Discussion in 'BlackHat Lounge' started by Dajana, Jun 28, 2013.
I can help you but I charge $1000
Thanks for your reply. You have experience with this issues? I mean have you offered a secure system before for a similar situation?
Security isn't an add-on. It depends on the requirements (what type of things do I want to keep safe, what roles will be allowed to share what, how many people need access, what is the sophistication of the attacker etc). And you haven't mentioned them, so...
That said, reading the proposed solution, it 's based on the assumption that the local computers are safe (won't be hacked). Well, if they are, what 's the reason for using a VPN and remote computers instead of working directly with those? The VPNs and remote computers don't constitute a defence if the local computers get compromised - the attacker will simply use them as pivots and gain access there as well.
You 've got lots of points to cover. What I don't get is if you are already targeted, don't they already know who publishes your stuff? Doesn't that tie you to the the information? Or they need hard proof? Or is the website owner anonymous so far?
We have not published anything yet, the project has not been launched yet. We are worried about the investigation stuff that will be published in some weeks. And for that, yes they will need names, as you said hard proof. I just talk to the tech guy a few minutes ago about the points you posted, and he clarify me that the information of the local computers are probably being seen, he talk to me about some kinda of equipment that could capture cell phone calls, sms, wifi, cookies info(?), ahh... i'm getting lost in all this.
Maybe we are already fucked, maybe we are not yet but we will be soon even with our best effort to avoid this.... but we want to try, we really want do our best try to protect ourselfs.
That kind of equipment isn't available to just anyone with enough money. If you 're going to become a serious target of some 3-letter agency, there 's no real defence in terms of anonymity. You can try, but don't bet your lives on it.
1. You do not afford to make mistakes. One mistake is enough to get exposed.
2. It is a matter of how good your enemy is. Is one thing to hide from a hacker and another way to hide from organized crime and yet another one to hide from police and yet another one to hide from FBI and another one to hide from NSA.
3. Complete/perfect anonymity is possible but imposes extreme limitations and also may require you to break the law or find a way around paper trails and money trails.
This forum is far from the best resource on this topic. I recommend you look over the stuff at Electronic Frontieer Foundation, hackforums.net, SANS, etc. I'm quite a noob in this area but I know enough to realize that getting this right 100% is an extremely demanding job. Especially since you're a team of people, one mistake from one of you can screw you up.
VPNs hide you only from civilians, the will give up your data if they get a subpoena/court order.
Proxies are EXTREMELY dangerous and you risk a lot using them. That unless you run your own proxy servers.
Most techniques and software advertised as increasing security/anonimity, actually is a bigger security/anonymity hole if you don't understand its dangers and how to correctly use it and most importantly your enemy.
Frankly, lacking even most basic knowledge like it seems is the case, you're an easy target for somebody skilled. I know that's not reassuring but is what I think. Is like expecting that somebody can teach you in 1 hour how to survive in the jungle during Vietnam War, against people that have been there fighting for years.
GSM can be intercepted and spoofed easily if they are in proximity with you - they impersonate the carrier cell antenna by broadcasting a stronger signal and requesting a disconnect from the phone. Also GSM encryption algorithm has been cracked so is vulnerable.
3G encryption afaik hasn't been cracked but don't know anything about posibility to spoof the carrier cell tower.
WiFi triangulation is also possible without much effort.
Credit Card, Passports with chip, etc. - the data on them can be stolen.
Skype and many other software and services has governmental backdoors. Best best is with Linux and 100% open source software and encryption at every level (FDE/LUKS or TrueCrypt if you need plausible deniability).
3-letter agencies can hack anything because they "own" the networks. They can even do voice recognition on cell phone or voip intercepts. They can even pickup radiation form your laptop's LCD from a block away and replicate the image you see on another computer.
However, considering your lack of knowledge about even the most basic stuff, I think your greatest weakness is the human factor. With all the technology/encryption/anonymity in the world, if you the user don't know what is a hazard and what is safe then you're pretty much fucked and likely to make mistakes.
If you want to do any disclosure of sensitive material, you best bet is to get help from somebody like WikiLeaks. That being said, do you truly trust WikiLeaks to be what it is advertised as being? Also, keep in mind they're targeted and watched all the time so by affiliation you become a target.
Wow, thanks for you reply madoctopus. Yeah you are right, my main worry is the human factor too (im very aware of my lack of knowledge) . Something that I have not clarify is that they are not a 3 letter agency. This situation is placed in my country, and is a local issue that worries only to these people, yeah they have good resources but I bet they are not the top guys on these stuff. So maaaybe we have a chance. I will check the stuff you posted. Thanks a lot!
