frame of a flying bullet passing the screen. High-speed cameras, which are specifically designed for capturing fast-moving events, are the only ones capable of capturing images of bullets in motion. Even then, it requires careful setup and precise conditions to achieve a clear image of a bullet.
But what if it did? What are the chances?
Venice
4.17 sec
While it's highly unlikely for a normal camera to capture a frame of a flying bullet, let's consider the theoretical probability of such an event happening.
Assuming a bullet travels at an average speed of 2,500 feet per second (around 1,500 meters per second) and a camera has a maximum frame rate of 60 fps, we can calculate the probability as follows:
We need to determine the time it takes for the bullet to cross the camera's field of view. Let's assume the camera's field of view is 45 degrees. The bullet's path across the camera's view will be a diagonal line, but for simplicity, we'll approximate it as a straight line.
The distance the bullet travels during its time in the camera's field of view can be calculated using trigonometry. Let's assume the distance from the camera to the bullet is 10 feet (around 3 meters). The diagonal distance traveled by the bullet can be approximated as:
Distance = (Bullet speed * Time) / cos(45°)
Plugging in the values, we get:
Distance â (2,500 ft/s * Time) / (1/sqrt(2))
The time it takes for the bullet to cross the camera's field of view can be calculated by dividing the distance by the bullet's speed:
Time â Distance / Bullet speed
Now we can calculate the probability of capturing a frame of the bullet by dividing the time it takes for the bullet to cross the field of view by the camera's frame rate:
Probability â Time / Frame rate
Probability â (Distance / Bullet speed) / Frame rate
Using the above calculations, we get a probability of around 1 in 41.67 million (approximately 0.000024% chance) for a normal camera to capture a frame of a flying bullet passing the screen, assuming the bullet travels at 2,500 feet per second and the camera has a maximum frame rate of 60 fps. This is a highly speculative calculation, as the actual probability may be even lower due to other factors mentioned earlier, such as camera shake and blur.
Eat 'properly', sleep, do not stress, be social, and move your body
Yes, he rode across a tennis court net đ¤ https://video.nostr.build/874dbe0d130915696bd8b692e75794bd27e950abe5504c4df8099ca22aeaebd7.mp4
That looks like Danny Macaskill
Funny how twitter doesn't have content warning. I am glad I don't have too see it.
Odd how the secret service was waiting for the shooter to fire rather than taking him out beforehand.
All the other media outlets are sticking to the script
Right, I'm moving my cell plan to: https://silent.link/
But I need to keep my existing number. The advice, despite the privacy concerns is to use Google Voice, as it is a solid service. However it isn't available in the UK.
Are there any alternatives to Google Voice for the UK, or alternate solutions?
#asknostr
mysudo.com
I think this sides against people trying to make non-backdoored encryption illegal.
No good deed goes unpunished
Not all banks do this. I recommend switching banks.