[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Mail]  [Sign-in]  [Setup]  [Help]  [Register] 

U.S. Marines Raised American Flag During Battle for Iwo Jima on This Day in 1945

'I'll fight them to the death': Judge Judy warns Bernie Bros that they don't have a chance at the presidency because she's ready to battle to get Mike Bloomberg in the White House

Sanders: Illegal Immigrants Are ‘Entitled’ to the Same Government Benefits as Citizens

Latest Polling Is Terrible News for Michael Bloomberg’s Chances of Taking Down Bernie

What happened to Sneakypete ?

Trump Boat Trolls Bernie Sanders Vallejo Rally

Why Bernie Sanders is just the beginning of an American turn to the left (BARF)

Clint Eastwood supported Trump in 2016 and now supports Bloomberg

Celebrate The 40-Year Anniversary Of The Miracle On Ice

This is the crowd not able to get in to TrumpÂ’s rallyÂ… In Blue State NevadaÂ…

Bloomberg Loses Ground Following Debate Debut in Las Vegas

Pick your Socialist President 2020

Here's a List of All the Stuff 'Nanny' Bloomberg Has Tried to Ban

Voter Data From Trump's Arizona Rally Should Scare The Hell Out Of Democrats

Shocking Video Shows Cop Execute Unarmed Grandpa for Walking Toward Him

A Michigan Police Task Force Is Playing Jurisdiction Games To Avoid Compensating an Innocent Man Cops Put in the Hospital

What is the 'boogaloo?' How online calls for a violent uprising are hitting the mainstream

Dealing with AGWs?

Movie Review: Vanishing Point (1971) : A libertarian perspective

Federal Judges Meeting Will Target Trump And Barr, Report Says

NSC adviser 'is to be reassigned' amid DC rumors SHE is the infamous 'Anonymous' behind anti-Trump NYTimes op-ed and book 'A Warning'

Off-Duty Cop Follows Woman Through Parking Lot, Attacks Her—Taxpayers Shell Out $125K

New Witness Corroborates Accusation That Mike Bloomberg Told Pregnant Employee to 'Kill It'

Cops Stop Veteran with PTSD for No Reason, Savagely Taser and Hit Him Over 30 Times

The Student Debt You Willingly Took On Is Not My Problem To Solve

Virginia: Gun Ban Bill Defeated!

Democrats fear Republican sabotage in key Senate race

Trump Supporters Are George W Bush Supporters LARPing As Ron Paul Supporters

US closes case against ex-FBI boss McCabe with no charges

Pelosi: A.G. Barr 'has deeply damaged the rule of law'

More Victims Discovered After Cop Caught on Video Planting Meth on Innocent People

PasTor Who Prophesized 4 Years Ago ... AbouT Kanye WesT’s ChrisTian Conversion Makes PredicTion --- AbouT PresidenT Trump’s Chances Of Re-elecTion

Senate Democrats queasy over Sanders as nomin

John Kelly Finally Lets Loose on Trump

Thursday, February 13, 2020 Trump breaks New Hampshire record for voter turnout for any incumbent president

Instrumental 9 year old guitarist Taj Farrant plays Chris Stapleton "Tennessee Whiskey" on his Gibson SG and Elixir strings Marshall amp

The Ten Most Destructive Americans of Eight Decades

Nancy Pelosi’s Staff Demands Takedown of ‘Deceptively Altered’ Video of Her SOTU Tantrum

OKC - A Conspiracy Theory

#FlashbackFriday when Vindman perjured himself and @RepBradWenstrup caught him.

