[OPSEC/Computer] Setup. Paying for info.

Sorry for post format. Hi, I used Tails for half a year. After thinking about my setup, I decided to build new custom setup. At first I thought that google/forums will help - after month of trying to work all things out all I can say is fuck it. Just for real if you try to fix one problem, second occurs . I am writing here to ask help from community.

IF THERE WILL BE PERSONA'S WHO CAN ANSWER MORE THEN FEW QUESTIONS AND CONSULT I WILL PAY FOR INFO.

-----------------------------QUESTIONS START HERE------------------------- HARDWARE RELATED : 1. SSD or HDD for encrypting? (Security leaks/speed). 2. Can serial's, id's of hardware parts (example cpu/ram/gpu/internetadapter) be leaked? >>>> If yes then: a)Can id's/serial's be changed? b)Software, guides that can guide through id's/serial's change? 3. Does router store/leak any info of net traffic? ENCRYPTION RELATED : 1. Veracrypt only offers hidden os for Windows. Is there any simillar method for Linux? Pre-boot password -> Pass A - OS A Pass B - OS B 2. What encryption standard/hash do you use and why? 3. Is it true that 64 symbols password is weaker then for example 27?

INTERNET ANONIMITY RELATED : 1.Does MAC changing can trigger attention of ISP? Do you change MAC manually or with software(which?)? 2.In Evo forums vendor Yasuo posted setup guide and I remember insecure Tor exit node list (or only safe node list). Does anyone have info about it? 3.How secure would be this connection setup Socks5 ->VPN -> Socks5 -> obsf tor bridges -> Tor. Extra: a)What would you change? b)What extra security you could offer? MAIN GOAL: ISP (NO INFO ABOUT VPN) -> VPN (NO INFO ABOUT ISP)

4.Is there any software to find out leaks/holes in setup?

EXTRA!!!!!!!!!!!!!!!!!!!!!!!!!!! Looking for partners, lets say "friends" or any persona's to share knowledge. Looking knowledge - PC/INTERNET security. Providing - street smarts/packaging/law/finance.

Sorry for English and feel free to pm. Stay safe, L3akz.


Comments


[6 Points] None:

.


[7 Points] MLP_is_my_OPSEC:

  1. SSD if you want speed. The downside to this is that there is no version of DBAN that works on SSDs, but there are other tools. You shouldn't be storing any incriminating data on your SSD/HDD anyway. Keep that shit on a, encrypted USB drive or microSD card.

  2. Not likely, but it can happen. These can't be changed without bricking your hardware AFAIK.

  3. Router will store local IP and MAC addresses. DNS leaks can happen as well if you use your ISPs default DNS network.

  4. LUKS for encryption on GNU/Linux

  5. a 64 character password in theory is stronger than a 27 character one. This depends on what is in the password, characters used, etcetc. This comic explains it well and there is an explanation at the bottom if you're curious.

  6. MAC addresses don't go past your router. They're spoofed to prevent profiling at free wifi hotspots.

  7. Excluding nodes is a complicated topic. You can exclude nodes from the Five Eyes of course, but the chances of LE investing the time/money into deanonymising you is slim-to-none. This offers a good view point.

  8. I'm assuming you're doing this for carding/fraud. You want a mix of SOCKS5 proxies, RDPs, and VPNs. VIP72 is widely recommended for SOCKS5.

  9. You want your OPSEC tight as fuck. Any fuck up can mean you going to prison.


[3 Points] PM_ME_YOUR_CLAM_GIRL:

I do think you're being a bit overly paranoid and considering aspects that bin laden wouldn't have needed to worry about. I'm not trying to be an ass just putting things into perspective a bit. For hardware serial numbers and Mac addresses someone would need local access to the PC and/or your internal network. As long as you follow standard security and enable a firewall on your router, disable remote administration, flash it with something like open wrt if you're really really paranoid, you'll be fine on that front. Then use a USB drive for tails with persist, use a very strong password (better yet a paragraph with special characters, upper/lowercase, and numbers), you'll be set on that front.

