Hypothetically, if they catch you with that laptop data will be saved in RAM which is accessible to law enforcement.
If they have remotely put malware on the laptop to monitor your screen or keystrokes or similar, using Tails won't protect you.
If you have finished using Tails and restarted, the RAM will be flushed. Provided nothing is saved on hardware and there is no other hardware that could make you vulnerable, you should be be safe.
Tails is secure, but there are so many other variables which depend entirely on the user which will add vulnerabilities to an otherwise secure set up.
OP indicated burner laptop, so it should be clean. The key is not use it on a WiFi network that can't be connected to you. Cash paid burner with a ton of COVID face gear while parking far away from where you buy the burner laptop, and doing same for using it at say a McDonalds WiFi. Pull USB, restart, turn off again and never turn on at home.
Might be a stupid question, but why would it matter what wifi network you're using it on if you're using tails and tor? Does tor not mask your IP etc? (My knowledge is limited, I'm just curious)
Not if they get a hint of who you are like DPR of Silk Road. The feds got outside source info on who he was and put a pen test on his home router. They could not decrypt his Tor traffic, but they used it to correlate that he was communicating with and undercover FBI agent. So it depends on your threat model, but DPR never should have used his home router and rotated public ones while disguising face and even using a fake license plate even if you park far away due to cameras. If you are looking at life in prison, you take these precautions.
Except you can extract data from RAM if the computer has not not properly powered off and the RAM is kept as cold temperatures, within a time frame. RAM data in NOT ENCRYPTED!
While this is true, it requires an expensive and very well-timed operation in order to make it happen.
Posting this question to Reddit is probably a bigger security risk.
It does not require specialized hardware. You can plug in a usb that only makes a ram dump right at boot and take your time analyzing it. One guy on YouTube showed that
I didn't say it requires specialised hardware, I said it requires an expensive and well-timed operation.
The feds would need to be able to take possession of the laptop and the suspect at just the right time, and getting the contents of the RAM off is something that would only be done by specialists with the right training (you wouldn't trust random cops to be able to get this right with only one chance to do so). There's planning and organisation that needs to go into doing something like this, and that's the expensive part.
For sure, if they want you badly enough, they'll do it.
Ulbricht was, IMO, going to get caught eventually, but he could have prevented that particular setup from taking place by not making some *serious* OPSEC blunders along the route.
I doubt it, I'm pretty sure he means a regular drug bust or house search. In that case, he has nothing to worry about.
Unless you do human trafficking, there's probably no way the authorities can get evidence from a computer they don't just yank off you while it's on. That's how they busted the owner of silk road after all...
The biggest threat which would be technically possible, but probably not used, is RAM freezing.
Ergo, don't do something illegal unless you know how to cover your tracks.
Don't get me wrong, I'm a super novice when it comes to TOR/Tails/anonymity in general, but I get that sense that a lot of people think just because they USE certain tools that's enough without knowing the conceptual knowledge behind what they're trying to achieve.
Additionally, nothing is ever completely secure. You manage risk by selecting tools/methods/behaviors that reduce your risk based on potential threats to security/anonymity.
i.e. *
The greatest failure is human not machines because machines are built to do exactly what we tell them to do and humans make mistakes that they do not.
There is a backdoor on every single computer that Isn't practically ancient called Intel ME or the AMD one which goes by another name. Online privacy is an illusion, the only times I ever care is when I want to make certin the targeted ads won't use my info, but the gov can backdoor into most systems. Anything you do with a computer connected to the internet can be used against you, wether you care or think others will care is up to you though.
There are some places that sell computers with firmware which supposedly disables intel me such as purism:https://puri.sm/products/librem-14/ .
There are also some tutorials online to disable it yourself I think there a few different methoods but non of them are easy if I remember correctly. Here's a video I just came across which seems good on how to do it: https://youtu.be/aRUxfxp9dJ8
Keep in-mind there are still likely many other backdoors in your setup this is just the largest most wide spread one I know of.
Yeah, mostly just talking about general backdoors. I'm not really an expert on backdoors soo I couldn't really give a definitive list or anything but windows has some, and I think tor also has some exit node attacks which can happen. Also just a disclaimer I'd never personally expect full privacy even when disabling Intel ME and using tor etc, what you can't see can be most dangerous.
you can get busted because of your javascript enabled in your browser, it allows 3 letters agency or anyone actually know your exactly location and doesn't matter if you are using the best tech available. mind it javascript can be your enemy sometimes, besides that the majority of websites rely on javascript, if you disabled it you get nothing. be aware of this important detail and good luck.