Biden Calls Skeptical New Hampshire Voter ‘a Lying, Dog-Faced Pony Soldier’ (The dust-up came after the voter asked whether he can rebound from Iowa)

Trump's resilience ... causes DemocraTs --- To sound The alarm

Hillary Clinton Comments on Potentially Joining Democratic Ticket as VP Nominee

Cop Found Passed Out Drunk in Patrol Car On Duty in Traffic, 5X Over Legal Limit—No Charges

‘Clearly Guilty’: Fox News’ Judge Andrew Napolitano Says Trump Could Be Impeached Again

City Officials Want To Clamp Down on Dragon's Ascent, a Video Game That Pays Skillful Players

Trump touts Space Force, moon and Mars plans in State of the Union address

Horrifying Video Shows Cops Surround Sleeping Pregnant Mother and Execute Her

Police Called to School After 6-year-old Girl With Down Syndrome Made a ‘Gun’ with Her Finger

Midwife Gets Charged with 95 Felonies by State of New York for Delivering Babies


Status: Not Logged In; Sign In

Computers-Hacking
See other Computers-Hacking Articles

Title: My browser visited Weather.com and all I got was this lousy malware [also Drudge, Wunderground, Yahoo]
Source: Ars Technica
URL Source: http://arstechnica.com/security/201 ... -i-got-was-this-lousy-malware/
Published: Aug 15, 2015
Author: Dan Goodin
Post Date: 2015-08-15 11:27:29 by Tooconservative
Keywords: None
Views: 10078
Comments: 77

Millions of people visiting weather.com, drudgereport.com, wunderground.com, and other popular websites were exposed to attacks that can surreptitiously hijack their computers, thanks to maliciously manipulated ads that exploit vulnerabilities in Adobe Flash and other browsing software, researchers said.

The malvertising campaign worked by inserting malicious code into ads distributed by AdSpirit.de, a network that delivers ads to Drudge, Wunderground, and other third-party websites, according to a post published Thursday by researchers from security firm Malwarebytes. The ads, in turn, exploited security vulnerabilities in widely used browsers and browser plugins that install malware on end-user computers. The criminals behind the campaign previously carried out a similar attack on Yahoo's ad network, exposing millions more people to the same drive-by attacks.

Update: A few hours after Ars published this article, Malwarebytes updated the blog post to say the campaign had moved to yet another ad network, which happens to be associated with AOL. Visitors to eBay were among those who were exposed to the malicious ads distributed through the newly discovered network.

Malvertising is a particularly pernicious form of attack because it can infect people who do nothing more than browse to a mainstream site. Depending on the exploit, it can silently hijack computers even when visitors don't click on links. Some browser makers have responded by implementing so-called click-to-play mechanisms that don't render Flash or Java content unless the end user actively permits the plugin to run on a particular site. Some users have resorted to ad blockers, which have the unfortunate side effect of depriving publishers of much-needed advertising revenue.

The campaign used against the AdSpirit and Yahoo networks connected to servers run by Microsoft's Azure service. Ultimately, the booby-trapped ads led to attack code distributed through the Angler exploit kit, a software package sold on the black market that makes it easy for criminals to exploit vulnerabilities in Flash, Java, and other software. The AdSpirit attacks were particularly hard to trace because most of the websites involved in the attack were using the transport layer security protocol to obscure the address and encrypt the data. There's no indication the attacks were exploiting vulnerabilities in fully patched software. That underscores the importance of installing security updates as soon as they become available.


Poster Comment:

Install adblockers to be more secure. Ad Block Plus is the classic extension most people use. It has started to allow some "safe non-abusive" ads to slip through. So, after years of being loyal to ADP, I gave it up and moved to uBlock Origin 1.0.0.1 recently.(1 image)

Post Comment   Private Reply   Ignore Thread  


TopPage UpFull ThreadPage DownBottom/Latest

#1. To: TooConservative (#0)

Install adblockers to be more secure. Ad Block Plus is the classic extension most people use. It has started to allow some "safe non-abusive" ads to slip through. So, after years of being loyal to ADP, I gave it up and moved to uBlock Origin 1.0.0.1 recently.(1 image)

Your lite-weight recommendations for surfing the web are not just silly but invites further intrusion into one's privacy.

buckeroo  posted on  2015-08-15   11:49:54 ET  Reply   Trace   Private Reply  


#2. To: buckeroo (#1)

Pardon me if I think your opinion is worthless.

Adblockers have proven their value over and over at resisting malware and reducing network congestion. It isn't even debatable among tech types.

