Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.
Hi all, please see this major site announcement: https://www.boards.ie/discussion/2058427594/boards-ie-2026

Tor & The Deep Dark Wet Web

13

Comments

  • #62
    Sh1tbag OToole
    Closed Accounts Posts: 3,971 ✭✭✭Sh1tbag OToole


    KomradeBishop wrote: »
    There is no safe way to browse the darknet really. The way that people are identified, is by exploiting their web browser (usually after first exploiting the web server hosting a darknet website, to plant code that exploits the browser of visitors), and running software on their computer to either get their IP address, or - if you've perfectly setup your network to go straight through a VPN, making the IP unobtainable - gathering computer hardware id's which are very easily traced back to you, with the right legal resources.

    Not even running from within a VM is safe, because again, you can guarantee that there are exploits that can bypass a VM and can be used to gather hardware id's.

    It'd require fairly large technical and legal resources to do this, but it's definitely within the ability of law enforcement agencies in e.g. the US - and with the ubiquitous internet surveillance going on around the world, with many countries collaborating in this across borders, and with how a large number of Tor nodes are likely run by various co-operating intelligence agencies, there are many (such as William Binney, who helped design the NSA's Internet surveillance system) who reckon it's possible to track Tor users back to their originating IP.

    He was last involved with developing those systems, almost 15 years ago, so if he thought it was possible then, you can guess how far their capabilities have come, in the last 15 years.

    A browser exploit that can escape the VM it's running on would be quite something. Has this ever been seen in the wild or is it only speculation?

    A lot of this stuff presumably runs on JavaSh1t but Tor hidden sites tend to be quite minimalist and can be browsed without it for the most part. The proliferation and rapid expansion of JavaSh1t hasn't done us any good from a security standpoint. Flash used to be another good one for exploits and tracking people. Maybe if Tor used its own protocol and it's own browser that's built from the ground up there would be less of a chance of this happening. I suppose Gopher is a safer alternative but because of the way most Gopher clients these days are just JS-based plugins for normal browsers even they might not be safe.


  • #63
    kowloon
    Registered Users, Registered Users 2, Paid Member Posts: 14,186 ✭✭✭✭kowloon


    Reminds me of these illegal weapons


  • #64
    brianregan09
    Registered Users, Registered Users 2 Posts: 8,505 ✭✭✭brianregan09


    Well I went on it and without digging too deep i'm not all that impressed or bothered with it meh


  • #65
    syklops
    Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    Sh1tbag OToole wrote: »
    A browser exploit that can escape the VM it's running on would be quite something. Has this ever been seen in the wild or is it only speculation?

    There was a really good talk on cross communication between VMs at this years DefCon.


  • #66
    syklops
    Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    brianregan09 wrote: »
    Well I went on it and without digging too deep i'm not all that impressed or bothered with it meh

    Were you trying to buy guns/child porn or drugs? If not, then why would you be impressed?

    Thats like me saying I wasn't impressed with mothercare.


  • Advertisement
  • #67
    KomradeBishop
    Closed Accounts Posts: 4,981 ✭✭✭KomradeBishop


    Sh1tbag OToole wrote: »
    A browser exploit that can escape the VM it's running on would be quite something. Has this ever been seen in the wild or is it only speculation?

    A lot of this stuff presumably runs on JavaSh1t but Tor hidden sites tend to be quite minimalist and can be browsed without it for the most part. The proliferation and rapid expansion of JavaSh1t hasn't done us any good from a security standpoint. Flash used to be another good one for exploits and tracking people. Maybe if Tor used its own protocol and it's own browser that's built from the ground up there would be less of a chance of this happening. I suppose Gopher is a safer alternative but because of the way most Gopher clients these days are just JS-based plugins for normal browsers even they might not be safe.
    You just need an exploit to escape the browser, and an exploit on top of it to escape the VM; the recent font exploit I mentioned in another thread (which has probably been known for more than a decade by intelligence agencies) can get you out of the browser, without Javascript, and there have been plenty of cases of VM's (or even lower down, the systems processor) having exploitable issues that can escape the VM.

    I sometimes work with finding/fixing security holes in software, and can guarantee you, that pretty much no piece of software you ever use, will be secure - not anymore than you'll ever encounter a bug-free program (as that's all exploits essentially are - really subtle bugs usually).


