Tutorial: How To Fit +13,000 Terabytes of Data On A 15 Gigabyte USB Stick

Over the course of the last few months I have been neglecting my primary business site, so I figured I would write a brief article here today and combine it with my online tutorials series. Today’s article is simple, really, instructing internet users how easy it is to host and store massive amounts of data with even the simplest of technologies. Say for example you own a 15 GB USB stick, most people think that you can only hold 15 GB of data on it – right? However, as I will attempt to demonstrate, not only is this untrue, but given the right amount of knowledge and skill, you can actually host thousands of Terabytes worth of data on a simple 15 Gigabyte USB stick. In the remainder of this article, I will attempt to do my best to explain why you might as well look at a 15 GB data stick as home to potentially infinite amounts of data storage.

The perfect example of this phenomenon can be observed with WikileaksDeadman’s Switch” insurance file, which contains approximately 88 GB of data, but offered to the public in the form of a 110 KB torrent file download. For some perspective on this figure, you can fit 1,000,000 Kilobytes (KB) in 1 GB of data. So, if a 100 KB Torrent File essentially equals 88 GB of data storage, this means you can store approximately 13,200,000 GB of data on a 15 GB USB Stick – or 13,200 TB. Mind 💥 yet?

Download Wikileaks Encrypted Torrent File: https://file.wikileaks.org/torrent/2016-06-03_insurance.aes256.torrent

Proof of Concept:

100 KB Torrent File = 88 GB Storage

100 KB of Normal Storage Space x 10,000 KB = 1 GB of Storage Space

88 GB x 10,000 = 880,000 GB of Storage Space in a 1 GB Torrent File

1 TB of Data = 1,000 GB of Data

880,000 GB x 15 GB = 13,200,000 GB or 13,200 TB of Data Storage in 15 GB USB Stick

As the math is clear, you can see that it’s indeed possible to store well over 13,000 Terabytes of data on something as small as a 15 Gigabyte USB stick – the standard size available at most computer hardware stores, at least here in the US. As for how to compress a file into a torrent, this is also extremely simple given the right software. In fact, making a torrent file is literally as easy or takes up as much time/energy as creating a zip file. All you need to do is install a 3rd party torrenting program, some of which you can find below, then use the programs setting to upload and compress your file into a torrent. It’s literally as easy as clicking 3 buttons!

Sample Demo Using uTorrent:

While this may be somewhat of an extreme example, you can also dramatically free up storage space by combing all of your documents/files into a singular or multiple zip files – drastically freeing up vast amounts of storage space on your computer or USB stick. For the purposes of this article I did not do the exact math for zip files, as torrents far and away compress the greatest amount of data into the smallest of locations.

Lastly, most people tend to stay away from torrent files because they think they are “illegal,” but this is merely just a fallacy. You see, just as with anything else in life, torrent files are what you make of them. It just so happens because of their storage capacity, most people on the DarkNet use torrents as a means to easily transport large amounts of data – usually illegal or stolen. However, a torrent file itself is only as illegal as the information you put on it. Meaning that it is only illegal if you put illegal information on it. If you are simply using your own files from your computer or work, you have absolutely nothing to worry about.

Top Torrenting Applications:

BitTorrent: https://bittorrent.com/
uTorrent: https://www.utorrent.com/
qBitTorrent: https://www.qbittorrent.org/
BitComet: https://www.bitcomet.com/en/
Vuse: https://www.vuze.com/

Tutorial: Learning How To Write & Remember Un-Hackable Passwords

Before we begin, why should learning how to write strong passwords be of much more importance to you? Believe it or not, it is a statistical fact that more people are hacked as a result of weak passwords than any other single factor. This is also why encryption – aka passwords – should be much more important to you. With that said, learning how to read, write and remember strong passwords is not nearly as hard or complicated as people might think, in fact it is rather easy once you understand the core concepts.

Lesson 1 – Password Length:

To unlock someone’s password, “law enforcement authorities” and/or “hackers” will either run something known as a “Brute Force Attack” or “Dictionary Attack” against it, in an attempt to break or de-crypt the numbers, letters and symbols contained within the password itself. One by one over time, these software programs will slowly decrypt the password, just like cracking the numbers to open a vault or safe.

Quite simply, the more complicated/randomized the sequence of numbers, letters and symbols in your password are, and the longer the password is, the longer it takes hackers to break. Moreover, each letter, number or symbol you add on to the end of your password literally makes it exponentially harder for even the most sophisticated programs to crack. For example, here are estimates from the FBI regarding how long it takes them to crack lengthier encrypted passwords.

  • seven-digit passcodes will take up to 9.2 days, and on average 4.6 days, to crack
  • eight-digit passcodes will take up to three months, and on average 46 days, to crack
  • nine-digit passcodes will take up to 2.5 years, and on average 1.2 years, to crack
  • 10-digit passcodes will take up to 25 years, and on average 12.6 years, to crack
  • 11-digit passcodes will take up to 253 years, and on average 127 years, to crack
  • 12-digit passcodes will take up to 2,536 years, and on average 1,268 years, to crack
  • 13-digit passcodes will take up to 25,367 years, and on average 12,683 years, to crack

Lesson 2: LEET or “1337” Language:

L33t Language is a way of replacing letters with numbers and symbols in everyday sentences and it is perhaps the most basic form of encoding used to encrypt messages. To understand how it works, here are some quick examples:

Normal Statement v 1337 Version:

BankruptMedi4 – 84nkru97M3di4
TheDailyProletariat – 7h3D@i1y9r0L37@Ri@7
Elitepassword – 31it3p4$$w0rd
Activism – 4ctivi$m
Encryption – 3ncry9ti0n
Brian Dunn – 8ri4nDunn

It doesn’t necessarily have to be that complicated and you don’t necessarily have to replace as many letters with numbers and symbols, those are just examples of how it works. You can run any attack your little heart desires at “84nkru97M3di4” or “7h3D@i1y9r0L37@Ri@7” all day long, go ahead – have fun. To make the password even stronger mix in capitalized and un-capitalized letters throughout.

I think I have explained the concept easily enough? To make an un-hackable password simply take a name, phrase, short sentence – et cetera – that is personable to you and convert it into l33t language, then use that as your new password. Not only will it be impossible to break, but it should be fairly easy for you to remember. And as always, use two-factor-authentication whenever possible.

Lesson 3: Two-Factor Authentication

I’ve always understood that 2-Factor Authentication (2FA) is a concept lost on most “normal people” in society right now, but a new statistic really puts it all into perspective. This would be the news that, according to Google’s own statistics, less than 10% of all Gmail or Google business owners currently have enabled 2-Factor Authentication for their online accounts. Considering that Google is estimated to host well over 2 billion accounts globally, this means that there are over 2 billion insecure accounts floating around the internet right now – and that’s just from Google alone!

This is not to mention the fact that there are literally billions of email addresses, along with their passwords, currently available on the Deep Web and DarkNet for search. For example, there are single websites around the internet that are currently selling the log in credentials of 1.4 billion people and if anyone of those people simply just enable 2-factor authentication for their accounts, all the information stored on those would become utterly useless.

Responding to the news last week Grzegorz Milka, a Google software engineer, said that the company’s latest statistics “demonstrates the lack of awareness of cyber threats and the way to mitigate them.” Adding that he believes more people don’t or haven’t “configured 2-Factor Authentication for their accounts” because “many users believe 2FA can make their experience worse,” or at least more of a hassle. To do everything they could to mitigate the problem from their end, Google also took the occasion/platform to release a 2-Factor Authentication tutorial of their own, imploring Google users to immediately begin securing their accounts in this way.

Google 2FA Tutorial: https://myaccount.google.com/signinoptions/two-step-verification/enroll-welcome

As for what 2-Factor Authentication is, does or means, it’s not nearly as complex or complicated as people think. In fact, it only adds about 10 seconds to the amount of time it already takes you to log into your accounts anyways. Essentially, as soon as you type in your password and press enter you will receive a text message on your phone, which will have a short code for you to type in. Without that secondary code no one is allowed to login, even you. That’s it – literally. That’s the amount of “hassle” it will take you to begin practicing strong cyber security in the future. Again, despite the simplicity of it all, less than ten percent of people in society have taken this step.

2-Factor Authentication should be available for nearly every App or account you own, and you can find/enable it by searching for it in your account(s) settings. As I also once explained in a different article on this subject earlier last year, even if someone already knows your password, “close to 100% of hackers will be prevented from successfully hacking into your social media accounts if you simply enable 2-Factor Authentication” for them – and I still believe this holds true today.

Interestingly/Coincidentally Enough?

As I was in the process of writing this article I got a text message informing me of new log in codes to verify, because someone had somehow managed to brute-force their way past my password – which no one has ever been able to do before. Put another way, my site was literally saved from being hacked/hijacked by malicious cyber actors, all because I once enabled 2-factor authentication on my account(s) months ago. To put the importance of 2-Factor Authentication into focus, I’ve invested thousands upon thousands of hours of my personal time into this website, and it took me less than one minute to turn on and verify 2-Factor Authentication for it – certainly worth the time/effort!

