[Rack] Tor security in Noisebridge
danny at spesh.com
Sun Dec 16 21:30:58 UTC 2012
On Fri, Dec 14, 2012 at 11:35 PM, James Sundquist
<sundquistjames at gmail.com> wrote:
> Andy, thanks so much for your thorough response. I honestly wouldn't
> consider myself paranoid. I'm just curious and appreciate knowing a more
> about the network infrastructure at noisebridge.
Just to reiterate, Noisetor project really is separate from the
Noisebridge hackerspace networking infrastructure; you can read a bit
more about the relationship here:
> On Dec 14, 2012 9:43 PM, "Andy Isaacson" <adi at hexapodia.org> wrote:
> On Fri, Dec 14, 2012 at 07:23:33PM -0800, James Sundquist wrote:
>> How easy is it to gain administra...
> Either trivial, or incredibly difficult. The box has been hardened by a
> few good hackers. We believe its network threat surface is minimal.
> Of course we have no way of knowing where the eth0 is plugged into. For
> all I know the FBI showed up with a NSL and told our hosters how it was
> going to go down and now we have the special red cat5 going into an
> inconspicuous black box. Or men in black showed up and plugged an extra
> special dongle onto a spare DIMM socket. Or an Intel microcode backdoor
> was inserted using the top secret radio hole in Nehalem. Feel free to
> make up your own hardware conspiracy theory to go here.
> I don't think any of those physical compromise scenarios happened, but I
> can't be sure.
>> How do you
>> guarantee Noisetor is not modifying, monitoring, or recording traffic?
> I and a few others set it up. We believe it's not modifying,
> monitoring, or recording traffic. The benefit to us of lying about it
> are pretty small (and if I had evidence or even a good suspicion that
> one of the others had done something bad, I'd say so.)
>> Trust is good, but I'd like to learn more specifics.
>> This guy here and here mention si...
> Yep, it's incredibly easy to do so. I can't present any evidence that
> would convince a sufficiently paranoid auditor (you) that this specific
> box hasn't been misused in this way. I can say that I believe it hasn't
> and I have an incentive to find out if it has and to publicize if I find
>> How would you prevent someone from doing this?
> We have a limited list of people with access to the box. We are pretty
> sure the box can't be compromised without compromising one of the admin's
> authentication methods, and we're pretty sure that hasn't been done.
> Short of hiring an actual auditor to examine an image of the box, I'm
> not sure what more proof you'd be interested in.
>> How is the project managed? Is there extensive documentation
>> somewhere of how Noisetor has bee...
> We set out with grand plans to have the exit node extensively puppetted
> and completely checked in to github, but we ended up hacking together
> the configs for the box to get it running, and then ended up in the
> classic situation of "well, it's working, but getting the configs
> completely parameterized and checked in is more work than any of the
> existing admins are willing to put in." A fair bit of stuff is on the
> github repo, but not all.
>> What first got me thinking about this was an 07/2012 article from
>> BoingBoing about a fake ce...
> Shrug. If you trust a different Tor node operator more, feel free to
> use them instead of Noisetor. Personally I am certain that my machines
> could be compromised by an even minimally competent black-bag team; I
> don't have interest or wherewithal to defend against that threat, but
> I'm fairly confident that it hasn't been done unless by a major
> government agency, in which case I'm fucking screwed so I might as well
> just pretend I haven't been. I do my best to not get pwned and I think
> I do a pretty good job. I'm well aware of the weaknesses in my security
> posture; sometimes I mitigate those, other times I don't bother.
> Rack mailing list
> Rack at lists.noisebridge.net
More information about the Rack