This is pretty cool: an alternative to TOR from MIT that automatically generates fake data!

Dec. 14th, 2015 05:36 am
thewayne: (Cyranose)
From Slashdot yesterday:

MIT Creates Tor Alternative That Floods Networks With Fake Data (softpedia.com)
Posted by timothy on Sunday December 13, 2015 @08:22AM from the can't-we-just-use-trolls? dept.

An anonymous reader writes with word that MIT researchers "created an alternative to Tor, a network messaging system called Vuvuzela that pollutes the network with dummy data so the NSA won't know who's talking to who." Initial tests show the systems overhead adding a 44-second delay, but the network can work fine and preserve anonymity even it has more than 50% of servers compromised.

I've never used TOR, it'll be interesting to see how difficult this is to set up once it gets out in to the wild. I find the preservation of anonymity when half of the network is compromised to be quite interesting. I have no idea if 44 second latency is good or bad.

http://news.softpedia.com/news/mit-creates-untraceable-anonymous-messaging-system-called-vuvuzela-497537.shtml

http://yro.slashdot.org/story/15/12/13/1522224/mit-creates-tor-alternative-that-floods-networks-with-fake-data
Tags:
  • Add Memory
  • Share This Entry

Acoustic cryptoanalysis and finding a bomb threatener who used Tor

Dec. 19th, 2013 09:39 pm
thewayne: (Cyranose)
Both from Bruce Schneier.

The paper purports that you can read a 4096 bit GnuPG RSA key through acoustic monitoring of the computer that's doing a decryption. It also talks about measuring the electrical potential of the actual computer chassis as a low-bandwidth attack. Strange stuff.

https://www.schneier.com/blog/archives/2013/12/acoustic_crypta.html


The other day a Harvard student emailed in multiple bomb threats to avoid taking a final exam. Idiot. He was mildly clever in that he used an anonymous email account and used Tor, his epic fail was that he used Tor within the Harvard campus network, so they could easily identify IP addresses and locations of people using Tor and at what time, so it wasn't difficult to nab him.

If he had used Tor from coffee shops off-campus, they would have had a much tougher time tracking him down.

Schneier has a great comment: "This is one of the problems of using a rare security tool. The very thing that gives you plausible deniability also makes you the most likely suspect. The FBI didn't have to break Tor; they just used conventional police mechanisms to get Kim to confess."

I think this might adversely affect his academic standing.

https://www.schneier.com/blog/archives/2013/12/tor_user_identi.html
Tags:
  • Add Memory
  • Share This Entry

A HUGE number of articles on PRISM, privacy, and other nasty things

Oct. 7th, 2013 03:57 pm
thewayne: (Cyranose)
The NSA, PRISM, and trying to keep your information private and secure

This is a whole bunch of links that I've been accumulating that talks about a lot of different facets of what's been going on since Edward Snowden blew the lid off of the PRISM spying and what the NSA and federal government has been doing.

First up, my fav security guy, Bruce Schneier. In this article “How to Remain Secure Against the NSA”, Bruce talks about precautions that you can take to improve your security, while acknowledging that if the NSA et al wants information about you, there's precious little that you can do about it.

https://www.schneier.com/blog/archives/2013/09/how_to_remain_s.html


Here we have a story by a man who was Microsoft's privacy chief from 2002 to 2011 who says he no longer trusts the company since the existence of PRISM was revealed. ”In the two years since leaving Microsoft, Bowden has ceased carrying a cell phone and become a staunch open source user, claiming that he no longer trusts a program unless he can see the source.”

There's only one problem with that: 99%+ of people can't read source code or really have the expertise to understand it and to also understand all of the other source code that it ties in to, as you have to evaluate every single part of the system to know whether or not it's secure. So we have to rely on others to tell us that this code is secure. Linux is probably secure, but lots of its code that relates to cryptography and communications is being reevaluated to look for back doors and a lot of the crypto code is being replaced with code that is more public and not backed by NIST.

http://hothardware.com/News/Former-Microsoft-Privacy-Chief-Says-He-No-Longer-Trusts-The-Company/

MUCH more under the cut
Read more... )
Tags:
  • Add Memory
  • Share This Entry

Anonymous flatlines a host that served up kiddie porn on a dark net

Oct. 23rd, 2011 02:00 pm
thewayne: (Cyranose)
Just goes to show that almost anything good can be twisted. I was going to say perverted, but we're talking about child pornography, and that is really beyond perversion. The hosting service, ironically called Freedom Hosting, hosted 40+ web sites dedicated to illegal porn, one such site called Lolita City reportedly had 100 gig of such stuff.

The dark net stuff is the interesting part. I've often wondered how such a thing would be created, and it has been done: they use TOR, The Onion Router, an anonymizing software package from the Electronic Freedom Foundation that was intended for people in highly-restrictive countries like China and Iran to be able to access the internet and get information out without the government being able to trace it back to them.

Anonymous learned of Freedom Hosting providing services for this site, sent them a demand telling them to remove this content, and when Freedom didn't, Anonymous took them offline.

http://www.securitynewsdaily.com/anonymous-hackers-child-porn-sites-1260/

http://yro.slashdot.org/story/11/10/22/1325238/anonymous-hackers-take-down-child-porn-websites
Tags:
  • Add Memory
  • Share This Entry

And you thought ACTA was bad? Acta 2, or TPP, is much worse.

Mar. 13th, 2011 01:26 am
thewayne: (Cyranose)
If you have a business with extensive intellectual property holdings, the TPP (Trans Pacific Partnership Agreement) is probably a great treaty for you. But just like ACTA, it's being negotiated pretty much in total secrecy. And just like ACTA, it's been leaked.

Some of the provisions would make the U.S. patent (USPTO) a rubber-stamp for applications (which sucks because Congress is actually looking at making some significant improvements there), ISP's would become extensions of Hollywood when it comes to copyright enforcement, parallel import would be banned (no more gray market goods), criminal enforcement would be REQUIRED for DRM circumvention(!). I'm sure there's more lovely stuff in it.

The Techdirt article also has links to more info at the EFF with more details and a list of all Congresscritters in both the House and Senate so you can easily contact them and express displeasure.

I just wish they would try to negotiate this in the open. There's no reason for this to be secret, except for the fact that Hollywood wants to be able to totally side-step the normal method for creating laws and gain a fait accompli over everyone.

Now, as if this isn't bad enough, they want a VERY fast approval: they want it all to be wrapped up in November OF THIS YEAR.

http://www.techdirt.com/articles/20110311/00104713434/us-proposals-secret-tpp-son-acta-treaty-leaked-chock-full-awful-ideas.shtml

https://secure.eff.org/site/Advocacy?cmd=display&page=UserAction&id=471

http://yro.slashdot.org/story/11/03/11/2134224/Son-of-ACTA-Worse-Than-Original


[EDITED 15-JUNE-2013 TO ADD TOR TAG]
Tags:
  • Add Memory
  • Share This Entry

Does anyone have experience setting up or using TOR?

Jun. 9th, 2008 01:30 am
thewayne: (Default)
In this case, we're talking about The Onion Router from the EFF.
Tags:
  • Add Memory
  • Share This Entry

Profile

thewayne: (Default)
The Wayne
Spare Brains Games

August 2025

S M T W T F S
     12
34 56789
10111213 141516
17181920 21 2223
2425 26 27 2829 30
31      

Syndicate

RSS Atom

Most Popular Tags

Page Summary

Style Credit

Expand Cut Tags

No cut tags
Page generated Aug. 31st, 2025 11:45 am
Powered by Dreamwidth Studios