Silk Road forums
Discussion => Security => Topic started by: Rhett Butler on August 22, 2013, 04:45 pm
-
Hi all, thank you for taking time and helping me in advance.
I am using a secondary os with tor
I have 2 questions at this time
1.) Should I just stop using a regular browser on this computer?(Normal os) That way I have no way of getting malware ect. Or is it okay to browse freely?
2.) Are torrents safe to download and save and the normal os?
-
I am using a secondary os with tor
I'm not entirely sure exactly what you're asking. What do you mean by using a secondary OS? You're booting Tails off a USB and not even booting your main OS, you're using a VM (Whonix, Tails in a VM, etc), or you're dual booting between your main OS and whatever you use Tor with?
To be more secure, then yes, stopping browsing from the normal OS cuts the chances that you'll end up with malware (assuming it's not there already). Torrents are chock full of all kinds of things (starting with exe's that claim to be mkv's, and going downhill from there), and if your normal OS is Windows, I definitely wouldn't be very comfortable with it.
If you're using a VM for Tor, and the host OS has malware or gets exploited, there's nothing the VM can do about it.
If you're dual-booting between your main OS and your "Tor" OS, make sure you have full-disk-encryption enabled on both operating systems. It at least helps a little if one of the two is compromised.
If you're booting Tails from DVD or USB (NOT in a VM), then what happens to your main OS isn't going to matter too much for your Tor session.
-
Torrents are never safe !!!
Not when using TOR!
That goes for the use of Flash (shockwave) and pdf files too.
A normal O.S. like windows is not safe either.
Stick to TAILS.
I sure do hope that TAILS will drop the firefox 17,that is in use by TAILS 2.0.
No matter how the CEO's of TAILS ensure the safety of tails,I hope to see the firefox 2.3 in TAILS 3.0.
The (zero day)exploit, that the FBI gave to the visitors of the FREEDOM hosting provider,is made for firefox 17.
The patch is to type about:config (Address)
Promise to be carefull
Search for websocket
Go to network websocket and change from default true into false (by clicking the enterkey)
That should prevent the use of the bug in ff 17
-
I sure do hope that TAILS will drop the firefox 17,that is in use by TAILS 2.0.
No matter how the CEO's of TAILS ensure the safety of tails,I hope to see the firefox 2.3 in TAILS 3.0.
The (zero day)exploit, that the FBI gave to the visitors of the FREEDOM hosting provider,is made for firefox 17.
The patch is to type about:config (Address)
Promise to be carefull
Search for websocket
Go to network websocket and change from default true into false (by clicking the enterkey)
That should prevent the use of the bug in ff 17
Huh?
The exploit targeted users of Tor Browser Bundle on Windows. Specifically, Windows users of TBB who hadn't upgraded their TBB version since June 26th, when TBB 2.3.25-10 came out. So users who hadn't upgraded in a month and were on Windows were vulnerable.
There's not a specific magic setting in any web browser that keeps those kinds of things from happening. There's no magic version of Firefox that prevents another one from happening in a slightly different way. But turning off JavaScript drastically improves your chances.
The websocket thing dates to early 2012 and had to do with a DNS leak. Not at all related.
-
mixing illegal activities is never advisable. also depends on how big of a target you are. keep them as separate as possible.
get a seedbox... nice for security when doing torrent
-
I'm not entirely sure exactly what you're asking. What do you mean by using a secondary OS? You're booting Tails off a USB and not even booting your main OS, or you're dual booting between your main OS and whatever you use Tor with?
To be more secure, then yes, stopping browsing from the normal OS cuts the chances that you'll end up with malware (assuming it's not there already). Torrents are chock full of all kinds of things (starting with exe's that claim to be mkv's, and going downhill from there), and if your normal OS is Windows, I definitely wouldn't be very comfortable with it.
If you're dual-booting between your main OS and your "Tor" OS, make sure you have full-disk-encryption enabled on both operating systems. It at least helps a little if one of the two is compromised.
If you're booting Tails from DVD or USB (NOT in a VM), then what happens to your main OS isn't going to matter too much for your Tor session.
