The Complete Guide for Hidden Services And Staying Anonymous

The free Internet that many of us loved has become a surveillance web, serving governments and mega-corps, while abusing the rest of us. For those whose eyes are opening to this sad fact, I’ve have assembled this guide.

This purpose of this guide is to make Internet privacy as simple and concise as possible. Our intention is not just for you to understand, but for you to
act upon the information we give you.

Learning to protect yourself online is simple, and does not need to interfere with your daily activity. This is the complete  guide to surfing anonymously. What steps you choose to take depend upon what you wish to guard against. Each level will require more work or money to achieve, but gives much greater protection.

Large Man Looking At Co-Worker With A Magnifying Glass --- Image by © Images.com/Corbis
Large Man Looking At Co-Worker With A Magnifying Glass — Image by © Images.com/Corbis

Continue reading “The Complete Guide for Hidden Services And Staying Anonymous”

Warrant canary?! What the hell is a warrant canary?

warrant-canary

A warrant canary is a posted document stating that an organization has not received any secret subpoenas during a specific period of time. If this document fails to be updated during the specified time then the user is to assume that the service has received such a subpoena and should stop using the service.

In 2002, the FBI used the newly-passed Patriot Act to demand that libraries secretly turn over records of patrons’ reading materials and Internet use. The libraries had to comply – even though such secret requests go against the entire ethos of a professional librarian. To get around the government’s mandate not to disclose the orders, some libraries came up with a potential workaround: they hung signs on their entrances stating, “The FBI has not been here (watch very closely for the removal of this sign).” The idea was that, like a canary in a coal mine, the presence of the sign would reassure the public, and its removal would signal to those watching closely that all was no longer well. An order not to disclose something may differ legally from an order compelling continued, false notices that no national security request has been served, and warrant canary notices work by exploiting that difference.

The hypothetical canary that provides individualized notices to each user illustrates the extent to which canaries are essentially end-runs around lawful gag orders. Companies exploit the potential legal loophole in the difference between compelled silence and compelled lies in order to communicate information that they would otherwise be prohibited from sharing. The fact that so many companies are adopting canaries, even at the risk of exposing themselves to litigation and—at the outside—potential criminal liability, highlights how out of step even routine national security requests have become with the companies’ willingness to turn over information on their users. Like Apple’s recent embrace of automatic encryption, canaries are a symptom of the growing public desire to maintain control over personal data. In the end, then, canaries do not only signal information about national security requests that companies couldn’t otherwise communicate; they also signal the dissonance between the government’s emphasis on secrecy and industry’s willingness to cooperate. The era of companies sharing data with the government in the name of patriotism with just a shake of the hand is now over.

Warrant Canary Examples:
  1. https://proxy.sh/canary
  2. https://www.ivpn.net/resources/canary.txt
  3. https://www.vpnsecure.me/files/canary.txt
  4. https://www.bolehvpn.net/canary.html
  5. https://lokun.is/canary.txt
  6. https://www.ipredator.se/static/downloads/canary.txt
Related warrant canary information:
Side-note: Using a VPN provider will not make you anonymous. But it will give you a better privacy. A VPN is not a tool for illegal activities. Don’t rely on a “no log” policy.

ATTN: Do not download #CryptoCoin Trader from #Sourceforge. Those who have ran the program on your PC, please format ASAP!

I spotted few mins ago that there is link to download a open source trading program call Cryptocoin trader.

One anonymous user claimed that the source code is safe but i decided to run the precompiled exe on my VM to be sure.
The program extracts qtbitcoin trader client and some suspicious executables (bridgemigplugin.exe, vbc.exe).
brigemiplugin.exe description on task manager is open broadcaster software.

After some googling, it is obvious that the program is doing a live/recording video stream through a open source program from open broadcaster software http://obsproject.com/

Here are the screenshots

Even though the post has been deleted, there are 46 people indicated on sourceforge who have downloaded the program, please reformat your pc to prevent any potential wallet hacks.

Update: I’ve ran wireshark to sniff the network traffic produce by the malware, the malware connection is initiated from 185.17.1.222, Russian. ISP, Longbow Electric Llc. screenshot here

Update 2 I’ve did a search of the IP address. I believe it doesn’t belongs to any tor node, proxy or VPN. Hence it is very likely that 185.17.1.222 is either a dynamic or static IP from Longbow Electric Llc.

Update 3 I’m a undergraduate in NUS majoring in computer science security. I hope that this post will act as a warning for all potential future hackers who attempts to perform similar attacks (The community is watching you). Thanks everyone for the tips as well, it sure helps a little with my high tuition debt. 🙂 This is so much I can do for now, as I’m having papers from tomorrow onwards. Stay safe fellow bitcoiners!

Protecting your data: survey indicates that with 4 exceptions major companies fail miserably

With so much recent concern about how the NSA and GCHQ (and, likely, others) basically look at unencrypted traffic as an easy way to hack into your data, it’s becoming increasingly important for the big companies which manage tremendous amounts of the public’s personal data to encrypt as much as possible. The folks over at the EFF have now put together a sort of crypto report card on which major companies are actually encrypting everything they can.

