Silk Road forums
Discussion => Newbie discussion => Topic started by: nobodyenduser on September 26, 2013, 02:42 am
-
I'm trying to verify the .iso signature using GPG4WIN Kleopatra.
How long does this normally take? 5 minutes? 10 minutes? more?....
-
I'd bet on anywhere from 10 to 45 min.
You're calculating the sig for an entire disc full of tail.
I'd expect at least 45min - personally. I'd just set it - go do some other shit, and come back later.
-
Should only take like 5 minutes.
Have you successfully checked the sig of smaller files?
Do you have the tails developer key on your keyring?
-
A PGP signature is a signature of the checksum of the file rather than the entire file in order to avoid a giant signature and much more expensive signing math.
The speed at which your system calculates a checksum is likely bottlenecked by your hard drive rather than your CPU if your computer is reasonably modern.
-
Should only take like 5 minutes.
Have you successfully checked the sig of smaller files?
Do you have the tails developer key on your keyring?
This is the first ever signature i have tried to check. Yes I did import the key file. Though I may have not gave it enough time. I probably quit after 4 minutes thinking it wasn't working. I will let it run longer next time.
Yoda: I did read about the FBI freedom hosting you mentioned and it brings up a question i have about TOR's Noscript addon 2.6.8.1 under the general tab of options the box next to scripts allowed globally (dangerous) is checked. THAT SHOULD BE UNCHECKED? right?
-
Should only take like 5 minutes.
Have you successfully checked the sig of smaller files?
Do you have the tails developer key on your keyring?
This is the first ever signature i have tried to check. Yes I did import the key file. Though I may have not gave it enough time. I probably quit after 4 minutes thinking it wasn't working. I will let it run longer next time.
Yoda: I did read about the FBI freedom hosting you mentioned and it brings up a question i have about TOR's Noscript addon 2.6.8.1 under the general tab of options the box next to scripts allowed globally (dangerous) is checked. THAT SHOULD BE UNCHECKED? right?
Might want to try a smaller file first. And when you attach their key to your keyring, match up the fingerprint etc. to make sure it matches what they say the key should have... in GPA, right click the key > sign keys > I check the checkbox in the corner to keep it local (I don't want it searching the internet for key) > ok. Now the key should say Fully Valid in the validity column. Now when you successful check sig from them you wont get an error about the key not being trusted or whatever.
And it makes it easier if you place the file and sig file in the same folder, then Kleopatra finds it for you.
Yes, block all scripts. It sucks that the TBB default NoScript setting is to allow all scripts. Some even go further:
NoScript > options > embeddings tab > and they check all those top boxes to block them. You're now not able to do normal web surfing, but you're more secure.
-
Do you know if someone has developed a scan for that FBI java malware exploit magneto to see if you are infected?
-
Do you know if someone has developed a scan for that FBI java malware exploit magneto to see if you are infected?
I don't think so... but I know the files are listed in articles, it's only a couple you'd have to look for.
-
Do you know if someone has developed a scan for that FBI java malware exploit magneto to see if you are infected?
I don't think so... but I know the files are listed in articles, it's only a couple you'd have to look for.
Do you remember the article? All I have been able to find is someone who reversed engineered and it is showing the commands that that it executes on a infected computer which is confusing.
Now i am afraid I am infected although I only started using TBB mid August but I only updated my TBB yesterday. I am going to use TAILS but only tomorrow after i get some sleep.
-
Do you know if someone has developed a scan for that FBI java malware exploit magneto to see if you are infected?
I don't think so... but I know the files are listed in articles, it's only a couple you'd have to look for.
Do you remember the article? All I have been able to find is someone who reversed engineered and it is showing the commands that that it executes on a infected computer which is confusing.
Now i am afraid I am infected although I only started using TBB mid August but I only updated my TBB yesterday. I am going to use TAILS but only tomorrow after i get some sleep.
I doubt you have much to worry about... it's like cryngie stated in another thread earlier today; they aren't really after the buyers. Unless you're a big vendor, you can relax.
TBB is fine atm as far as I know... just keep scripts blocked and don't be going to all sorts of sites on it. You can use your regular browser for regular things at the same time. (just don't be on the same server/site with both at the same time)
You're going to have to search for the exploit files, not sure why it's so difficult to find now. That or ask on the security forum and maybe someone will know.
-
Should only take like 5 minutes.
Have you successfully checked the sig of smaller files?
Do you have the tails developer key on your keyring?
Really? That surprises me - but then again, after thinking it through a bit, I guess 5 minutes sounds about right.
Have you noticed, by chance, if the time for completion is drastically different on older machines, or is it only slightly slower?
-
Is it essential to verify. if you download it from the genuine site then surely it is genuine. I have tails running and dont remember verifying it.
excuse my noobiness.