Most importantly only log into dark net accounts on the darknet and only log into clearnet accounts from the clearnet. Same goes for bitcoin wallets (tumbling and break the link between clear and dark net). Follow all of that and you can rest assured that you'll be safe and nobody will discover you.

Ps - don't download questionable software in tails, that's an easy way to expose you real IP address.


[3 Points] sapiophile:

  1. SSD or HDD for encrypting? (Security leaks/speed).

SSDs can be tricky to wipe, but most modern ones will do it - but you need to do it the right way. http://www.makeuseof.com/tag/securely-erase-ssd-without-destroying/ has all the info you need. As long as you heed the info there, there's no difference, really, except in performance.

A better question is probably, why do you want a hard drive at all? You should use Tails (with persistence if you need it), and leave an actual internal drive out of the equation. This is by far the most secure option.

  1. Can serial's, id's of hardware parts (example cpu/ram/gpu/internetadapter) be leaked?

Not without software that is deliberately doing so. The cloesest concern of this type is your network card's MAC, but this will not be transmitted beyond your local network (ie, the wifi or router you're using) unless the router itself is malicious and forwards it further (this is extremely unlikely).

If yes then: a)Can id's/serial's be changed? b)Software, guides that can guide through id's/serial's change?

Yes, most network cards (both ethernet and wifi) support changing/spoofing their reported MAC. Tails integrates this functionality at boot. More info. It does not work with all network cards, but problematic cards are rare - more info.

  1. Does router store/leak any info of net traffic?

This depends completely on the router and network you're using, and how it's configured. The only honest answer is "not by default, usually." With a very minor technical exception for buffers and the like (typically not more than a megabyte). Note that if you're using Tails as you should be, all of the data about what you're doing over Tor will be encrypted, but the fact that you are using Tor in the first place may be evident.

ENCRYPTION RELATED : 1. Veracrypt only offers hidden os for Windows. Is there any simillar method for Linux? Pre-boot password -> Pass A - OS A Pass B - OS B

No, not really. You could hack it together yourself with an encrypted virtual machine, but this gets into the realm where you should actually articulate your threat model and how such a procedure would be beneficial for it. Having a number of encrypted VM snapshots, each one having a different activity profile and/or pseudonymous identity, is a good idea for high security operations, but is overkill for most DNM users. Feel free to hit me up for more info on this kind of approach.

For Full Disk Encryption on GNU/Linux, don't use anything except LUKS+dm-crypt. You can also keep your boot partition on a separate device, along with a keyfile (which may be on the boot device or even on yet another separate device), which is a useful way to prevent evil maid attacks if you can keep your boot partition secure (e.g., on your person at all times).

Finally, VeraCrypt is a very nice project and all, but it's still very, very new, and is basically only one developer's pet project. I would wait for it to mature a bit and get some more review from other developers before trusting it thoroughly. CipherShed has a larger team which makes it much more trustworthy, but they have not put out an actual release just yet.

  1. What encryption standard/hash do you use and why?

For virtually all purposes here, AES (Rjindael) & SHA2 are fine. The NSA is not going to tip their hand about having mathematical attacks on those algorithms over a simple drug bust, even a big one. If you still want to avoid those, then Twofish and RIPEMD160 or Whirlpool are good, highly secure algorithms, and Twofish's performance is only marginally worse than AES (and in some cases it's better), and it (along with Serpent) was considered the pinnacle of security during the AES competition. Many new Intel processors have hardware acceleration for AES, though, which vastly improves performance when performing AES operations - but performance is secondary to security in most cases like these.

  1. Is it true that 64 symbols password is weaker then for example 27?

No. I'm not sure where you got that notion from. Barring really stupid implementation issues, a longer passphrase will pretty much always have much more entropy than a shorter one. However, it's also important not to lose your passphrase, and a longer one can make that more likely. Be sure to keep your passphrases long and highly random (not just symbols, but letters, numbers, and all members of the ASCII set), and keep backups of them, either on paper or in secure, encrypted storage, like with a passphrase manager.

1.Does MAC changing can trigger attention of ISP?