Tooconservative  posted on  2015-08-15   12:13:52 ET  Reply   Trace   Private Reply  


#3. To: TooConservative (#2)

You don't need ad blockers. You need a REAL browser.

buckeroo  posted on  2015-08-15   12:18:08 ET  Reply   Trace   Private Reply  


#4. To: buckeroo (#3)

You don't need ad blockers. You need a REAL browser.

What "real browser" are you using that is malware-resistant without adblockers/NoScript/Ghostery/etc.?

Lynx?

Name this browser.

Tooconservative  posted on  2015-08-15   12:21:30 ET  Reply   Trace   Private Reply  


#5. To: TooConservative (#0)

I just downloaded and installed uBlock Origin 1.0.0.1 is there anything else I need do before going to drudgereport?

BobCeleste  posted on  2015-08-15   16:24:04 ET  Reply   Trace   Private Reply  


#6. To: BobCeleste (#5)

I just downloaded and installed uBlock Origin 1.0.0.1 is there anything else I need do before going to drudgereport?

Nope. It's free and it mostly Just Works.

You should see a little red uBlock icon at the upper right of your URL bar. If you come across a website that won't work with adblockers, you can disable uBlock on that site. There are a few other options there as well, you can hover over the icons in the uBlock control window to see what those are.

For the big blue button, you can click to disable uBlock for the entire website you are on. Or you can CTRL-click it to disable uBlock only on the page you are looking at. The eyedropper lets you click on page elements one at a time, to allow single ads on a page to display. There are four more similar options in the bottom of the uBlock window.

One nice benefit of uBlock is that it really cuts back on bandwidth traffic and CPU use. So it makes web pages load faster and doesn't hog the CPU. Nice for older computers so they don't get bogged down on ad-infested pages.

For years, ads only annoyed us or made the pages run slow. But now we see steady attacks by hackers on the ad networks to turn them into a way to attack user security.

Let me know if you have any problems. I haven't had any because it is so simple to use. I haven't found any websites that I use trying to block uBlock so far.

Tooconservative  posted on  2015-08-15   18:30:10 ET  Reply   Trace   Private Reply  


#7. To: TooConservative (#4)

Name this browser.

anonymous

buckeroo  posted on  2015-08-15   19:01:08 ET  Reply   Trace   Private Reply  


#8. To: buckeroo (#7)

anonymous

IOW, you don't have any such browser but don't want to just admit it.

Tooconservative  posted on  2015-08-15   19:05:00 ET  Reply   Trace   Private Reply  


#9. To: TooConservative (#8)

Incorrect, TC.

I control my Internet interface is all.

buckeroo  posted on  2015-08-15   19:10:19 ET  Reply   Trace   Private Reply  


#10. To: buckeroo (#9)

I control my Internet interface is all.

You're awfully reticent. What, are you editing a hosts file endlessly? I'm not sure why you guys always act so ashamed or like you have some huge secret. People have done that since before dialup was popular.

Or are you trusting some crapware firewall to do it all for you? That's the other usual means from people too chicken to admit what they use for security.

Tooconservative  posted on  2015-08-15   19:43:43 ET  Reply   Trace   Private Reply  


#11. To: buckeroo, TooConservative (#7)

anonymous

TOR with TAILS (thumb)?

nolu chan  posted on  2015-08-15   20:09:42 ET  Reply   Trace   Private Reply  


#12. To: nolu chan (#11)

TOR with TAILS (thumb)?

Tor is horribly slow to start with, even more so if you allow all the ads and scripts to load. And Tor doesn't do anything to protect you from browser attacks, either from malicious websites or hacked ad server networks.

Can't be Tor.

Tooconservative  posted on  2015-08-15   20:22:02 ET  Reply   Trace   Private Reply  


#13. To: TooConservative (#12)

Tor is horribly slow to start with, even more so if you allow all the ads and scripts to load. And Tor doesn't do anything to protect you from browser attacks, either from malicious websites or hacked ad server networks.

Tor with Tails on a thumb drive leaves your computer totally immune. How does it get attacked?

nolu chan  posted on  2015-08-15   21:30:11 ET  Reply   Trace   Private Reply  


#14. To: nolu chan (#13)

Tor with Tails on a thumb drive leaves your computer totally immune. How does it get attacked?

