Anon Archived Serious thread: infosec, opsec, guerrilla war, advice (8chan)
submitted ago by 2980539?
Posted by: 2980539?
Posting time: 1.9 years ago on
Last edit time: never edited.
Archived on: 4/19/2019 10:00:00 AM
Views: 308
SCP: 1
1 upvotes, 0 downvotes (100% upvoted it)
Anon Archived Serious thread: infosec, opsec, guerrilla war, advice (8chan)
submitted ago by 2980539?
view the rest of the comments →
[–] 16203736? ago
Safe Tor Usage
As a very long time Tor user, the most surprising part of the NSA documents was how little progress they have made against Tor. Despite its known weaknesses, it's still the best thing we have, provided it's used properly and you make no mistakes.
Since you want security of "the greatest degree technically feasible", I'm going to assume that your threat is a well-funded government with significant visibility or control of the Internet, as it is for many Tor users (despite the warnings that Tor is not sufficient to protect you from such an actor).
Consider whether you truly need this level of protection. If having your activity discovered does not put your life or liberty at risk, then you probably do not need to go to all of this trouble. But if it does, then you absolutely must be vigilant if you wish to remain alive and free.
Contents
[–] 16916220? ago
>>11699120
Bad intel to some extent, because you do not make it clear the government already has extensive coverage of those who it wants coverage of.
Case in point - I am a minor player online, though many here would have heard of me. They pick up my keystrokes as a type, and I have a real time monitor somewhere (and more). How I am not sure, I'd assume they got into my system through the provider using established backdoors. So I can use TOR, but I assume they are pulling data some other way. If you are genuinely a threat to the machine, they will find you wholly outside your use ot TOR and get on you by going around it. Even if your computer security were perfect, they would put Cameras in to grab screen shots.
I'm not saying not to use TOR, but you shouldn't create an image that defeating the machine is an easy, or even necessarily controllable endeavor. There is a ton of coverage on multiple levels, from social circle analysis, phone record monitoring, to probably a limited in-person level that actually has human reviews of everyone at some point in their lives.
And knowing how the world works somewhat, I would assume they pick up TOR traffic profiles at the point of entry (every company is comped), and if you use TOR you get in person coverage to figure out what your deal is, and what you are up to.
Check out the Tom Bauerle story to see what is out there, and what they are using. The Machine has stuff even the Navy SEALs wouldn't believe is out there.
[–] 16916224? ago
TOR is compromised from the start. It was literally made by the US government. It's an agency asset. Shills want you to use something that has built-in monitoring. TOR is not a good product.
[–] 16916221? ago
You need to be more specific otherwise you are just fearmongering.
[–] 16204233? ago
I was raided by CSIS and also the FBI has a 4 year profile on me.
In this profile are all the posts I made from behind proxies.
Nothing I posted from Tor however is in there.
Tor actually works and I can say this from experience in actually getting vanned.
[–] 16204239? ago
Which VPN provider did you use?
[–] 16204234? ago
Tor has always been safe. The feds use it to spam CP on sites (((they))) don't like (see: chans) forcing admins to block it so we're not able to post anonymously.
The people saying tor is """compromised""" are feds trying to deter people from being outside their eye.
[–] 16203953? ago
Tor in its' current state is of limited use due to too many nodes being taken over. It's the best run honeypot of the bunch. Best used when in foreign countries where internet to begin with is in its' early years and countermeasures aren't about. In the US, it's better to blend in outright on your more public platforms, to make it harder to be picked out of the crowd as it were. TOR is meant to serve as an auxilary protection for those going stealth, but is overly distinctive in current times(Due to lack of usage at large).
[–] 16204043? ago
Even if you connect to a node owned by the FBI, they still cannot know your identity. The only way for you to be infected is if you have SCRIPTS turned on, like javascript. There is no way of someone know your identity if you simply browse and post online unless you use a unique way of typing (some pedo who owned a large pedo site was only found due to typing "hiyas" in each announcement and some posts, they then searched for this usage of the unique word and found him on a facebook page advertising his pickup truck).
The only way anyone has found a TOR users identity is via a vulnerability in a script or if the user downloaded a compromised file. Make sure the site has HTTPS/TLS.