DMT-Nexus member
Posts: 108 Joined: 06-May-2012 Last visit: 16-Sep-2019 Location: North Texas
|
jimm wrote:I don't really have time to link things, nor do I think this is that big of a deal, but as for me I'm on Tor for sure. I did provide words and phrases for you to look up on your own.
And there are sites where people have been visited by the authorities and I wont be confirming which ones they are. I have really important information and make bold claims but don't have time to provide any evidence for you. The simple fact is that if talking about illegal activity was all it took to get a knock on your door then many people on this and other sites would have been arrested and you wouldn't have to search for articles proving it because it would be all over every newspaper in the country because people do this all day every day. And people do MUCH more than simply write text. Have you seen the pictures and videos from members of many marijuana grow sites? The Patriot Act was signed into law over a decade ago. I think they would have been on it by now. If you feel the need for extra security, by all means go for it. Just don't tell me my First Amendment is gone when I see it being used every day.
|
|
|
|
|
DMT-Nexus member
Posts: 82 Joined: 02-Sep-2010 Last visit: 07-Oct-2023
|
whaaaat? Dude they easily inject the little lock icon or whatever plus it still reads https.. The tools make it all seemless, you dont even have to re-approve the certificate like happened in the early versions.. You cannot tell.. The Traveler wrote: I'm just seeing this now but let me get this slight misunderstanding out of the way.
This kind of attack is in essence a man-in-the-middle attack by ARP spoofing: 1) The attacker makes your computer think that they are the destination of all your internet traffic (ARP spoofing) 2) The attacker makes the HTTPS connection to the DMT-Nexus server. 3) The attacker relays the traffic from and to the DMT-Nexus server to you via an unsecured line (HTTP, so without the S).
So what happens with this attack is the following:
YOU <- HTTP -> ATTACKER <- HTTPS -> DMT-Nexus server
This way the attacker can read your unencrypted traffic from and to the DMT-Nexus server.
As you probably already have guessed, the solution to prevent this kind of attack is rather simple: check if you are connecting to the DMT-Nexus via HTTPS!
If HTTPS is showing then your line is secure. With HTTPS your ISP can still see that you connect to the DMT-Nexus server but they cannot see what threads you read and which posts you make.
Kind regards,
The Traveler
|
|
|
"No, seriously"
Posts: 7324 Joined: 18-Jan-2007 Last visit: 02-Nov-2024 Location: Orion Spur
|
jimm wrote:whaaaat?
Dude they easily inject the little lock icon or whatever plus it still reads https..
The tools make it all seemless, you dont even have to re-approve the certificate like happened in the early versions..
You cannot tell..
The lock icon is just the favicon. Exploits like that are the main reason why the favicon is not shown anymore in the address bar in Chrome for example . And no, you will see HTTP and not HTTPS. Please look more into this if you want to make certain claims. Kind regards, The Traveler
|
|
|
DMT-Nexus member
Posts: 1310 Joined: 27-Sep-2012 Last visit: 01-Feb-2022 Location: Lost in space
|
^^^ Why do you think it puts one at higher risk? People use Tor for other purposes besides activities contrary to law (although nothing here is illegal, since for the moment we still have free speech), so I don't think Tor sends off a beacon. I could be wrong. And how can it be tracked? I'm not trying to be argumentative or contrary, I am honestly interested. I don't know a lot of how these things work. I do know, no matter what any one does to stop people with software from doing something, there's always a way around it. The only way to beat hacker type activities is to be one step ahead. Be an adult only when necessary.
|
|
|
member for the trees
Posts: 4003 Joined: 28-Jun-2011 Last visit: 27-May-2024
|
..the so called 'darkweb' tor system is not 100% secure!
the operators of at least one darkweb sale or trade drug site were all tracked and taken to court..
make Your Life secure..then you don't have to fuss so much.. .
|
|
|
Stiletto Stoner
Posts: 1132 Joined: 18-Nov-2008 Last visit: 15-Mar-2015 Location: Blazin'
|
TFM bust (or LulzSec & Anonymous arrests) happened due to other reasons rather than the (in)security of the Tor network. Got GVG ? Mhm. Got DMT ? Pandora wrote:Nexus enjoys cutting edge and ongoing superior programming skills of the owner of this site (The Traveler), including recent switching to the .me domain name. I'm still, I'm still Jenny from the block Simon Jester wrote:"WTF n00b, buy the $100 vapor pipe or GTFO" Ignorance of the law does not protect you from prosecution
|
|
|
DMT-Nexus member
Posts: 82 Joined: 02-Sep-2010 Last visit: 07-Oct-2023
|
Sorry, I don't test with Chrome because I don't use things with such TOS. Firefox doesn't have these colors. The Traveler wrote: The lock icon is just the favicon. Exploits like that are the main reason why the favicon is not shown anymore in the address bar in Chrome for example .
And no, you will see HTTP and not HTTPS. Please look more into this if you want to make certain claims.
Kind regards,
The Traveler
|
|
|
"No, seriously"
Posts: 7324 Joined: 18-Jan-2007 Last visit: 02-Nov-2024 Location: Orion Spur
|
jimm wrote:Sorry, I don't test with Chrome because I don't use things with such TOS. Firefox doesn't have these colors. The Traveler wrote: The lock icon is just the favicon. Exploits like that are the main reason why the favicon is not shown anymore in the address bar in Chrome for example .
And no, you will see HTTP and not HTTPS. Please look more into this if you want to make certain claims.
