10/25/12

The deep Dark Web -Book Release

gATO hApPy

AVAILABLE @ AMAZON - http://www.amazon.com/dp/B009VN40DU

AVAILABLE @SmashWords website  @http://www.smashwords.com/books/view/247146

I learned that I hate WORD: – but it’s the general format for publishing  - text boxes- get imbedded and you can’t format to EPUB or .mobi or anything – solution after going lOcO gAtO - was copy and paste into txt editor – save as RTF then copy paste back into a new WORD document and then reformat everything from scratch – and copy over the pictures – as you can tell I had fun-..-ugh mEoW F-F-F-F as much fun as a hairball but if it get’s the message out “FREEDOM OF SPEECH IN CYBERSPACE” then we done our job, anyway I hope you read it - Thank you Pierluigi a best friend a security gAtO ever had - gATO oUt

This Book covers the main aspects of the fabulous and dangerous world of -“The Deep Dark Web” . We are just two cyber specialists Pierluigi Paganini & Richard -gAtO- Amores, with one passion and two souls we wanted to explain the inner working of the deep dark web. We have had a long collaboration in this efforts to document our findings we made infiltrations into the dark places inaccessible to many to give a you the reader a clear vision on the major mystery of the dark hidden web that exist today in the Tor Onion network..

The Web, the Internet, mobile cell devices and social networking has become commonly used words that identify technological components of daily Internet user’s experience in the cyberspace. But how much do we really know about cyberspace? Very, very little, Google / Yahoo / Bing only show us 20% of the Internet the other 80% is hidden to the average user unless you know were to look.

The other 80% of the Internet is what this book is about the “Deep Dark Web”, three words with millions of interpretations, mysterious place on the web, the representation of the hell in the cyberspace but also the last opportunity to preserve freedom of expression from censorship. Authorities and corporation try to discourage the use of this untapped space because they don’t control it. We the people of the free world control this network of Tor -Onion Routers by volunteer around the world.

The Deep Dark Web seems to be full of crooks and cyber criminals, it is the hacker’s paradise, where there are no rule, no law, no identity in what is considered the reign of anonymity, but this is also the reason why many persecuted find refuge and have the opportunity to shout to the world their inconvenient truths.

The Deep Dark Web is a crowded space with no references but in reality it is a mine of information unimaginable, a labyrinth of knowledge in the book we will try to take you by the hand to avoid the traps and pitfalls hopefully illuminating your path in the dark.

Cybercrime, hacktivism, intelligence, cyber warfare are all pieces of this complex puzzle in which we will try to make order, don’t forget that the Deep Dark Web has unbelievable opportunity for business and governments, it represents the largest on-line market where it is possible to sell and acquire everything, and dear reader where there is $money$  you will find also banking, financial speculators and many other sharks.

Do you believe that making  money in Deep Web is just a criminal prerogative? Wrong, the authors show you how things works in the hidden economy and which are the future perspectives of is digital currency, the Bitcoin.

This manuscript proposes both faces of the subject, it illustrates the risks but also legitimate use of anonymizing networks such as TOR adopted by journalist to send file reports before governments agents censored his work .

Here are some question we may answers to:

How many person know about the cyber criminals and their ecosystem in the deep web? 

How many have provided information on the financial systems behind the “dirty affairs”? 

How the law enforcement and governments use Dark Web?

Let’s hold your breath and start the trip in the abyss of knowledge to find answers to the above questions. We hope that with this book you can learn something new about – The Deep Dark Web.

07/9/12

Latino Hacktivist on the Rise

gAtO cHeKs –  http://pastebin.com/trends“>http://pastebin.com/trends  – every day or so just to get a pulse on the hacktivist movement. One thing has change I see more and more Latinos getting involved in social cyber activist. Below is a break down of what I saw it’s good to see Latino nation using the social media for political dialog. As more of the world understands the importance of the new ways of connecting via the matrix, we will have more freedom of speech in cyberspace for everyone.

Let’s take a look at what my Latino brothers and sisters, si – Latina women are very much in the hacktivist roles all over Twitter sphere (#tangodown #dos ). Let’s take a look at today Sunday 1407 July,8 2012 -

A few post – goes out to the new cyber latino hacktivist and of course give thanks to Sweden and Italy brothers and sisters that have help the education of the spanish crowd-source with cyber hacktivist 101. But this was a big hit to -.MX Mexico is becoming a new cyber hot-bed for these cyber strikes –/ I have seen more and more hacktivist attacks at the Mexican politicals like MEGAMARCHA- against  “Public Radio International” or their message../ mAyBe nO-sI –-  it’s about the PRI Mexican Party, corruption and the protesters went for both, that party and the Radio noise that helped them.

Besides Mexico, you have a push at UASD from a few sources with the Spanish hacktivist–/  a -DoX from Columbia I think  and a plan for the Olympics cyber lulz. From the Latino community this is a big show and tell on pasternBin.com  – gAtO oUt

Reference:

.02.) Mexico 1. http://pastebin.com/CRu8raYU #PrimaveraMexicana—— #Anonymous #Opmexico #Megamarcha #ExigimosDemocracia #PrimaveraMexicana#PrimaveraMexicana

 

.01.) Mexico MEGAMARCHA -MEGAMARCHA! this was the new dump: http://pastebin.com/HcCN7kCv

  1. MADE BY CONDOR SECTOR404. SALUDOS HERMANOS
  2. MEGAMARCHA VS el pri a le horas que usteden quierena empezamos:
  3. SALUDOS LATINOAMERICA,IBEROAMERICA,ANONEXICO,ANONIMOUSMEXICO,BRASIL,OPCOSTARICA,OPINDIA,ANONSWEDEN,ITALY

 

Latino Hacktavist- gAtOmAlO2

Latino Hacktavist- @gAtOmAlO2

 

1.) Mexico 1. #Anonymous México. #OpMarchaPacifica – Untitled  http://pastebin.com/S8kZ02Ua

2.) Operación #OPSalvemos a la #UASD, Gracias por Leer esto #Op Salvemos la UASD. –http://pastebin.com/z1qTzz3n

3.) FALSA BANDERA OLIMPIADAS 2012 (NUEVOS AÑADIDOS) -Olympic Plans Overview – This is a planing stage Olympics latino based in London http://pastebin.com/T5Gu6p6s

4.) A spanish DoX – DOXEO JUAN PABLO FRANZONI http://pastebin.com/2WGmPgcx 

5.) Dominican Anonymous.-Anonymous Explica como esta hackiando la pagina de la UASD. http://pastebin.com/G5yE6uGr  – Administrators or webmaster of the site of the #UASD

6.) Mexico – Leaks Name & Password http://pastebin.com/GjTGdC6k -@Anonymousbr11  @Anon_central @AnonymousOIC  Target:http://www.isc.gob.mx

07/6/12

Online Security Basic -should I use encryption

gAto fOuNd - this -/ Basic Security Guide /- a while ago in the .onion and while I don’t agree with everything in this write-up I learned some new things. At the end of the day –/ they can’t take away what’s in your head -always be a critical thinker - gAtO oUt

Online Security Basic - link are .onionLand

Transcribed from http://g7pz322wcy6jnn4r.onion/opensource/generalguide.html on 2011-04-16.

Contents[hide]

Basic F.A.Q.

What is encryption?

Encryption is a method of encoding information in such a way that it is computationally difficult for eavesdroppers to decode, but computationally easy for the intended recipient to decode. In practical terms, encryption makes it almost impossible for you to be successfully wiretapped. Encryption can also make it essentially impossible for computer forensic teams to gather any data from your hard disk drive. Encryption is the process of making information difficult or impossible to recover with out a key. The key is either a passphrase or a huge random number protected by a passphrase. Encryption algorithms fall into two primary categories: communications and storage. If you use a program such as GPG to encrypt your E-mail messages, you are using encryption for communications. If you use a program such as Truecrypt to encrypt your hard disk drive, you are using encryption for storage.

Is there a big difference between storage and communication encryption?

Yes. Data storage encryption often uses only symmetric algorithms. Communication encryption typically uses a combination of asymmetric and symmetric algorithms. Asymmetric algorithms are generally far easier to break than symmetric algorithms. In practice this is not significant as the computing power required to break either strong asymmetric or strong symmetric algorithms is not likely in the grasp of any agency.

Should I use encryption?

Yes! If you participate in the Internet underground it is essential for your continued freedom that you learn how to use encryption programs. All communications should be encrypted as well as all stored data. For real time communication encryption we suggest either Pidgin or Adium instant messages with the OTR plug-in. For non-real time communication encryption we suggest GPG. Truecrypt does a great job of encrypting stored data and can also encrypt the OS partition if you use Windows. Various flavors of Linux and Unix also allow for the OS partition to be encrypted although the particular program used will vary. If an alternative installation CD is used Ubuntu allows for OS partition encryption during the installation process.

What is plausible deniability?

When discussing stored data encryption plausible deniability means that an encrypted container can decrypt into two different sets of data depending on the key used. Plausible deniability allows for you to pretend to cooperate with authorities with out them being able to tell you are not cooperating. For example, perhaps they demand you give up your password so they can decrypt some of your communications or stored data. If you used a system with plausible deniability you would be able to give them a password that would indeed decrypt the encrypted data. However, the decrypted data they can now see will be non-sensitive data you intentionally allowed for them to decrypt. They can not see your sensitive information and they can not prove that you didn’t cooperate.

Do I need plausible deniability?

Possibly. It really depends on where you live. In the U.K. it is a crime to refuse to give law enforcement your encryption keys on demand. Refusal to reveal encryption keys is punishable by several years in prison, but this is quite possibly a lot less time than you would get if you did reveal your encryption keys. In the U.S.A. the issue has not yet gone to the supreme court and lower judges have ruled in both directions. In general it is a good idea to use plausible deniable encryption when possible. Truecrypt supports plausible deniability for all functions under Windows. For Linux there is no current software supporting out-of-the-box plausible deniability of the OS partition. With Linux you may be able to achieve a type of plausible deniability by encrypting your entire drive and putting the bootloader on another device. Then you can argue the drive was freshly wiped with a PRNG and there is no key to decrypt.

Of course the police can break encryption, right?!

If you are using a strong encryption program (such as GPG, OTR, Truecrypt, etc) and a long and random password (or automatically generated session key, such as OTR) the police are not going to be able to directly break the encryption. This is not to say they can not get your key in other ways! For example they could install a keylogger onto your keyboard or use various transient signal attacks to capture your key while you type it. An emerging method of encryption key compromise uses application layer exploits to remotely grab keys from RAM. These ‘side channel’ attacks need to have active measures taken against them (the best of which are using a strong anonymity solution and hardened OS).

What about the NSA?

The NSA is not going to be able to break strong data storage encryption algorithms (symmetric). They are also probably not able to break strong communication encryption algorithms (asymmetric). Very powerful quantum computers can be used to greatly reduce the bit strength of an encryption algorithm. Symmetric algorithms have their bit strength cut in half. Asymmetric algorithms are easily broken by such powerful computers. If you are using AES-256 a powerful quantum computer will reduce its bit strength to the still unbreakable 128. If you are using even a 4,096 bit RSA key with GPG, a powerful quantum computer can break the encryption. However, keep two things in mind; It is not likely that the NSA or anyone else has such a computer, and anyone sane will assure you that unless you are a foreign military or major terrorist the NSA will not act on any intelligence they gather by by breaking your communication encryption.

But anything can be hacked, right? Why not encryption?

Encryption algorithms are not hacked, they are cryptanalyzed. Not every single thing done with a computer can really be considered hacking. Hackers may be able to exploit the implemented code of a program using an encryption algorithm, but even the best hackers tend to know little about encryption. Hacking and cryptography are not the same field and most hackers who think they know a lot about encryption actually know very little about it. Encryption is a field of pure mathematics and good encryption algorithms are based firmly on the laws of mathematics as they are currently understood. Unless there is some very unlikely discovery in the field of mathematics the security claims made about most encryption algorithms will stand firm even if the best hackers (or even more impressively cryptographers) in the world try and attack them.

Note: Some hackers are skilled enough to side channel your encryption with application layer exploits unless you take hardening counter measures. This is not hacking the encryption algorithm although it is using hacking to counter encryption. Following our general security guide (later on this page!) will make it much harder for hackers to do this. To hack you through Open Source the attacker will first have to compromise Open Source, we have taken many security measures to make this very difficult to do.

Using encryption programs myself is difficult, but Hushmail, Safe-Mail or (Insert name here) will manage it for me!

Fully web based services can not really offer you strong encryption. They manage your keys for you and for this reason they have access to your keys. It does not matter what the company is named or what they promise, all of them are liars and some are probably honeypots. These services will not offer you strong encryption and law enforcement will be able to gain access to your communications. If you play with fire you need to learn how to protect yourself or you will be burned. It is not overly difficult to manage your own encryption and it is the only possible way for you to maintain your security.

What exactly is anonymity?

Anonymity is the property of being indistinguishable from a given set size (number of others). In the way the term is commonly used anonymity is the inability to be traced. A trace could mean that an attacker follows your communication stream from you to the end destination you are communicating with. A trace could also mean that an attacker follows a trail of logs from the end destination you communicate with back to your location. Anonymity solutions make it difficult to trace your communications and by doing so also make it harder to map out the networks you participate in. Anonymity can also be used to prevent censorship. If a server is hosted as part of an anonymity network and its location can not be determined then an attacker is incapable of demanding the censorship of the services hosted by the server.

Why do I need anonymity?

If you are not using an anonymity solution your presence on the Internet can be trivially traced back to your presence in real life. If you are participating in activities on the Internet which you would not want to be traced to your real life identity, you need anonymity. If you are participating in a network you need anonymity to protect yourself from network analysis. If no one on your network is using anonymity solutions and the police bust one of them, they will be able to see who all they communicated with as well as who all those people communicated with etc. Very quickly and with high precision the police will be able to map out the entire network, going ‘outward’ to many degrees. This may be useful for evidence (for use in court) and it is certainly useful for intelligence (so they know where to look next).

I already use encryption so there is no need for me to be anonymous!

Although encryption and anonymity highly compliment each other they serve two different goals. Encryption is used to protect your privacy, anonymity is used to hide your location and protect you from network analysis. Strong anonymity requires encryption, and encryption is greatly benefited when combined with anonymity (after all, it is hard to install a keylogger if you don’t know where the target is located!). If you use strong encryption but no anonymity solution the feds may not be able to see what you say but they will know who you are and who you are talking with. Depending on the structure and purpose of your network, a single compromised node may very well remove all benefits of using encrypted communications. Many of the most realistic and devastating attacks on encryption systems require the attacker to gain a physical presence; if you are not using an anonymity solution this is trivial for them to do. If the feds do not know where you are, they can’t bug your keyboard with a keylogger. Anyone who says you do not need anonymity if you use encryption should be looked at with great suspicion.

Tor exit nodes can spy on my communication streams so I should not use it!