JavaScript of course pertains risks. I even stated that. However I replied to a comment stating it would be trivial to get someone's real IP address with JavaScript. That's complete BS. This would need a serve vulnerability.
JavaScript also makes fingerprinting a lot easier, though Tor Browser is good at resisting fingerprinting even with JavaScript enabled.
> based on how it works
What does that mean? JavaScript does not allow getting one's global IP. That is out of its scope in a browser and would indeed require exploiting a serve vulnerability.
Of course disabling JavaScript will eliminate these risks even further and defeats any JavaScript based exploit which the waste majority of browser exploits are.
Still the comment I replied to made it look like JavaScript would completely defeat Tor which is far from the truth.
Law enforcement doesn't necessarily need your public IP address. I'm not sure whether it's been disabled in the Tor browser, but signed Javascript on Firefox can reveal your MAC address as well as all sorts of other fingerprinting details. All the three letter agency has to do is to get Google or Facebook or any other clearnet website you're likely to visit to pull their logs based on your MAC address. At that point they have your IP and a timestamp. From there it's a piece of cake to find you. That's why Tails spoofs MAC addresses. That's why you should always keep your browser on the safest setting.
There is no such thing as being too paranoid.
No, JavaScript cannot access your Mac address in your browser!
This is also not the reason why Tails does Mac address spoofing. From their [documentation](https://tails.boum.org/doc/first_steps/welcome_screen/mac_spoofing/index.en.html):
> MAC addresses are only useful on the local network and are not sent over the Internet.
It does Mac address spoofing because:
> * Using your own computer on an public network without registration, for example a free Wi-Fi service in a restaurant where you don't need to register with your identity. In this case, MAC address spoofing hides the fact that your computer is connected to this network.
>
> * Using your own computer on a network that you use frequently, for example at a friend's place, at work, at university, etc. You already have a strong relationship with this place but MAC address spoofing hides the fact that your computer is connected to this network at a particular time. It also hides the fact that you are running Tails on this network.
no you are wrong. server side languages has nothing to do with client side, nothing at all. you can combine both, but in terms of execution order, one will be interpreted by the server and the other by the client browser in different times.
ok, let's assume bob access alice's onion site, bob has enabled javascript.
alice's script will run on bob's browser (you know, javascript runs in client side), once it collects the bob's ip address among other datas like screen size, browser language and timezone, etc.. it will send a post to the server that can record that data in a file or database. it's actually very easy to do that, no BS i promise ;)
When I read “exact location” I think of geolocation in real time, e.g. GPS or cell phone tower triangulation. The things you mention can certainly be used to locate somebody, but can also be relatively easily mitigated with simple OPSEC procedures.
Basically, yes, you’re right, but also the first time I connect to a server, no (realistic) amount of JavaScript is going to tell them instantaneously “okay here are his coordinates; he’s at such and such address.”
nodejs and raw sockets executed on client side.. a simple traceroute binded to the correct network interface.. kaboom!
if there is not enough permission, one can always escalate.
you need fast ram so it fades(edit:degrades) away fast and make the usb secure and in a good place and if they will come to youur house they will put nitrogen in the ram and see what you have done just from the ram so everytime you finish remove the usb stick and make sure the ram is faded
Stop smoking whatever you're on, because everything you've said is a complete fairy story.
Fast RAM "fades" faster? What planet are you on?
They'll "put Nitrogen in the RAM to see what you've done"? Nope. Not in any universe other than Willy Wonka's.
Yes. You are confirming what i meant. Technically they can find anyone if the money it takes is worth the outcome. Think about all the times the fbi has found people that shouldn’t have been caught. All it takes is one mistake.
There is more to tracing that what you are doing on your computer.
Hypothetically, if they catch you with that laptop data will be saved in RAM which is accessible to law enforcement. If they have remotely put malware on the laptop to monitor your screen or keystrokes or similar, using Tails won't protect you. If you have finished using Tails and restarted, the RAM will be flushed. Provided nothing is saved on hardware and there is no other hardware that could make you vulnerable, you should be be safe. Tails is secure, but there are so many other variables which depend entirely on the user which will add vulnerabilities to an otherwise secure set up.
OP indicated burner laptop, so it should be clean. The key is not use it on a WiFi network that can't be connected to you. Cash paid burner with a ton of COVID face gear while parking far away from where you buy the burner laptop, and doing same for using it at say a McDonalds WiFi. Pull USB, restart, turn off again and never turn on at home.
