Pages:
Author

Topic: mIRC TOR Script (that works) + Documentation + More [Total: 30 BTC] (Read 17590 times)

hero member
Activity: 504
Merit: 504
PGP OTC WOT: EB7FCE3D
So nobody has claimed the "going under-ground" guide?

please read the history of this thread if you did not already, i write somewhere that i got 50+ bitcoins for partial answers to some of the bounties. it might be a good idea to check with the thread owner
newbie
Activity: 32
Merit: 0
So nobody has claimed the "going under-ground" guide?

I'm an anonymous entrepreneur -- by which I mean, to be clear, that I am doing non-anonymity-related entrepreneurial stuff behind a veil of anonymity -- and as such, I have found myself effectively taking a never-ending crash-course in how to effectively use various technologies, social techniques and common-sense measures to protect my anonymity while also permitting me to actually get stuff done.

I am planning on doing a write-up about this -- a kind of how-to guide, but not of the laundry-list-of-unexplained-instructions variety -- because, going forward, I will need an anonymity training regimen in place so that I can bring new staffers up to speed on how to protect their own identities and that of my enterprise and avoid some of the pitfalls that I learned the hard way.  Plus, I could definitely find some ways to put 10BTC to use Smiley

So, not sure what the original vision for this was but I'd certainly be keen to take a very serious look at the possibility of taking this on.  Can someone let me know, whose bounty is this exactly?  Yours, da2ce7?

@whomever-is-offering-the-bounty: can you please elaborate re: what sort of guide you are envisioning (medium?  topical emphasis?  tone?)... I need a get a better idea as to what you are looking for because the description in OP is rather general / vague (even if my write-up plans are not perfectly synergistic, I still very well might be able to adapt/expand my plans to stay consistent with your vision once I understand a little better)?

Thanks!  Post or PM is fine.
sr. member
Activity: 322
Merit: 251
honk-honk is down, does anyone have the updated SASL files that can put up a mirror?

What howto are you following? If the bitcoin.it wiki, it's slightly outdated.
I did not rewrite it (my bad) since freenode came up with it's own script, much simplified the whole thing.
you might see their manual, not using the old script

New script is sans-dll, I think I am going to try to make a screencast or something then update the Wiki myself, since I have it working now.
hero member
Activity: 504
Merit: 504
PGP OTC WOT: EB7FCE3D
honk-honk is down, does anyone have the updated SASL files that can put up a mirror?

What howto are you following? If the bitcoin.it wiki, it's slightly outdated.
I did not rewrite it (my bad) since freenode came up with it's own script, much simplified the whole thing.
you might see their manual, not using the old script
sr. member
Activity: 322
Merit: 251
honk-honk is down, does anyone have the updated SASL files that can put up a mirror?
hero member
Activity: 504
Merit: 504
PGP OTC WOT: EB7FCE3D
i'm more worried about invalid ssl certificates on bitcoin.org site
using tor & receiving the warning i have no idea to check if the site is legit
any man in the middle attack possible if tor exit node not honest

I am curious if anyone else shares my opinion on the possible attack vector with the nickserv server.
you mean nickserv operator logging ip of user who registered a particular nick?
can do that from a library or whatever other place, !home
full member
Activity: 140
Merit: 100
In reality, it's unlikely that someone would do that.
HOWEVER, law enforcement has done that sort of thing, gathering little bits of identifying information to track someone down. See this article: http://arstechnica.com/tech-policy/news/2011/03/illegal-tv-streamers-heres-how-the-feds-will-hunt-you-down.ars
newbie
Activity: 3
Merit: 0
Yeah, no problem, 50 btc is still cool.

I am curious if anyone else shares my opinion on the possible attack vector with the nickserv server.  Or am I just way too 'tin foil hat'?

hero member
Activity: 504
Merit: 504
PGP OTC WOT: EB7FCE3D
please note that the bounty is probably -50 BTC that i already got for my mixed contribution
newbie
Activity: 3
Merit: 0
I am covering the portable version install of tor in the x-chat guide.
full member
Activity: 140
Merit: 100
well good work so far! I think that I can send you some coins for your work so-far  Grin  The Tor wiki page is starting to look like on of the best ones so far!

Wait when it's finished Smiley seems that also sawzall is working on an article about Tor
you might want to check out his progress at https://en.bitcoin.it/wiki/User:Sawzall/Tor
i'll continue on weekend again.
Yeah, at this point your guide looks much more detailed. The only thing I see is that the Tor install guide is just a link to the Tor website, and the Portable Tor options are not mentioned.
newbie
Activity: 3
Merit: 0

For anyone interested, I am working on a X-Chat version of this how-to as well, currently it will be just for windows but I will gladly do a Linux writeup later. 

