Silk Road forums
Discussion => Security => Topic started by: ReUps on January 05, 2012, 01:22 am
-
I just wanted to check my security is OK to start vending:
1. Spoof MAC address
2. Connect to an unsecured network a few blocks away
3. Run the TOR bundle
4. Connect
All data is stored on a hidden/encrypted drive via TrueCrypt, all communication is encrypted via PGP.
Anything else I need to do?
-
Not bad, better than a lot of vendors here probably, but using virtual machines to isolate each aspect of your tor operation would be better.
-
Use pgp, a virtual machine, and set up SILC
-
What's the current SR approved method of faking the MAC address?
-
ifconfig, or if your flavor supports it, editing /etc/sysconfig/network/ifcfg-HWID or wherever your interface's nvram is initialized from would do it.
-
Use pgp, a virtual machine, and set up SILC
Thanks for the replies everyone.
I've seen a lot of people talking about virtual machines, what do you mean by this?
-
What's the current SR approved method of faking the MAC address?
Depends from OS You are running. In MS Windows look at Advanced Properties > Network Adress of your wifi card in Hardware Management. Change from None to specify one. For *nix OS the QTC's suggestion works.
Virtualisation software can be additional layer of performance loss or even privacy leak. This depends both from Host OS and visualization software your run. You must encrypt all parent OS drives with TrueCrypt anyway.
-
Use pgp, a virtual machine, and set up SILC
Thanks for the replies everyone.
I've seen a lot of people talking about virtual machines, what do you mean by this?
This is ideally where you want to end up:
http://xqz3u5drneuzhaeo.onion/users/secureconfig/tutorial.html
Without polipo.
But remember, technical security is only one part. You need to have good shipping methods, and switch them up to avoid profiling.
Also, have EXCELLENT customer service. Losing $50 on reshipping a package may be the difference between that customer coming back or not.
-
All data is stored on a hidden/encrypted drive via TrueCrypt, all communication is encrypted via PGP.
Anything else I need to do?
Do you have a decoy OS? if not you still need to create one because you could go to jail just for not giving the password. Its obstruction of justice.
-
What's the current SR approved method of faking the MAC address?
- changing mac address for use in Tor & SR is not of much use or benefit for you as;-
- your local dsl router delivers your PC (if physical..) an ipaddress.., if a virtual guest the vm (software) dhcp server manages this..
- if Tor / vidalia is configured correctly you'll be getting a different ipaddress periodically..= the most important and use for your anonymity .
- change your dsl routers mac address if you really think it will help; problem is your ISP may interpret this as you're swopping out / changing router
hardware or after some time realise you are fiddling and worse case scenario you don't get a public ipaddress because your newly modified mac addr
no longer equals the one they supplied you.....doh
- the authorities are going to be more interested in working with your ISP to trace / track your internet activity, and will assume (?) initially all traffic
originating from the dsl sky / virgin circuit is your traffic coming from your physical address, because you could have 5x PC's plugged in at home and
you pay for the service = your traffic = your problem.
- faking / spoofing your wireless card's mac address for a neighbours "borrowed" wireless connection (without them knowing) is highly recommended.
ok?!
;)
-
Updated plan:
Set up an encrypted/hidden drive on a memory stick
Install OpenBSD
Connect through neighbors net
Run everything through the TOR Bundle
PGP encrypt everything
I'm still trying to work out what VM's are (I've got another thread on the go for that though, let's not get this thread off topic), but other than that I think I'm all set...?
-
Updated plan:
Set up an encrypted/hidden drive on a memory stick
Install OpenBSD
Connect through neighbors net
Run everything through the TOR Bundle
PGP encrypt everything
I'm still trying to work out what VM's are (I've got another thread on the go for that though, let's not get this thread off topic), but other than that I think I'm all set...?
vm's, summary is:
- vmware / virtualbox / linux Xen ...microsoft hyperv
- create virtual machines of XP, win7 (?), linux, openBSD etc etc
- need gig's on memory to load up these, they run in "parallel" and can switch from your host to guests on the fly...
- again need fast cpus', memory (= host mb + guest1 MB + guest2...etc)
- disk space taken up is same as if it were running along on PC, need sufficient disk space to store x guest vm's..
- people want to run vm guests for eg run a purposefully setup Tor PC....but still keep the host OS, and when finished just shutdown the guest ...
- can use virtualbox and vmware player for free.
- you can buy a prebuilt vm guest from seller Security Solutions here in SR with all apps to run with on SR..
ok ?!
;)
-
Thanks for all the replies!
I can't remember who posted this link but:
http://xqz3u5drneuzhaeo.onion/users/secureconfig/tutorial.html
But I think I'll just follow that tutorial.
I'm in a bit of a rush atm so I haven't read it all properly, but I could run everything there from a Mem Stick, couldn't I?