Topic: Hackers targeting Tor (Read 391 times)

Right, but it's difficult for me to forget how recently this was broken...

aptitude package manager (Debian, Ubuntu & derivatives thereof use aptitude) had an issue in springtime 2019 where an attacker could bypass the signature checking on packages. Combine that expolit with  subversion of DNS resolution for an aptitude repo and then an attacker could serve bogus software updates and packages to all Debian based boxes (not hard as aptitude was still recommending configuring http links because signing packages is infallible!)

fixed now of course, but does anyone really know whether a malicious actor knew this beforehand, and now every Debian based machine has the latest greatest rootkit installed? fixing aptitude doesn't matter in that worst case scenario.

That situation immediately got me looking for alternative models; source based package managers, such as those in Gentoo, FreeBSD, Crux, Nix, Guix etc are looking very attractive. Nothing stops bugs in these package managers either, but the situation with aptitude demonstrates that having a limited number of repo mirrors serving package binaries is a more fragile model than I'd previously considered. At least a similar such bug in source based package managers would also require a simultaneous attack against dozens of different source code repos too (although targeting e.g. gnu git servers would be simple but effective in those circumstances, all easier said than done of course)

And is the Tor Browser even available through Linux software repos? It's available through the torporject repo... but we're coming onto the topic of Tor Browser itself further down...



yeah, these people would be very easy to manipulate (hence the internal Electrum popup, which alot of people just assumed they could trust, because they didn't understand that popups could be coming from someone who is not the Electrum devs).



"unsolicited" popups literally haven't happened to me in years, it's possible I might be easier to trick because of that, provided the trick was clever enough.



Well, it's true that Tor Browser is little different than the regular Firefox browser. But even for users who don't use the tor network daemon from the Tor Browser Bundle (such as me), configuring Firefox to use Tor Browser's settings and plugins is not to be taken lightly... a large part of the Tor Browser set of presets is to make the browser difficult to fingerprint, which is a vast topic (which extends beyond the browser into the OS and the underlying hardware), so any small mistakes or oversights in a self-configured Firefox are guaranteed to weaken your anonymity.

As for satoshi... I get the feeling that maybe Windows was a way for satoshi to help obscure his/their identity further. It's pretty common for *nix users to also be proficient Windows users, or just capable of quickly learning the Windows way of doing something. What you're saying only underlines this point more: if satoshi really was using Windows the whole time while developing Bitcoin and communicating here on Bitcointalk.org, the chances that he was being surveilled by intelligence agencies are pretty high. It seems more likely that either being a Windows user was an elaborate smokescreen, or that satoshi was working with or for intelligence agencies all along. whether that's good or bad depends on what the objective of the Bitcoin project was



Yep, the Unix fundamentals and the C language are still incredibly relevant today. Android phones, all Apple devices and your home router are running and relying on those Unix basic components, and are reliable and secure in a large part because of Unix. And it's fundamentally the same as it was in the 1970's.

Microsoft are (and always were) a bunch of lazy crooks that won initially because they were well-connected in business, not because they had good products. Even if they produced some decent software since then (and I emphasize the "some"), both the foundations of their OS and their basic business ethics are irreparably rotten.

If you trust your distro official binary packages, you should know most distro sign their packages after compiling and the package manager verifies this in case they have been somehow tampered by a rogue mirror or such. This simple concept has somehow evaded the windows world, like forever, which is why they have to do it manually, which of course given the laziness of the average windows user, they never do.

A typical windows user is used to the idea that binaries are downloaded from random web pages, the concept of an official repository is alien to them. Microsoft attempted something with their software shop thing, but with little success. (Bad) habits are hard to break, especially when reinforced over decades of IT malpractice.

Do you still get pop ups? I'm surprised, none of my browsers are allowed to do it, and my Desktop Environment seldom does it, except the occasional Want to save? prompt if i forgot saving a document or such. In Windows i remember some malware faking the whole popup so even the "close" button triggers whatever it wanted to trigger, its just a lost cause, there is no salvation for that OS.