No. Your ISP will not (directly) see your MAC, only your local router will (in theory). Many routers are owned by ISPs, however, and it's theoretically possible that they record MACs that connect to the network (more scandalous things have been done by ISPs in recent memory) and transmit them to the ISP. Even then, this is not really much of a concern. If it distresses you greatly, you can just use an additional gateway router to connect through, or you can select a random MAC to use and stick with it, perhaps rotating a few times per year. Setting up Tails to do this might be a little tricky, but odds are good that it isn't. If you need help with that I could probably do it.

Do you change MAC manually or with software(which?)?

I'm not sure what you mean by "manually," in this case. It is done with software (macchanger is the standard utility on GNU/Linux systems).

2.In Evo forums vendor Yasuo posted setup guide and I remember insecure Tor exit node list (or only safe node list). Does anyone have info about it?

If your threat model is vulnerable to untrustworthy Tor nodes, you're doing it utterly, horribly wrong. For one thing. .onion site traffic will never go through an exit node. For another, you can (and should) use HTTPS on (many) clearnet sites which virtually eliminates any attacks that an exit node could perform. If you need to do things that are mission-critical and don't fall under either of those categories (I honestly can't think of many possibilities), then you've really gotta reconsider what you're doing. If you want to describe the specifics of what you're worried about in this regard, I may be able to offer further insight.

Tor's design is intended to operate securely even with malicious nodes in place. If it wasn't, there would be no purpose to it at all. Understand the attacks that an exit node can and cannot perform, and ask yourself if they are actually a concern for you. I can help with that understanding if you wish.


[1 Points] justsayinthat:

seriously?.. you worry about the leaking of serials of hardware parts?! ... you might want to consider putting the meth-pipe down and get some serious sleep...or you end up ripping your shoes apart while searching for LE bugs ;)


[1 Points] MitalikaSucks:

Very interesting questions, good luck!


[1 Points] cornezuelo:

HARDWARE RELATED : 1. SSD or HDD for encrypting?: SSD for speed. But if you're just wanting to store a bunch of encrypted text data and not HD movies, you'll be safe with a pendrive with Tails and your data crypted inside. If police knock on the door anyday, you can easily destroy it.

  1. Can serial's, id's of hardware parts (example cpu/ram/gpu/internetadapter) be leaked?: I don't think I understand your question. If you mean if you can be traced back because of hardware ids, you can be sure you are safe. No hardware ID will be ever saved in any server you visit. The only thing that could be saved would be the MAC address of your network card, and it can be easily changed. b)Software, guides that can guide through id's/serial's change?: Changing the MAC is easy as fuck: http://www.wikihow.com/Change-a-Computer%27s-Mac-Address-in-Windows

  2. Does router store/leak any info of net traffic?: If loging anything, a router will log your IP and MAC, whose can be easily changed. Also, as a middleman between you and internet, a proxy can be setted up on the router, so all the traffic can be sniffed. That means that any data you're sending without HTTPS could be logged.

    ENCRYPTION RELATED : 1. Veracrypt only offers hidden os for Windows. Is there any simillar method for Linux?: Thera are plenty of options, from eCryptfs to LUKS, with EFS between ;)

  3. What encryption standard/hash do you use and why?: I usually make my apps with HSA256 encryption, as it is strong but still fast.

    1. Is it true that 64 symbols password is weaker then for example 27?: That depends on the password. A 10 char password like "8Aj239_$k!" would be far stronger than a 64 char password that could be inside a dictionary.

INTERNET ANONIMITY RELATED : 1.Does MAC changing can trigger attention of ISP? Do you change MAC manually or with software(which?)?: When I need to do it, I do it manually. If I need to automate it I would write a small bash script, there is no need for software. The MAC won't pass from the router, so your ISP will never know it.

2.In Evo forums vendor Yasuo posted setup guide and I remember insecure Tor exit node list (or only safe node list). Does anyone have info about it?: I was just about to paste you the same link as MLP_is_my_OPSEC did ;) There is not a one-line easy answer for this one.

