Выпуск дистрибутива Tails 5.0
[https://www.opennet.ru/opennews/art.shtml?num=57127]

Сформирован релиз специализированного дистрибутива Tails 5.0 (The Amnesic Incognito Live System), основанного на пакетной базе Debian и предназначенного для обеспечения анонимного выхода в сеть. Анонимный выход в Tails обеспечивается системой Tor. Все соединения, кроме трафика через сеть Tor, по умолчанию блокируются пакетным фильтром. Для хранения пользовательских данных в режиме сохранения пользовательских данных между запусками применяется шифрование. Для загрузки подготовлен iso-образ, способный работать в Live-режиме, размером 1 ГБ.

В новом выпуске:
- Осуществлён переход на пакетную базу Debian 11 (Bullseye).
- Пользовательское окружение обновлено до GNOME 3.38 (ранее использовался выпуск 3.30). Предоставлена возможность использования обзорного режима для доступа к окнам и приложениям.
- Апплет для работы с OpenPGP и утилита для управления ключами и паролями заменены на менеджер сертификатов Kleopatra, развиваемый проектом KDE.
- По умолчанию включена функция автоматической установки выбранных пользователем дополнительных программ (Additional Software) при запуске Tails. Пакеты с дополнительными программами сохраняются области накопителя, предназначенной для постоянного хранения данных пользователя (Persistent Storage).
- Обновлены версии программ: Tor Browser 11.0.11, MAT 0.12 (с поддержкой чистки метаданных из SVG, WAV, EPUB, PPM и файлов MS Office), Audacity 2.4.2, Disk Utility 3.38, GIMP 2.10.22, Inkscape 1.0 и LibreOffice 7.0.

#Tor

🧅Недавно прошел дефкон и заметил неплохое выступление, связанное с идентификацией владельцев луковичных HTTP - сервисов.
В нем нет ничего абсолютно нового, но для тех кто занимается расследованием преступлений, в которых фигурируют сервисы в даркнете использующие небезопасный протокол HTTP. Материал с выступления подойдет тем кто начинает разбираться в этой тематике, потому что в презентации доходчиво и просто объяснено какие способы(техники) чаще используются при расследовании.

🧅🧅Recently passed a defcon and noticed a good performance related to the identification of the owners of onion HTTP services.
There is nothing absolutely new in it, but for those who are investigating crimes involving services in the darknet using the insecure HTTP protocol. The material from the speech is suitable for those who are beginning to understand this topic, because the presentation clearly and simply explains which methods (techniques) are more often used in the investigation.

#tor #deanonymization #investigation

|Crack monero, blackjack and whores|

Well, the shizo is in touch again. Today we will talk about the expensive shit CipherTrace and not only.
First of all, though belatedly, I want to congratulate everyone involved on the 8th anniversary of the first release of Monero (April 18, 2014). Next, I recommend reading on reddit about the categories of monero haters. Monero, as some people think, is a token, although in fact it is a coin with its own blockchain network.

It has been almost 6 years since the first acquaintance with this cryptocurrency and what I would like to say, during this time I have heard so many times about tracking monero and "magic" tools for this, however, during the period I have consulted various persons (at times I came across those who are engaged in fierce blackness) and used the basic rules of concealment of identity in financial manipulations in the network, and no one was caught. But, this does not mean that they have become elusive.
Undoubtedly, bitcoin is not about anonymity (all sorts of mixers do not really save), so for serious purposes, even if you still have the desire to use it, you will have to try hard. There are undoubtedly many guides on the web about ways to "not be able" to track bitcoin transactions (example ) . But the funny thing is that most of the articles talk about using tor, mixers, VPN "not storing" logs (it's very funny, even raising your own is safe, but it won't solve the problem much) and buying/selling bitcoin for cache (this will make it even more fun). Okay, the topic is not about bitcoin, it's better to analyze its "anonymyzation" separately.
So, back to the question about Monero.

I think many people have heard about the spam attack on monero, when everything was just beginning or about the unfinished from sybil . Or about "Monero badcaca ", if the spam attack could still really be called successful (any tx in the block were changeable for the attacker in positions 512 and 513, provided they are identical in dimension and validity), then the previous ones are some kind of babble.
Further - more interesting. The US Internal Revenue Service (IRS) signed contracts with Chainalysis and Integra FEC for a total of $ 1.25 million, how did it end? A tool from ChipherTrace has appeared to track transactions, which did not justify itself, and moreover, they ask for 16 thousand dollars for such shit, although it can only track the chain with a certain probability, that is, there are no guarantees. And the amount of 1.25 million is ridiculous for such a thing. You can read more here .
At the Blockchain Alliance webinar in December 2019, Jerek Jakubcek (from Europol) said that the suspect who used the monero + Tor bundle was not tracked (the IP address was not tracked), there are attacks/audits on Tor and Monero on the work channel, you can look at the tags #tor and #xmr.
Here is the actual article about the inefficiency of the monero tool from ChipherTrace and an interview CEO of CipherTrace with a developer confirming the low efficiency of this shit.
The easiest way, when asked, is to run monero this way:
./monerod --tx-proxy tor,127.0.0.1:9050

CipherTrace's result strongly depends on exchanges and data obtained outside the monero blockchain network. I will not write anything further about them, so I have attached resources above.
So far, using Zcash and Monero is probably a good move to maintain anonymity. Now I am communicating with the developers of one tullza to compare a user using xmr as an electronic currency (a coin with a blockchain) and I want to say that it is currently impossible to guarantee the owner of the wallet at the address, and a one-time wallet is generally impossible from the point of view of mathematics and cryptography.

Summing up, I would like to say that if you see an article / work / book about the monero crack, and there is no clear algorithm and confirmation of the result, then how it applies to everything is empty talk.

#shizo #xmr #deanonymization

Поисковик по сети Tor (Даркнет) #TOR #Darknet

▫️https://onionsearchengine.com/

Альтернативы:

▫️https://duckduckgo.com/
▫️https://yoosonar.cc/
▫️https://www.stumpedia.com/
▫️https://ahmia.fi/

😎👍 САЙТ | ВК | TLG
🕵️‍♂️ ЧАТ-БОТ 🪪 ВИЗИТКА