Anonymous Web-host shut down, owner arrested; Tor users compromised by Javascript exploit

Originally posted by DivisiveConformity

Originally posted by MidnightTide
perhaps people will stop this anonymous protesting

Protecting your identity isn't protesting. It's using your rights as a human being.

not all see it that way. a tyrant is a tyrant. a human is a human ... polar almost the opposite

god speed!

I don't get why people think it's a good thing to take down TOR and the dark web.

I don't use it myself, but it is/was the only way to surf without being under the eyes of big brother.

Once it's gone then you'll have no option but to be watched online by TPTB, and if you look at something they don't like, you'll be arrested.

Plus of course they're going to tax internet use which will kill the net.

We now also have this propaganda being released to "justify" the UK governments plans to police the web:

www.bbc.co.uk...

Just look at that and think about it.

They know that people aren't stupid and understand that child porn isn't on the normal web, so they need to concoct some stories.

Read these snippets from the BBC story I linked to and THINK about what they're doing:

Dozens of businesses have been hacked and their computer servers used to host images of child sexual abuse, the Internet Watch Foundation has said.

The charity said legal pornographic sites had also been attacked to redirect users to the illegal material. The offending material was sometimes accompanied by malware, it said.

This is trying to create the impression that we need protecting because it's being put on the normal web on the websites of poor innocent companies. It's also creating fear re malware.

They included images of newborn babies and the rape and violent sexual abuse of very young children, it said.

If you dare to complain about what they're going to do infer you support the distribution of these kinds of images.

We hadn't seen significant numbers of hacked websites for around two years, and then suddenly in June we started seeing this happening more and more," said the IWF's technical researcher, Sarah Smith.

They're trying to make out this is a major widespread problem, and yet:

The charity said more than two dozen businesses across the world had had the servers they used compromised, in addition to the furniture seller.

TWO DOZEN out of all of the TENS OF MILLIONS of websites out there!

It shows how someone not looking for child sexual abuse images can stumble across it. The original adult content the internet user is viewing is far removed from anything related to young people or children.

Children's charity the NSPCC urged anyone coming across abuse images to report them immediately, saying "something like 16% of men in particular" were failing to do so.

How can they possibly come up with this figure, it's ludicrous, and note "men in particular" - is this to try and get women onside, is that why they mentioned rape of babies earlier, to appeal to the maternal instincts - and because they figure more men than women watch porn?

We really encourage them to report it because potentially you'll then have a thumbnail of that image somewhere hidden in your computer system even if you only clicked on it for one second," said spokeswoman Claire Lilley.

So basically this is the line that's being taken, to summarize their approach:

Images of poor babies and children being abused are being put by evil nasty MEN on the servers of poor innocent companies.

There has been a sudden surge in this kind of behaviour (of a whacking 25 websites worldwide), so clearly it needs action.

16% of MEN (quite how they arrived at these figures in unknown, it would seem to be impossible to actually know) don't report these images, presumably because all men who look at pornography or stumble upon these images are evil paedophiles, or at least have the potential to be.

If you do stumble across these images you must report them because you might have it stored on your computer, which might lead to you being prosecuted for being a perv at a later date.

Conclusion:

They're playing to the basest emotions, using the same old tricks to win an argument by default, since to criticise automatically makes you as bad as the perpetrators.

They're appealing to women here since they figure most porn is looked at by men, therefore "x% of men don't report the images" - to frighten women into thinking all men are potential pedos, so they'll therefore support the ban on porn, and more worryingly the ban of any website the government don't like.

This is the pathway to a totalitarian state where everything you can and cannot do is decided for you, everything you do is observed, and if you step out of line you're dealt with.

Plus we'll be paying an internet tax before long to "pay for protecting the children" etc.

It's a sham, it has nothing to do with child porn, it's to do with controlling us all and taking away our freedoms.

For fecks sake, PLEASE WAKE UP everybody.

reply to post by Hefficide


Cheers Heff, I've only used the browser once or twice, just getting a bit paranoid about it all now even though ive done nothing wrong , I will take a look at that thread.

No one should be surprised.
Everyone using the "internet" should realise that it is not, and can never be, private.

When companies such as Microsoft/Oracle/Cisco have had (literally) more money than a nation state and they CANNOT ensure security in software when they had an almost monopolistic grip on the market- this is all the evidence you need when it comes to small tech firms like the one on the OP.

In reality most developers who produce software dont even understand what is going on at the chip level so even if a system came out which passed all tests as secure on the internet; it probably didnt take into account chip architecture and the ability of manufacturers to introduce backdoors at the machine code level.

A great example of this Huawei.

They currently provide the main key public infrastructure (BT kit) for the UK government however are themselves un-trusted by the majority of the intelligence community as numerous (unsubstantiated it has to be said ) rumours have been circulating about backdoors/master switches.

TLDR: Whilst technology runs on chips that are manufactured by people other than the two parties wanting privacy; there will never be 100% security.

I see a future with homebrew tech borne out of 3 printing technology where we will have privacy but then there will be doubts about the printers inserting backdoors...

Hmm

Snowden goes public.

Urges people to use Tor.

Leave it a few weeks and suddenly Tor is compromised.

Coincidence?

reply to post by Jukiodone


There'll always be a way to get access to your communications even if you build your own processors from bare metal, the operating system, hardware drivers, web browser, network cables and even your own router. At some point you have to send/receive data from outside your internal network. At that stage you're pretty much SOL. Maybe your ISP is recording your communications, maybe the government is. Maybe one of the servers your data goes through has been compromised, or maybe someone has spliced into a cable somewhere. Even if ALL of that infrastructure, hardware, firmware and everything in between is 100% secure, then there's still the possibility that someone is sitting in a car a few blocks away with some exotic equipment (that apparently already exists) that can guestimate what you're typing according to the delay between key presses, or what you're looking at by the light shining off your monitor, or whether you are sending an e-mail by analysing the electrical signals passing by an interferometer.

End of the day you should assume everything you do online can and is being tracked. To think otherwise is absolutely daft.

Where is anonymous when you need it to fight against the evil usa policies affecting everybody wolrdwide ?
Wait a minute i know, still playing with these stupid Dos attacks leading nowhere

I thought that it wasn't possible to compromise TOR.

Originally posted by Wrabbit2000
reply to post by PhoenixOD

 

Whoa.... This is a shock

Only to privacy/anonymity novitiates

TOR was considered safe.

Only to privacy/anonymity novitiates

TOR is a great anonymity tool, nothing better, still is, in the right hands with the right, educated user.

Originally posted by neformore
Hmm

Snowden goes public.

Urges people to use Tor.

Leave it a few weeks and suddenly Tor is compromised.

Coincidence?

Good point Nef.

And although I am 100% against anyone, or any group that would use, distribute, or engage in Child Pornography, it seems convenient that they use this as a method to close this down.

Given the claims being made how many people are going to argue against a Child Pornography villain.

Originally posted by DYepes
First off, that really sucks for anyone who left Java activated. It does specifically outline that doing so will make the machine vulnerable. Java is butt, it has screwed up this damn site with its weird ads as well. I like browsing ATS with tor just so it kills all the ads. I cannot post though, as I stated in my sig. Some have said how slow browsing with Tor is, but I have found it speeds up my visits to many sites. I like it because I can skip all the garbage Java ads on this and many other sites that practically freeze up and constantly crash my IE. Hell when I use IE on this site alone, I crash about 35-40% of the time at some point in my visit. Real pain in the arse that is. I also like to keep the trackers disabled because I am tired of targeted advertisement, it feels like the mirror is staring back know what I mean?

And the second and MAIN point I would like to make, In YO FACE to all the fools hailing bitcoin as some kind of renaissance and future of currency. I cannot for the life of me ever understand why anyone would have put in any faith in a virtual currency that had no kind of stability to begin with. Might as well buy World of Warcraft money or any other currency from a video game.

edit on 8/4/2013 by DYepes because: (no reason given)

And yet you carry around a virtual currency in your pocket everyday....Your money is just paper backed up by "faith and credit" whats the difference?

I think you all remember a couple of years ago there was a registered paedo political party in the Netherlands and the world going bonkers about it. Yeah?

Well, while people were outraged there could even exist such a thing there was only one real reason it existed - names, numbers and home addresses of self proclaimed pedophiles were given to the government on a plate, by themselves. That party was abolished in 4 years time and a lot of it's members are in jail now.

Tor is exactly that, a bait. Has always been. For all kinds of people with secrets. I am glad they are getting caught with their pants down. Some - literally. No wonder only men are writing in this thread, whining about not being able to watch certain YT videos without beloved Tor

..and if you happen to be a political dissident from Iran using Tor, there is 0% chance FBI will come knocking on your door.

To quote myself from just a short while ago on this very website regarding tor:

Originally posted by PsykoOps
If you make a secure website you do not include java or _javascript elements. Noone is going to trust a site that has those kinds of stuff. No flash either. Those can be used to reveal your real ip to the website thus making tor useless.

reply to post by Exitt


You do realize this was one single web host in internet?

reply to post by PsykoOps


You do realize that is just the beginning?

Tor is designed as a database of sorts, people using it want to stay anonymous. The government likes to know why so they gave them Tor. It was never a secure web browser. Those do not exist on the i n t e r w e b.

Can you give any evidence for that? Or should I just take your word for it.

Originally posted by TheOd

Originally posted by Wrabbit2000
reply to post by PhoenixOD

 

Whoa.... This is a shock

Only to privacy/anonymity novitiates

TOR was considered safe.

Only to privacy/anonymity novitiates

TOR is a great anonymity tool, nothing better, still is, in the right hands with the right, educated user.

You know, the insults really aren't necessary? Believe it or not, not EVERYONE lives in a world of wall to wall raging paranoia to be jumping at the idea of everything in creation being monitored, recorded and outright owned by TPTB.

In fact, as I noted? There are a good number of people in Syria, Iran and Egypt who, over the last 18+ months have trusted their very LIVES to the security of the TOR network and it's structure. They're still alive. It HAS worked outside of compromise to the browser itself. In fact, it's been the lifeline and core savior to a number of groups in that category of need for the services TOR has generally provided.

well any idiot using java inside tor deserves to be rounded up and put in a concentration camp lol.

java is a hackers dream.

while it is bad for some people as wrabbit mentioned above, there is the flip side and hopefully a lot of the undesirables that used TOR/FH will have some explaining to do.


Posted Via ATS Mobile: m.abovetopsecret.com

reply to post by rayuki


java and _javascript are not the same thing. Java is still off in TOR browser bundle. Noscript by default blocks basically anything but plain jane HTML, you have to temporarily allow everything on a per site basis, or add a site to whitelist. The devs at TOR thought it was a great idea to allow scripts globally because there were people too stupid to figure out how to rightclick to allow them. "Dumbing down" TOR for morons was a horrible idea.

reply to post by PhoenixOD


Always, always ALWAYS combine TOR Usage with a VPN.

I can't stress that enough. And, if your savvy enough to get TOR working, then you should using it on a linux based OS. Even if your browser was hijacked by _javascript, the only IP they would have is that of the VPN.


There are a TON of low cost VPN's out there that do not keep logs, and support P2P as well.
So, in essence, it works like this -

You --> You + VPN = VPN(You) --> VPN(You) + TOR = TOR(VPN(You)) --> Internet

() Represent layers of protection.

You should also use a secure linux distribution if you are really concerned about your privacy.
You can download VMWare player for free (I think) and download readily available secure browing linux distributions that absolutely do not do anything other than allow for secure browing of the web.

Proxychains and other software like it are invaluable for ensuring your connection is sockisifed / proxified / torified.

Anyway, Torrent Freak maintains a great list of low cost VPN services that take privacy seriously.