CgAn – Rogue Media: Introductory Guide To DarkNet’s

The Internet is the global system of interconnected computer networks that use the Internet protocol suite (TCP/IP) to link devices worldwide. It is a network of networks that consists of private, public, academic, business, and government networks.

The 3 Layers of The Internet:

ClearNet. The “World Wide Web,Surface Web, ClearNet or simply referred to as the Web. Quite simply, the Surface Web refers to the portion of the internet only accessible by standard search engines – such as Yahoo, Bing and Google. While Google search results may feel endless at times and while you might think of them as being quite large in size, in reality, the Surface Web only consists of roughly 7% of the combined browse-able/accessible internet. Typically, it’s used for Email, Fax, File sharing, File transfer, Games, Instant messaging, Podcasts, Voice over IP, Searches, Streaming – etc.

Deep Web. The “Deep Web,” invisible web, or hidden web are parts of the World Wide Web whose contents aren’t indexed by standard search engines – for any reason. Rather, the content is hidden behind HTML forms, Javascript and custom code to protect it from the public eye. Generally speaking, the Deep Web is host to roughly 92% of anything which can be found on the internet. Typically, the Deep Web consists of information such as web archives, scholarly articles/resources and network databases such as cloud servers. While this isn’t the case 100% of the time, you usually also need a 3rd party software system, such as the “Tor Browser,” in order to access at least some of its content as well.

To describe how it works, think about all of the web pages you can visit on your bank accounts homepage or email account. While all of those sites, links, addresses and emails technically exist on the internet, and while you can still search Google for Bank of America‘s website, this doesn’t mean you can search Google for the web pages associated with each Bank of America’s customers accounts. Nor can you search Google to find everyone elses emails hosted on Gmail – get it? Those web archives still exist on the internet all the same as their homepages, but are not indexed on the Surface Web to be publicly available – which is why we say they exist on the Deep Web, below the normal surface layer of the internet.

DarkNet. While the Deep Web is in reference to any site that cannot be accessed through traditional search engines, the “DarkNet” or “Dark Web” is a small portion of the Deep Web that has been intentionally hidden to hide in plain site, and is completely inaccessible via standard browsers and search methods. The DarkNet is by far the smallest layer of the Internet, estimated to consist of less than 40,000 websites in total – less than 1% of the browse-able internet.

Not only will you need to install a special type of software to access a DarkNet website, but the URL Address associated with it will almost certainly be encrypted with a randomized sequence of numbers and letters – literally making it impossible to find or type in by accident. Instead, you must know exactly what this sequence is – usually from someone else who already knows or has it. Even then, once there, you will also most likely need to enter a custom password in order to enter – making it virtually impossible to browse any DarkNet webpage without the proper permission.

As explained by CyberGuerrilla, DarkNet websites don’t rely on the IP/DNS system (typing mysite.org in a web browser will take you to an IP address like 10.11.12.13). Darknet websites are accessible only through networks such as Tor “The Onion Router” and I2PInvisible Internet Project” and their respective software. Identities and locations of DarkNet users stay anonymous and cannot be tracked due to the layered encryption system. The DarkNet encryption technology routes users’ data through a large number of intermediate servers, which protects the users’ identity and guarantees anonymity. Due to the high level of encryption, websites are not able to track geo-location and IP of their users, and users are not able to get this information about the host; communication between DarkNet users is highly encrypted allowing users to talk, blog, and share files confidentially.

The DarkNet is also used for illegal activity such as illegal trade, forums, and media exchange, making it a prime target for Law Enforcement Agencies around the world. The 2 main DarkNet‘s networks are TOR (The Onion Router) and I2P ( Invisible Internet Project). While Tor focuses on providing anonymous access to the Internet, I2P specializes on allowing “anonymous” hosting of websites called “Eepsites.

Active Darknets worth mentioning:

Freenet is a peer-to-peer platform for censorship-resistant communication. It uses a decentralized distributed data store to keep and deliver information, and has a suite of free software for publishing and communicating on the Web without fear of censorship
GNUnet another peer-to-peer network that offers users full link encryption.

Decentralized network 42 (not for anonymity but research purposes)

Syndie is software used to publish distributed forums over the anonymous networks of I2P, Tor and Freenet.

Riffle is a client-server Darknet system that provides secure anonymity and minimal bandwidth

Tor Browser and Tor-accessible sites are widely used among the Darknet users and can be identified by the domain (.onion). Servers configured to receive inbound connections only through Tor are called hidden services. Rather than revealing a server’s IP address (and thus its network location), a hidden service is accessed through its onion address,

The TOR Network works by bouncing your communications around a distributed network of relays (nodes) run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location.

Tor passes your traffic through at least 3 different servers before sending it on to the destination. Encrypting your packets and bouncing them around the Internet isn’t cost less. All that extra work means that browsing the Web via Tor feels sluggish compared to using a conventional browser. Tor is not meant to completely solve the issue of anonymity on the web and is not designed to completely erase tracks but instead to reduce the likelihood for sites to trace actions and data back to the user. Users are also warned to use https versions of websites, not to use Tor over Tor, not to torrent with Tor, not to enable browser plugins, not to open documents downloaded through Tor while online, and to use safe bridges. Also, Bittorrent over Tor is not anonymous.

References:

https://en.wikipedia.org/wiki/Internet
https://en.wikipedia.org/wiki/Dark_web
https://en.wikipedia.org/wiki/I2P
https://en.wikipedia.org/wiki/Tor_(anonymity_network)

Software:

The FreeNet Project: https://freenetproject.org/pages/download.html
The Tor Project: https://www.torproject.org/
I2P: https://geti2p.net/en/download

Projects Using TOR:

Tor Browser: https://www.torproject.org/projects/torbrowser.html.en – comes with a pre-configured web browser to protect your anonymity, and is self-contained (portable)

TAILS Operating System (Linux): https://tails.boum.org/about/index.en.html – Tails is a live system that aims to preserve your privacy and anonymity

Whonix Operating Systems (Linux): https://www.whonix.org/ – Whonix is a Debian GNU/Linux based security-focused Linux distribution. It aims to provide privacy, security and anonymity on the internet

Orbot (Tor for Android OS’s): https://guardianproject.info/apps/orbot/

Warnings:

Some links may be disturbing and dangerous to visit.

To avoid be tracked or watched online, I strongly recommend you to run a VPN service on the system that you access. VPN will give you a double layer protection against the unknown.

** DISCLAIMER: BEFORE YOU ACCESS THESE LINKS YOU SHOULD UNDERSTAND THAT SOME CONTENT PROVIDED ON THESE DEEP WEB LINKS MIGHT BE DISTURBING, UNPLEASANT OR FRAUDULENT. VISIT THEM AT YOUR OWN RISK. WE RECOMMEND TO USE THOSE DEEP WEB LINKS ONLY FOR RESEARCHING PURPOSES! WE ARE NOT RESPONSIBLE FOR ANY DAMAGE CAUSED BY YOUR ACTIONS! **

Some Popular TOR .onion Sites:

http://hss3uro2hsxfogfq.onion/ (notEvil search engine)
http://xmh57jrzrnw6insl.onion/ (TORCH search engine)
http://uhwikih256ynt57t.onion/wiki/index.php/Main_Page (Uncensored Hidden Wiki onion link)
http://answerstedhctbek.onion/ (uncensored General-subject Q&A forum)
http://torvps7kzis5ujfz.onion/ (VPSSHell .onion hosting)
http://grrmailb3fxpjbwm.onion/ (TorGuerrillaMail – Disposable Temporary E-Mail Address)
https://protonirockerxow.onion/ (Fully encrypted email hosted in Switzerland offering free accounts)

Clearnet HTTPS signup & JavaScript! Must pay or verify via previously existing email or SMS to get an account

http://nzh3fv6jc6jskki3.onion/ – Riseup provides online communication tools for people and groups working on liberatory social change
http://tetatl6umgbmtv27.onion/ (Tor Chat roulette style service)
http://6dvj6v5imhny3anf.onion/ (CyberGuerrilla leAkboX)
http://76qugh5bey5gum7l.onion/status.xsl (Deep Web Radio)
http://deepdot35wvmeyd5.onion (DeepDotWeb -Surfacing the News)
http://grams7enufi7jmdl.onion (Search Grams)
http://kpynyvym6xqi7wz2.onion main.paraZite (Anarchy files and Underground)
http://valhallaxmn3fydu.onion (Valhalla Market)
http://silkkitiehdg5mug.onion (Silkkitie Market)
http://lchudifyeqm4ldjj.onion (Dream Market Dark Web Market)

Some I2P:

http://direct.i2p/ (Direct Search)
http://forum.i2p (Main i2p Forum)
http://imgbi.i2p img.bi (Secure Image Hosting)
http://pastethis.i2p/ (Pastebin)
http://zerobin.i2p (ZeroBin)
http://git.repo.i2p/ (Anonymous Git Hosting)
http://freedomforum.i2p/ (Privacy Forum)
http://leakager.i2p/ (A Cat’s Mirror of Wikileak)

General Chatter Putting In Perspective:

[Mink] oh, then go go go
[Mink] right, today we are going to talk about Darnets and TOR in particoular
[Mink] *darknets
[Mink] i made few notes to read to get us started
[Mink] https://pad.riseup.net/p/r.50b7831a5a3e919781433e4819976169
[Chanlog] Title: Riseup Pad (at pad.riseup.net)
[Mink] please, wait 10 minutes before starting to ask questions
[Aspire] ok
[n1ck1] yeah
[Mink] i’ll just write few points here while you read
[Mink] the Internet is big, really big
[Mink] what we think of the internet are webpages, blogs, email, instant messaging, webradio, voip (like skype) etc
[Mink] most of those services use the tcp/ip protocol to connect the resouces together
[amoruxX] When do we start ?
[RedAcor] Already started.
[Mink] oh amoruxX , we just did
[Mink] fundamental to make the internet work is the IP/dns concept, where a number (like 176.23.98) gets translated to a name (like mysite.com) and back
[Mink] this makes these resources available to the public and available to Search Engines (like google and yahoo)
[Mink] once a new website name is registered, a IP address is assigned to it
[Mink] this is what most people call “the internet” but there is much more
[Mink] there is a part most people will never see
[Mink] it is hidden on purpose
[B[U]G] where the address is assigned by your isp Internet Provider Service , where are two ip address ( public ) and ( local ) with mask subnet and principal gateway , the public have han UDP connetion to the internet call other service and TCP have an entrance connection to localhost
[Mink] imagine big companies networks, government agencies, or really anyone that doesn’t want their site or resources been indexed by search engines
[Mink] that we will call “DARKNET” or hidden web
[Mink] sorry “deepweb”
[Mink] :”)
[Mink] deepweb/invisible/hidden, basically not available to the public
[Mink] unless you have a login/password or a very precise address
[Mink] the deepweb is the biggest part of the internet
[B[U]G] This is because it is not possible to search through a search engine because each address is generated randomly
[Mink] in the deepweb, there is a small portion that we can only see with “special software”
[Mink] that we will call “darknet”
[Mink] for today we will talk about the main Darknet networ, the TOR (onion) network
[Mink] with TOR software (like torbrowser) we can access the normal web AND the onion network
[Mink] onion sites end with .onion and use different protocols from the norm
[Mink] the TOR network anonimize both the user and the server, automatically
[Mink] as a user, your traffic will pass trough at least 3 different servers, before reaching the target site
[n1ck1] what are the names of the different protocols for me to look for later?
[B[U]G] thanks to a connection called “onion”, by most users who share the relay
[Mink] sock
[B[U]G] “cipolla”
[n1ck1] ok tks
[n1ck1] I need t reed more about socks
[Mink] all the traffic from those servers (called “nodes” or “relay nodes” is encrypted
[Mink] making using the tor network slower than normal
[Mink] surfing the web is the main use of TOR, but it can be used to send/receive mail, IRC (like i’nm doing right now) or even voip (IF YOU CAN GET A FAST CONNECTION
[Aeolus] you can voip through tor?
[Mink] yes, with a bit of luck
[Aeolus] cool, didnt know that
[Mink] TOR can be used pretty much like any other proxy
[Mink] u could plug it in Thunderbird for emails
[Mink] in Hexchat for IRC
[B[U]G] using the gpg encryption with thunderbird or claws mail for more security
[Mink] in Mozilla for ftp, etc
[n1ck1] voip + “proxuchains firefox(TOR)”
[n1ck1] three at a time, using a VPN to open the terminal with the configured proxychains and run the TOR browser??
[Arkhangel] why with torrent no, p2p
[Arkhangel] ?
[n1ck1] VPN….voip=error
[Mink] no, but you can use vpn+TOR
[Aeolus] like me
[n1ck1] why not proxychains too?
[n1ck1] tor first or VPN first?
[B[U]G] proxychains is a simple script
[Aeolus] vpn then tor
[Aeolus] for me
[B[U]G] tht filter tor
[Aeolus] others prefer elseway
[Mink] Bittorrent over Tor is not anonymous, becouse needs to aware of other seeds/leecher sharing the files
[B[U]G] you can use for launch any application
[l0t3D_] what difference does it make
[Mink] also would put too much stress on the network
[Arkhangel] Aeolus, if someone uses TOR then VPN, I dont think he can access to onion network xD
[l0t3D_] Mink how do you even Bittorrent over tor?
[Mink] so p2p with TOR: possible, but really a waste of time
[n1ck1] yeah…rsrsrs I see
[B[U]G] l0t3D_, set tor as proxy socks
[B[U]G] or http
[B[U]G] (client)
[B[U]G] or generate
[Mink] again, it’s just possible to plug TOR port in your client
[B[U]G] iptables rules
[n1ck1] VPN + TOR is the best right?
[Mink] yes n1ck1
[Arkhangel] Mink do u mean that seeders/leechers should know your real IP?
[B[U]G] the best configuration are , tor – vpn – tor ,
[Mink] but now.. the bad part
[Aeolus] Arkhangel i used to be able to do that especially with my whonix settings
[l0t3D_] so to “torrent over tor” you need to plug TOR into my bittorent client
[Aeolus] i talk about normal browsing when you want to use tor as an extra layer
[Arkhangel] Aeolus U think that the best configuration is the config shown by B[U]G XD
[l0t3D_] but if i torrent normally and TOR is running that’s okay right?
[Mink] yes Arkhangel ,serius bitorrent users should use proxies or VPNs , not TOR
[Aeolus] Arkhangel xD
[Mink] yes l0t3D_
[l0t3D_] okay
[Arkhangel] what is the bad part? Mink
[Mink] ok, let me make one more point, then u free to ask questionbs
[Mink] right, bad part is TOR is not perfect
[n1ck1] a few days ago they tracked the IP of many users
[Mink] and it’s been under scrutiny for vulnerabilies for years
[Arkhangel] I think* (I wrong to write before lol)
[Mink] “”Tor is not meant to completely solve the issue of anonymity on the web and is not designed to completely erase tracks but instead to reduce the likelihood for sites to trace actions and data back to the user””
[Mink] there are ways and attacks to “deanonimize” a small portion of TOR users
[n1ck1] how?
[B[U]G] for example
[Aeolus] like FBI running nodes
[B[U]G] a plugin
[Aeolus] 😀
[B[U]G] in browser
[B[U]G] you can deanonymize you
[Mink] ” Users are also warned to use https versions of websites, not to use Tor over Tor, not to torrent with Tor, not to enable browser plugins, not to open documents downloaded through Tor while online, and to use safe bridges.”
[Arkhangel] why?
[B[U]G] by an javascript exploit
[Arkhangel] how a plugin can do this?
[l0t3D_] Aeolus do they?
[Aeolus] yes ofc they do
[B[U]G] or you find it on an exit node,
[Arkhangel] a javascript exploit that affects the TOR software or the plugin itself?
[Mink] the NSA is known to have run TOR “nodes” , also known as a man-in-the-middle attack
[n1ck1] TOR over TOR?
[l0t3D_] Tor over Tor? Mink
[Mink] never tor-over-tor
[l0t3D_] hahaha n1ck1
[l0t3D_] how do you even TOR over TOR
[n1ck1] so far so goof rsrsrs
[Mink] that would be running 2 instances of TOR
[Arkhangel] in which manner TOR over TOR can make u not anon?
[l0t3D_] Mink tor stops you from doing that
[n1ck1] like in the real machine and the VM use TOR?
[B[U]G] sure
[Mink] it’s like an internal thing, the “relay” will just not work, 2 likely result, no traffic go trogh, or worse no encryption between the relays
[Arkhangel] lol
[n1ck1] I’m going to print this
[Mink] if you don’t like the 3 “hops” of a standard TOR connection, you can ofcourse increase it
[forceMajeure] the problem with using tor to browse is that 99 out of 100 people will deanonymize themselves by accident without ever realizing it. User error
[Arkhangel] n1ck1 this lesson will be printed later
[Arkhangel] n1ck1 u can access it on the site of cg
[B[U]G] you can use a gateway into your vm as whonix , then use a vpn on you local machine host , and reuse tor setting of your vm gateway
[Mink] ok, now, to cover my ass
[n1ck1] ok thanks Arkhangel
[Mink] WARNING: BEFORE YOU ACCESS THESE LINKS YOU SHOULD UNDERSTAND THAT SOME CONTENT PROVIDED ON THESE DEEP WEB LINKS MIGHT BE DISTURBING, UNPLEASANT OR FRAUDULENT.
[Mink] VISIT THEM AT YOUR OWN RISK.
[Arkhangel] forceMajeure how an user can realize it?
[n1ck1] ok….send please
[Mink] you can see from the list at the bottom of the pad
[Mink] there is a bit of everything
[Mink] email services, blogs, forums, chats
[forceMajeure] lets say you visit your own website, log into ANY account associated with your real identity, attack a cpu of someone you know, just little things
[Arkhangel] forceMajeure and what are the user errors that bring the user to be deanonymized?
[Aeolus] use tor to log to FB
[forceMajeure] look up
[Mink] of course all end in .onion, and using a normal browser won’t work
[Aeolus] something stupid like that
[Arkhangel] forceMajeure ah ok… this should answer to my second question
[forceMajeure] turn on js to access a site, etc.
[Arkhangel] ty
[Arkhangel] forceMajeure why if I use js to access a site, I m not anon anymore? js stores my real IP over TOR?
