Silk Road forums

Discussion => Security => Topic started by: bodizzle on August 05, 2013, 01:36 am

Title: In light of tormail breach:Tech newbie needs help with what to do! Please help!
Post by: bodizzle on August 05, 2013, 01:36 am
So I definitely accessed tormail with my javascript enabled. I have since disabled my javascripts and changed my SR password. My username is different on tmail and SR.

Some questions, would greatly appreciate feedback:

1) Someone mentioned forbid <iframe>, how would I go about doing this?

2) how would I know if my comp is infected?

3) what further steps should I take? (I saw terms like Dban and ubuntu being thrown around. I have absolutely now idea about any of this stuff.)

Advice is Massively appreciated!!

*ps: I should add that I never communicated over tmail with anything associated to SR. Only used tmail for currency exchange. Should I still be worried in this case?
Title: Re: In light of tormail breach:Tech newbie needs help with what to do! Please help!
Post by: tbart on August 05, 2013, 01:52 am
to forbid iFrame, go up top, just to the left of the url window box, clik on the red circle with diagonal overtop "S" (the scripts log) and you'll find it there

i just basically wiped my usb drive and did a fresh install of everything - that way i know i'm clean

Title: Re: In light of tormail breach:Tech newbie needs help with what to do! Please help!
Post by: bodizzle on August 05, 2013, 02:13 am
When clicking on that S, there is no automatic option to forbid iFrame. When I click on options it has a number of boxes with the following options:

Forbid bookmarklets

forbid <a ping....>

hide <NOSCRIPT> elements

forbid META redirections inside <NOSCRIPT> elements

forbid XSLT

Attempt to fix javascript links

-------

The ones I have checked are:

forbid <a ping....>

forbid XSLT

attempt to fixjavascript links

Do I need to check anything else? And I dont use a USB drive for my transactions, everything is on my laptop HD (was under the impression I was safe with torbrowser and using PGP). Does this mean I should delete everything on my HD completely? (there is important info I have to back up ofc)


Title: Re: In light of tormail breach:Tech newbie needs help with what to do! Please help!
Post by: bodizzle on August 05, 2013, 03:05 am
I also just realized that I didnt access tormail or get the "site is down for maintenance" message during the specified compromised time frame. So therefore, I was not active on any FH sites during the compromised time period.

I since did visit tormail, but it was back up. I did have javascripts disabled at that time.

Should I still be concerned if I was not active on any FH onion during the compromised time period? 
Title: Re: In light of tormail breach:Tech newbie needs help with what to do! Please help!
Post by: Dreamt on August 05, 2013, 03:21 am
When clicking on that S, there is no automatic option to forbid iFrame. When I click on options it has a number of boxes with the following options:

Forbid bookmarklets

forbid <a ping....>

hide <NOSCRIPT> elements

forbid META redirections inside <NOSCRIPT> elements

forbid XSLT

Attempt to fix javascript links

-------

The ones I have checked are:

forbid <a ping....>

forbid XSLT

attempt to fixjavascript links

Do I need to check anything else? And I dont use a USB drive for my transactions, everything is on my laptop HD (was under the impression I was safe with torbrowser and using PGP). Does this mean I should delete everything on my HD completely? (there is important info I have to back up ofc)

Click the 'Embeddings' hyperlink in the NoScript options and it will give you the ability to forbid <iframe>.

As for your HDD, the only thing I can recommend is TAILS since it's the only thing I use. It's secure, it doesn't leave traces, and it works. I'd rather have the small inconveniences (i.e. time) of TAILS over storing any incriminating data on my HDD any day. That said, I would probably delete all Tor related applications and wipe your free space with the Gutmann method.
Title: Re: In light of tormail breach:Tech newbie needs help with what to do! Please help!
Post by: comsec on August 05, 2013, 03:33 am
Although javascript is enabled in the Tor browser, Noscript prevents any loading of scripts. For instance if you look to the bottom of your Tor browser you'll see you have to manually enable this forum, but it's blocked by default. The exploit definitely bypasses ASLR with advanced heap manipulation but only if you use Windows as OSX, Linux and BSD all use different implementations of ASLR. I think they (FBI) were specifically targeting somebody, probably a prolific uploader or possibly the admin of one of the major FH hosted CP boards. They could've easily written a linux capable ASLR breach or leased the code from VUPEN or similar shady outfits.

This is certainly one problem with everybody using the same software, if you break it, everybody is vuln. Wonder how many Tails vuln they have found.
Title: Re: In light of tormail breach:Tech newbie needs help with what to do! Please help!
Post by: bodizzle on August 05, 2013, 04:30 am
Thanks for the feedback guys.

My other question still stands though:

I did not access any FH sites during the compromised time period. Am I still at risk?
Title: Re: In light of tormail breach:Tech newbie needs help with what to do! Please help!
Post by: mito on August 05, 2013, 02:18 pm
Greetings.

How do you know if your computer has been infected by this trojan whatever the fuck it is?

thanks.
Title: Re: In light of tormail breach:Tech newbie needs help with what to do! Please help!
Post by: Dreamt on August 05, 2013, 08:15 pm
Thanks for the feedback guys.

My other question still stands though:

I did not access any FH sites during the compromised time period. Am I still at risk?
It's unlikely but the FBI still has access to your old emails. As long as you did not talk about illicit activities in your past emails you should be fine.
Title: Re: In light of tormail breach:Tech newbie needs help with what to do! Please help!
Post by: toejammer on August 05, 2013, 09:01 pm
Best thing is to always think u are at risk...
Never sit back on your Laurals....


U are never too small to be bothered with. We are all one and just a ring in the ladder to a higher place. Never forget it.