If you use Tor to connect to the open Internet (.com instead of .onion) it is true that the exit node can spy on your communications. You can reduce the risk of this by making sure you only connect to SSL websites (https:// instead of http://). You can further reduce the risk of this by always checking the fingerprint of the SSL certificate and making sure it does not change with out an adequate reason being presented by the site administrator. You can eliminate the risk of a spying exit node in some contexts. For example if you encrypt a message yourself with GPG before you send it, the exit node will not be able to break the encryption even if they are spying.

Tor is not meant for privacy (unless you only access .onions) it is meant for anonymity! If you want privacy while using Tor you will need to either only access .onions or you will need to layer it on yourself by using GPG, SSL, OTR or other encryption on top of it. Using Tor to connect to the open Internet with out using any privacy tools yourself can actually reduce your privacy from some attackers. Remember, Tor to the open Internet is for anonymity it is not for privacy. Anonymity is just as important as privacy. Also, networking tools with a larger focus on privacy than anonymity (such as VPNs), will not offer you privacy from law enforcement anymore than Tor will and they also tend to offer substantially worse anonymity!

If I use Tor can I be traced by the feds?

So far, probably not unless you get very unlucky or misconfigure something. The feds are getting better at tracing people faster than Tor is getting better at avoiding a trace. Tor is for low latency (fast) anonymity, and low latency solutions will never have the ability to be as anonymous as high latency (very slow) solutions. As recently as 2008 we have documented proof that FBI working with various other international federal agencies via Interpol could not trace high priority targets using the Tor network. There is a large amount of information indicating that this is still the case. This will not be the case forever and better solutions than Tor are going to be required at some point in the future. This does not mean you should stop using Tor! It is quite possible that no VPN solution offers better anonymity than Tor, and the only low latency network which can be compared to Tor in terms of anonymity is I2P. Freenet is an anonymous datastore which possibly offers better anonymity than Tor or I2P. In the end it is very difficult to say what the best solution is or who it will hold up to, but most people from the academic anonymity circles say Tor, I2P or Freenet are the best three options. JAP is considered worse than the three previously suggested solutions, but better than most VPN services. You should at the very least use an encrypted two hop solution if you want a chance at remaining anonymous from the feds.

Traced is a very particular term. It means that the attacker either can observe your exit traffic and follow it back to your entry point or that the attacker can see your traffic enter a network and follow it to its exit point. Tor does a good job of protecting from this sort of attack, especially if you have not pissed off any signals intelligence agencies. Tor does not protect from membership revealment attacks! It is vital that you understand this attack and take measures to counter it if you are a vendor. To learn more about how to counter this attack keep reading this document, we discuss more in the applied security advice section on this page.

If I use Tor can I be traced by the NSA?

Probably. If you want a chance of being anonymous from the NSA you should research the Mixmaster and Mixminion remailer networks. NSA usually traces people by hacking them and doing a side channel attack. They have dozens of zero day exploits for every major application. This is also how they compromise GPG and FDE. Your best bet to remain anonymous/secure from the NSA is to use ASLR with a 64 bit processor to protect from hacking + Tor + Random WiFi location.Using airgaps can protect from them stealing encryption keys. This would involve using one machine with access to the internet to receive data, transfer the encrypted data to another machine with a CD which you then destroy, and decrypt on a machine with no access to the internet. Don’t reuse transfer devices or else they can act as compromise vectors to communicate between the machine with no internet connection and the machine with internet connection. Mixminion is better than mixmaster.

If I use hacked cable modems am I untraceable?

No, the cable company can trace you and so can the police and feds. However, it will make it more difficult for them to do so. People have been busted using this technique by itself!

If I use hacked or open WiFi am I untraceable?

The degree of untraceability you get by using WiFi access points depends largely on how you are using them. If you always use your neighbors connection, the trace will go to your neighbor before it goes to you. However, if law enforcement make it to your neighbors house before you stop the pattern of behavior, they can use WiFi analysis equipment to trace the wireless signal from your neighbors router and back to you. Many people have been busted this way. Also, if you use many different WiFi access points but they fit into a modus operandi (such as always from a particular type of location, maybe coffee shop) , you can eventually be identified if law enforcement put enough effort into doing so. Some people have been busted using this technique. If you use a brand new random location (harder than it sounds) every time you make a connection your identity can still be compromised, but the amount of effort required increases tremendously (assuming you are protected from side channel attacks anyway, be they CCTV cameras or remote WPS infections). We have not heard of anyone being busted if they used a brand new randomly selected WiFi access point for every connection.

If I send a package domestic to the USA with USPS do they need a warrant to open the package?

Yes, if it is sent in such a way that it could contain communications. For example, a letter will require a warrant but perhaps a very large and heavy box will not. For the most part, they need a warrant. No other mailing company requires a warrant to open any sort of packages. International packages can be inspected by customs with no need for a warrant.

Should I use masking scents, such as perfumes etc?

No, masking scents will not prevent a dog from hitting on the package. Masking scents will however make the package seem more suspicious to humans. Vacuum seal the product and be very careful to not leave any residues.

Applied Security Guide

Step Zero: Encrypt your hosts HDD

If you use Windows this can be done with Truecrypt

If you use Linux there are various ways you can accomplish this, usually an install time option

Step One: Configure the base system, harden OS

Application layer attacks exploit programming or design flaws of the programs you use, in general the goal of such attacks is to take over your system. For a deeper look at application layer exploits please check out the this page. These attacks are very dangerous because they can circumvent a lot of the other security you use, like encryption and anonymity solutions. The good news is that Open Source acts as an application layer firewall between you and everyone you communicate with through Open Source. We have taken great care to harden our server from attack and even if you take no precautions yourself it should not be trivial for you to be hacked through our server. However it is still a good idea for you to harden your own system. You don’t know for sure if you can trust us and there is no reason to be a sitting duck if our server is indeed compromised.

The first step you should take is running the operating system you use to connect to Open Source in a Virtual Machine. We suggest that you use Virtualbox. Virtual machines like Virtualbox create virtual hardware and allow you to run an operating system on this virtual hardware. It sounds complex but you really don’t need to know a lot about the theory, Virtualbox does all the work for you. There are a few reasons why you should use a virtual machine. The primary reason is that if the browser in your virtual machine is hacked the attacker is stuck inside of the virtual machine. The only way they can get to your normal OS is if they find a vulnerability in the virtual machines hypervisor, this adds complexity to their attack. The second reason you should use a virtual machine is because it makes it easier to use Linux if you are used to Windows or Mac OSX. Linux is a lot easier to secure than those operating systems but it is also harder to use. By using a virtual machine you can use your normal OS and Linux at the same time, Linux runs as a guest OS in a window on your normal (host) OS.

It is very simple to set up a virtual machine. Download and install Virtualbox. After launching it you will need to create a new VM. It is pretty simple and the program will walk you through the steps. Make sure to create a large enough virtual drive to install an OS, I suggest around ten gigabytes. You will need an install image so you can put the OS of your choice on the VM. Download the most recent Ubuntu ISO and use this. Remember, it doesn’t really matter if you don’t know how to use Linux. All you are using this VM for is using Firefox to browse Open Source, security comes before ease of use! Now that your virtual machine has been created you need to point it to your Ubuntu install CD. You can do this by going to the machines storage tab in the Virtualbox manager and pointing the CD drive to your install ISO. You will possibly be required to configure your virtual machine to connect to the internet if the default settings do not work for you, but chances are high that they will. Now you need to boot the virtual machine and install Ubuntu. Installing Ubuntu takes a little over half an hour and is very easy, you can simply select to use the default options for almost all of the steps.

Now that Ubuntu has been installed in a virtual machine it is time to start hardening it. The first step is to make sure it is fully patched and up to date. You can do this by going to System -> Administration -> Update manager from the bar on the top of your screen. Make sure you install all new updates because the updates include important security patches. It will take a while to update your system.