[Mink] remember, and this is for clearnet aswell, your browser is the single most dangerous point of failure
[forceMajeure] if the site is compromised, someone can use something like burp to insert a malicios js
[forceMajeure] they did it at defcon years ago
[forceMajeure] you should always be using noscript
[Mink] ok, questions, and please let me answer first before giving your opinion
* Aeolus agrees with Mink
[Arkhangel] forceMajeure so if I am on TOR network, if I go on a onion malicious website and I click where I have to not click, this malicious js can decrypt the routing information to get my real IP?
[Mink] yes Arkhangel
[Arkhangel] lol
[forceMajeure] ))
[n1ck1] Is it set by default to accept or reject scripts?
[Arkhangel] sorry but, at this point
[n1ck1] TOR Browser
* Aeolus thinks we all tell shit and not let Mink who knows educate us
[Arkhangel] why didnt they do a strong encryption?
[Arkhangel] that cannot be decrypted?
[Arkhangel] like
[Mink] even worse, it can inject code into your browser, activate your webcam and mic, take screen shots and much more, no kidding
[forceMajeure] true story
[Arkhangel] not inverse hash algorithms
[Arkhangel] not invertible*
[Mink] nothing to do with encryption, JS runs on your computer, not the server
[Arkhangel] Mink if I click on a js hosted on an onion website, it runs on my pc?
[B[U]G] depends
[B[U]G] you can
[Mink] not only .onion
[B[U]G] disable flash/javascript
[Aeolus] js runs client-side
[B[U]G] and disable WebRTC leak
[B[U]G] on you browser settings
[Arkhangel] good to know XD
[Arkhangel] y
[Arkhangel] I have other different questions
[Mink] ok
[Arkhangel] the onion websites store the (false) IP of each user accessing to it?
[Mink] no
[m00trix] Let’s just agree on that TOR is great. If used out of the “box” the TOR Browser will in most cases keep you safe. If you decide to disable or allow sites through the build in TOR Browser plugins, you are taking a risk that not even TOR, nor any other level of anon tools can protect you from.
[RedAcor] For webrtc settings: https://www.privacytools.io/#webrtc
[Chanlog] Title: Privacy Tools – Encryption Against Global Mass Surveillance (at www.privacytools.io)
[B[U]G] or simply edit your about:config asd
[Arkhangel] Mink, if today TOR gives me a certain IP address, tomorrow or after a month, another user of another part of the world can be assigned to that same IP?
[B[U]G] to http.refer and media.peer connection
[m00trix] Arkhangel, yes that is the hole point…
[Mink] the TOR network will not need your IP address, the danger of that comes from javascript/ajax/bad code
[B[U]G] how all – all store a log , depends if the owner delete it
[Arkhangel] m00trix why “hole point”?
[m00trix] yea
[m00trix] if 200 users on that exit node
[m00trix] with the same “ip”
[B[U]G] but the node change every time
[m00trix] you get plausible deniability
[Arkhangel] is it a problem if an IP assigned by TOR is used in the future by another user?
[m00trix] no
[m00trix] its a bonus
[Arkhangel] ah ok xD
[Mink] again, TOR will not give you an IP address, but an “identity”
[m00trix] yea Mink
[Arkhangel] Ok Mink so that “IP” address does not work on IP protocol?
[m00trix] I think he means when using the browser, it tells the exit nodes ip
[m00trix] 🙂
[Arkhangel] yes, in practice
[l0t3D_] okay so if i have scripts disabled globally but lets say i enable it only on youtube to play a video
[n1ck1] how many connections can a node make with the same IP
[Mink] yes Arkhangel , TOR architecture does not use the same IP ]DNS as normal internet
[m00trix] that IP is your source proxy IP when browsing trough the TOR browser
[m00trix] or using any service to proxy through it
[n1ck1] and how many users can be on the node at the same time?
[l0t3D_] could another malicious website use that youtube tab to attack me?
[Mink] when a new .onion site is created it doesn’t get a IP address, but a .omnion address
[n1ck1] sorry…. my mistake
[n1ck1] but a node can handle how many requests?
[n1ck1] and perform how many for another node?
[B[U]G] all it’s possible this it happens if youtube link it’s embedded in page builded ad hoc
[m00trix] Mink, still, when you use the TOR Browser, it will tell you what the exit nodes IP is when you start it. That exit node IP is also the source of the browser requests you make and the source of any program you proxy trough it
[Arkhangel] Mink in practice you are saying that, unlike normal internet where a service like a website is on the 3rd level (IP level ISO/OSI), the onion network is completely on the 7th level (application level) of the
[Mink] ok, to spend those few minutes: TOR isn’t the only darknet network
[Arkhangel] ISO/OSI?
[m00trix] okay stop
[l0t3D_] if it’s a normal youtube link i opened myself B[U]G?
[Mink] wot?
[B[U]G] depends if in source
[B[U]G] a function
[B[U]G] call
[m00trix] When you are using the TOR browser, to go on midgetporn.org or whatever. Midgetporn.org will see your source IP as the exit nodes public IP
[B[U]G] a malicious “file”
[B[U]G] or host
[m00trix] simple as that
[Aeolus] guys thanks for today info. i suppose logs will be up later so i can read again, got to go.
[Aeolus] good work Mink thx 🙂
[Mink] you welcome Aeolus
[Arkhangel] in practice m00trix your machine is overlapped on the exit node
[l0t3D_] but if there is nothing in this source but there is a malicious “file” in another tab i have opened in the same time but I have no scripts enabled?
[m00trix] fire up the TOR browser, and press the “test tor…” thingy
[forceMajeure] Is it possible for tor to assign you a new circuit while an existing connection is still established say through a python script ran through port 9050
[B[U]G] for example : [script src=”DownloadThisEvilCode.js”/] [iframe]youtube embedd[/iframe]
[Mink] Arkhangel, , you want to rephase your question?
[B[U]G] afk
[forceMajeure] thus severing the connection
[m00trix] any site that want’s to can see the visitors source IP – and with TOR browser, that source IP is the IP of the current exit node your are on.
[Arkhangel] Mink, about the https://en.wikipedia.org/wiki/OSI_model
[Chanlog] Title: OSI model – Wikipedia (at en.wikipedia.org)
[m00trix] really pretty simple
[m00trix] jesus
[Mink] yes forceMajeure , not only possible, but advisable, tor will change nodes randomly to add anonimity
[Mink] Arkhangel, i know the OSi model :/
[forceMajeure] but what happens to the connection that was established before the circuit changes
[Arkhangel] Mink, if the normal websites have associated IP
[forceMajeure] is it passed into the new connection
[Arkhangel] so the 3rd level of OSI model
[Arkhangel] the onion network, since it does not have IP, it is completely on the application level of OSI model?
[m00trix] no
[forceMajeure] I guess I could see what happens by sending newnym to 9051 I just thought of that
[Arkhangel] since it does not have IP ( i mean the onion websites)
[Mink] no Arkhangel
[m00trix] you need to not compare hosting an onion site with using the TOR browser
[Mink] lets’ amke it clear TOR and TORbrowser are 2 different things
[Arkhangel] y
[m00trix] I think Mink covered all the questions really good already
[Arkhangel] in the pad
[Mink] torbrowser connects to tor
[Arkhangel] it talks about the Freenet platform
[Mink] yes?
[Arkhangel] continue xD I was thinking u finished to answer my prev question xD
[Arkhangel] ok so torbroweser, application level, connects to TOR network
[Mink] yes, trough socks
[Arkhangel] socks is an application protocol?
[Mink] taht’s 5 i think
[Arkhangel] ah ok
[m00trix] Arkhangel, you need to unleash your mind from that OSI layer shit 😀
[Arkhangel] ahahahah
[Arkhangel] ok xD
[n1ck1] socks is a protocol right? the TOR Browser is the application?
[Arkhangel] y
[Mink] yes n1ck1 , but it’s easy to confuse “an application(like a program) and the “application layer” of the stack
[Mink] so yes
[Arkhangel] tell me when I can continue with another question
[m00trix] Arkhangel, if you fire up a VM with like parrotsec.org OS – It have a build in function that routes all traffic through TOR. There are other distros that does this as well. But any way, if you do that, you can look into how the traffic flows using the terminal – when all traffic is routed using TOR. Might give you more insight
[l0t3D_] i dont know if this is related to this lesson or not but what are Obfuscated servers?
[l0t3D_] or “obfs”
[Arkhangel] m00trix traceroute?
[forceMajeure] lsof -i -n -P
[m00trix] well for a start heh
[m00trix] and many more
[Arkhangel] ah ok
[m00trix] but it will show you the traffic flow
[Arkhangel] nice to know
[Mink] one thing i wanted to talk about, but we have no time, whonix
[Arkhangel] another doubt is: since ISP knows what I am visiting as website, if I access to an onion website, my ISP can know it?
[vivek] m00trix: you can achieve the same with almost any distro