I'm not sure where you read that but it isn't true.

Even assuming that Tor was secure and anonymous, it does nothing to protect your browser from malicious websites and hacked ad server networks. Nothing, nada. No more than using VPN or other proxies protect you from server-based attacks.

Tooconservative  posted on  2015-08-15   21:42:37 ET  Reply   Trace   Private Reply  


#15. To: TooConservative (#14)

Tor with Tails on a thumb drive leaves your computer totally immune. How does it get attacked?

I'm not sure where you read that but it isn't true.

Even assuming that Tor was secure and anonymous, it does nothing to protect your browser from malicious websites and hacked ad server networks. Nothing, nada. No more than using VPN or other proxies protect you from server-based attacks.

If I'm running an operating system on a thumb drive, what are you hacking besides the thumb drive?

TAILS - The Amnesiac Incognito Live System. No new programs. No saves. Upon shutoff, it leaves a completely blank slate of all history. It worked for Edward Snowden. Apparently, it works for Glenn Greenwald.

http://www.theverge.com/2014/4/29/5664884/this-is-the-most-secure-computer-you-ll-ever-own

[extract]

In exchange for all the troubleshooting, you get an unusual kind of anonymity. Keeping the operating system on a disk means you’re operating independent of the computer, picking nothing up and leaving nothing behind. It also makes your setup portable. You can launch Tails from an internet cafe and know that none of the programs on the public computer will get in the way of what you’re doing. The new versions of Tails will even hide you within a local network, randomizing the computer’s MAC address to make you even harder to track. None of the methods are completely impenetrable, but together they add up to a major headache for anyone trying to follow you across the web.

nolu chan  posted on  2015-08-16   1:17:24 ET  Reply   Trace   Private Reply  


#16. To: TooConservative (#6)

UBlock work with tablets too?

"When Americans reach out for values of faith, family, and caring for the needy, they're saying, "We want the word of God. We want to face the future with the Bible.'"---Ronald Reagan

redleghunter  posted on  2015-08-16   1:29:41 ET  Reply   Trace   Private Reply  


#17. To: redleghunter (#16)

UBlock work with tablets too?

They have versions of Ad Block Pro that work on tablets.

ABP is open-source. So there are several versions of it available on Android.

It actually works pretty well on Android. Lots of ads just disappear. Not just in the web browser but even ads in other apps.

You should not pay for it. The block lists are free, the source code is open. The people who wrote it and maintain the blocklists and filter lists didn't try to make money from it so you shouldn't pay some scammer for a copy of it. I think there are 3-4 versions of it on Android (and Chrome Store).

Tooconservative  posted on  2015-08-16   2:02:41 ET  Reply   Trace   Private Reply  


#18. To: nolu chan, Pinguinite (#15)

TAILS - The Amnesiac Incognito Live System. No new programs. No saves. Upon shutoff, it leaves a completely blank slate of all history. It worked for Edward Snowden. Apparently, it works for Glenn Greenwald.

Not much different than using the LiveCDs or DVDs with MAC spoofing.

It isn't as secure as people think. If NSA or others are operating the TOR exit nodes (a good bet they'll succeed in providing directly or compromising some exit nodes), a man-in-the-middle attack works well. In addition, a distro of this type still has a browser fingerprint, in part because people just keep using the same version of the distro. You also have traffic analysis where a person browses to various sites, over and over. Like GMail or Yahoo Mail or online forums.

Tor has never become popular enough to truly shield all its users. That means there are far fewer users to identify, making it easier for NSA/FBI. And those users are nearly all drug traffickers, child porno types, online criminals. Which means they are high-value targets for NSA and law enforcement.

Very few people are willing to go to the trouble of playing Spy V. Spy like Snowden. How many people are going to reboot their home computer to fire it up with a Tor/TAILS stick on a daily basis? Almost no one.

It is also hard to find USB write-protected flash drives. There used to be some around but I haven't seen them in years. These were made by less-known producers like Ritek and Imation and PQI. I'm not sure if they even make them any more.

Other people address the same problems using virtual machines. They keep a small virtual machine with their favorite software pre-installed. They copy it the VM image, use it once, then delete it. Same result as Tor/TAILS (you could even run a Tor/TAILS distro as your VM) but you don't have to keep rebooting but it isn't very portable.

But this thread is about preventing browser hijacks to protect users' daily browsers on their home machines from tracking and attack by malicious ad networks.

I assume that you realize that using a Tor/TAILS stick as you mention is a red flag, moving you to the head of the list for scrutiny by LEO and national security agencies? This was true before Snowden, even more so now.

To use a library or internet cafe to run a Tor/TAILS stick, you have to find one that still allows you to plug in a USB stick and that is set to prioritize USB booting over booting the hard drive.

So do you know of an internet cafe or library in your area that actually allows you to use their USB ports and that allow you to alter the BIOS settings to boot from USB before hard drive (and has no password-protected BIOS settings)?

Let me know if your local library or internet cafe has such machines in those configurations. I think you won't find any of those still around even if they were available some years back.

Most likely, you'll end up using your own laptop, booting with a Tor/TAILS stick and operating off a free WiFi hotspot at a restaurant or hotel or similar location. And is that really your advice to people on how to protect their home machines from drive-by attacks by malicious ad networks? On this little forum of maybe 25 regular posters, how many are going to do that and know how to use such a distro securely? On this forum, Neil would know how to use it. I would. But do we actually go to that trouble? I know I don't.

Tooconservative  posted on  2015-08-16   8:44:47 ET  Reply   Trace   Private Reply  


#19. To: TooConservative (#18)

Tor has never become popular enough to truly shield all its users. That means there are far fewer users to identify, making it easier for NSA/FBI. And those users are nearly all drug traffickers, child porno types, online criminals. Which means they are high-value targets for NSA and law enforcement.

TooConservative - You don't know what the fuck you are talking about. And it is your thread.

buckeroo  posted on  2015-08-16   11:27:40 ET  Reply   Trace   Private Reply  


#20. To: buckeroo (#19)

You don't like it when someone tells you something you don't like.

Tor is not embraced by millions. It has a very limited audience and always has been quite small.

The idea that Granny is using Tor to read email and post cat pictures is ridiculous. People pursuing (the illusion of) that kind of secrecy are painting a target on their backs with LEO and NSA. And they are far more often than not using Tor for criminal purposes or to try to cover their tracks when they visit websites like TrannyGoatIncest.com.

Tooconservative  posted on  2015-08-16   11:49:57 ET  Reply   Trace   Private Reply  


#21. To: TooConservative (#20)

Tor is not embraced by millions. It has a very limited audience and always has been quite small.

ROTFL.

The idea that Granny is using Tor to read email and post cat pictures is ridiculous. People pursuing (the illusion of) that kind of secrecy are painting a target on their backs with LEO and NSA. And they are far more often than not using Tor for criminal purposes or to try to cover their tracks when they visit websites like TrannyGoatIncest.com.

Yeah, like Yukon's silly home web page, correct? The truth is: Surfing the Internet should be used by ALL tools at your disposal to protect your anomymity; not one or two or making product endorsements or disendorsements as you usually perform.

buckeroo  posted on  2015-08-16   12:06:46 ET  Reply   Trace   Private Reply  


#22. To: buckeroo, nolu chan (#21)

So are you using Tor/TAILs now? Or...what exactly?

I notice you are awfully quick to sneer at others but refuse to even identify your browser, what software you use, etc.

So I conclude you are largely unprotected or are using a goofball firewall or something similar. Because you are hiding from offering any info at all. You're only here to be the "secretive contrarian expert". Even though you demonstrate no actual expertise or any real knowledge at all.

Why so secretive, bucky? You aren't contributing anything to this thread (which is about how to protect your browser from malicious ad networks).

I'm not impressed. Any more than I think nolu chan is sitting at home, booted off a Tor/TAILS stick.

You two are full of it.

Tooconservative  posted on  2015-08-16   12:12:25 ET  Reply   Trace   Private Reply  


#23. To: nolu chan (#15)

From the TAILS website:

Numerous security holes in Tails 1.4.1

Posted Sun 09 Aug 2015 01:02:03 AM CEST

Numerous security holes in Tails 1.4

Posted Sun 28 Jun 2015 01:02:03 AM CEST

TAILS 1.5 is now out. How secure is TAILS if they find new and "numerous security holes" every 10 days or so?

And, nolu, are you actually posting here at LF right now using TAILS? Do you actually use what you are recommending for others to use?

Tooconservative  posted on  2015-08-16   12:31:28 ET  Reply   Trace   Private Reply  


#24. To: BobCeleste (#5)

So how you like browing ad-free with uBlock Origin?

I was hooked on AdBlock Plus for years but it got greedy (IMO). I now prefer the blocking of uBlock and find it less intrusive.

BTW, they both use most of the same adblocking pattern files so the actual work they do is very similar.

I'd also be interested if you find pages are loading a little faster, especially if your machine is a few years old. Letting ads run wild actually slows browsers to a crawl, use lots of memory and bandwidth. AdBlock does stop some of the bandwidth issues but it uses a lot of RAM. uBlock uses far less RAM which is a Good Thing.

You really see a big difference if you try to load a page/site that has a lot of ads. National Review Online is a good example.

Tooconservative  posted on  2015-08-16   12:36:56 ET  Reply   Trace   Private Reply  


#25. To: TooConservative, buckeroo (#18)

[TooConservative #18] It isn't as secure as people think. If NSA or others are operating the TOR exit nodes (a good bet they'll succeed in providing directly or compromising some exit nodes), a man-in-the-middle attack works well. In addition, a distro of this type still has a browser fingerprint, in part because people just keep using the same version of the distro. You also have traffic analysis where a person browses to various sites, over and over. Like GMail or Yahoo Mail or online forums.

Tor has never become popular enough to truly shield all its users. That means there are far fewer users to identify, making it easier for NSA/FBI. And those users are nearly all drug traffickers, child porno types, online criminals. Which means they are high-value targets for NSA and law enforcement.

The article addresses the problem of advertising with malware.

[article] Millions of people visiting weather.com, drudgereport.com, wunderground.com, and other popular websites were exposed to attacks that can surreptitiously hijack their computers, thanks to maliciously manipulated ads that exploit vulnerabilities in Adobe Flash and other browsing software, researchers said.

What it is not discussing is attacks carried out by the NSA on a Windows computer.

[TooConservative #4] What "real browser" are you using that is malware-resistant without adblockers/NoScript/Ghostery/etc.?

Lynx?

Name this browser.

[buckeroo #7] anonymous

Running a specially designed operating system from a USB drive that has no ability to write anything to the computer, and stores nothing, avoids vulnerability to the ad attacks discussed in the article. It did that and more for Edward Snowden.

If someone really just wants to surf without endangering their precious computer, they can just spend a few hundred bucks for a Chromebook. No programs can be installed on a Chromebook, not even security software. It boots in about 7 or 8 seconds. It's not vulnerable to the usual crap attack. Keep it basic, do not create cloud storage, and don't get crapified. It is not anonymous, but the article was not addressing anonymity. That is just an added benefit of Tor with Tails.

nolu chan  posted on  2015-08-16   12:37:07 ET  Reply   Trace   Private Reply  


#26. To: nolu chan (#25)

Running a specially designed operating system from a USB drive that has no ability to write anything to the computer, and stores nothing, avoids vulnerability to the ad attacks discussed in the article. It did that and more for Edward Snowden.

So you are admitting you don't follow the advice you're handing out on this thread? You don't use Tor/TAILS yourself? But if you do use Tor/TAILS, have you downloaded and updated your USB stick three times in the last 10 days just to fix the "numerous security holes" they found in it? It is a 1GB IOS image and is only being seeded by ~500 torrent users with another 600 leeching it at present.

If someone really just wants to surf without endangering their precious computer, they can just spend a few hundred bucks for a Chromebook. No programs can be installed on a Chromebook, not even security software. It boots in about 7 or 8 seconds. It's not vulnerable to the usual crap attack. Keep it basic, do not create cloud storage, and don't get crapified. It is not anonymous, but the article was not addressing anonymity. That is just an added benefit of Tor with Tails.

If people want a Chromebook, they can buy one. But we don't see that as a very popular option. That is not a general-use PC which is what nearly everyone is using to visit Weather.com, Wunderground, Drudge.

You might as well recommend that people use the old text-only Lynx browser. Or use some defunct machine (NEXT or Amiga or whatnot) so they aren't a target for malicious adware. Or you could tell them to download Firefox source code and completely disable scripting on their binary. But that isn't what this article addresses and no one is going to actually do those things. So it isn't a solution to the problem of drive-by malware attacks from compromised ad networks.

Tooconservative  posted on  2015-08-16   12:52:12 ET  Reply   Trace   Private Reply  


#27. To: TooConservative, (#23)

Numerous security holes in Tails 1.4.1

Posted Sun 09 Aug 2015 01:02:03 AM CEST

Numerous security holes in Tails 1.4

Posted Sun 28 Jun 2015 01:02:03 AM CEST

http://www.theverge.com/2014/4/29/5664884/this-is-the-most-secure-computer-you-ll-ever-own

This is the most secure computer you’ll ever own

Tails is the secure system that protected Edward Snowden. Here's how it works.

By Russell Brandom on April 29, 2014 01:34 pm

From the moment you boot up, your computer leaves footprints. Websites leave tracking cookies, following you from page to page and session to session, alongside the usual traces left by your IP address. Persistent logins from Google and Facebook tie each site visit to your offline identity. If anyone really wants to go after you, they can also make a direct attack, targeting malware to track your movements in the background. With the right tools, a computer is an open book.

Not this computer, though. It's running Tails, an open-source operating system designed to leave as little trace as possible, launching version 1.0 today after more than five years of open development. It's an amnesiac system, which means it's completely fresh every time you boot up. There are no save files, no new programs, and most importantly, it becomes a blank slate the moment you shut down. It's the digital equivalent of buying a new computer for a single session and tossing it into the river once you're done.

That trick has earned Tails a lot of attention. It’s already standard software at Glenn Greenwald’s First Look Media, where he’s called it “vital to my ability to work securely on the NSA story.” Tor researcher Jacob Appelbaum praised the project onstage at this year's Chaos Communications Congress, and in March Tails received a $50,000 grant to keep the project going. Nearly 8,500 computers booted up with Tails on a given day in March, 500 more than the month before. Those are surprisingly high numbers for a project that’s this hard to use, and does this little. But if you need a secure line, Tails is the best way to get it. In the era of the NSA, that’s a rare thing.

Tails works by booting your computer off of an external disk — usually a USB drive, an SD card or a CD — but getting Tails onto the right storage drive is harder than it sounds. Ideally, you’d keep it on a CD: once it’s burned into the plastic, the code can't be changed, making it completely immune to malware. But with new versions being released every few months (and plenty of laptops going without CD drives), a USB stick can be more convenient. We used Rufus to make a bootable version on a USB drive and SD card, but even then, certain flash drives simply won’t work with Tails. There are ways to add encrypted storage or persistent programs too, but each extra feature is also a new chance for security problems.

Getting Tails onto a computer isn’t straightforward either. There’s a long list of computers that can’t run the OS, and it includes most of the computers made by Apple. We spent the better part of a day trying to launch it on a Toshiba Kirabook, only to have Windows 8 punch through every time. It ends up working best on machines that are Linux-friendly, without anything like a high-powered video card to trip things up. There are a few different stable setups, but lots of ways to accidentally break your own security.

In exchange for all the troubleshooting, you get an unusual kind of anonymity. Keeping the operating system on a disk means you’re operating independent of the computer, picking nothing up and leaving nothing behind. It also makes your setup portable. You can launch Tails from an internet cafe and know that none of the programs on the public computer will get in the way of what you’re doing. The new versions of Tails will even hide you within a local network, randomizing the computer’s MAC address to make you even harder to track. None of the methods are completely impenetrable, but together they add up to a major headache for anyone trying to follow you across the web.