Now it is time to do some more advanced hardening steps. These steps may seem to be difficult if you are not very advanced technically, but don’t worry it is all just following instructions and you only have to do it once. Go to Applications -> Accessories -> Terminal from the top bar on your screen. This will launch a command line interface. Now type in the following commands hitting enter after each:

sudo aa-enforce /etc/apparmor.d/*

 

This command enables every AppArmor profile that Ubuntu ships with, including one for Firefox. AppArmor is an application layer firewall and makes it a lot harder for a hacker to compromise an application configured with a profile.

sudo apt-get install bastille

This downloads a generic hardening script that will walk you through some automated steps to make your system more secure.

sudo bastille -c

This launches the bastille hardening script. It will walk you through every step, in general you should select the default option. Make sure you at least read every step, there might be some things you don’t want it to do but in general the default options are good.

Step Two: Configure Tor and GPG, harden Firefox

Follow these simply step by step guides in order

Install TorInstall GPGConfigure Firefox with Tor and Harden it

Although it is not required for customers to know how to use GPG they still should. Our system will protect your communications in some ways. Your messages are stored in encrypted containers set to dismount if an intrusion is detected. Our server is highly hardened and resistant to hackers infiltrating it and spying on your messages. We are also a Tor hidden service and therefor offer encryption from you to us and from us to the people you communicate with. Our server is still the weak point in this system, a particularly skilled hacker could compromise the server and manage to spy on your communications undetected. The server could be traced by an attacker who could then flash freeze the RAM and dump the encrypted container keys. As far as you know we could even be law enforcement, or law enforcement could compromise us at a later date (the first is not true and the second is not likely, but do you really know this?). Our system does not hide your communications from us if we are your adversary, the same is true for Hushmail and Safe-mail. You can protect your communications with high grade encryption algorithms simply by learning to use GPG and it isn’t hard so we highly suggest you do it. Vendors are required to accept GPG encrypted orders!

Step Three: Conceal your membership (VERY IMPORTANT FOR VENDORS)

Using Tor by itself is not enough to protect you, particularly if you are a vendor. Membership revealment attacks combined with rough geolocation intelligence can lead to a compromise! The gist of a membership revealment attack is easy to understand. The attacker merely determines everyone who is connecting to a particular network, even if they are incapable of determining where the traffic being sent through the network is destined for. Tor does a good job of preventing an attacker who can see exit traffic from following the stream back to your location. Unfortunately, if you ship product the attacker can determine your rough geolocation merely by determining where you ship product from. If the attacker already knows your rough geolocation and they are capable of doing a membership revealment attack to determine who all in your area is connected to Tor, they can likely narrow down your possible identity to a very small set size, possibly even a set size of one.

This is not likely to be useful for evidence but it will provide strong intelligence. Intelligence is the first step to gathering evidence. The attacker may put everyone in your area who they detect are connecting to the Tor network under meatspace surveillance looking for evidence of drug trafficking activity. For this reason it is highly important that you protect yourself from membership revealment attacks!

Membership revealment attacks are less a worry for customers (provided financiall intelligence is properly countered to avoid an attacker finding rough customer geolocations!) than they are for vendors. There are a few reasons why this is true. First of all a customer is likely to reveal more about their identity when they place an order than the attacker will be able to determine with a geolocation + membership revealment attack. Secondly, the vendors allowed to operate on Open Source have been highly screened to significantly reduce the probability that any of them are federal agents, but the customers on Open Source are not only anonymous but they are also not screened at all. Third of all, the organizational structure reduces the risk for customers; a customer may work with a few vendors but each vendor is likely to be working with hundreds or thousands of customers. Customers sourcing from Open Source are at minimal risk even if they have products delivered directly to there own residence, vendors working on Open Source at particularly vulnerable to membership revealment attacks due to the open nature of the site.

The primary concern for customers is that they load finances anonymously and the vendor decentralizes their financial network. If a vendor is using a star network (centralized) financial topology there is a risk that an attacker could map out the geographic locations where customers loaded funds. After determining where funding was loaded the attackers could do anonymizer membership revealment attacks in an area around the load point and filter out everyone who is not using an anonymizer. This will likely leave the customer and few others. The attacker may even be able to compare CCTV footage of the load to the users of anonymizers in the area and look for a facial recognition match. To counter this it is important for customers to make use of good financial counter intelligence techniques (E-currency layering being one). Customers may also choose to utilize transients by paying them a fee to load currency, this way the customer avoids being on CCTV at any point. If vendors decentralize funding points (ditch the star network topology) customers will be strongly protected from such attacks, however it is impossible for a customer to ensure that a vendor is using a 1:1 customer to account/pseudonym identification ratio.

There are several ways you can protect yourself from a membership revealment attack, if you are a vendor it would be foolish to not take one of these countermeasures. The primary way to protect from a membership revealment attack is to make sure you do not enter traffic through the same network you exit traffic through. As all traffic to Open Source ‘exits’ through the Tor network, entering your traffic through a VPN first will reduce your vulnerability to membership revealment attacks. The attacker will have to determine who all in your area uses any anonymizing technology and put all of them under meatspace surveillance, there are likely to be far more people in your area using some sort of proxy system than there are people using Tor in particular. This will substantially increase the cost of putting all ‘potential targets’ under surveillance.

Using a VPN is helpful but it is not the most ideal solution. Your crowd space against a membership revealment attack will increase but perhaps not by much depending on the particular area you work out of. Also, a particularly skilled attacker may be able to determine you are using a VPN to connect to Tor by fingerprinting traffic streams. Tor traffic is padded to 512 byte size packets, normal VPN traffic is not. By filtering for 512 byte streams, an attacker can determine who all is using Tor in a given area. VPN’s protect from IP routing based membership revealment attacks but not from traffic fingerprinting membership revealment attacks. However, it is less likely that an attacker will be able to do a traffic fingerprinting membership revealment attack. The Chinese intelligence services apparently are still using IP address based attacks to block access to the Tor network. This is not nearly as effective as traffic fingerprinting based attacks. This could be an indication that traffic fingerprinting membership revealment attacks are more difficult to carry out (likely), however it could also be due to a lack of skill on the part of Chinas intelligence services. It could also be that China is not particularly interested in blocking/detecting all Tor traffic and IP address based attacks meet their requirements.

A better option than using a VPN would be to set up a private VPS and then enter all of your Tor traffic through this. Doing this will make you much more resistant to IP address based membership revealment attacks because now the attacker will not even be able to narrow you down to all people in your area using any anonymity technology. This is still weak to traffic fingerprinting membership revealment attacks!

Perhaps the best option to avoid membership revealment attacks is to use open or cracked WiFi from a different location + Tor every single time you connect. You could even use open Wifi + VPN/VPS + Tor for very high security from membership revealment attacks. Using random (not your neighbors) open/cracked WiFi greatly increaces your resistance to a wide variety of identity revealing attacks. An attacker can still do membership revealment attacks on users of open WiFi but they can no longer gain useful intelligence from the attack. If they detect that an open WiFi connection unrelated to you is using Tor it can not be used to put you under meatspace surveillance unless they manage to identify you (facial recognition from CCTV cameras, etc).

