Gadget Gurus
  
Wikileaks Unveils 'Vault 7': "The Largest Ever Publication Of Confidential CIA Documents"; Another Snowden Emerges | Zero Hedge

Image/photo

WikiLeaks has published what it claims is the "largest ever publication of confidential documents on the CIA." It includes more than 8,000 documents as part of β€˜Vault 7’, a series of leaks on the agency which expose the agency's massive hacking arsenal.


#Privacy #CIA #Spying #Hacking #Snooping #Surveillance #WikiLeaks #Leaks #Vault 7 #Vault7 #Weeping Angel #HIVE @LibertyPod+
Researchers Discover Tor Nodes Designed to Spy on Hidden Services

Seth Martin
  last edited: Sat, 21 Jan 2017 11:49:04 -0600  
Suspicion Confirmed.

Schneier on SecuritySchneier on Security wrote the following post Fri, 08 Jul 2016 07:01:18 -0500

Researchers Discover Tor Nodes Designed to Spy on Hidden Services

Two researchers have discovered over 100 Tor nodes that are spying on hidden services. Cory Doctorow explains:
These nodes -- ordinary nodes, not exit nodes -- sorted through all the traffic that passed through them, looking for anything bound for a hidden service, which allowed them to discover hidden services that had not been advertised. These nodes then attacked the hidden services by making connections to them and trying common exploits against the server-software running on them, seeking to compromise and take them over.

The researchers used "honeypot" .onion servers to find the spying computers: these honeypots were .onion sites that the researchers set up in their own lab and then connected to repeatedly over the Tor network, thus seeding many Tor nodes with the information of the honions' existence. They didn't advertise the honions' existence in any other way and there was nothing of interest at these sites, and so when the sites logged new connections, the researchers could infer that they were being contacted by a system that had spied on one of their Tor network circuits.

This attack was already understood as a theoretical problem for the Tor project, which had recently undertaken a rearchitecting of the hidden service system that would prevent it from taking place.

No one knows who is running the spying nodes: they could be run by criminals, governments, private suppliers of "infowar" weapons to governments, independent researchers, or other scholars (though scholarly research would not normally include attempts to hack the servers once they were discovered).

The Tor project is working on redesigning its system to block this attack.

Vice Motherboard article. Defcon talk announcement.


#Tor #Security #Cybersecurity #Spying #Surveillance @LibertyPod+  @Gadget Guru+
KrisLibertyPod
  
That is very sad news to hear. I'm a free software advocate, that is β€œfree” as in freedom. I very much enjoyed going to libertypod.org in order use social media in a system that I knew respected my freedom. You facilitated a way for me and others to use a network run by volunteers and members of our community. You and others actually cared about free speech and refused to allow all social life on the Internet to be turned into a commodity bought and sold from one master to another. You were not interested in impressing shareholders and you were not interested in the surveillance of your users for money. Instead you were interested in an alternative way we could share ideas outside the control and risk of centralized censorship systems. You were interested in fighting the horrors of the tech society that is being created without privacy and freedom in it. I saw things I was sure Facebook administrators would have deleted and I rejoiced in the fact we were so free that these things were not censored at a whim. I am grateful to have been a part of this great community, made to increase the control of users over social networks. While I am unsure if I will join another pod, use another network like gnusocial or something else I still wanted to thank you Seth, for all the work that you have done to make this possible.
Vecchio Giac
  last edited: Tue, 19 Jul 2016 09:02:13 -0500  
Kris, if you like also open source  and not just free Stallman software , Hubzilla is a fantastic option, a wonderful tool, much different from diaspora gnusocial  etc ...
Seth Martin
  
Kris, while you're here at lastauth.com, a Hubzilla website, try visiting https://lastauth.com/settings/featured and enable the diaspora protocol so you can communicate with people on diaspora pods. We also have a GNUsocial federation plugin as well. Give it a try, see what you think.