Silk Road forums
Discussion => Security => Topic started by: b0lixtrader on December 19, 2011, 06:03 am
-
I use TOR and have made simple BTC transactions and private messaging to browsing SR. The speed is sometimes very slow but sometimes it has great speed.
Awesome tool
Anyone else use it?
-
No one else uses it!? ???
-
seems like a bad idea to me...cell providers have too much control over the devices on their network
-
I've seen someone play with it but personally I wouldn't do anything super critical using it. The best use I see for it is getting information out of repressive regimes.
-
I use TOR on my android and haven't had a problem. I share my wi-fi and rather not implicate my housemates if something bad happens, so I use my cell phone instead. A lot of people might feel it's a bad idea but anything involving the SR is risky.
-
I wouldn't do this if your on contract...
-
Whys that, the system seems pretty damn secure. And I haven't had any law enforcement walk to my house and I've been using it for like a month just to browse and go on the forums.
I also made some BTC transactions.
-
I use it. Its just as secure as using TOR on a computer.
-
Yep been using it for ages now, all good to me. I also have tor on my iPad and it is generally faster than the pc 8)
-
Good to hear people taking advantage of such a useful tool. TOR would not put something out that could cause traceable leads if done incorrectly.
-
I have tor on my phone, with a 4g phone, and SR is actually faster on my phone than on the PC (possibly because I route my pc through a proxy first). My phone is under a fake name and address with no contract. Granted it's not a disposable phone (was a $400 phone), but Sim cards can be disposable. Plus my phone is unlocked so I can just carrier rotate.
-
Orbot + orweb on android seems to be quite safe. I just would like orbot was updated more often (it still uses Tor 0.2.2.25).
-
@hoffa - How did you get TOR on your ipad? I have been wanting to do this for ages, but couldn't find an app for TOR.
-
@hoffa - How did you get TOR on your ipad? I have been wanting to do this for ages, but couldn't find an app for TOR.
Mate you have to first have your iPad jail broken? Then you need to install a new source through cydia. Let me know if you are at this part and I will send through the instructions, or post it if nore people want it!
-
Not willing to Jail Break my ipad, so will have to give this one a miss.
Do you think they will ever have an official app for ipad?
-
I have an HTC and was running Tor on my phone. I was at work one day and wanted to get an order in so it would ship that day. I was able to do it but I was not able to encrypt using PGP. Is PGP available on Android?
I found it very difficult and kind of slow but great in a bind.
-
There's a program called "Android PGP" in the market. It's free and looks promising. The only thing is it seems it would be inconvenient since it only lets you choose to encrypt a file or encrypt an SMS message. I'll look into it more.
I have used Orbot/Orweb a couple times just for messages when I was out and about without computer access; works great.
-
i use AGP Android Privacy Guard for the pgp stuff, and InBrowser for the browser as it clears all data when exited (and of course OrBot). its best to root phone so that OrBot can be configured such that only InBrowser uses Tor and your normal browser/email etc. uses your normal internet.
-
There's a lot of work that has to go into properly securing Tor on a desktop. Downloading and running the Vidalia/Aurora package from Tor is not enough. Any non-tor traffic leaks your IP address, which in turns leaks information about you.
Personally, you couldn't pay me to run Tor on a mobile device. Even on a jailbroken iOS device there aren't enough security mechanisms in place to secure it to the same level as on a desktop.
-
Those of you asking about the iPod/iPad app, I downloaded an app I found to my iPhone 4S, it's called "Covert Browser". It's basically the same thing as TOR, but it's really pretty mediocre. You can access the Silk Road log in page, but you cannot log in or access Silk Road. You can browse the entirety of the Silk Road Forums, but you cannot log into them either, and you can't search anything. I just used it while I was gone to browse the forum because I was bored, but it's not really very useful since I can't log in or do anything.
-
There's a lot of work that has to go into properly securing Tor on a desktop. Downloading and running the Vidalia/Aurora package from Tor is not enough. Any non-tor traffic leaks your IP address, which in turns leaks information about you.
Personally, you couldn't pay me to run Tor on a mobile device. Even on a jailbroken iOS device there aren't enough security mechanisms in place to secure it to the same level as on a desktop.
- "Any non-tor traffic leaks your IP address, which in turns leaks information about you." -this doesn't matter if you do everything thru the Tor bundle ! it most likely
leaks the regular IP that the host is aware of thru the nic (LAN) --> ISP connection ...{unless you force the host OS etc thru Tor too...}
- its of little consequence if i open gmail on another PC connection or the non-Tor'd browser to read my email if i don't care that user1 lives at No 10 Avenue 1..?
- crossing over and using either Aurora / Tor & your regular browser desktop tools, yes you have revealed information.
- you could take it to the n'th degree and implement every known Security tool, but too much may very well be overkill.
- its also a question of what you are trying to achieve?
otherwise some good points on this thread.
-
I see this people are talking about using an iPhone, I would strongly discourage this as it has been recently in the news that Apple provides backdoors for governments. I've not looked into this indetail, just do a search for "apple government backdoor".
In my opinion, the safest way for mobile access is to use a custom firmware (see CynogenMod and similar) on an Android device, then use the software described in previous posts. These firmwares are much less likely to have backdoors in, and for the uber geek they can audit the code compile it themselves.
fruity.
-
Actually its pretty useful if you make sure only to connect via wi-fi it makes it much easier to use tor from a public wi-fi than to pull out a laptop where its much easier to see the screen. Would not recommend going through a cell network data connection due to possible traffic analysis. Make sure your mobile browser is properly configured to not save cookies, urls etc.
I would recommend only doing this on a custom ROM no telling what the providers preload on the phones. If you're really careful/paranoid pop the sim out, use wifi, and re install the rom before putting sim back in, its a pretty fast process when you are used to it. There are also apps to check your phone to make sure spyware like carrieriq is not on the phone.
-
Actually its pretty useful if you make sure only to connect via wi-fi it makes it much easier to use tor from a public wi-fi than to pull out a laptop where its much easier to see the screen. Would not recommend going through a cell network data connection due to possible traffic analysis. Make sure your mobile browser is properly configured to not save cookies, urls etc.
I would recommend only doing this on a custom ROM no telling what the providers preload on the phones. If you're really careful/paranoid pop the sim out, use wifi, and re install the rom before putting sim back in, its a pretty fast process when you are used to it. There are also apps to check your phone to make sure spyware like carrieriq is not on the phone.
....good advise yes, nothing is totally trace proof though..
-
....good advise yes, nothing is totally trace proof though..
I in no way meant to imply it was. No method of connection is 100% foolproof or untrackable, just some food for thought on how to best connect via a handheld device.
I also forgot to suggest if you just buy a used phone off craigslist or similar for cash and use it wifi only there would be no record of you actually owning the phone in case it is found.