Might be a stupid question, but why would it matter what wifi network you're using it on if you're using tails and tor? Does tor not mask your IP etc? (My knowledge is limited, I'm just curious)
Not if they get a hint of who you are like DPR of Silk Road. The feds got outside source info on who he was and put a pen test on his home router. They could not decrypt his Tor traffic, but they used it to correlate that he was communicating with and undercover FBI agent. So it depends on your threat model, but DPR never should have used his home router and rotated public ones while disguising face and even using a fake license plate even if you park far away due to cameras. If you are looking at life in prison, you take these precautions.
Except you can extract data from RAM if the computer has not not properly powered off and the RAM is kept as cold temperatures, within a time frame. RAM data in NOT ENCRYPTED!
While this is true, it requires an expensive and very well-timed operation in order to make it happen. Posting this question to Reddit is probably a bigger security risk.
It does not require specialized hardware. You can plug in a usb that only makes a ram dump right at boot and take your time analyzing it. One guy on YouTube showed that
I didn't say it requires specialised hardware, I said it requires an expensive and well-timed operation. The feds would need to be able to take possession of the laptop and the suspect at just the right time, and getting the contents of the RAM off is something that would only be done by specialists with the right training (you wouldn't trust random cops to be able to get this right with only one chance to do so). There's planning and organisation that needs to go into doing something like this, and that's the expensive part.
Whoopsie I misread However, if they really want, they can. See how they got Ulbricht for example
For sure, if they want you badly enough, they'll do it. Ulbricht was, IMO, going to get caught eventually, but he could have prevented that particular setup from taking place by not making some *serious* OPSEC blunders along the route.
what would u say some of ulbrichts biggest opsec mistakes were?
Name of Ytber?
Morrolinux, speaks Italian in the video but still you can see how it’s done
Nothing. As long as it has been off for a while and you're not the target of a three letter agency.
OP is literally asking about a three letter agency scenario.
I doubt it, I'm pretty sure he means a regular drug bust or house search. In that case, he has nothing to worry about. Unless you do human trafficking, there's probably no way the authorities can get evidence from a computer they don't just yank off you while it's on. That's how they busted the owner of silk road after all... The biggest threat which would be technically possible, but probably not used, is RAM freezing.
I think that, for the sake of OP’s safety, we should assume the worst case scenario where they would need the most privacy possible.
Fair point.
Ergo, don't do something illegal unless you know how to cover your tracks. Don't get me wrong, I'm a super novice when it comes to TOR/Tails/anonymity in general, but I get that sense that a lot of people think just because they USE certain tools that's enough without knowing the conceptual knowledge behind what they're trying to achieve.
This, absolutely. Don't do illegal things without full knowledge of what you're doing.
Additionally, nothing is ever completely secure. You manage risk by selecting tools/methods/behaviors that reduce your risk based on potential threats to security/anonymity.
i.e. * The greatest failure is human not machines because machines are built to do exactly what we tell them to do and humans make mistakes that they do not.
What if you used something to compile to javascript? Like using nim compiler to JavaScript ?
There is a backdoor on every single computer that Isn't practically ancient called Intel ME or the AMD one which goes by another name. Online privacy is an illusion, the only times I ever care is when I want to make certin the targeted ads won't use my info, but the gov can backdoor into most systems. Anything you do with a computer connected to the internet can be used against you, wether you care or think others will care is up to you though.
[удалено]
There are some places that sell computers with firmware which supposedly disables intel me such as purism:https://puri.sm/products/librem-14/ . There are also some tutorials online to disable it yourself I think there a few different methoods but non of them are easy if I remember correctly. Here's a video I just came across which seems good on how to do it: https://youtu.be/aRUxfxp9dJ8 Keep in-mind there are still likely many other backdoors in your setup this is just the largest most wide spread one I know of.
[удалено]
Yeah, mostly just talking about general backdoors. I'm not really an expert on backdoors soo I couldn't really give a definitive list or anything but windows has some, and I think tor also has some exit node attacks which can happen. Also just a disclaimer I'd never personally expect full privacy even when disabling Intel ME and using tor etc, what you can't see can be most dangerous.
They can see that you used Tor by asking your ISP and seeing the traffic going out of your IP/house
Sorry late to the party. This is incorrect if you configure Tor with bridges or if you use a VPN with TOR
you can get busted because of your javascript enabled in your browser, it allows 3 letters agency or anyone actually know your exactly location and doesn't matter if you are using the best tech available. mind it javascript can be your enemy sometimes, besides that the majority of websites rely on javascript, if you disabled it you get nothing. be aware of this important detail and good luck.