You should really just drop the idea, no need to get involved with your countries government over some bs that isn't going to make you any money and can land you in jail.
Is this for real? That's crazy!
That 's so old tech I remember reading about it when we still used CRT screens A faraday cage should stop it though. Some manufacturers make screens that radiate less, for gov use mostly.
There was a PoC project on freshmeat some years ago that used to intercept AM frequencies from CRT, that was fun!
A few pointers. PGP for encrypting your email is safe and in a team of 10 is more than acceptable. Put all on an offshore, disk encrypted VPS. It can still be accessed while on but there are workarounds for that too and that's why you need it offshore. Set a VPN from your offshore VPS: you decide the cipher and encryption, no matter who's listening they'll end up with a bunch of garbage that needs to be decrypted and it's not as trivial as some ppl might love to think. Here the red flag might be raised from your provider for the very reason you're tunneling right from the get go, but -again- there's not much they can do. Or any MITM entity, for that matter...
If you're worried about the human error or laptop loss, you might want to implement a mechanism similar to those banking devices that generate a random number that's time-dependent. I'm not aware of anything ready, but the algos are on the wild so it's not too compicated if security is your absolute priority.
There are many more things to take into account, but this should be a good start
Does it only apply to CRT, or would LCD,LED and OLED also emit enough to detect a block away?
I suggest to learn about top security protocols download the TOR engine. www.torproject.com . Check out some forums there where all of the members are experienced criminals who hide from the government. They will help you learn or guide you in the right direction to resources where you can learn about this stuff. Even if you arent hiding from the government, obviously if you can hide from the government you hide from just about anyone.
@ShadeDream & jazzc & Roparadise - yes it is possible with LCD. Initially was for CRTs which radiated a lot and there are papers and studies on that. Then people thought doesn't works for LCDs but I found a paper from a university that did a DOD sponsored project which included finding a solution to do this on LCD and they were "partially succesful" which tells me by now the method works pretty well. Same concept can be used on a variety of EM radiation systems - from data cables to complex devices.
While I'd suspect is harder to do and more environment-dependent (signal vs noise), I am pretty sure can be done for LCDs and other flat panels too. They don't pick up necessarily the EM of the panel but the EM of the signal cable or VGA/HDMI/DVI port and/or internal circuitry of the monitor. I think this is how the university did it IIRC.
@sirgold: You can not do VPS full disk encription (FDE) because the underlying virtual machine manager can be hooked into and the encryption keys extracted. You can only do FDE on a dedicated server but is useless because FDE only protects when the computer is turned off. If the computer is on, they can do a Firewire attack and acces the RAM data or even if you shut it down, within a window of several minutes to an hour (if RAM is frozen/cooled) an attacker can do a cold boot attack.
@RedStain TOR is not really that secure. If you control enough nodes (and there aren't many) you can access the information. For certain purposes and for a certain usage is secure enough but not for everything.
@OP For mor einfo on what private security companies can do, google "WikiLeaks Spy Files" and read through the huge amount of data. I recommend at least the proposal for Lybia.
There are a huge number of attacks that can be done - from social engineering, hands-on hardware/phisical access (if it happens and they have skills this is the most dangerous), network intercepts, drive-by data gathering, etc.
Keep in mind that governments, law enforcement aencies and intelligence agencies of most if not all countries save traffic logs for ALL users. These are being extracted from the wire at the country-level internet connectivity nodes and sent through VPN wherever the agencies have their data center(s). Most keep these logs 1 year. Some more, some less. Stuff they save - all email traffic, all URLs visited, all IRC/chat, all established P2P connections (SSH connects, etc), etc.
Even if you're not going against a government but against a private entity if they have money, knowledge and influence they have access to tech and skilled people.
It is very very hard to give you any usable advice because I have no info (and don't think I care to know) on who is your enemy, what kind of money they have, what kind of influence, etc. and what you're trying to do and how.
Good luck but think hard and think long before you fuck up your life by going and poking the bear with a stick. Maybe you found amazin things that would expose politicians or whatever, maybe you found they like to rape little girls, maybe you found they do money laundring, whatever. Nothing new under the sun - happens now, happened 1000 years ago, will happen for the next 1000 years. Get over it and live your life and enjoy the nice things. The bear doesn't attack you if you don't go in his den to poke him with a stick.
I don't agree with this, sometimes it 's worth to fight for what you deem important regardless of the price.
Separate names with a comma.