If you are operating as part of a group you can avoid membership revealment attacks via smart organizational policy. The person responsible for communicating with customers should be different from the person shipping orders. Now the customers are incapable of determining where your actual rough geolocation is because product is sent from a different geographic area than you communicate from. Your shipper should be aware that they will potentially come under scrutiny via a geolocation + membership revealment attack, especially if they use Tor to enter traffic.

nother option is to configure Tor to use a bridge. Tor bridges are designed to allow people in nations such as China the ability to connect to the Tor network. China uses IP address based blocking to prevent users from connecting to known Tor nodes. Bridges are Tor entry guards that are not publicly listed and have a limited distribution mechanism. You can get some Tor bridge IP addresses from the Tor website. We do not suggest you use Tor bridges because they replace your entry guard and they are under crowded. This will lead to a lot less multiplexing on your Tor circuit and can hurt your anonymity in other ways, although it will indeed offer some level of protection from membership revealment attacks. China has managed to detect about 80% of Tor bridges, it is likely that NSA knows all of them. Police agencies in the West are probably not yet particularly worried about locating bridge nodes but they can probably do so with near the same accuracy as China. In our opinion it is not smart to rely on a Tor bridge to protect you from membership revealment attacks in most cases.

Step Four: Know how to do safe product transfer, handle finances safe

Note: Although customers sourcing from Open Source are encouraged to take the best security measures they can, it is not likely required for them to utilize advanced operational security regarding mail (such as fake ID boxes, tactical pick utechniques, etc). Because the vendors allowed to be listed here have been highly screened it is likely safe for customers to have product delivered directly to their homes. If you only work with highly trusted and trusted vendors your biggest concern will be a package being intercepted!

 

07/5/12

The Deep Dark Web -Book

gAtO sAy -mEoW you all- we have a new book coming out soon “The Deep Dark Web” and just wanted to write this as the foreword for the book, I thought it was interesting …//looking for peer review of book…write us

This book is to inform you about “The Deep Dark Web”. We hear that it’s a bad place full of crooks and hackers, but it is more a place were you have total anonymity as an online-user and yes there are ugly places in the dark web but it’s a small part of it. What it really is all about it’s freedom of expression, freedom of speech worldwide, supported by “us/we” the users of the network. It’s not controlled by any government, but blocked by a few like Syria, Iran, Ethiopia, China to name a few governments that want to deny their own people free access to information, to speak freely about their grievances and unite to tear down there walls of oppression.

Pierluigi and I (gAtO) share a passion for cyber security we write different blogs Pierluigi has http://securityaffairs.co/wordpress/ and my site is uscyberlabs.com . We also write at other blogs and print media. We did’nt know it at the time but, we were writing cyber history as the 2011- 2012 cyber explosion took off we were at ground zero writing about Stuxnet, HBGrays, the LulzPirates, Anonymous but the Arab Spring was an awaking :

The recent revolution in Egypt that ended the autocratic presidency of Hosni Mubarak was a modern example of successful nonviolent resistance. Social Media technologies provided a useful tool for the young activist to orchestrate this revolution. However the repressive Mubarak regime prosecuted many activists and censored a number of websites. This made their activities precarious, making it necessary for activists to hide their identity on the Internet. The anonymity software Tor was a tool used by some bloggers, journalists and online activists to protect their identity and to practice free speech.

Today we have lot’s of anonymity communication tools I2P, Freenet, Gnunet and Tor to name a few. Why did the TorProject.org Tor-.onion network become the facto application to get free, private, anonymized Internet access. My conclusion is it’s humble beginnings with “Naval Research Project & DARPA (Defense Advanced Research Project Agency) ” sponsored, maybe you heard of DARPA they kinda created the Internet a long time ago. The government wanted to have a communication secure media that would piggy-bak on the establish Internet. From my point of view when they saw how good this worked the government used it to allow it’s agents to quietly use the network for CIA covert operations (just to name a few alphabet soup government agencies that use it). For example a branch of the U.S. Navy uses Tor for open source intelligence gathering, and one of its teams used Tor while deployed in the Middle East recently. Law enforcement uses Tor for visiting or surveilling web sites without leaving government IP addresses in their web logs, and for security during sting operations.

Journalist got a hold of this tool and they too were able to file reports before governments agents censored their interviews and film footage. The EFF (Electronic Frontier Foundation) got a hold of the Tor-networks and promoted it to maintaining civil liberties online. When the common business executive visited a foreign country (like China know to monitor foreigners Internet access) they now had a way to securely connect to their corporate HQ data-center without being monitored and giving away IP (Intellectual Properties). The Tor-Network became to good and the bad guy’s moved in to keep their illegal business safer from the law. The Internet Cyber-criminal has used the claer-web since the start so of course they went over to the Tor-.onion network because it works if you use it right and keeps you anonymous online.

With all this happening and the “Year of the Hack 2011” you can see why security geeks like Pierluigi and I became intrigued with this subject and we teamed up to write this manuscript hoping to answer some of the questions our friends, and peers were asking us about this mysterious hidden world call the deep dark web. We outlined a table of content and started to write about it in our blogs and the story unfolds from here to you. We hope to educate you on how this network works without too much geek talk (ok just a little). We cover the cyber criminals and their ecosystem we cover the financial currency (bitCoins) that is replacing fiat currencies all over the world during this unstable financial times. We tried to cover all the good , the bad and the ugly of the .onion network. We hope it will answer some of your questions but I am sure that more question will come up so feel free to come to our websites and give us a shout and ask your questions about the deep dark web…. - gAtO oUT 

07/2/12

The future of the Deep Dark Web

gAtO tHiNk’S  -In todays world we want a little freedoms a little privacy online and more people will use encrypted methods to browse the web.-  Julian Assange said it best-I paraphrase-, in society we as a online-person have an expectation to certain rights of privacy and just want 3 basic things:

1.) Freedom of Communication

2.) Freedom of Movement

3.) Freedom of Economics

In todays world our technology-culture encourages people to give away every detail of our life away. On Facebook, Twitter, LinkedIn we tell people all kind of personal information. \\ everything you tell these website now belongs to them legally and they will do whatever they want with this data. They also want your shopping habits your reading habits and now they want to integrate it with other sites to extract more information. You don’t think so, how many cookies do you have on your computer??? -( I bet you don’t have a clue) what were you doing at 5:30pm last tuesday??? – Google knows, Facebook knows, Twitter knows —> they all know. They all know your friends and your enemies.

Today’s we are tied to cyberspace with almost ever aspect of our lives – Social – Economy – Culture – Political – Ethics – Money – Want’s – Desires – Greed – So me gAtO I want a secure -Freedom of Communication -Tor anonymized type networks for some of my personal questions.

 As more people use encrypted methods to browse the Web, it will become trickier for law enforcement agencies to intercept private communications in real-time, causing them to focus instead on tapping data that is stored in the cloud, according to the draft of an academic paper by a former privacy advisor to the Clinton Administration.

So this means that the legal beagles want to scare you more and more. I was just reading a post were someone said I don’t like to cruise the dark web because I’m afraid of Identity Theft…// In Tor-.onion network your secure with your identity, but if you log in to Facebook and start to give away your information well you just defeated what a Tor-style network does for you your anonymity is now gone.

Some segment of cyber-world will never need secure communication but we must ask what are our human values online? Are we ready to let everyone know the truth about oneself. The technology for anonymized network is here to stay and it’s not good or bad, but it’s powerful and a bit complicated. The watchers of the Watch need to keep our eye’s open for this one- gATo oUt  

 

06/6/12

ToR 0.2.2.36 is released

Tor 0.2.2.36 updates the addresses for two of the eight directory
authorities, fixes some potential anonymity and security issues,
and fixes several crash bugs.

We're going to be following it soon with 0.2.2.37, which works around
a bug in OpenSSL's TLS renegotiation (currently being tested in the Tor
0.2.3.16-alpha release). Stay tuned.