There is Tor, and there is Tor Browser, which is Firefox with Tor bundled and a bunch of preset settings. I don't particularly like Tor Browser, as you can point any browser to Tor anyway, but it was made for lazy people, especially in Windows where its harder to explain people how to configure things properly. It beats me how could people use Tor in Windows to begin with, kinda defeats the whole idea, but even Satoshi apparently made that mistake, ugh.

I don't mind the 70ies, it also brought us the C language and the Unix kiss principle. Microsoft and others actually got into shortcuts, and some other not very fair practices such purchasing companies to deliver products they never had in the first place (See historical IBM/Microsoft DOS deal).

Well this just shows how ironic things could fall into places. Sometimes being vigilant isn't enough, for there are lots of unexpected things that might happen in the most enexpected ways, it will be hard to manage safety. People should be taught not to take advantage of things so they won't be taken advantage of by other people ironically. They need to choose carefully what and where they are taking their applications from. To avoid this they should download it from the legitimate site and avoid piracy cause they are committing crime eventually being a victim of a crime, well ironically.

True, cyber criminals targeting other criminals? LOL. And come to think of it, the apps has been existing for 2 years and no one realized that they are using a fake TOR and for sure they have compromised a lot of Russians here. You can't blame them though, its carefully crafted and you won't really realized that you are using fake apps until one day you loss all your cryptos. So just be careful on apps that you downloaded in the net, simply as that.

That is what it makes it so brilliant. It is like those fake antivirus software that causes confusion and makes you want to act quickly to get rid of these so-called viruses and the software is even built-in with a fake scanner
and virus detection. Now you get ones possing as browsers for protection. I wonder what sort of activities it spies on. What would they do with this info? Beisde  sell bitcoin privatekeys or crypto stolen through the browser.
Maybe the collect a database of users so they can keep track of how much they have stolen from each IP? I don't know. It would make sense for them to collect IP addresses which use crypto a lot to see if they can steal more later on. Or maybe you gamble and they later steal your account.

this



I have this sense that being at all inept using computers could be the difference between life and death. Robots and AI are soon going to be a part of daily life... fuck, really they already are in a nascent stage of it. Asimov and Philip K. Dick et al warned us about this stuff, and something like the bottom 90th percentile (and that's optimistic ) of the world haven't even caught up to Edmund Bernays and George Orwell. And the 20th century was such a thunderous bitch-slap of sophistication that it's no wonder, really.

so while I'm pretty disappointed in myself for being so slow to see some of this, when I think of these typical Facebook zombies... it's hard to have any sympathy for them, trying to impress this stuff on them out of a sense of humanity is more likely to cause problems than anything else The potential for the world to enter into an era that's actually worse than all of dystopic fiction rolled into one is a distinct possibility, and almost everyone is expendable drone fodder in such a scenario

I read this on a crypto web site, and unfortunately this is such a bad thing for cryptos, because people will think that it's risky to use cryptos
It's really important to learn this lesson, only download of official websites and always research before if an application is compromised

I totally get your frustration. To some extent we can blame governments for not triggering people to become more aware of proper internet etiquette, but on the other hand, it's in their best interest to not educate people to the point where they become smart enough to take proper security measures enough so that they don't fall victim to phishing, viruses, etc.

The more untaught people are, the easier it is for governments to exploit vulnerabilities in their operating systems or hardware to retain a certain level of surveillance, which hackers obviously will be able to exploit too. If you aren't curious enough to explore various fields of interests that play a big role in today's society, which the internet is a huge part of, then you're basically fucked.

This is a major reason why the mass adoption of Bitcoin will probably take decades. It also translates into wealth inequality because the dumb will end up being as poor as they have always been, where the smart money and those who are technically adapted will be the new elite.

Thank God I am not using Tor to send some Bitcoin but in my case, I only use Tor as my VPN for a restricted/banned websites to get access to them easily. Although I am very picky of clicking or looking at the sites legitimacy but I only go directly to the site that I've known before and no other else.

But they did it and we must be very careful on dealing with the fake sites. Tor is trying to be the safest browser/site but hackers are doin their best to scam people and we cannot blame Tor with this one. If you see suspicious sites or any phishing sites, you must not download anything from it or else, you time has come to an end and your money will gone.

