Silk Road forums

Discussion => Security => Topic started by: TMan99 on August 03, 2013, 10:24 pm

Title: Qubes vs. Tails
Post by: TMan99 on August 03, 2013, 10:24 pm
I plan on becoming a vendor who needs to secure themself in every way to not leak IP address.

Leaking my IP is my only real worry in this process.

Other than this all I need is a saved PGP key I can access .

After researching for weeks Tails just does not seem like it is secure enough for me so I am trying to go with something more secure like Qubes. But in no way am I a techie, a lot of it just goes straight over my head.

Can anyone lay out what Qubes is going to do for me compared to Tails in terms of anonymity of IP address.
Title: Re: Qubes vs. Tails
Post by: comsec on August 04, 2013, 12:38 am
Tails forces all traffic through Tor preventing leaks, don't know about Qubes just looks like some hypervisor abortion that software isolates applications which isn't very secure. Chaos Computer Congress presentations have detailed how they've broken out of VMs easily by overflowing old device drivers in the linux kernel (from the 1990s), and then stealing large pages of memory from the host system. Linux kernel has thousands and thousands of old drivers crammed into it still, that's a gigantic attack area full of open ports to abuse. At least Tails will sort of prevent this by ensuring traffic is tunneled through Tor with firewall rules where Qubes you have to set that up yourself.

US recently found Chinese hackers by setting up honeypot water plant stations and waiting for hackers to break into it. They used BeEF (Browser exploitation framework) to rip through firefox and activated their wifi, giving away their location. http://www.technologyreview.com/news/517786/chinese-hacking-team-caught-taking-over-decoy-water-plant/

If you don't want to give away your location disabling wifi is the first thing you should do. Now disable any bluetooth (if your mobo or device has it). You can do this by chmod 000 the daemons and binaries, ripping out drivers, or physically ripping out the wifi card or chip (recommended, since malware can silently install drivers from kernel anyways). Now go buy a VPN for bitcoins. Tunnel all your traffic through it on your host system. Load up virtualbox and load up Tails .iso. All tails traffic is now transparently tunneled through the VPN, so if something breaks out they can't easily discover your IP. You have wifi disabled on the host system, so they can't turn that on and find you. You also aren't using an "aircard" or telecom USB internet stick which can be reprogrammed over the air without you knowing. Your local ISP won't see any Tor traffic.

Disable javascript, and all java plugins in your graphical browsers or better yet, only use Lynx a text browser. I think Tails comes with it. Don't click on any links in the forum or emailed to you. It takes a while to get used to it but you can easily navigate the SR store using just a text browser.

tl;dr - build this vendor system

- buy DDR3 ram (cheap), a Taiwanese motherboard with no onboard wifi (cheap), Taiwanese hard drive.
- install Debian Wheezy, configure for LUKS containers w/encryption during install.
- apt-get install virtualbox
- download Tails .iso from their website and verify crypto signatures.
- buy OpenVPN from any Torrenfreak recommended provider (for bitcoins).
- use Tor to fill out their information
- activate OpenVPN https://wiki.debian.org/OpenVPN
- start up virtualbox, select Tails.iso as a live disc
- information you want saved, encrypt it and then cut + paste to your host system. can also create a shared drive that holds PGP keys and other info.

Good enough for a small vendor to start out with. System cost will be $100 for the motherboard, $60 for ram and $60 for HD.
Title: Re: Qubes vs. Tails
Post by: Quazee on August 04, 2013, 01:08 am
Tails forces all traffic through Tor preventing leaks, don't know about Qubes just looks like some hypervisor abortion that software isolates applications which isn't very secure. Chaos Computer Congress presentations have detailed how they've broken out of VMs easily by overflowing old device drivers in the linux kernel (from the 1990s), and then stealing large pages of memory from the host system. Linux kernel has thousands and thousands of old drivers crammed into it still, that's a gigantic attack area full of open ports to abuse. At least Tails will sort of prevent this by ensuring traffic is tunneled through Tor with firewall rules where Qubes you have to set that up yourself.

US recently found Chinese hackers by setting up honeypot water plant stations and waiting for hackers to break into it. They used BeEF (Browser exploitation framework) to rip through firefox and activated their wifi, giving away their location. http://www.technologyreview.com/news/517786/chinese-hacking-team-caught-taking-over-decoy-water-plant/

If you don't want to give away your location disabling wifi is the first thing you should do. Now disable any bluetooth (if your mobo or device has it). You can do this by chmod 000 the daemons and binaries, ripping out drivers, or physically ripping out the wifi card or chip (recommended, since malware can silently install drivers from kernel anyways). Now go buy a VPN for bitcoins. Tunnel all your traffic through it on your host system. Load up virtualbox and load up Tails .iso. All tails traffic is now transparently tunneled through the VPN, so if something breaks out they can't easily discover your IP. You have wifi disabled on the host system, so they can't turn that on and find you. You also aren't using an "aircard" or telecom USB internet stick which can be reprogrammed over the air without you knowing. Your local ISP won't see any Tor traffic.

Disable javascript, and all java plugins in your graphical browsers or better yet, only use Lynx a text browser. I think Tails comes with it. Don't click on any links in the forum or emailed to you. It takes a while to get used to it but you can easily navigate the SR store using just a text browser.

This is all sweet and dandy but VPN's should not be trusted unless you own it...even if they accept BTC.
Title: Re: Qubes vs. Tails
Post by: comsec on August 04, 2013, 01:18 am
Tails forces all traffic through Tor preventing leaks, don't know about Qubes just looks like some hypervisor abortion that software isolates applications which isn't very secure. Chaos Computer Congress presentations have detailed how they've broken out of VMs easily by overflowing old device drivers in the linux kernel (from the 1990s), and then stealing large pages of memory from the host system. Linux kernel has thousands and thousands of old drivers crammed into it still, that's a gigantic attack area full of open ports to abuse. At least Tails will sort of prevent this by ensuring traffic is tunneled through Tor with firewall rules where Qubes you have to set that up yourself.

US recently found Chinese hackers by setting up honeypot water plant stations and waiting for hackers to break into it. They used BeEF (Browser exploitation framework) to rip through firefox and activated their wifi, giving away their location. http://www.technologyreview.com/news/517786/chinese-hacking-team-caught-taking-over-decoy-water-plant/

If you don't want to give away your location disabling wifi is the first thing you should do. Now disable any bluetooth (if your mobo or device has it). You can do this by chmod 000 the daemons and binaries, ripping out drivers, or physically ripping out the wifi card or chip (recommended, since malware can silently install drivers from kernel anyways). Now go buy a VPN for bitcoins. Tunnel all your traffic through it on your host system. Load up virtualbox and load up Tails .iso. All tails traffic is now transparently tunneled through the VPN, so if something breaks out they can't easily discover your IP. You have wifi disabled on the host system, so they can't turn that on and find you. You also aren't using an "aircard" or telecom USB internet stick which can be reprogrammed over the air without you knowing. Your local ISP won't see any Tor traffic.

Disable javascript, and all java plugins in your graphical browsers or better yet, only use Lynx a text browser. I think Tails comes with it. Don't click on any links in the forum or emailed to you. It takes a while to get used to it but you can easily navigate the SR store using just a text browser.

This is all sweet and dandy but VPN's should not be trusted unless you own it...even if they accept BTC.

True, but you would only be tunneling encrypted Tor traffic through it. The VPN is just so the local ISP doesn't see you are using Tor, and makes it that much harder to do timing attacks or have you found in a sweep looking for consistent Tor connections. You can also every few months switch the VPN to keep surveillance on their toes.

It would also be best if you bought a beagleboard and installed OpenBSD on it. Open hardware then no hidden manufacturer backdoors.
Title: Re: Qubes vs. Tails
Post by: Quazee on August 04, 2013, 02:56 am
Tails forces all traffic through Tor preventing leaks, don't know about Qubes just looks like some hypervisor abortion that software isolates applications which isn't very secure. Chaos Computer Congress presentations have detailed how they've broken out of VMs easily by overflowing old device drivers in the linux kernel (from the 1990s), and then stealing large pages of memory from the host system. Linux kernel has thousands and thousands of old drivers crammed into it still, that's a gigantic attack area full of open ports to abuse. At least Tails will sort of prevent this by ensuring traffic is tunneled through Tor with firewall rules where Qubes you have to set that up yourself.

US recently found Chinese hackers by setting up honeypot water plant stations and waiting for hackers to break into it. They used BeEF (Browser exploitation framework) to rip through firefox and activated their wifi, giving away their location. http://www.technologyreview.com/news/517786/chinese-hacking-team-caught-taking-over-decoy-water-plant/

If you don't want to give away your location disabling wifi is the first thing you should do. Now disable any bluetooth (if your mobo or device has it). You can do this by chmod 000 the daemons and binaries, ripping out drivers, or physically ripping out the wifi card or chip (recommended, since malware can silently install drivers from kernel anyways). Now go buy a VPN for bitcoins. Tunnel all your traffic through it on your host system. Load up virtualbox and load up Tails .iso. All tails traffic is now transparently tunneled through the VPN, so if something breaks out they can't easily discover your IP. You have wifi disabled on the host system, so they can't turn that on and find you. You also aren't using an "aircard" or telecom USB internet stick which can be reprogrammed over the air without you knowing. Your local ISP won't see any Tor traffic.

Disable javascript, and all java plugins in your graphical browsers or better yet, only use Lynx a text browser. I think Tails comes with it. Don't click on any links in the forum or emailed to you. It takes a while to get used to it but you can easily navigate the SR store using just a text browser.

This is all sweet and dandy but VPN's should not be trusted unless you own it...even if they accept BTC.

True, but you would only be tunneling encrypted Tor traffic through it. The VPN is just so the local ISP doesn't see you are using Tor, and makes it that much harder to do timing attacks or have you found in a sweep looking for consistent Tor connections. You can also every few months switch the VPN to keep surveillance on their toes.

It would also be best if you bought a beagleboard and installed OpenBSD on it. Open hardware then no hidden manufacturer backdoors.
True but I wonder if there would there be a away for the vpn to do a sort of man in the middle attack with your tor traffic? I don't know enough technically about it to trust it is all.