[m00trix] and if there are like 200 others using the same exit node that you are on, for that current TOR connection – it’s all good.
[m00trix] vivek, I know
[Mink] the ISP will know you are using TOR, but not which sites you are visiting
[Arkhangel] Mink the ISP cannot know the onion address?
[m00trix] no
[vivek] Parrot one is highly unstable and my exp. Was not very good
[m00trix] And if you combine TOR with an OpenVPN on port 443 then even less
[Arkhangel] Mink it because ISP can see destination IP but onion website are not based on IP scheme? this is the reason?
[Arkhangel] or one of the reasons
[m00trix] vivek, I only have a VM with it. But yes, it’s Debian aka unstable heh
[Mink] no Arkhangel , unless the ISp is running the last TOR exit node
[Arkhangel] normally, an ISP in the clearnet precisely what can see from me? Only the IP of website that I am visiting?
[m00trix] Arkhangel, your ISP cant see what sites your are browsing trough TOR
[l0t3D_] [l0t3D_] i dont know if this is related to this lesson or not but what are Obfuscated servers?
[l0t3D_] [l0t3D_] or “obfs”
[m00trix] all your DNS lookups and what you are doing
[m00trix] if you use the ISP’s dns servers
[Mink] in clearnet, your IS know your favourite pornhub page
[Arkhangel] guys so the ISP can read only the DNS lookup table inside the router?
[m00trix] they can see all, but not https login data
[l0t3D_] lol
[Arkhangel] ah ok
[Mink] sorry l0t3D_ , obfuscated are another kinfd of “relay nodes” to help tranport info
[m00trix] Arkhangel, if you use the DNS servers provided by the ISP you have. They can see what sites you visit, the IP of the sites, what traffic you generate, they can see close to anything
[l0t3D_] obfuscated servers are used to access vpn or tor in some places like the great firewall of china?
[Arkhangel] cannot I change the DNS server where I want to go?
[Mink] yes l0t3D_ , and Iran and N korea
[l0t3D_] well i think ill be up on that list soon too
[Arkhangel] provided by other companies?
[m00trix] If you change the DNS servers on your router to some that does not log and are not your ISP’s. They loose the ability to view your DNS req
[l0t3D_] thath’s the only way i can access tor or vpn
[m00trix] next step is then, VPN and TOR
[Arkhangel] m00trix so you mean that then internet in my location does not work lol
[l0t3D_] makes the connection very f’in slow tho
[m00trix] I would advice any one to NOT use the default ISP provided DNS servers as a pure basic step
[m00trix] should be the first step you do on the router
[Mink] l0t3D_, remember for help with anonimity and privacy you can always ask in #opnewblood, we will be happy to help with that
[Arkhangel] m00trix how can we do this?
[m00trix] set WAN DNS to manual and find some good non logging DNS
[Arkhangel] do u know some non logging DNS?
[m00trix] Arkhangel, depends on what router you have
[m00trix] sure
[l0t3D_] thanks Mink
[m00trix] Also you will get arround of most censorship
[m00trix] by stat step alone
[Arkhangel] can you list some of them here?
[m00trix] gov dns blocks
[m00trix] I switch it up
[m00trix] but run
[m00trix] https://blog.uncensoreddns.org/
[l0t3D_] should i call them and ask them nicely to change my DNS? 🙂
[m00trix] some places
[Arkhangel] ty
[m00trix] just login to your router
[m00trix] and change it
[m00trix] if in doubt give me a priv
[Arkhangel] ty very much
[l0t3D_] WAN settings right?
[m00trix] yea
[m00trix] and then
[m00trix] set DNS do manual
[m00trix] not the IP 😀
[m00trix] only dns
[Arkhangel] another question: the pad talks about the freenet platform… is it a software to be installed on my computer?
[Mink] yes Arkhangel
[m00trix] l0t3D_, priv me if you need help
[Arkhangel] what is the difference between freenet platform sw and tor bundle sw?
[m00trix] If I run with my basic ISP DNS servers sites like http://1337x.to/ are blocked 🙂 a torrent site. Gov block
[Chanlog] Title: Torrent Search Engine | 1337x.to (at 1337x.to)
[n1ck1] if I change my DNS the VOIP stops working in my house
[Arkhangel] or better: if torbrowser allows me to access to the tor network, freenet and other shown platforms on pad, what do they allow me to do?
[m00trix] wut n1ck1?
[m00trix] makes no sence
[n1ck1] my ISP has a separate physical VOIP phone but connected by cable to the router
[n1ck1] minha mae é velha e não sabe usar muitas tecnologias e o telefone é similar ao antigo porém funciona como VOIP
[n1ck1] sorry
[n1ck1] my mother is old and does not know how to use many technologies and the phone is similar to the old one but it works like VOIP
[n1ck1] if I switch to any other, VOIP does not work, it has been months of technical visits, tests, and unsolvable configurations.
[RedAcor] Set DNS on your network manager.
[RedAcor] So that will not affect your router.
[RedAcor] Also you can use unbound on your system.
[RedAcor] You can check lesson 4 logs for that.
[m00trix] yes
[m00trix] thx to Mink for a great course 🙂
[RedAcor] There many different and hybrid solutions.
[RedAcor] Anyways. Mink Thanks for delicious lesson. 🙂
[Arkhangel] guys is better vpn tor vpn tor or tor vpn tor?
[Arkhangel] is better starting with vpn or tor?
[n1ck1] YES
[n1ck1] This worked …. It’s simple but I had not thought of it.
[RedAcor] Arkhangel Tor VPN Tor
[Arkhangel] why starting with tor RedAcor?
[RedAcor] Some people use VPN ] VPN ] Tor also
[RedAcor] Because it is secure than VPN. jijiji
[n1ck1] tails pendrive, VPN, TOR, break everything later and throw it in the trash lol
[Arkhangel] instead, when I connect to tor network, when I reach the exit node, the IP of my computer is in clear there?
[RedAcor] If i talk about last bug of TOR: Nah.
[l0t3D_] 2 tor?
[m00trix] Arkhangel, really depends what you are doing also 🙂
[l0t3D_] [RedAcor] Arkhangel Tor VPN Tor
[n1ck1] RedAcor thanks for the DNS tip
[RedAcor] But they fixed that issue.
[RedAcor] n1ck1 You’re welcome.
[Arkhangel] to discover some user, agency like NSA what look for?
[Arkhangel] they use only their exit node and check for all users that go in, or they can know information also about exit node that are not theirs?
[m00trix] hard to say
[m00trix] you need to stop overthinking it
[Arkhangel] im afraid to forget these questions and these doubts xD
[m00trix] I get that bro. But I can’t answer you how the FEDS, CIA or NSA track people on TOR 🙂
[m00trix] or if they even can and with what success
[Arkhangel] dont worry. I have a last question: why tor works on SOCKS and not HTTP/HTTPS protocol?
[m00trix] Arkhangel, per design I think
[Arkhangel] in the network settings, for HTTP/HTTPS I cannot use the 9050 or 9150 port to use TOR, right?
[m00trix] network settings for what?
[m00trix] program
[Arkhangel] for example if you want to use a proxy on the system of the operating system
[m00trix] what OS Arkhangel
[m00trix] You want to route all traffic out through TOR
[Arkhangel] windows or linux-based
[Arkhangel] y
[Arkhangel] in that case for HTTP/HTTPS I cannot use port 9150
[Arkhangel] right?
[Aspire] i have to go bye all and thanks for the lesson
[Arkhangel] since SOCKS and HTTP/HTTPS talk different “languages”
[m00trix] Arkhangel, are you trying to run another browser through TOR?
[m00trix] what are you trying to do, that would help heh
[Arkhangel] no
[Arkhangel] I want to use just the normal browser with no opening torbrowser
[Arkhangel] but where I can surf on tor
[m00trix] you have to have the TOR Browser running to proxy the traffic
[m00trix] unless you run a plain tor from a terminal
[Arkhangel] exactly
[Arkhangel] on windows I should run tor browser
[m00trix] and there is a reason for why the TOR browser is at is is. And have the plugins it have
[m00trix] to protect you
[m00trix] you can do what you are trying to do, but even TOR warns against it
[Arkhangel] i know that torbrowser is better for that, but just for information, if I start torbrowser and I enable a proxy that route the data to the tor network by a normal browser, it is not a connection tor over tor right?
[m00trix] when you start the TOR browser, you can tell most programs yo use 127.0.0.1:9150 as a proxy and it will proxy over TOR
[m00trix] but on Windows, the TOR Browser needs to be running
[Arkhangel] exactly, so it is simple one tor connection, is not tor over tor, right?
[Arkhangel] in case of windows I mean
[m00trix] tor over tor?
[Arkhangel] y, since it s not a good idea running tor over tor, I would like to know if, on windows, open torbrowser and proxying the other programs to 127.0.0.1:9150 is not a tor over tor
[l0t3D_] alright thanks all for the lesson i need to go
[l0t3D_] bye
[n1ck1] no
[n1ck1] not is
[Arkhangel] ok ty
[Arkhangel] Im so sorry I forced everyone to run away
[n1ck1] you only configure that program to use this network
[n1ck1] ahsuhahsauhsauhusa
[Arkhangel] ahaha
[n1ck1] but use linux
[n1ck1] windows sucks
[Arkhangel] I use Linux, but I need to have all possible information
[n1ck1] try ubunto first, it is easy
[n1ck1] yes
[n1ck1] this is right
[Arkhangel] culture is power
[n1ck1] y
[n1ck1] tks all