  • #68
    Satriale
    Closed Accounts Posts: 3,998 ✭✭✭Satriale


    conorhal wrote: »
    Do you stand naked in front of the mirror in your basement while 'Goodbye Horses' plays in the background while you wear it? :D

    Feck, now I'm not going to get the song out of my head until I do it...


  • #69
    brianregan09
    Registered Users, Registered Users 2 Posts: 8,505 ✭✭✭brianregan09


    syklops wrote: »
    Were you trying to buy guns/child porn or drugs? If not, then why would you be impressed?

    Thats like me saying I wasn't impressed with mothercare.


    IS that all there really is to it ??? Just thought there'd more to it dunno what I was expecting to be honest


  • #70
    syklops
    Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    brianregan09 wrote: »
    IS that all there really is to it ??? Just thought there'd more to it dunno what I was expecting to be honest

    TOR, the onion router is a highly secure network of computers making traceability difficult(not impossible though). Theres tons of UFO stuff on there uploaded by tinfoil hat wearing individuals, lots of paranoia, and drugs, guns, hitmen, porn(the sort of stuff you don't want your Ma finding), anarchist stuff, Angela Merkel is really a lizard etc etc.


  • #71
    umop apisdn
    Closed Accounts Posts: 279 ✭✭umop apisdn


    syklops wrote: »
    TOR, the onion router is a highly secure network of computers making traceability difficult(not impossible though). Theres tons of UFO stuff on there uploaded by tinfoil hat wearing individuals, lots of paranoia, and drugs, guns, hitmen, porn(the sort of stuff you don't want your Ma finding), anarchist stuff, Angela Merkel is really a lizard etc etc.

    Exactly what kind of porn did you want your Ma to find ?


  • Advertisement
  • #72
    pmasterson95
    Registered Users, Registered Users 2 Posts: 3,074 ✭✭✭pmasterson95


    syklops wrote: »
    TOR, the onion router is a highly secure network of computers making traceability difficult(not impossible though). Theres tons of UFO stuff on there uploaded by tinfoil hat wearing individuals, lots of paranoia, and drugs, guns, hitmen, porn(the sort of stuff you don't want your Ma finding), anarchist stuff, Angela Merkel is really a lizard etc etc.
    Aside from Porn is this not basically boards you've described?


  • #73
    syklops
    Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    pmasterson95 wrote: »
    Aside from Porn is this not basically boards you've described?

    Where are the hitmen for rent and guns for sale on Boards.ie?


  • #74
    Yakult
    Moderators, Computer Games Moderators Posts: 7,943 Mod ✭✭✭✭Yakult


    Been curious about TOR for a while now. Nearly went on for a browse a year or two ago but I never did. It's mostly full of stuff I don't want to see with little else to make it worth while. The shallow, bright internet will do me just fine I think.

    syklops wrote: »
    Where are the hitmen for rent and guns for sale on Boards.ie?

    Adverts


  • #75
    oppenheimer1
    Closed Accounts Posts: 5,733 ✭✭✭oppenheimer1


    Yakult wrote: »

    Adverts
    You can't sell a hitman on adverts, you only get offered swaps:pac:


  • #76
    Joe prim
    Registered Users, Registered Users 2 Posts: 919 ✭✭✭Joe prim


    Menas wrote: »
    And whatever you do - dont install and access Tor on your work laptop....your IT guys will be all over you like a rash!!

    Oh ****!Now you tell me.


  • #77
    [Deleted User]
    Posts: 9,005 ✭✭✭ [Deleted User]


    When the Sun Hits wrote: »
    Doubtful. Modafinil can be bought on the clearnet (legally) pretty easily. Probably was Adderall, Dextro or just plain old reliable Amphetamine Sulphate. :pac:

    No. It can't. It is a prescription only medication.


  • #78
    LDN_Irish
    Registered Users, Registered Users 2 Posts: 1,188 ✭✭✭LDN_Irish


    [Deleted User] wrote: »
    No. It can't. It is a prescription only medication.

    That doesn't mean it can't be bought online easily and legally. It's (bizarrely but howandever) legal to have an online consultation and be prescribed prescription only medications that you can then purchase.


