Silk Road forums
Discussion => Newbie discussion => Topic started by: yellowstar14 on October 03, 2013, 11:56 am
-
DPR using the cloud allowed FBI to get a copy on jun 23 2013 Without notice.
if you want to backup a running bare metal you will always notice.
-
Source?
-
I think hard coding the IP of a VPN he was using into SR code is pretty fatal and careless shit if reports are to be believed.
-
source?
Logic thinking , only a VPS allows backuping while running without notice of the operating system running on the VPS
Snowden used this trick too I guess because on a fully encrypted system all data passing the processor is always in the clear.
just monitor this data and you have all the keys and bypass all protection.
you can even inject CPU instructions to switch off protection!
The same trick is used by smart cards putting tiny wires on the processor just search for Infenion rfid card hack.
That Snowden used a hack on the NSA VPS can be deducted from the news articles.
He was capable to circumvent all clearing levels , and using all accounts , this is simple if you have access to the bare system used by the VPS.
You can simply backup a VPS and take it home.
you can inject programs in a VPS , you can kill processes in the VPS , etc....
If bare metal was used this was much harder to do whitout a crash or system notice.
The weakness of VPS that it can not see what happen outside its bubble. (monitoring the VPS)
and for a .onion site this can be a danger.
-
Source?
Common sense. I agree 100% with OP, this was a huge mistake. I will have to reread the report, but I missed how they found out where the site was hosted, does anyone know? Without knowing the details of how this was set up I can only speculate - but it sounds like it wasn't a very good design.
If you are running a .onion site on a VPS it isn't a good idea (this is assuming that you purchase the VPS from a hosting company). Data can be copied off without you knowing. Your file system has to be stored somewhere, that file system has to be accessed by the server running the virtualisation software. If you have an encrypted file system that is mounted it isn't safe either (or if you store the password for the file system on the server too!).
Even with a physical server, physical security is important. You don't need to cut the power to a device to relocate it.