Tor 0.2.1.x has reached its end-of-life. Those Tor versions have many
known flaws, and nobody should be using them. You should upgrade. If
you're using a Linux or BSD and its packages are obsolete, stop using
those packages and upgrade anyway.

https://www.torproject.org/download/download

Changes in version 0.2.2.36 - 2012-05-24
  o Directory authority changes:
    - Change IP address for maatuska (v3 directory authority).
    - Change IP address for ides (v3 directory authority), and rename
      it to turtles.

  o Security fixes:
    - When building or running with any version of OpenSSL earlier
      than 0.9.8s or 1.0.0f, disable SSLv3 support. These OpenSSL
      versions have a bug (CVE-2011-4576) in which their block cipher
      padding includes uninitialized data, potentially leaking sensitive
      information to any peer with whom they make a SSLv3 connection. Tor
      does not use SSL v3 by default, but a hostile client or server
      could force an SSLv3 connection in order to gain information that
      they shouldn't have been able to get. The best solution here is to
      upgrade to OpenSSL 0.9.8s or 1.0.0f (or later). But when building
      or running with a non-upgraded OpenSSL, we disable SSLv3 entirely
      to make sure that the bug can't happen.
    - Never use a bridge or a controller-supplied node as an exit, even
      if its exit policy allows it. Found by wanoskarnet. Fixes bug
      5342. Bugfix on 0.1.1.15-rc (for controller-purpose descriptors)
      and 0.2.0.3-alpha (for bridge-purpose descriptors).
    - Only build circuits if we have a sufficient threshold of the total
      descriptors that are marked in the consensus with the "Exit"
      flag. This mitigates an attack proposed by wanoskarnet, in which
      all of a client's bridges collude to restrict the exit nodes that
      the client knows about. Fixes bug 5343.
    - Provide controllers with a safer way to implement the cookie
      authentication mechanism. With the old method, if another locally
      running program could convince a controller that it was the Tor
      process, then that program could trick the controller into telling
      it the contents of an arbitrary 32-byte file. The new "SAFECOOKIE"
      authentication method uses a challenge-response approach to prevent
      this attack. Fixes bug 5185; implements proposal 193.

  o Major bugfixes:
    - Avoid logging uninitialized data when unable to decode a hidden
      service descriptor cookie. Fixes bug 5647; bugfix on 0.2.1.5-alpha.
    - Avoid a client-side assertion failure when receiving an INTRODUCE2
      cell on a general purpose circuit. Fixes bug 5644; bugfix on
      0.2.1.6-alpha.
    - Fix builds when the path to sed, openssl, or sha1sum contains
      spaces, which is pretty common on Windows. Fixes bug 5065; bugfix
      on 0.2.2.1-alpha.
    - Correct our replacements for the timeradd() and timersub() functions
      on platforms that lack them (for example, Windows). The timersub()
      function is used when expiring circuits, while timeradd() is
      currently unused. Bug report and patch by Vektor. Fixes bug 4778;
      bugfix on 0.2.2.24-alpha.
    - Fix the SOCKET_OK test that we use to tell when socket
      creation fails so that it works on Win64. Fixes part of bug 4533;
      bugfix on 0.2.2.29-beta. Bug found by wanoskarnet.

  o Minor bugfixes:
    - Reject out-of-range times like 23:59:61 in parse_rfc1123_time().
      Fixes bug 5346; bugfix on 0.0.8pre3.
    - Make our number-parsing functions always treat too-large values
      as an error, even when those values exceed the width of the
      underlying type. Previously, if the caller provided these
      functions with minima or maxima set to the extreme values of the
      underlying integer type, these functions would return those
      values on overflow rather than treating overflow as an error.
      Fixes part of bug 5786; bugfix on 0.0.9.
    - Older Linux kernels erroneously respond to strange nmap behavior
      by having accept() return successfully with a zero-length
      socket. When this happens, just close the connection. Previously,
      we would try harder to learn the remote address: but there was
      no such remote address to learn, and our method for trying to
      learn it was incorrect. Fixes bugs 1240, 4745, and 4747. Bugfix
      on 0.1.0.3-rc. Reported and diagnosed by "r1eo".
    - Correct parsing of certain date types in parse_http_time().
      Without this patch, If-Modified-Since would behave
      incorrectly. Fixes bug 5346; bugfix on 0.2.0.2-alpha. Patch from
      Esteban Manchado Velázques.
    - Change the BridgePassword feature (part of the "bridge community"
      design, which is not yet implemented) to use a time-independent
      comparison. The old behavior might have allowed an adversary
      to use timing to guess the BridgePassword value. Fixes bug 5543;
      bugfix on 0.2.0.14-alpha.
    - Detect and reject certain misformed escape sequences in
      configuration values. Previously, these values would cause us
      to crash if received in a torrc file or over an authenticated
      control port. Bug found by Esteban Manchado Velázquez, and
      independently by Robert Connolly from Matta Consulting who further
      noted that it allows a post-authentication heap overflow. Patch
      by Alexander Schrijver. Fixes bugs 5090 and 5402 (CVE 2012-1668);
      bugfix on 0.2.0.16-alpha.
    - Fix a compile warning when using the --enable-openbsd-malloc
      configure option. Fixes bug 5340; bugfix on 0.2.0.20-rc.
    - During configure, detect when we're building with clang version
      3.0 or lower and disable the -Wnormalized=id and -Woverride-init
      CFLAGS. clang doesn't support them yet.
    - When sending an HTTP/1.1 proxy request, include a Host header.
      Fixes bug 5593; bugfix on 0.2.2.1-alpha.
    - Fix a NULL-pointer dereference on a badly formed SETCIRCUITPURPOSE
      command. Found by mikeyc. Fixes bug 5796; bugfix on 0.2.2.9-alpha.
    - If we hit the error case where routerlist_insert() replaces an
      existing (old) server descriptor, make sure to remove that
      server descriptor from the old_routers list. Fix related to bug
      1776. Bugfix on 0.2.2.18-alpha.

  o Minor bugfixes (documentation and log messages):
    - Fix a typo in a log message in rend_service_rendezvous_has_opened().
      Fixes bug 4856; bugfix on Tor 0.0.6.
    - Update "ClientOnly" man page entry to explain that there isn't
      really any point to messing with it. Resolves ticket 5005.
    - Document the GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays
      directory authority option (introduced in Tor 0.2.2.34).
    - Downgrade the "We're missing a certificate" message from notice
      to info: people kept mistaking it for a real problem, whereas it
      is seldom the problem even when we are failing to bootstrap. Fixes
      bug 5067; bugfix on 0.2.0.10-alpha.
    - Correctly spell "connect" in a log message on failure to create a
      controlsocket. Fixes bug 4803; bugfix on 0.2.2.26-beta.
    - Clarify the behavior of MaxCircuitDirtiness with hidden service
      circuits. Fixes issue 5259.

  o Minor features:
    - Directory authorities now reject versions of Tor older than
      0.2.1.30, and Tor versions between 0.2.2.1-alpha and 0.2.2.20-alpha
      inclusive. These versions accounted for only a small fraction of
      the Tor network, and have numerous known security issues. Resolves
      issue 4788.
    - Update to the May 1 2012 Maxmind GeoLite Country database.