The results are a little disappointing. Only four companies. Dropbox, Google, SpiderOak and Sonic.net got a perfect score on the five categories measured. Twitter is pretty close (and the only thing it’s missing, STARTTLS, really would only matter if it were offering email, which it doesn’t, other than to employees) while the rest still have a fair bit of work to do.For the die hard Cloud users & Faacebook fanatics it involves you taking responsibility for your own security and crypto keys, which maybe is too much to ask. That’s why Encrypting Facebook as a start.or Encrypting cloud storage.. The incumbent access providers AT&T, Verizon and Comcast don’t appear to care nearly enough about security at all. And lots of free apps and cloud services started appearing, some with CIA funding (InQTel) offering storage of business data, video, IP surveillance, exactly the sort of thing the NSA wants to grab in a 5 eyes jurisdiction with a cooperative management. That’s why it’s little surprise that the NSA’s deals with at least AT&T and Verizon are a major source of information.

data

Hopefully this effort (and the ongoing concerns about the NSA, as well as outside hacking) lead more companies to upping their encryption game.

Good Evening, America…

Good evening, America.

Allow me first to apologize. I do, like many of you, appreciate the comforts of the everyday routine, the security of the familiar, the tranquility of repetition. I enjoy them as much as any bloke. But in the spirit of commemoration, whereby important events of the past usually associated with someone’s death or the end of some awful, bloody struggle are celebrated with a nice holiday, I thought we could mark this July the 4th, a day that is, sadly, no longer remembered, by taking time out of our daily lives to sit down and have a little chat. There are, of course, those who do not want us to speak.

Even now, orders are being shouted into telephones and men with guns will soon be on their way. Why? Because while the truncheon may be used in lieu of conversation, words will always retain their power. Words offer the means to meaning, and, for those who will listen, the enunciation of truth. And the truth is there is something terribly wrong with this country, isn’t there?

Cruelty and injustice, intolerance and oppression. And where once you had the freedom to object, to think and speak as you saw fit, you now have censors and surveillance coercing your conformity and soliciting submission.

How did this happen? Who’s to blame? Certainly there are those who are more responsible than others. And they will be held accountable. But again, truth be told, if you’re looking for the guilty you need only look into a mirror.

I know why you did it. I know you were afraid. Who wouldn’t be? War, terror, disease. There were a myriad of problems which conspired to corrupt your reason and rob you of your common sense. Fear got the best of you. And in your panic, you turned to the now President Barack Obama. He promised you order, he promised you peace, and all he demanded in return was your silent, obedient consent.

Last night, I sought to end that silence. Last night, I posted videos and made statements on Reddit.com to remind this country of what it has forgotten.

More than 237 years ago, a great group of men wished to imbed the 4th of July forever in our memory. Their hope was to remind the world that fairness, justice and freedom are more than words. They are perspectives.

So if you’ve seen nothing, if the crimes of this government remain unknown to you then I would suggest that you allow the 4th of July to pass unmarked. But if you see what I see, if you feel as I feel, and if you would seek as I seek…then I ask you to stand beside me, one year from tonight outside the gates of Congress.

And together, we shall give them a 4th of July that shall never, ever be forgot.

The #Tor Guide for Hidden Services And Staying #Anonymous

Thank you for viewing the guide. All the links I posted are safe for viewing, as I stated. Please remember to use Tor with caution. DO not use any of your identities or names. Make a new one if necessary.
Most child porn sites are openly advertised. Memorize the beginning of certains links to know where to go and where not to. Do not stray into a domain you do not recognize. Ask an Onionland community that you trust beforehand.

2pr17

Because location-hidden services do not use exit nodes, they are not subject to exit node eavesdropping.
You can NOT GET V& using Hidden Services because Hidden Services run internally and do not require exit nodes. The only people who have gotten sniffed are the people who downloaded a fake version of Tor. Anonymous sniffed who went to Loli City and Hard Candy and wrote down their real IPs. I just want to clear this up. All traffic inside the network is encrypted. If you use the clearnet, you are using exit nodes, and you can be subject to suffering an attack. Most clearnet providers are perfectly safe. The majority are run by really cool guys who just want to help you browse the web with liberty. Don’t be stupid in Onionland. You’re only as safe as you’re weakest link.
UPDATE: For further discussion on potential Tor exploits or security faults, read this: http://zw3crggtadila2sg.onion/imageboard/fbi/res/481.html. Use Tor to connect to it.

For a secure environment, use Tails or Liberte as an OS. They’re a variation of Linux and perfect for Tor browsing. Windows security is an oxymoron; if you must use it, download an anti-virus. I suggest Kaspersky. You can also get Keyscrambler Pro from 1337x.org. It’s a great tool to prevent keylogging.

Continue reading “The #Tor Guide for Hidden Services And Staying #Anonymous”