I did want to point out one thing that is really bugging me about using Tor + Freenode.  This threat really depends on what level of anonymity you want out of this setup but with the current how-to, Freenode will have information about your original IP.  While other users might not get this data it is still logged with Freenode.

Because you have to register a nick with nickserv before using Tor to connect to the server you will be giving away a non Tor endpoint IP address to Freenode.  So if you want full anonymity out of using Tor + Freenode I would recommend registering your nick with nickserv from a public wifi or through a nonpublic proxy (I would not recommend this either).

Also make sure and check that you are not leaking any personal info when you register your nick, just run this nickserv command to check and see what kinda data you might be leaking about yourself through your nick: (when connected to Freenode of course)

/msg NickServ info YOURNICKNAME

While this might not include your full home IP address, small bits and pieces of data can be collected and quickly build up to a full profile.

And if you ever login to Freenode, and identify with the same nick that you use with Tor, someone keeping tabs on your with the 'info' command could identify your home IP.  So make sure to stay watchful of what data you are giving away. 

Just my 2 cents,
- Lurking resident tinfoil hat security guy.

newbie
Activity: 55
Merit: 0
You should check the freenode sasl [1] section again. There is an updated version of sasl.mrc (Mar 2 2011 14:00) that does not need the dll for plain auth. It also has some bug fixes (ie. settings saving).

[1]: http://freenode.net/sasl/
hero member
Activity: 504
Merit: 504
PGP OTC WOT: EB7FCE3D
my mirc keeps on forgetting it's sasl information...

ok, i will go through both my mirc installations and make detailed notes
to troubleshoot where our configurations differ.

i should be here all night today

at home lots of work, barely make it to pc lately Sad
legendary
Activity: 1222
Merit: 1016
Live and Let Live
my mirc keeps on forgetting it's sasl information... I wonder what I'm doing wrong.  Angry

Overall good work... the Bitcoins are all good to send, you have done lots of good work!  When I have time, I'll go through it all and try and check everything.
hero member
Activity: 504
Merit: 504
PGP OTC WOT: EB7FCE3D
How is this project coming along?

1) the sasl script for mirc is actually good & working so it is usable with tor + mirc for freenode

2) the tor setup is easy and changing configuration per application is easy but it is risky to rely on tor without understanding how it works.
there is/was a discussion on the talk page of the wiki article
I might add something during weekend, I was really busy at work
legendary
Activity: 2940
Merit: 1090
Wow I am glad I don't do Windows.

How is this project coming along? I am not much judge of whether guides / manuals are usable by Windows users because I tend to way over-estimate people's ability to make sense of guides / manuals. (If they can't make sense of unix style man pages well sheesh what would it take to make sense to them?)

I am bumping this because I might have an interest in keeping track of it which will be easier if it isn't way down deep out of sight. This way I can at least find it again by checking what threads I have actually written in.

-MarkM-
hero member
Activity: 504
Merit: 504
PGP OTC WOT: EB7FCE3D
well good work so far! I think that I can send you some coins for your work so-far  Grin  The Tor wiki page is starting to look like on of the best ones so far!

Wait when it's finished Smiley seems that also sawzall is working on an article about Tor
you might want to check out his progress at https://en.bitcoin.it/wiki/User:Sawzall/Tor
i'll continue on weekend again.
legendary
Activity: 1222
Merit: 1016
Live and Let Live
well good work so far! I think that I can send you some coins for your work so-far  Grin  The Tor wiki page is starting to look like on of the best ones so far!
hero member
Activity: 504
Merit: 504
PGP OTC WOT: EB7FCE3D
use tor as your proxy
http://uber.1337.sk/~ptmhd/btc/da2ce7/20110108-mirc-proxy.png">

You are using port 8118, that port is for Privoxy, there is no need to go through Privoxy for IRC.  Use port 9050 instead.

I had som difficulties to configure mIRC with the 9050 port so I keep the settings as on the image.
The 8118 port is a valit tor proxy and works for the purpose of connecting.

If no one else finishes earlier than me, I will continue to add material to the wiki.
The Bitcoin part was easy. What worries me is the web sites and their cookies + AJAX & other advanced technologies that can trick the browser to disclose the IP address despite instructed to use tor.

I think the SASL script and dll work just fine. Finished installing SASL support on my other pc and it woks. Shame on me for the F2 button that does not work and user should type /dialog -m ... manually.

EDIT: i just got the idea why it does not work with 9050 port for Freenode + IRC + Tor
The service is already an onion service. It might work completely without?
But seems i'm too tired to have valid ideas.
Pages:
Jump to: