|
Replies: 10
| visibility 359
|
CU Medallion [53145]
TigerPulse: 100%
Posts: 21808
Joined: 11/16/05
|
|
|
|
 |
Oculus Spirit [80978]
TigerPulse: 100%
Posts: 56059
Joined: 9/13/04
|
I've said this before..
Oct 21, 2019, 2:10 PM
|
|
A VPN setup like this, unless you are out of the US and trying to look like you are in the US, is pretty useless.
Basically, the only thing you are doing using this is adding friction to your network connection.
|
|
|
|
|
|
CU Medallion [53145]
TigerPulse: 100%
Posts: 21808
Joined: 11/16/05
|
Re: concur....
Oct 21, 2019, 3:28 PM
|
|
but their ads/marketing is pretty much the opposite.
Be safe, browse without care, etc....
If you don't want it out there, don't use it, IMO.
|
|
|
|
|
|
Oculus Spirit [97664]
TigerPulse: 100%
Posts: 64803
Joined: 7/13/02
|
It will stop letters like this
Oct 21, 2019, 5:06 PM
[ in reply to I've said this before.. ] |
|
I signed up with a 3 year subscription. It's paid for itself already.
Now please excuse me while I go download the Clemson vs. Louisville football game off Youtube. As for the "hack", it wasn't much of one really. It DID enable them to spoof a NordeVPN server if they wanted to, but you would have to be a target for them do do a man-in-the-middle attack anyway. Not concerned at all.
|
|
|
|
|
|
All-In [34486]
TigerPulse: 100%
Posts: 13513
Joined: 8/30/19
|
Re: So, the main VPN advocate out there has been hacked
Oct 21, 2019, 3:40 PM
|
|
WhoNix is free
|
|
|
|
|
|
Oculus Spirit [80978]
TigerPulse: 100%
Posts: 56059
Joined: 9/13/04
|
Thats just another *nix download isn't it?
Oct 21, 2019, 4:11 PM
|
|
It doesn't really perform any functions of a VPN, does it? (I mean no more than any other OS will, if configured for that)
|
|
|
|
|
|
All-In [34486]
TigerPulse: 100%
Posts: 13513
Joined: 8/30/19
|
Re: Thats just another *nix download isn't it?
Oct 21, 2019, 4:36 PM
|
|
Yes, but it routes network traffic through the onion protocol (not just browser traffic). So it's Tor, but for the operating system and not for the browser.
It's super slow, but if you're looking to obfuscate your client IP address, it accomplishes the same thing without exposing you to a couple of points of failure (i.e. Nord VPN) in the event that the exit nodes are monitored and/or the network is compromised.
There's still the risk of attacks on VM (looking at your, VirtualBox), so it's recommended to run your Gateway on bare metal on one machine and running the desktop instance in a VM on another host machine. I haven't gone that far because I do it more as a hobby, but it's fun to play around with and research. I also wonder where someone like Edward Snowden went wrong.
|
|
|
|
|
|
Oculus Spirit [80978]
TigerPulse: 100%
Posts: 56059
Joined: 9/13/04
|
If you're really trying to hide an IP, I'd just use
Oct 21, 2019, 4:41 PM
|
|
https://www.anonymizer.com/
Or sponge the internets off a hotel, restaurant or bar or something using a secondary NIC or spoofed MAC.
With anything that you have to access using YOUR IP provider...they have logs of DNS requests for whatever you first try and connect to. If I was trying to hide my IP, I'd keep it as far away from my own internet provider as possible.
|
|
|
|
|
|
All-In [34486]
TigerPulse: 100%
Posts: 13513
Joined: 8/30/19
|
Yeah, I've always understood the ISP as a weakspot
Oct 21, 2019, 4:47 PM
|
|
in the whole system. In most cases, I hope that I'm not doing anything that's going to have the FBI subpoena my ISP for whatever logs, etc.
$220/month is pretty steep for personal use. I might give it a shot once I launch my opiate distribution business on the dark web.
|
|
|
|
|
|
Oculus Spirit [97664]
TigerPulse: 100%
Posts: 64803
Joined: 7/13/02
|
Dark web isn't really dark. Yes, you can hide your
Oct 21, 2019, 5:48 PM
|
|
DNS requests, your IP through a VPN, and even more using Tor. BUT, the ultimate weakness of the dark web is that no matter how much security you have between you and your endpoint, you are ALWAYS going to be vulnerable to malware and zero day exploits through whatever browser you use. Your chances decrease when you disable javascript, and other scripts, but even then the browser itself is always vulnerable too.
What usually happens is a hosting service notices unusual traffic in large amounts to a certain server they host, usually through an audit or something. They then look on their servers and find your illegal darkweb website. They then notify authorities. Authorities then move in, access the WEBSITE itself, plant their browser exploit in the webpages that are served, and then keep things running as usual for as long as possible, harvesting the IP and MAC address of every machine that connects. They set up a dummy server to harvest the IP hits and MAC address info. Then after a while they shut it down, and go out and arrest tons of people. Read an article on this once, and this is why government and the private security sector don't share zero day exploits anymore. Years ago if the government found a weakness, they'd alert Microsoft, Mozilla, Google, etc. And if Microsoft found one they'd alert the government. Now, the government sits on zero day exploits, and uses them frequently.
So you click on the Stubborn Heroin Distribution Network page on the dark web. If the police have found it, they then modify the webpage code so that everyone who accesses Stubborn Distribution Network and loads a page then has their PC browser send a random ping to a server operated by law enforcement. In that ping is included your REAL IP address and your PC's MAC address, with a date and time stamp. Usually it's not the main page on a drug website they insert the code, but into the payment page, or confirmation page. That way they know you've purchased drugs. Quick subpoena to your ISP and they have you. When they knock on your door, they take your PC and find the matching MAC address. And you're done. This is just one example. But it is based on a real case. They even found the website operator in one case by planting their code on the admin page only he could access. They found he logged in at a certain time and found a pattern. Guy was "smart" and logged in from a coffee shop public wifi. Well, they then staked out the place, saw him enter the shop. He logged in right on time sending his MAC address, and they monitored the data from the public wifi and found his laptop. Walked over to his table and arrested him.
Point is the darkweb is not safe. If they want you bad enough, they will get you.
|
|
|
|
|
|
All-In [34486]
TigerPulse: 100%
Posts: 13513
Joined: 8/30/19
|
Excuse me Special Agent Smith,
Oct 21, 2019, 7:19 PM
|
|
I was just trying to stream the Seattle Seahawks games in South Carolina! Why are you accusing me of running an international drug ring?!?!?? 
|
|
|
|
|
|
Replies: 10
| visibility 359
|
|
|
50
