Feeling ambitious? Teach yourself mechatronics

I don’t feel nearly ambitious enough to try to learn mechatronics yet, since I still have to figure out how to do even basic hardware hacking.

Continue reading


Bittorrent – based chat

File-sharing company BitTorrent is at work on a chat product that makes use of a number of security techniques that effectively render it invisible to anyone trying to eavesdrop on your conversations. (Yes, like the NSA.)

It’s called BitTorrent Chat, and it relies on a decentralized, serverless system to shuttle messages back and forth across the internet. Continue reading

TOR basics

Don’t use Windows. Just don’t. This also means don’t use the Tor Browser Bundle on Windows. Vulnerabilities in the software in TBB figure prominently in both the NSA slides and FBI’s recent takedown of Freedom Hosting.
If you can’t construct your own workstation capable of running Linux and carefully configured to run the latest available versions of Tor, a proxy such as Privoxy, and a web browser, with all outgoing clearnet access firewalled, consider using Tails or Whonix instead, where most of this work is done for you. It’s absolutely critical that outgoing access be firewalled so that third party applications cannot accidentally leak data about your location.
If you are using persistent storage of any kind, ensure that it is encrypted. Current versions of LUKS are reasonably safe, and major Linux distributions will offer to set it up for you during their installation. TrueCrypt might be safe, though it’s not nearly as well integrated into the OS. BitLocker might be safe as well, though you still shouldn’t be running Windows. Even if you are in a country where rubber hosing is legal, such as the UK, encrypting your data protects you from a variety of other threats.
Remember that your computer must be kept up to date. Whether you use Tails or build your own workstation from scratch or with Whonix, update frequently to ensure you are protected from the latest security vulnerabilities. Ideally you should update each time you begin a session, or at least daily. Tails will notify you at startup if an update is available.
Be very reluctant to compromise on JavaScript, Flash and Java. Disable them all by default. If a site requires any of these, visit somewhere else. Enable scripting only as a last resort, only temporarily, and only to the minimum extent necessary to gain functionality of a web site that you have no alternative for.
Viciously drop cookies and local data that sites send you. Neither TBB nor Tails do this well enough for my tastes; consider using an addon such as Self-Destructing Cookies to keep your cookies to a minimum. Of zero.
Your workstation must be a laptop; it must be portable enough to be carried with you and quickly disposed of or destroyed.
Don’t use Google to search the Internet. A good alternative is Startpage; this is the default search engine for TBB, Tails and Whonix. Plus it won’t call you malicious or ask you to fill out CAPTCHAs.

Continue reading

Silk Road 2: Electric Boogaloo

The Silk Road 2, a hidden website modeled on the original Silk Road contraband marketplace, is regrouping as the users and single remaining moderator prepare for a Christmas lockdown. The group faced a setback on Friday when US and Irish authorities arrested moderators Andrew Michael Jones, Gary Davis, and Peter Philip Nash. A final moderator, Cirrus, remains on the site. The arrests happened in conjunction with the shut-down of the first Silk Road and are probably unrelated to the new version.

The site is currently “closed” to orders and will reopen after Christmas on the 28th. On the 22nd a moderator named Defcon allowed the site to remain open twelve more hours so users could withdraw funds. …

“Make no mistake – Silk Road is not dead, the marketplace is not compromised, and it will return after the break regardless of how this plays out,” wrote Defcon.

New markets that use improved cryptographic systems, including a service called the Marketplace, are on the rise. Users and admins claim that that they are ostensibly safer than the Tor-based Silk Roads. It is, as they say, business as usual on the DarkNet.
Continue reading