  • #79
    brianregan09
    Registered Users, Registered Users 2 Posts: 8,505 ✭✭✭brianregan09


    I just want to know where to buy space cakes ....Cos i can't smoke ...Bad chest :(


  • #80
    pmasterson95
    Registered Users, Registered Users 2 Posts: 3,074 ✭✭✭pmasterson95


    oppenheimer1 wrote: »
    You can't sell a hitman on adverts, you only get offered swaps:pac:

    I'll swap ya my Yakuza hitman for your Zeta hitman?


  • #81
    oppenheimer1
    Closed Accounts Posts: 5,733 ✭✭✭oppenheimer1


    pmasterson95 wrote: »
    I'll swap ya my Yakuza hitman for your Zeta hitman?

    Throw in an iPhone 4 with a slightly damaged screen and you have a deal.


  • Advertisement
  • #82
    RedemptionZ
    Registered Users, Registered Users 2 Posts: 1,758 ✭✭✭RedemptionZ


    How does that hitman for sale thing work without getting caught? Surely that's too vulnerable to Chris Hansen style fake inquiries.


  • #83
    syklops
    Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    RedemptionZ wrote: »
    How does that hitman for sale thing work without getting caught? Surely that's too vulnerable to Chris Hansen style fake inquiries.

    Do you know what a cryptocurrecy is?


  • #84
    umop apisdn
    Closed Accounts Posts: 279 ✭✭umop apisdn


    syklops wrote: »
    Do you know what a cryptocurrecy is?

    We're Irish, we didn't know what tracker mortgages were, remember ?


  • #85
    RedemptionZ
    Registered Users, Registered Users 2 Posts: 1,758 ✭✭✭RedemptionZ


    syklops wrote: »
    Do you know what a cryptocurrecy is?

    No I do not, I only use the classic internets


  • #86
    syklops
    Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    RedemptionZ wrote: »
    No I do not, I only use the classic internets

    Its an untraceable currency. I would imagine a deposit of sorts would be required before any agreements are made.


  • #87
    syklops
    Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    umop apisdn wrote: »
    We're Irish, we didn't know what tracker mortgages were, remember ?

    I still don't know what a tracker mortgage is. I do, however know what a cryptocurrency is.


  • #88
    umop apisdn
    Closed Accounts Posts: 279 ✭✭umop apisdn


    syklops wrote: »
    I still don't know what a tracker mortgage is. I do, however know what a cryptocurrency is.

    hmmm . . . you're probably a banker so


  • #89
    syklops
    Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    umop apisdn wrote: »
    hmmm . . . you're probably a banker so

    No, security engineer.


  • #90
    Billy86
    Closed Accounts Posts: 23,495 ✭✭✭✭Billy86


    oppenheimer1 wrote: »
    You can't sell a hitman on adverts, you only get offered swaps:pac:

    Exactly, so I contact a poster asking them to 'take care' of another poster for me, and in exchange I will do so for a poster of their choosing. Then we come on here and organise a meet up, to make both of our jobs easier.


  • Advertisement
  • #91
    Billy86
    Closed Accounts Posts: 23,495 ✭✭✭✭Billy86


    RedemptionZ wrote: »
    How does that hitman for sale thing work without getting caught? Surely that's too vulnerable to Chris Hansen style fake inquiries.

    To be fair I think most of the hitmen accounts were suspected to just be con men instead - who could you complain to after all!? It's one thing to complain about someone ripping you off for a few ounces of weed or some MDMA, it's another when you are automatically admitting conspiracy to commit murder!

    That said I'm only going off what I remember hearing/reading from the time the Silk Road stories were everywhere. Another one was that one of the main admins was attempting to blackmail the owner of the site and several members, saying he would expose everyone's real identities if he was not paid a certain amount... but then he disappeared off the site. When the owner of TSR's computers and such were being searched, he had been in contact with one of these hitmen around that time to 'take care' of said admin. And because of how hard it is to obtain details after the fact, last I heard nobody knew anything about that admins real identity, or if anything had happened to him or not since. A bit spooky in an unsolved mystery sense... :eek:

    Complete hearsay and gossip of course, but interesting nonetheless!


Advertisement
Advertisement