Thank you ECC_ROT13 this very extremely helpful! Although I have new questions now please give me some insight ;)
Malware:
1. How do I check to and see if I have malware?
2. If I have malware how do I remove it?
3. How do I avoid getting any/more malware aside from disabling java?
Torrents:
4. Should I keep my torrent on my computer?
5. If I need to remove them would I delete them or overwrite them?
6. How do I overwrite files?
Encryption
7. How do I encrypt my hd? Truecrpyt or a similar program?
Misc
8. Any tips on cleaning up the default os?
9. Should I save my default os and then use dban or nuke?
10. Any tips on doing #9
11. Should I just try and find a new computer if I were vending?
Thank you all for your help!
-
Malware:
1. How do I check to and see if I have malware?
2. If I have malware how do I remove it?
3. How do I avoid getting any/more malware aside from disabling java?
It's mostly JavaScript you have to worry about, not Java. Disabling Java in your web browser is a good idea. Disabling JavaScript is a fantastic idea. You can use something like NoScript for Firefox to keep JavaScript disabled and only enable it if you really trust a site. I would never run JavaScript on Tor.
So here's the depressing news with #1 and #2. You can run full system scans with your favorite anti-virus. Obviously, if it finds things, you have a problem. If it says it fixed it, then THAT problem might be fixed (whatever it missed at the same time isn't fixed). If it doesn't find anything.. you either don't have a problem, or your AV didn't find your problem. And most AV is just scanning for the most common threats. Everyone has some magic brand of antivirus they swear by, but they're all fairly similar. They can catch some things, they can't catch others.
What the non-paranoid do is to just scan the crap out of their system with every anti-virus product they can find, and after enough "You're good!" answers, they figure they're good. And they might very well be just fine at that point.
What most paranoid people do when they think they may have malware is reinstall their OS, being careful how they backup and restore their files. Copy the important files to removable storage (encrypt the removable storage) or a network location. Good time to run DBAN and wipe the harddrive. Reinstall. Closely inspect the files before you copy them to the newly installed system. I'd scan them with multiple types of AV. Presto.
It's a pain in the ass.
Which is why, after going through that fucking circus a time or two, paranoid people get very careful about doing anything that could get malware on their main OS. Use VMs for browsing, downloading, opening shit from places you can't trust, etc. With virtual machines, you can use snapshots (or immutable disks) to just roll your desktop image back to where you were before you were browsing, automatically.
Torrents:
4. Should I keep my torrent on my computer?
5. If I need to remove them would I delete them or overwrite them?
6. How do I overwrite files?
I haven't used torrents much, so somebody else is better off taking this one.
Encryption
7. How do I encrypt my hd? Truecrpyt or a similar program?
There are lots of tutorials here and on clear websites. Google/etc will return some great tutorials.
Truecrypt isn't a bad pick for Windows. For Mac, you're largely stuck with FileVault, which is better than nothing (but Apple has done some truly stupid shit with the way they've implemented it in the past). On Linux, full-disk encryption using LUKS/dm_crypt is available with most installers. Search for "full disk encryption" and whatever operating system you have. You'll find lots of them.
Misc
8. Any tips on cleaning up the default os?
9. Should I save my default os and then use dban or nuke?
10. Any tips on doing #9
No, because I tend to just wipe and reinstall for most major problems. So I don't have a lot of expertise in fixing things. Tend to burn things to the ground during troubleshooting.
With a second computer, you can separate your normal use computer from your "I wanna be anonymous" computer, that makes life a lot easier. Your anonymous machine shouldn't ever need your real name, real address, phone number, Facebook account name/password, public email name/password, etc every typed into it. Ever.
Or boot Tails from USB and use persistent storage. And use that for anonymous stuff. You could do a lot worse than that. I'd use Tails before I'd use Windows for anything requiring any privacy.
-
Thank you again ECC! You have helped me out tremendously!
I think I have found all the answers I need for now. I'm one step closer to being fully secure.
But again thank you, I will try and remember these post and give you some karma as soon as possible!