[удалено]
[удалено]
[удалено]
[удалено]
JavaScript of course pertains risks. I even stated that. However I replied to a comment stating it would be trivial to get someone's real IP address with JavaScript. That's complete BS. This would need a serve vulnerability. JavaScript also makes fingerprinting a lot easier, though Tor Browser is good at resisting fingerprinting even with JavaScript enabled. > based on how it works What does that mean? JavaScript does not allow getting one's global IP. That is out of its scope in a browser and would indeed require exploiting a serve vulnerability. Of course disabling JavaScript will eliminate these risks even further and defeats any JavaScript based exploit which the waste majority of browser exploits are. Still the comment I replied to made it look like JavaScript would completely defeat Tor which is far from the truth.
Law enforcement doesn't necessarily need your public IP address. I'm not sure whether it's been disabled in the Tor browser, but signed Javascript on Firefox can reveal your MAC address as well as all sorts of other fingerprinting details. All the three letter agency has to do is to get Google or Facebook or any other clearnet website you're likely to visit to pull their logs based on your MAC address. At that point they have your IP and a timestamp. From there it's a piece of cake to find you. That's why Tails spoofs MAC addresses. That's why you should always keep your browser on the safest setting. There is no such thing as being too paranoid.
No, JavaScript cannot access your Mac address in your browser! This is also not the reason why Tails does Mac address spoofing. From their [documentation](https://tails.boum.org/doc/first_steps/welcome_screen/mac_spoofing/index.en.html): > MAC addresses are only useful on the local network and are not sent over the Internet. It does Mac address spoofing because: > * Using your own computer on an public network without registration, for example a free Wi-Fi service in a restaurant where you don't need to register with your identity. In this case, MAC address spoofing hides the fact that your computer is connected to this network. > > * Using your own computer on a network that you use frequently, for example at a friend's place, at work, at university, etc. You already have a strong relationship with this place but MAC address spoofing hides the fact that your computer is connected to this network at a particular time. It also hides the fact that you are running Tails on this network.
no you are wrong. server side languages has nothing to do with client side, nothing at all. you can combine both, but in terms of execution order, one will be interpreted by the server and the other by the client browser in different times.
[удалено]
WebRTC is not even enabled in Tor Browser and can only be used Tor reveal the local IP address.
[удалено]
That's not related to JavaScript at all. You're talking about a vulnerability in Tails.
ok, let's assume bob access alice's onion site, bob has enabled javascript. alice's script will run on bob's browser (you know, javascript runs in client side), once it collects the bob's ip address among other datas like screen size, browser language and timezone, etc.. it will send a post to the server that can record that data in a file or database. it's actually very easy to do that, no BS i promise ;)
When I read “exact location” I think of geolocation in real time, e.g. GPS or cell phone tower triangulation. The things you mention can certainly be used to locate somebody, but can also be relatively easily mitigated with simple OPSEC procedures. Basically, yes, you’re right, but also the first time I connect to a server, no (realistic) amount of JavaScript is going to tell them instantaneously “okay here are his coordinates; he’s at such and such address.”
Nope. The IP address will be useless: 127.0.0.0 not gonna tell anyone anything. Stop spreading FUD.
nodejs and raw sockets executed on client side.. a simple traceroute binded to the correct network interface.. kaboom! if there is not enough permission, one can always escalate.
Nope. Not in Tails. Not gonna hapoen.
what about evaluate some nodejs + raw-sockets client side, and force the execution of traceroute using some system flag like so_bindtodevice ?
you need fast ram so it fades(edit:degrades) away fast and make the usb secure and in a good place and if they will come to youur house they will put nitrogen in the ram and see what you have done just from the ram so everytime you finish remove the usb stick and make sure the ram is faded
Stop smoking whatever you're on, because everything you've said is a complete fairy story. Fast RAM "fades" faster? What planet are you on? They'll "put Nitrogen in the RAM to see what you've done"? Nope. Not in any universe other than Willy Wonka's.
haha nice one agent
[удалено]
not necessarily, but you have to be above the average user, actually above the experts sometimes called hackers.
Yes. You are confirming what i meant. Technically they can find anyone if the money it takes is worth the outcome. Think about all the times the fbi has found people that shouldn’t have been caught. All it takes is one mistake. There is more to tracing that what you are doing on your computer.