How ironic. Many people who want to improve performance and security on the internet by using the Tor browser, unfortunately even that is used as a weapon by hackers to steal other people's assets and break their hearts. From there we can take lessons to always be careful in installing applications and extensions on our devices, use the original, and do the download in an official place.
I know what it's like to be hacked, even though I've tried using a variety of multiple security, hopefully the hackers are aware of how painful it is to lose assets that have been sought and guarded desperately.

And yet, they are trying to to these things to the most safest browser I've known. Well, be cautious about this, as we all know, Tor has their own browser wherein we can download the tor browser. But when it comes to the point that they will target the site as well, it is mainly impossible, since phishing the website tor isn't easy as it doesn't contain any repetitive letters that might confuse the users.

compiling from source is great habit to get into, but Tor Browser (or really, Firefox).... I've never tried that, but I get the feeling it takes alot of care. Of course, OS's that compile everything locally in their package manager must do this, so it can't be too hard. Not going to try it any time soon myself, however



I find it embarrassing, and am myself feeling increasingly embarrassed as time goes on.

Most people use computers at the same level a child can teach itself to do, simply by watching and imitating. While these people watch their cat videos, I'm trying to learn basic computer science that (at it's core) hasn't changed much since the 1970's, and people are still using the crappy 1980's sub-par clone (i.e. windows) of the 1970's model.

Meanwhile, others apparently still haven't learned the basic rule number zero of the internet; if it's a popup, don't fucking click anywhere except on the close button, especially if it tells you 'click here or you'll die'. I learned that in the first month or so when the internet was still new. seriously ffs

That was quite shocking for a lot of people. One doesn't expect that the legitimate application they downloaded from the main source forwards popups indicating that people should install an update which later turns out to make them lose all their funds. I truly hope that it made people so paranoid, that they will never have to go through that ever again.

I was already aware of similar tricks with other software applications, so I never click links or follow instructions as indicated by the popup, but visit the site myself and if needed download the actual software from there. I have to admit myself that being so paranoid is quite exhausting because every application needs to be verified and whatnot, but it's all worth it in the end.

It's also a reminder that crypto as a whole in no shape is even remotely close to mass adoption of common joe type of people. 

I might upgrade my PC first to 16GB although I'm eligible and have 8GB ram but it would be a better choice to have that comfortability minimum requirements.

And don't download suspicious apps too.

Agree, a check should always be made as to whether the downloads are signed by developers, but the trouble is majority of users don't have even a shred of knowledge what pgp signature is and how to determine the authenticity thereof. That said, one should always check the fingerprint of any public pgp key  before certificating  it in Kleopatra.

Well it is common knowledge that hackers and governments infiltrate exit nodes to reveal people's hidden identity in the Tor network. They also run "exploited" nodes on the network and "sniff" the IP addresses of people using those nodes.  

I run a bootable version of Tails that contains Tor as the built-in browser, so you do not have to download anything and when you reboot, everything is gone, so you start with a fresh OS after each reboot.  

I think this is a good post for us because it reminds us that the Tor browser hacker may be due to statements like this, I think it is no longer using the tor browser to access the bitcoin wallet because this is very detrimental to us if accessing the bitcoin wallet through a browser is most likely the browser can stole our bitcoin without realizing it.

There are many methods a hacker could employ to steal the contents, the recent event is because they downloaded all the software from non official sources and they had a backdoor and they never identified until they lost their contents or coins. Everyone who is using the computer need to understand how to protect their content and that should be the basic.

Here is an example of how hackers could mislead you with another update from the software you are using if there is any vulnerability and here is the prime example. Electrum vulnerability
 

This is not quite surprising. Bitcoin is widely used as a medium of payment and transactions in the deep web, and the tor browser is one of the vulnerable part of connecting to onion sites. That's why when dealing with large funds, we must always be alert and wary of the softwares we use. One way to avoid these is just avoid browsing in the deep web or avoid engaging in transactions which are illegal.