Online Tutorial: Building & Selecting Safer Web Browsers

As I was going about re-configuring my website and domains earlier this week I noticed something very interesting, while my SSL Certificate was in the process of being authenticated I was able to access my unsecured website on every web browser except for one; Mozilla Firefox – which would not allow me to connect to the web page in order to keep me protected.

Just so you understand what I am talking about here, browsers like Microsoft Edge, Google Chrome and Apple Safari will all freely allow you to access a web page which has the potential to compromise your security – including websites which do not have an authenticated or verified SSL Certificates. This is because these web browsers are configured to be “convenient” and easy to use, security is either nonexistent or an afterthought on these particular browsers. With that said, there are a number of web browsers out there specifically designed around security, which also happen to be equally as easy to use/operate. Here are some of those browsers, along with some other helpful information to help you make more informed security choices online in the future.

Mozilla Firefox

Mozilla Firefox is considered by some to be the world’s most secure web browser. I say “some” specifically because many people would argue that Tor is actually the most secure browser out there. However, without Mozilla Firefox the Tor browser wouldn’t even exist. This is because Tor uses the source code of Firefox as the foundation to build their browser. As for why I personally consider Firefox more secure than Tor, this is because the DarkNet is inherently a much more dangerous place than the ClearNet, and you can’t access the DarkNet or Deep Web on Mozilla Firefox alone. Browsing through and interacting with the Deep Web, even while using Tor, naturally puts you and your security at a much higher risk.

What makes Firefox particularly unique is that much like WordPress.com, the browser allows you to install various Add-Ons, extensions or plugins that can help you maximize your security. For the purposes of this article, if you are going to use Mozilla Firefox, I highly recommend that you install NoScript, HTTPS Everywhere, Ad Blocker Ultimate and Disable WebRTC connections. There are more plugins than I could possibly mention here, those are just some of the most important ones you can install specifically in terms of online security.

WebRTC is a little talked about “glitch” that allows third parties to circumvent your security and compromise your systems, even when you are using a VPN or Proxy service. As of today, Mozilla is the only web platform I am aware of that allows you to disable all WebRTC connections entirely. By comparison, other browsers like Google Chrome literally ban people from disabling WebRTC connections through their browser, as to allow US “authorities” like the NSA and FBI to more easily hack and track users online if need be. However, non-Government hackers exploit WebRTC all the same as Federal hackers, and for all the same reasons.

Download Firefox Here: https://www.mozilla.org/en-US/firefox/download/

Tor

I understand that the Tor Browser has gone on to develop a slightly negative reputation in today’s society but, believe it or not, the Tor Project was first developed by and still receives a majority of its funding from the United States Department of Defense. It is important to understand that even though some people use Tor to do some pretty bad or illegal things, just like anything else in life, the browser is only what you make of it.

Tor was not developed for criminals, it was first developed by the US Government in order to keep agents, operatives and members of the Armed Forces safe and secure online. It just so happens that over time the browser and its systems were hijacked by criminals and terrorists alike, whom also need to remain hidden and secure online for many of the same reasons as Government employees.

The Tor browser works by bouncing your internet connection through thousands of individual “proxy servers” around the world on a perpetual randomized time loop. At any given moment in time your internet connection could be bouncing from Thailand to Venezuela to Canada and theoretically anywhere in between, concealing your computers identity and making your internet activity essentially impossible to trace. In addition to redirecting your internet traffic away from the eyes of your Internet Service Provider, it also conceals the IP Address of the computer you are using behind a proxy. This is particularly important/valuable for political activists and human rights defenders living in oppressive countries all around there world, where peoples online activity can get them arrested or killed. Since the browser directs all of you online activity to different countries around the world, this allows activists to remain hidden from their Governments while also granting them access to any sites banned or restricted by their respective Governments.

It is important to note that Tor is perhaps the best web browser at preventing or deflecting an active hacking attempt against your computer. However, I would never use Tor for things like credit card transactions or editing/customizing your personal website. This is because anytime you are using a proxy you are using someone else’s connection. While this may hide your internet activity from 3rd parties, it makes you internet activity available specifically to the owner of whatever proxy server you happen to be using at that time, and not every proxy server exists with honorable intentions – though “most” Tor exit node operators tend to be trusted activists.

Download Tor Here: https://www.torproject.org/download/download-easy.html.en

Opera

Opera is a little known web browser that has traditionally had a minuscule following throughout the past. However, in 2016, Opera started to gain a more main stream following, particularly with the cyber security community, after the browser started to become standard with a built in VPN. This means that the Opera browser stands in front of your computers IP Address while you browse the internet and your activity will remain hidden from your Internet Service Provider and/or 3rd parties. While the VPN is far from the strongest of safest on the market, it is still a very unique feature that has helped the browser grow in popularity over the years.

Download Opera Here: http://www.opera.com/

Epic Privacy Browser

One of the newer browsers on the market, Epic is specifically designed around online security. Each time you close the browser all of your cookies and tracking information is automatically deleted, preventing any websites from remembering or recording your previous activity. Similar to Opera, the Epic Privacy Browser also connects your computer through the companies own servers, acting as a proxy service for your device. This prevents any hackers/websites from recording the IP Address of the device you are using to browse the internet. Additionally, much like Mozilla, the browser will not allow you to connect with or access any site that does not have a recognized SSL Certificate.

Download Epic Here: https://www.epicbrowser.com/

Browser History, Cache & Cookie Management

If someone gains access to your computer for malicious reasons one of the first things they are going to want to do is check your browser history to gain access to websites and accounts that you frequent the most. Just think for a moment about all the pages you visit online, that you do not need to log into every time you visit. While this may be convenient for your personal browsing habits, it is also very convenient for hackers.

For this reason, you should always delete your browser history and clear all browser cookies on a fairly regular basis. You would be surprised to know how much information your browser stores/remembers about you, until you delete it all. Please note that some browsers offer to delete cache and cookies through the settings menu and some anti-virus programs also offer to do the same. However, if you cannot find or do not own these programs, one of the best programs to clear history, cookies, cache and everything else is known as CCleaner and it is completely free and open source for anyone to own. The “C” in CCleaner literally stands for “Crap,” because the program deletes all of the useless crap your computer happens to store about you. The program itself is entirely free to own, but it is one of the most effective programs on the market. For example, even multi-billion dollar tech companies are known to use the program on a regular basis.

Download CCleaner Here: www.ccleaner.com/download

338 Individuals Across 12 Countries Indicted by US Justice Department After Largest Ever Child Pornography Bust

Earlier today, October 16th 2018, the United States Department of Justice announced indictments of 338 individuals across 12 countries after the take down and seizure of a DarkNet website called “Welcome To Video” – the largest DarkNet child pornography site, by volume, US authorities have ever uncovered. The site itself is said to have been owned and operated by a 23 years old by the name of Jong Woo Son – whom is currently serving other charges for child pornography in South Korea, of which he is a citizen.

Upon unsealing today’s indictment, Assistant Attorney General Brian A. Benczkowski of the Justice Department’s Criminal Division stated thatDarknet sites that profit from the sexual exploitation of children are among the most vile and reprehensible forms of criminal behavior. This Administration will not allow child predators to use lawless online spaces as a shield. Today’s announcement demonstrates that the Department of Justice remains firmly committed to working closely with our partners in South Korea and around the world to rescue child victims and bring to justice the perpetrators of these abhorrent crimes.” It’s also said that the site itself was ultimately done in by the use of Bitcoin transactions, which allowed authorities “to determine the location of the Darknet server, identify the administrator of the website and ultimately track down the website server’s physical location in South Korea.

It should also be noted that while 12 countries were identified in the indictment, most of the individuals named do come from the US – spanning across 24 different states. Interestingly enough, I’d estimate that over 90% of all the US citizens named were between the ages of 24 and 42 at the time of their arrest – something I would not have expected going into the story.

Statement from DoJ: https://www.justice.gov/opa/pr/south-korean-national-and-hundreds-others-charged-worldwide-takedown-largest-darknet-child
Indictment Release: https://www.justice.gov/opa/press-release/file/1210441/download
Complaint for Forfeiture: https://www.justice.gov/opa/press-release/file/1210461/download

Browse Indictment & Complaint for Forfeiture:

[pdf-embedder url=”https://roguemedia.co/wp-content/uploads/2019/10/son_indictment_0.pdf”]

 

[pdf-embedder url=”https://roguemedia.co/wp-content/uploads/2019/10/2019_10_16_complaint_19cv3098_0.pdf”]

 

** If you cant browse the documents hover your mouse over the pdf’s (above) and notice the up and down arrows in the bottom left, these will help you navigate the documents **

US Central Intelligence Agency Releases Location of New DarkNet Version of cia.gov Website

Earlier today, May 7th 2019, the US Central Intelligence Agency came out with a bizarre press release announcing the launch of their own .onion website. Upon investigation, the “Darknet” version of their site appears to look, feel and function in the same manner as their “ClearNet” version, with only one exception – it features a revolving slideshow of all the agencies latest stories, releases and events – such as you can see with a story of the launch of their .onion website below. Though it must be noted, you can only access the link below with a download of the Tor Browser, Freenet Browser or I2P setup.