Kind regards,
The Traveler
I colored the HTTP and HTTPS to make the difference more clear, I'm sorry if that caused a misunderstanding. In FireFox you will also see that the site still uses HTTP with this attack (again, just colored here to make the difference more clear). Kind regards, The Traveler
|
|
|
DMT-Nexus member
Posts: 552 Joined: 08-May-2012 Last visit: 01-Nov-2024
|
For those who do not know yet, one can download Tor to browse the internet safely: https://www.torproject.org/download/downloadThis will be old news to some, but brand new awesome news for others. BUT, read up on the ways in which Tor is not safe, certain precautions and things must be done to stay safe and anonymous, such as not going to certain sites, etc. Enjoy! Meditate before you venture, take it seriously, use it as medicinalโit is good psychotherapy if needed. Realize that you, the Earth, others, and the Universe are all one and the same process. Then take that knowledge back to become, as you already are, one with nature. Eternity in every moment. Divinity in every particle. All is one organism.
|
|
|
"No, seriously"
Posts: 7324 Joined: 18-Jan-2007 Last visit: 02-Nov-2024 Location: Orion Spur
|
Uhm, did you actually READ the first post in this thread??? Kind regards, The Traveler
|
|
|
โจ
Posts: 3830 Joined: 12-Feb-2009 Last visit: 08-Feb-2024
|
The Traveler wrote:Uhm, did you actually READ the first post in this thread??? Forgive me, he started a new thread on the subject of Tor. In the interest of keeping the forum clean I moved it here. "Facts do not cease to exist because they are ignored." -A.Huxley
|
|
|
DMT-Nexus member
Posts: 237 Joined: 27-Oct-2010 Last visit: 31-May-2014
|
Tea fell into water Smoalk N,N DMT errrrday Quote:11:53:11 โนUntmโบ Nexus chat and anti-gravity simulated racing is my coffee.
|
|
|
"No, seriously"
Posts: 7324 Joined: 18-Jan-2007 Last visit: 02-Nov-2024 Location: Orion Spur
|
a1pha wrote:The Traveler wrote:Uhm, did you actually READ the first post in this thread??? Forgive me, he started a new thread on the subject of Tor. In the interest of keeping the forum clean I moved it here. Ah, that explains it. Thank you for making this clear a1pha and sorry for me quick assumption DisEmbodied. Kind regards, The Traveler
|
|
|
โจ
Posts: 3830 Joined: 12-Feb-2009 Last visit: 08-Feb-2024
|
a1pha wrote:dreamer042 wrote:Am I just being ignorant, or are others being overly paranoid? Guess who the target is on these days: users of anon networks. Interesting development: Use of Tor and e-mail crypto could increase chances that NSA keeps your dataQuote:While the documents make clear that data collection and interception must cease immediately once it's determined a target is within the US, they still provide analysts with a fair amount of leeway. And that leeway seems to work to the disadvantage of people who take steps to protect their Internet communications from prying eyes. For instance, a person whose physical location is unknownโwhich more often than not is the case when someone uses anonymity software from the Tor Projectโ"will not be treated as a United States person, unless such person can be positively identified as such, or the nature or circumstances of the person's communications give rise to a reasonable belief that such person is a United States person," the secret document stated. Procedures used by NSA to minimize data collection from US persons: Exhibit B โ full document"Facts do not cease to exist because they are ignored." -A.Huxley
|
|
|
DMT-Nexus member
Posts: 992 Joined: 10-Dec-2010 Last visit: 24-Oct-2023 Location: Earth's atmosphere
|
All of this info has my head swimming. I've used HMA as a VPN but have recently heard that this one in particular is NOT good. Any good VPN suggestions for someone in the US? Thanks! Let us declare nature to be legitimate. All plants should be declared legal, and all animals for that matter. The notion of illegal plants and animals is obnoxious and ridiculous. โ Terence McKenna
All my posts are hypothetical and for educational/entertainment purposes, and are not an endorsement of said activities. SWIM (a fictional character based on other people) either obtained a license for said activity, did said activity where it is legal to do so, or as in most cases the activity is completely fictional.
|
|
|
DMT-Nexus member
Posts: 176 Joined: 23-Jun-2010 Last visit: 01-Sep-2024
|
If you have not already, I would take a quick glance at this 2008 32-slide presentation. Note this is 2008 capabilities, pre-megalith data center era. Quote:Training materials for the XKeysc0re program detail how analysts can use it and other systems to mine enormous agency databases and develop intelligence from the web:
Quote:"Performs strong (e.g. email) and soft (content) selection." pg 2 "Provides real-time target activity." pg 2 "Show me all the VPN startups in country X, and give me the data so I can decrypt and discover the users" pg 17 "Show me all the exploitable machines in country X" pg 24 Quote:"How do I find a strong-selector for a known target" "How do I find a cell of terrorists that has no connection to known strong-selectors" "Answer: Look for anomalous events: E.g. Someone whose language is out of place for the region they are in Someone who is using encryption (emphasis mine) Someone searching the web for suspicious stuff" http://www.theguardian.c...rogram-full-presentation
|
|
|
Master of Massive Altitudes
Posts: 20 Joined: 13-May-2013 Last visit: 24-May-2021
|
You guys do realize that most of the nodes on the Onion network are most likely compromised and watched, right? This goes for most other layers of security as well. A well-funded organization like the US gov has outstanding penetration software and access to most ISPs as well. They are way far ahead of us...
|
|
|
Master of Massive Altitudes
Posts: 20 Joined: 13-May-2013 Last visit: 24-May-2021
|
However, my friends...this should not stop you from disseminating information. Not at all. VPNs are still quite powerful methods of anonymity (for now), as are FOSS firewalls. We also have the power of free speech...for now. When that is taken, action against it must be as well. But until then, spread info as much as possible. It is the highest ethical purpose.
|
|
|
DMT-Nexus member
Posts: 365 Joined: 08-Apr-2012 Last visit: 12-Jun-2020 Location: Adelaide, Australia
|
The freedom to speak is a bit meaningless when nobody listens
|