  - Feature removal:
    - When sending or relaying a RELAY_EARLY cell, we used to convert
      it to a RELAY cell if the connection was using the v1 link
      protocol. This was a workaround for older versions of Tor, which
      didn't handle RELAY_EARLY cells properly. Now that all supported
      versions can handle RELAY_EARLY cells, and now that we're enforcing
      the "no RELAY_EXTEND commands except in RELAY_EARLY cells" rule,
      remove this workaround. Addresses bug 4786.
05/31/12

Monitoring Cyber Iran and Syria in the ToR network

gAtO wAs mOnItOrInG – bad ToR-Relays and found that during this unrest in Iran and Syria. We have 17 bad ToR-Relays 95% in Iran and Syria. This is how the shut down the network to suppress information communication securely to the outside world. Time stamp is 05-31-2012 00:52:05 MET.
Tor Network Status – http://torstatus.blutmagie.de/index.php you can find all kinds of information about the .onion relays that make up the networks.
While back in cyber world —:Stuxnet – Flame – I can tell you that lot’s of Iranian site use older web apps , cms, jommla and they have vulnerabilities.
http://uscyberlabs.com/blog/2012/02/10/1890/
But they are educated and everyone learns from being attacked. When you underestimate your enemy you are going to lose.
Example :-gAtO been working on a ToR project and last night I was monitoring the ToR-Relays for bad ones and 15 out of 17 -ToR-Relays all doing exit node were Iranian and Syrians all bad and compromised. With the unrest in the news with Iran and Syria these two countries were playing with Tor-Relay nodes to extract exit information on dissidents. If they catch some dissident posting anti-Iran, anti-syria online and they will find their IP and kill them. In the middle-east hacktivist may pay the ultimate price and the CIA and others are communicating with the rebels using the ToR-.onion network the invisible web takes on a new importance during crisis time.

All goes underground under the radar but it show’s that they have an active cyber policy, with countermeasure and surveillance. These guy are fighting back anyway they can.

Cyber and culture must be understood, the more you invest in your infrastructure the more vulnerable you will become and how a society integrates the technology into it’s culture will make changes, trust me business will love it but in the middle east religion is very important geo-political tool and propaganda is the number one thing I see while surfing the Iran. Syria websites.

Today I see “cyber ambiguity” from Israel –On Tuesday, a day after a Moscowbased security company revealed that a new cyber weapon called “Flame” had struck Iran, Vice Premier and Minister of Strategic Affairs Moshe Ya’alon fueled speculation of Israeli involvement by praising Israeli technological prowess in response to a radio interview on the issue.

Israel, he said, was blessed with superior technology. “These achievements of ours open all kinds of possibilities for us,” he said.

Prime Minister Binyamin Netanyahu said when he spoke that evening that when it comes to cyberspace, the size of a country is insignificant – but that there is great significance to a country’s “scientific strength, and with that Israel is blessed.”
http://www.jpost.com/Features/FrontLines/Article.aspx?id=272264
As all these state actor play cyber games with cyber war, gATo will keep monitoring the ToR network to look and see and learn about societies in cyberspace -gATO oUt

05/30/12

Hide SCADA in the ToR network – ..-hiding in plain site..

Hide SCADA in the ToR network – ..FREE-hiding in plain site..

any internet connection 2-ToR

gAtO cAn -now provide your company a FREE .onion network – reliable 24/7 secure / encrypted / untraceable communication between your SCADA systems talking to each other and the main office giving you real-time data from any remote SCADA  site. As an example from Scheider Electric white paper on – Video Surveillance Integrated with SCADA – White Paper  – we can now take that physical video security of all your remote video assets and transmit them securely, encrypted and untraceable to anyplace in the world to your datacenter. When going in and out of the invisible .onion network, you can control the entry and exit relays so picking safe verified relays to use is easy, or you can use your own relays, the more relays the better the system becomes at making you more invisible. The more people that use it the more untraceable and unmonitored it becomes. This kind of SCADA  communication in the ToR- onion network redefines geo-political digital boundaries. Since it rides on any Internet connection it can be used anywhere.

in the ToR-.onion network merchants can’t spy on you and they can’t steal your information

Not if but when —business take over the ToR- .onion network it will change the landscape and give it more order but it will still give the user anonymity thats the key to this network your signal, your voice cannot be found but you can still communicate. The ToR- .onion network rides not on top or the bottom of the digital super-highway but thru it.

Let’s keep in mind that access to the ToR-.onion network is FREE to anyone and your company’s use of the network makes it safer for everyone since the more people use it the more unreachable-undetectable you become. But in business you also have to deal with hostile governments and protecting your people and assets thru a ToR .onion network becomes even more critical. You can still operate but be safe and secure in your business communications.

The ToRProject.org is something that is making an impact on the very lives of people that want to have a free safe secure voice. Just look at Mr Chen a dissident from China he was jailed because he spoke up about the disable in China. The ToRProject.com helps people like Mr. Chen speak and to remain in anonymity. But by adding real business -reays into the ToR- .onion network we will give these people and the business more transparency, it makes you more invisible on the internet. You can donate to the ToR project and it’s a 501(c), so it’s deductible. Look at the donors list and see who support this invisible network. U.S Naval Research, National Science Foundation- DARPA – National Christian Foundation are some of the people supporting the ToR Project, it’s not so bad if they use it— see lab Notes below -

How you gonna hack what you can’t find, can’t see and can’t trace to you?

Just think mr. bankers a free secret untraceable encrypted-communication place were you can do your banking deals -in secret- and nobody but you and your closes friends know it even exist, not the government, not your spouse and harder for criminals to find your valuable data. It hides you in an Internet bubble of packets were nobody knows who you are or how to find you. Try can’t even tell it’s a ToR- .onion network it hides it’s signal to blend into the bit’s and bytes of the landscape in the digital noise.

Technically it pretty cheap get the free software as many copies as you need FREE!!! No volume pricing no updates FREE!!! Once your computer that talks to the internet hooks up to a ToR- Relays it’s in the matrix. If you add your own ToR-Relays you can use trusted Relays as entry and exit nodes into the ToR-.onion network so you can let the program use it randomness or choose a path into a FREE invisible communication media accessible from any Internet connection. -

The ToRProject.org is currently still fighting censorship and monitoring in China, Iran, Syria and others were people are being killed and sent home in small boxes to their relatives. Because that person could not use a ToR-network access to his gmail account that was monitored they showed him his emails and his guilt and killed him. That’s how brutal it can become if you cannot have a safe secure access to a basic email to communicate with the world. Government will kill you for what you say. Donate to the ToRProject.org

It’s easy -if all else fails call the gAtO I can help your business become invisible in/on the Internet- gATO oUt.

We use the ToR network for all communication in SCADA systems.  Here are a few SCADA White papers try them with ToR- .onion Networks.

 

lab Notes— gAtO 5/29/12

Tor: Sponsors

The Tor Project’s diversity of users means we have a diversity of funding sources too — and we’re eager to diversify even further! Our sponsorships are divided into levels based on total funding received:

Magnoliophyta (over $1 million)

Liliopsida (up to $750k)

Asparagales (up to $500k)

Alliaceae (up to $200k)

  • You or your organization?

Allium (up to $100k)

Allium cepa (up to $50k)

Past sponsors

We greatly appreciate the support provided by our past sponsors in keeping the pre-501(c)(3) Tor Project progressing through our ambitious goals:

WiKi-Pedia

http://en.wikipedia.org/wiki/SCADA

SCADA (supervisory control and data acquisition) generally refers to industrial control systems (ICS): computer systems that monitor and control industrial, infrastructure, or facility-based processes, as described below:

  • Industrial processes include those of manufacturing, production, power generation, fabrication, and refining, and may run in continuous, batch, repetitive, or discrete modes.
  • Infrastructure processes may be public or private, and include water treatment and distribution, wastewater collection and treatment, oil and gas pipelines, electrical power transmission and distribution, wind farms, civil defense siren systems, and large communication systems.
  • Facility processes occur both in public facilities and private ones, including buildings, airports, ships, and space stations. They monitor and control HVAC, access, and energy consumption.

A SCADA system usually consists of the following subsystems:

  • A human–machine interface or HMI is the apparatus or device which presents process data to a human operator, and through this, the human operator monitors and controls the process.
  • A supervisory (computer) system, gathering (acquiring) data on the process and sending commands (control) to the process.
  • Remote terminal units (RTUs) connecting to sensors in the process, converting sensor signals to digital data and sending digital data to the supervisory system.
  • Programmable logic controller (PLCs) used as field devices because they are more economical, versatile, flexible, and configurable than special-purpose RTUs.
  • Communication infrastructure connecting the supervisory system to the remote terminal units.
  • Various process and analytical instrumentation

 

05/28/12

We live in a cyber surveillance Planet

We live in a cyber surveillance Planet- On this memorial day I think of my brothers in Vietnam who never made it back, Chet and Monty never came back. Well Monty came back but half of his brain was gone and so was my friend who taught me to play guitar. Chet taught me how to get a girl to kiss me, while learning the pentatonic scales on my first guitar in L.I.C high School– They are the reason why I’m writing this today in their honor, in their name.

Chet, Monty welcome home—

gAtO tHiNkInG- your OS is spying on you and so is your: application, your browser plugins, Cookies, Extensions, Shockwave/Flash, Java, QuickTime, PDF and DOC, XLS, PPT any time you open a document you leak information, you leave a digital bread crumb that they can collect it, and sell it on the open market and you have no say so. Meanwhile they scare you be telling you only the criminals use the ToR network, why because they cannot collect information about you, you are invisible to them and they don’t like it when you play there game by your rules not theirs.

silent information is being collected about us

silent information is being collected about us -in the cyber surveillance World

— cameras are everywhere you have nothing to worry about from these device -because your cell phone is your worse enemy, it carries more personal information about you than you think and they -business, politicians and law enforcement knows it. Just take a picture with your iPhone, the geo-location information and other data will be part of the metadata that is in the picture, that’s the way they caught the hacker w0rmer -Teamp0is0n growp-  he took a picture of his girlfriends boobies…She lived in Australia and they traced it back to Texas and got him…

 

Higinio O. Ochoa III: FBI led to Anonymous hacker after his girlfriend

www.dailymail.co.uk/…/Higinio-O-Ochoa-III-FBI-led-Anonymous-h…

Apr 13, 2012 – The picture shows a woman from the neck down with a sign attached to her stomach, reading: ‘PwNd by w0rmer & CabinCr3w 

In order to control us (the sheep and dogs) the political’s in their essence of powers that we give them, seek to extend the ability of law enforcement agencies to have access to all Internet traffic data, a power that they largely already have when it come to conventional telecommunications, or email services. But they want more and more. Everything that you have typed as a message: the identity and time of your facebook chats, your facebook likes, your twitter feeds and mentions too, the log of the visits to all web-pages, the clicks on on-line polls, the location data your phone sends to access on-line location services, the times and places you were in the same chat room with your friends, your on-line friends, etc.

Basically it’s like having a cyber policeman following you around 24h a day / 7 days a week, and making notes about where you have been, what you have looked at, who you are talking to, what you are doing, where you are sleeping (and with whom), everything you bought, every political and trade union meeting you went to, … – Traffic data provide an X-ray of your whole life, and the policy suggests they should be available to law enforcement and the intelligence services without any judicial oversight (only political review or police oversight). That is why the ToR network comes at a time like this when all this is happening.

Who Uses the ToR network:

  • Normal people
  • ? Law Enforcement
  • ? Human Rights Activists
  • ? Business Execs
  • ? Militaries
  • ? Abuse Victims
  • ? https://torproject.org/torusers
  • Governments

Here is a recent example of cyber covert war:

These are some of the covert-cyber-Ops that our government is doing. They use ToR network so the enemy does not see a .gov or .mil address, in the matrix you could be from Germany to China your information is confidential and you can proceed with your hacking at the enemies website and they will never know it’s you.

pOwEr tO tHe pEoPlE

May 24, 2012 Clinton Reveals Cyber-Warfare Tatics Against Al-Qaida:

Mrs Clinton said the hacking was conducted by the Centre for Strategic Counterterrorism Communications, based at the State Department, with expertise drawn from the military and the intelligence community. The State Department’s activities are part of online efforts to stem the spread of radical Islamist ideology that stretch back at least a decade.

The US Central Command had a team that monitors blogs and forums, targeting those that are moderate in tone and engaging with users, said Major David Nevers, former chief of the team. ”We try to concentrate our energy and efforts … [on] those who haven’t been radicalised. The idea is to go where the conversation is taking place, using … extremist commentary or propaganda as a jumping-off point to people who are listening in.”

Evan Kohlmann, a terrorism consultant who tracks jihadist websites, said the tactic could harm al-Qaeda’s image among potential recruits but questioned its effectiveness on the ground.

”If you’re already living in Yemen and in a tribal area, you probably don’t need to go to a website to join al-Qaeda,” he said.

Read more: http://www.smh.com.au/it-pro/security-it/us-hackers-take-cyber-war-to-alqaeda-sites-20120524-1z7rs.html#ixzz1w7P5y7S6

This was a lame hack in my humble gAtO opinion

We don’t need a total surveillance state- we already have one and they are monitoring us, and we are under cyber surveillance at all times. So escape use the ToR network and be a little more secure. When the Bilderberg group or the Skull and Cross or other groups of political/monetary influence meet their number one fear is that the mass now have a way for total anonymity. They (dogs) want to know what the sheep are doing, the need to herd the sheep is ingrained in their dna- to rule us- to protect us-.

This “ruling class” think’s that they can scare into not using the ToR network, telling us it’s only the criminals that use the ToR Network. The cyber surveillance world we live in is fracturing, and they want total information control about US, but not on them——— join us in the .onion network and be free from surveillance— gAtO oUt. 

ToRProject.org

04/15/12

Latino Anonymous Phenomenon

gAtO hAs- been following the Anonymous Phenomenon since it began a few years ago but gATO have also seen this year especially an ever increasing Latino flavor to Anonymous. As the Arab spring has taught people that are oppressed to band together and fight Latino Nations have also been targeted more and more. I know

ViVa CYbEr LaTiNos

that Latino Nations like Brazil has a great digital infrastructure and it’s a fact that as more and more countries integrate their digital infrastructure to support business and commerce the population have also adapted to this especially in the Smart-Phone and game console market. These devices have enabled many who were digitally oppressed to venture into the web. As we move into the digital world we of course become more vulnerable to the pit-falls of the web.

bIg mEoWs 2 LaTiNoS – I am glad that we are doing something online to make it a better world

gAtO is Latino born and I can tell you in some Latin Nations the government is oppressive so I can see why Anonymous and hacktavism is attractive and we see this phenomenon all over pasterbin more and more posting of the “el presidente” and such get hacked. Below I have included some of the current hacks – Columbia, Mexico, Spain and Brazil all kinds of latinos have banned under the Anonymous umbrella and learned that together they can fight to change their country and the world. Another thing is Latinas (yes the ladies) are more and more pressing the hacks and “Tango Down” has become not only a dance but a chance to feel strong, to feel free and empowered to do better for their families and friends  -gAtO oUt

Columbia

Web Hive Operation Colombia

http://pastebin.com/dAAbY97X”>http://pastebin.com/dAAbY97X

Mexico

********HACKED BY XEESOFT & IDEPENDENCIA MEXICO #SECTOR404*********

http://pastebin.com/thRF8qSC”>http://pastebin.com/thRF8qSC

Mexico helps Colombia hackers

Spain

http://pastebin.com/SGVw1xHB”>http://pastebin.com/SGVw1xHB

Brazil

http://pastebin.com/3SaeLMVd”>http://pastebin.com/3SaeLMVd