Location of Site: https://ciadotgov4sjwlzihbbgxnqg3xiyrg7so2r2o3lt5wz5ypk4sxyjstad.onion/

Screen Shot:

No photo description available.

Being as deep in the rabbit hole as I am, and have been, I can’t help but wonder if those slideshow pictures/reports are somehow zero days meant to compromise the web browsers/identities of any suspicious visitors to the site – especially in regards to recent Tor zero days made aware to me over the course of the last two months? I honestly cant think of any reason to tailor their website specifically to a DarkNet crowd/audience, unless it was just a trap (HoneyPot). Regardless, at least according to the CIA itself,  they are calling the site the “latest layer” to their international operations, hoping the tool will help the public send in more truly anonymous tips throughout the future.

Secure, anonymous, untraceable—traits ever-present in CIA’s intelligence collection mission,” says the CIA “and the same is true for our onion site, which is now available over the Tor network. Adding that “Our global mission demands that individuals can access us securely from anywhere. Creating an onion site is just one of many ways we’re going where people are” – says Brittany Bramell, CIA’s Director of Public Affairs. However, as someone whom has personally sent dozens of Anonymous tips to the CIA over the course of the last several years, I know it is entirely possible to send them Anonymous tips independent of the Tor Browser – using combinations of VPN’s, Proxies and DNS edits, making their logic even more suspicious.

Learn More – Anonymous Intelligence Agency: https://roguesecuritylabs.ltd/anon-intell

Submit Tips: Tips@AnonIntell.org

 

Infamous/Notorious Hacker Forum Known as Dark0de Comes Back Online Under New Ownership

Roughly 3 years after first being taken down by European/international police in 2016, the infamous hacking forum known as “Dark0de” has officially come back online. For those of you whom may be unfamiliar with the sites legacy/history, originally founded in 2007, Dark0de went on become perhaps the single largest and most notorious hacking forum in the world up until the time of its closing just a few years ago. In fact, as described by Europol, the police organization which initially closed it, “Darkode is the most prolific English-speaking cybercriminal forum to date.

The operation to close the forum, originally code-named “Operation Shrouded Horizon” by the FBI, ultimately resulted in the arrests of 70 people across 20 countries – including Denmark, Germany, India, Israel, Romania, Sweden, and the UK. At the time, then US Attorney General, Leslie Caldwell, called the closing of Dark0dea milestone in our efforts to shut down criminals’ ability to buy, sell, and trade malware, botnets and personally identifiable information used to steal from US citizens and individuals around the world.” Also stating how she believed that “this operation is a great example of what international law enforcement can accomplish when we work closely together to neutralize a global cyber-crime marketplace.

Learn More – Operation Shrouded Horizon: https://www.fbi.gov/news/stories/cyber-criminal-forum-taken-down

 

 

 

Today however, the site is now being managed by “Hitman,” the owner of Dark0de, as well as “Ownz” – the leader/founder of New World Hackers. At the current moment in time the site and its forums are back online and open for business – featuring categories/information such as leaks, forum resources, webmasters, malware, exploits & 0days, cracking, hacking, technology and gaming – among many more.

Access Website: https://dark0de.net/
Online Chat Affiliated w/ Dark0de: https://discord.gg/hBcze2E

In statements made available to Rouge Media Labs, Dark0de‘s developers explained how “we plan to bring back Dark0de to give hackers a place to go to look for accounts, tools, proxies, methods, and configs – not to mention email:username combinations for cracking accounts.” According to Ownz, “the goal is to become the #1 hacking forum once again like done in the past back in 2013-2015.” Adding that “the reason we waited three years is because we were aware that there was an investigation ongoing because the actual original owner of the site was not ‘Hitman‘ but it was ‘Obstriegel‘ aka ‘Sp3cial1st‘ and we didn’t want the same troubles as he had trying to cover up what he had created.

While the forum used to be associated almost primarily with the DarkNet, it is now freely available across the ClearNet. Aside from a change of ownership, the sites current developers claim that “nothing has changed, but we did add more site categories for Malware, Exploits, and the Marketplace” – etc. For example, the forum has already been restored to its previous version – with over 12,000 registered users, featuring +55,000 postings across +6,000 different threads.

In A Joker-ish Move, Hacker Dumps 100 Active Credit Cards Online Just for The Lulz

Going about my normal daily routine searching for leaked and/or hacked information online this afternoon, I found a leak unique enough for me to publish here today. In a move straight out of The Dark Night, an unknown group of hackers just kind of released 100 active credit cards – for like no reason. In fact, in a message attached to the leak, the hackers even state “this isn’t about money, it’s about power!” What’s perhaps even weirder though is the fact that they didn’t even reveal anything about themselves in the leak. All they stated was that we are “WIR,” providing no context whatsoever, not even indicating if this is some sort of acronym for something, nor did they leave behind any links, web pages, social accounts or means to get in contact with them.

It’s by far one of the most bizarre leaks I’ve ever stumbled across, which is why I’m documenting it here today. That and the news was a little slow this evening 😋.

Full Press Release:

Hacked by WIR

We came from Darknet.

Our Rules:

1. No System is Safe.
2. We aim for the Impossible.
3. Destroy our Enemies.
4. Have Fun in CyberSpace.

We are going to leaked 100 Credit Cards.

We don’t care about Money, This is about Power!

Good luck with you new Credit Cards

Full Raw Leak: https://pastebin.com/raw/1eq36q0U

DDoSecrets Publishes “The Dark Side of The Kremlin,” Over 254 GB of Leaks Stolen from Kremlin Servers

One of the most common/re-occurring questions I keep getting asked from people is why doesn’t Russia get hacked like the rest of the world? How come we never hear of any hacks or leaks coming out of Russia like we do other countries? Well, the answer is rather simple – kind of.

First off is because Russia has much harder/stricter internet controls and/or regulations in place than most Western countries, especially the United States, and it is therefore much harder for outside countries to get into Russian network infrastructure than it is for Russia to get into theirs. For example, Russians can freely advertise here in the United States, essentially unrestricted, but it is almost impossible for me to reach Russian citizens with an advertisement from here in the US – at least it would cost me astronomically more to do so. Second is because, starting in 2016, the Russian Government abandoned Microsoft products, including Windows, essentially switching over to their own prototypes, literally running software, Operating Systems and machines that no one else in the world has or has even seen for that matter. Thirdly is the fact that if you ever get caught leaking sensitive material in Russia, about Russia, forget going to trial, you are probably just going to wind up being shot in the head and/or assassinated – something which is usually not the case in Western democracies, Jamal Khashoggi not withstanding.

Learn More | Russia’s Parliament Puts Forth New Initiative To Create Backup Infrastructure To Global World-Wide-Web: https://roguemedia.co/2018/12/16/russia-aims-to-create-backup-to-the-world-wide-web-create-its-own-national-internet-infrastructure/

With that established however, it doesn’t necessarily mean that Russia’s systems are infallible either. For example, last Friday, January 25th 2019, a new publishing outlet formed in December 2018 going by the name of DDoSecrets published a new series of leaks entitled “The Dark Side of The Kremlin” – two massive data dumps comprising of greater than 258 Gigabytes of data stolen from various servers belonging to the Russian Government (Kremlin).

As was explained by DDoSecret co-founder Emma Best in an article with The Daily Beast, the first international news outlet to cover the leaks, the information stolen from Kremlin servers includes “stuff from politicians, journalists, bankers, folks in oligarch and religious circles, nationalists, separatists, terrorists operating in Ukraine.” They also contain “hundreds of thousands of emails, Skype and Facebook messages, along with lots of docs.

As was also explained by reporters at The Daily Beast, DDoSecrets has managed to compile “more than 200,000 emails into a spreadsheet for ease of searching.” Adding that “in all, its cache now contains 61 different leaks totaling 175 gigabytes, dwarfing, by quantity at least, Russia’s leaks against the Democratic National Committee and Hillary Clinton campaign.” The collection also “includes files from Alexander Budberg, a Russian columnist married to Dmitry Medvedev’s press secretary; Kirill Frolov, vice-director of the Kremlin-backed Institute for CIS Countries; and Vladislav Surkov, a top aide to Vladimir Putin who was hacked by CyberHunta in October 2016,” in addition to much more. You are invited to learn more by browsing through the leaks/links provided below.

For those of you whom are unfamiliar how to navigate the DarkNet, the location where these files/archives were originally stored, member of Anonymous have done their best to backup and reload the torrent files via the ClearNet and AnonFiles.com so that anyone/everyone in the world can have access to the content. Over the course of the last week there has also been 3 leaks tied to the Kremlin and/or Russian-based email domains. Though there is not telling how old/antiquated the information may be, they consists of over 3,300 emails along with their login passwords – over 3,000 of which allegedly belonging to various members of the Russian Government/Legislature.