3.How secure would be this connection setup Socks5 ->VPN -> Socks5 -> obsf tor bridges -> Tor.: It's as secure as it can be. You can add VPN and SOCKS5 nodes for improving security, but you really won't be able to do safer than this.

Extra: a)What would you change? b)What extra security you could offer?: MAIN GOAL: ISP (NO INFO ABOUT VPN) -> VPN (NO INFO ABOUT ISP): Your best bet is implementing all that you seem to already know on a pendrive, bring a laptop to a public wifi hotspot, and use HTTPS. You shouldn't have got any problems.

4.Is there any software to find out leaks/holes in setup?: There are a lot of them. There is a Linux distribution called Kali that have a bunch of security testing and auditing tools -> https://www.kali.org/

EXTRA!!!!!!!!!!!!!!!!!!!!!!!!!!! Looking for partners, lets say "friends" or any persona's to share knowledge. Looking knowledge - PC/INTERNET security. Providing - street smarts/packaging/law/finance: I can give you some advice, just ask. I was vending on the clearnet for years before all the bitcoin and darkmarkets scene started :)


[1 Points] None:

[removed]


[1 Points] fuckoffplsthankyou:

  1. SSD or HDD for encrypting? (Security leaks/speed)

HDD is better for encryption, SSD has hidden sectors that can leak info. With that being said, I use SSD but if you do, try to get an SSD with build in encryption.

  1. Can serial's, id's of hardware parts (example cpu/ram/gpu/internetadapter) be leaked?

As far as I know, no.

a)Can id's/serial's be changed?

The mac address of your network card can.

b)Software, guides that can guide through id's/serial's change?

Try googling, dont have any onhand.

  1. Does router store/leak any info of net traffic?

Depends on the router. Some routers like D-Link have backdoors. You can try flashing the router with something like WRT or something. My solution was to get a linux box as a router and encrypt it.

  1. Veracrypt only offers hidden os for Windows. Is there any simillar method for Linux?

I use LUKS for all my linux encryption needs. Not an authority on Windows. I don't think there is much demand for hidden os type stuff.

What encryption standard/hash do you use and why?

I'm a big fan of Tiger/Serpent. I use 64 bit computers so it's suited for it.

  1. Is it true that 64 symbols password is weaker then for example 27?

I have no idea. Doubtful.

EDIT: Passphrases beat passwords IMO.

1.Does MAC changing can trigger attention of ISP?

No, at least not that I've noticed. I've changed my routers mac address many many times and they have never seen my true one.

Do you change MAC manually or with software(which?)?

Software, for linux I use macchanger -r eth0 which assigns a random mac address.

2.In Evo forums vendor Yasuo posted setup guide and I remember insecure Tor exit node list (or only safe node list). Does anyone have info about it?

There's software you can run that will analyze tor exit nodes. Haven't really looked into it.

.How secure would be this connection setup Socks5 ->VPN -> Socks5 -> obsf tor bridges -> Tor.

IMO, it's fine but the VPN is your weak point. Possibly socks5 as well. I mitigate discovery by using a hacked cable modem but that's another discussion.

Extra: a)What would you change?

Get a hacked cable modem. That way the ISP has no idea who you are at all.

4.Is there any software to find out leaks/holes in setup?

Hard to say. Probably not tho.

Looking for partners, lets say "friends" or any persona's to share knowledge

I understand but try to stay solo. You have no friends, only possible co-defendants. Don't le other people know what you are into if you can avoid it. Good luck.


[1 Points] None:

How secure would be this connection setup Socks5 ->VPN -> Socks5 -> obsf tor bridges -> Tor.

That's secure, very secure. What I use is 9 socks5 proxies, 3 VPN's, whonix running in a virtual machine on tails and tor chained through i2p.

/s. But on a serious note, that's actually more secure than many ppeople use on here anyway.

EDIT: also dude, you don't have to pay anyone anything, this isn't some secret society that you have to be accepted into for exchange of something. We are willing to help you, at no cost.


[0 Points] 4tea3:

I'm really glad that most criminals are about as competent as you.