You can search all files and emails from all 5 of the leaks below. If you need to download Tor first, you can find a download link here: https://www.torproject.org/download/download.html

Original Publication (DarkNet): http://ddosecretspzwfy7.onion.to/data/asia/#russia

Search Through Entire Kremlin Email Archive: https://search.bivol.bg/kremlin/

File Download 1 (Darknet): http://ddosecretspzwfy7.onion.to/DarkSideoftheKremlin.torrent
File Download 1 (ClearNet): https://anonfile.com/CaPcYdrfbe/DarkSideoftheKremlin_torrent
File Download 1 Backup:
https://anonfile.com/PfVcZfrcbd/DarkSideoftheKremlin_torrent

File Download 2 (DarkNet): http://ddosecretspzwfy7.onion.to/DarkSideoftheKremlin.csv.torrent
File Download 2 (ClearNet): https://anonfile.com/0aP2Y5r7b6/DarkSideoftheKremlin.csv_torrent
File Download 2 Backup:
https://anonfile.com/UdU3Z5r1b5/DarkSideoftheKremlin_torrent

Additional Russian Email – Password Dumps:

[pdf-embedder url=”https://roguemedia.co/wp-content/uploads/2019/01/Russia_Email_Leak_List.pdf”]

 

Artificial Intelligence To Crawl DeepWeb To Find Cyber Attacks Before They Happen

A new joint operation undertaken by military contractor Lockheed Martin, along with Cyber Reconnaissance, Universidad Nacional del Sur and the Universities of Arizona and Southern California aims to revolutionize cyber intelligence going forward throughout the future. The conception is not dissimilar to the ‘Web Bot” project, which attempts to index/collect, analyze and interpret key words and searches sent across the internet in live time as they are happening in order to predict future trends.

The project is officially called DARKMENTION, “a deployed system to predict enterprise-targeted external cyber attacks.” It was developed under the Cyberattack Automated Unconventional Sensor Environment (CAUSE) program for the Intelligence Advanced Research Projects Activity (IARPA), and attached to a database belonging to CYR3CON, a threat intelligence firm, which has cataloged various successful cyber attacks/attack styles pulled off throughout the past.

Together along with this database, DARKMENTION aims to crawl both the “Surface Web” and “Deep Web” in hopes of finding, recording and indexing various hacking forums, website and chats, in order to pick up on key issues or talking points within them. In doing so, researchers hope to uncover potential targets before hackers can organize enough to launch attacks against them, and/or uncover new information about how attacks are are actually set up/pulled off. The project could theoretically revolutionize intelligence gathering, while also drastically cutting down on Governmental/military operational budgets.

If this seems impossible to you, you might remember a 2016 study by Intelliagg and Darksum, which managed to crawl, index and catalog approximately 29,532 websites hosted on the “DarkNet” – roughly 54% of the entire estimated size of the DarkNet. I bring this up because Darksum‘s project didn’t have nearly the budget or resources as Lockheed Martin‘s now does, and the Surface Web and Deep Web are inherently much easier to navigate than the DarkNet.

Full Research Project: 

[pdf-embedder url=”https://roguemedia.co/wp-content/uploads/2018/11/darkmention.pdf”]

+85 Million More Voting Records Found for Sale On DarkNet

A new research report from Carbon Black has found another 81,534,624 voting records for sale on the DarkNet across 20 different US States. It is important to note that the data breaches discovered this week are not the same or repeats of voting records discovered earlier this month by researchers at Anomali, whom found over 35 million records for sale across 19 US States. Included in the records discovered by Carbon Black this week are sensitive information such as full voter IDs, full names, current and previous physical addresses, gender, phone number and citizenship status.

Included in the States compromised this time are Alabama (132,788), Alaska (487,415), Arkansas (1,700,000), Colorado (3,500,000), Connecticut (2,300,000), Delaware (645,327), Florida (12,500,000), Georgia (6,600,000), Michigan (7,400,000),Nevada (1,160,000), New Jersey (5,500,000), New York (15,000,000), North Carolina (7,400,000), Ohio (7,900,000), Oklahoma (2,158,000), Pennsylvania (620,201), Rhode Island (740,049), Texas (657,695), Utah (731,639), Washington (4,400,000). At the present moment in time it is not known whom was behind the attacks/leak, or whom the seller of the documents actually is.

With that said however, the 2nd half of Carbon Blacks report analyzed 113 different cyber attacks against US servers/businesses throughout the third quarter of 2018 alone. What they found was that nearly half of them, 47% to be exact, originated out of China and Russia alone. For the purposes of the study, Carbon Black also interviewed several major US Companies whom had also come under attack within recent months, what they found was that nearly all of the attacks traced back to the same base countries. For example, 68% of respondents said they experienced cyber attacks from China, 59% experiences attacks from Russia, 49% from North America, 30% from Iran, 24% from North Korea, 24% from Brasil, and 19% reported they lacked the ability to adequately trace attacks launched against them.

Full Research Report from Carbon Black:

[pdf-embedder url=”https://roguemedia.co/wp-content/uploads/2018/10/carbon-black-quarterly-incident-response-threat-report-november-2018.pdf”]

+35 Million US Voting Records Released 4 Months Before 2018 Mid-Term Elections

Another year and another major leak has exposed the voting records of tens of millions of Americans. No, this is not a republish from 2015. A new report from research team Anomali Labs has uncovered nearly 35 million US voting records for sale within an underground hacking forum on the DarkNet, reportedly encompassing 19 different US States. The hackers are selling the records online ranging anywhere from a few hundred dollars to twelve thousand five hundred dollars, depending on state, and the sellers allegedly have no shortage of buyers lining up to purchase the data.

As Anomali‘s report points out, “The databases include valuable personally identifiable information and voting history.” Adding that “The disclosure reportedly affects 19 states and includes 23 million records for just three of the 19 states. No record counts were provided for the remaining 16 states, but do include prices for each state. We estimate that the entire contents of the disclosure could exceed 35 million records.

View Full Report from Anomali: https://www.anomali.com/blog/estimated-35-million-voter-records-for-sale-on-popular-hacking-forum

As for why I deem this story important enough to cover here today, this is because I personally covered US voting data breaches throughout the course of 2015 and into 2016. More specifically, I once covered how over 400 million US voting records had been uncovered by the end of June 2016 alone, less than 5 months before the Presidential election that year. In fact, my research on stolen US voting records and the manipulation of US voting machines was featured in front of the US Senate Intelligence Committee in 2017.

To get you caught up to speed here, hackers had begun targeting voting records of US citizens living in both “Swing States” and states expected to host contentious Congressional/Senate battles. This was done in order to learn as much information as possible about potential voters and voting demographics throughout different states, including things like their personal interests, inclinations and how they were most likely to vote. Moreover, hackers, threat actors and/or lobbying groups desperately sought this type of information so that they could target them with emails, phone calls or advertisements on social media, either appealing to their personal interests to re-enforce their vote or appealing to their dark side to get them riled up/belligerent and therefore more likely to vote. It was also not uncommon for most independent voters to be sent different forms of propaganda in hopes it would swing or influence their vote one direction or another.

For example, you might remember that Russian actors once paid to advertise Black Lives Matter protests/rallies specifically to White Supremacists on social media, simply to get people riled up, protesting against and hating one another. Similarly, they also advertised conservative news platforms/postings specifically to liberal audiences for the same reasons – vice versa.

Sample of Information Exposed In 2015/2016 Breaches:

Sample voter records from the exposed database

Major Voting Record Data Breaches 2015 – 2016

12-29-2015 | Personal Details of 191,337,174 US Voters Hacked on Misconfigured Federal Database: http://news.softpedia.com/news/misconfigured-database-exposes-details-of-191-million-us-voters-498185.shtml

1-3-2016 | Second Leaked Data-Base Containing 19 million records on Demographic Information on Specific Voters & 56,722,986 More Voters: https://www.databreaches.net/did-a-christian-right-wing-organization-expose-private-details-of-millions-of-people/

5/23/2016 | 154 Million More Voter Records Hacked: http://news.softpedia.com/news/hackers-breach-us-company-and-unwittingly-expose-154-million-voter-records-505553.shtml?utm_content=buffer871e1&utm_medium=social&utm_source=facebook.com&utm_campaign=buffer

To that very point, even Anomali points out “With the November 2018 midterm elections only four weeks away, the availability and currency of the voter records, if combined with other breached data, could be used by malicious actors to disrupt the electoral process or pursue large-scale identity theft.” Essentially, for all the same reasons this sort of data was stolen before the US Presidential election of 2016.

As for the states effected, the most recent data breach is said to have effected Louisiana, Texas and Wisconsin the most, with nearly 23 of the 35 million records coming from these 3 states alone. The other 16 states effected include Montana, Iowa, Utah, Oregon, South Carolina, Wisconsin, Kansas, Georgia, New Mexico, Minnesota, Wyoming, Kentucky, Idaho, South Carolina, Tennessee, South Dakota, Mississippi, and West Virginia. At the present moment in time, only the voting records of Kansas have become published publicly.

Perhaps most importantly, the hackers alleged to have contacts in various state Government around the country, ensuring that all data provided is up to date and that any information to come throughout the future is viable. This is also concerning in its own right because, if we are to take the hackers at their word here, this means that there are “rogue” US Government employees in 19 States actively “colluding” to release the voting records of private citizens just 4 weeks away from the November 2018 mid-term elections. I haven’t done enough research to analyze the different battles or seats up for grabs in each of the 19 states implicated in the leak, but the situation is certainly worth monitoring.