"Even if the developers wanted to put in a backdoor, they couldn't"

Getting there has been a five-year process, with developers working in their spare time on a miniscule budget — less than $60,000 a year in donations, before the recent grant. The code has been open for review at every stage, and after each release, auditors have found holes in Tails' security, creative ways an attacker might circumvent the program. The holes are patched a few months later, then new holes are discovered, then those holes are patched a few months after that. By now, this process has repeated more than 30 times. It's the nature of open-source development, a messy, public process that produces secure software through a slow grind of bug hunts. That parade of public security failings is meant to make users feel safe. If there's a problem in security at any level, you'll know about it, and the team will be under pressure to fix it as soon as possible. It's the same open workflow that built Tor and PGP, and stumbled more recently with the Heartbleed bug. But it means that even if the developers wanted to put in a backdoor, they couldn't.

Even more remarkable, no one knows who's behind it all. The development team works under pseudonyms and their legal names have never been publicly revealed. "Some of us want to remain anonymous," the Tails developers told me from a group email account. "Some of us simply believe that our work, what we do, and how we do it, should be enough."

As open source software, the LINUX source code is under constant review. Security problems are reported. Who thinks Windows is more secure than LINUX?

Published on Aug 14, 2015

Tails is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity, and helps you to: use the Internet anonymously and circumvent censorship; all connections to the Internet are forced to go through the Tor network; leave no trace on the computer you are using unless you ask it explicitly; use state-of-the-art cryptographic tools to encrypt your files, emails and instant messaging.

Homepage - https://tails.boum.org/

nolu chan  posted on  2015-08-16   12:57:37 ET  Reply   Trace   Private Reply  


#28. To: TooConservative (#26)

So you are admitting you don't follow the advice you're handing out on this thread? You don't use Tor/TAILS yourself?

Add using TOR to being a lawyer and being a combat hero to the list of things I have not claimed.

Phishing expedition /fail

nolu chan  posted on  2015-08-16   13:00:00 ET  Reply   Trace   Private Reply  


#29. To: nolu chan, buckeroo (#27) (Edited)

Even more remarkable, no one knows who's behind it all. The development team works under pseudonyms and their legal names have never been publicly revealed. "Some of us want to remain anonymous," the Tails developers told me from a group email account. "Some of us simply believe that our work, what we do, and how we do it, should be enough."

How do you know it isn't NSA and/or FBI?

You don't.

This reminds me of the Firefox special versions that had Tor baked in. Turns out, it was an FBI version that allowed Langley to insert malicious Javascript into anyone running that version. It took months for it to be detected.

TheHackerNews:

Eric Eoin Marques, 28 year-old man in Ireland believed to be behind Freedom Hosting, the biggest service provider for sites on the encrypted Tor network, is awaiting extradition on child pornography charges. It is understood the FBI had spent a year trying to locate Mr Marques.

Marques was arrested on a Maryland warrant that includes charges of distributing and promoting child porn online. He faced four charges relating to alleged child pornography offenses with a total of 30 years jail, reportedly dubbed by the FBI as “the largest facilitator of child porn on the planet.” That need has been particularly heightened with the many revelations of the US Prism program and other cyber spying initiatives.

You don't suppose the feds seized all his gear and forced him to inform on his users, do you?

eHackingNews: Almost Half of Tor sites compromised by FBI [Exclusive details]

And that is just the FBI who are amateurs compared to NSA.

You are naive about Tor and its limits. You'll notice how much child-porn was going through these Tor-hosted sites, exactly as I said.

Tooconservative  posted on  2015-08-16   13:10:47 ET  Reply   Trace   Private Reply  


#30. To: nolu chan (#28) (Edited)

Phishing expedition /fail

Yep. You don't use Tor/TAILS yourself even if you want to wallpaper this thread about using Tor/TAILS to prevent malicious ad network attacks from sites like Drudge.

"Use Tor/TAILS. Buy a Chromebook."

This is not useful advice to solve a very real and existing problem that users of this site face when visiting sites that nearly all of us visit regularly, like Weather.com, Wunderground, Drudge. And it is clear that you don't practice what you're preaching on this thread.

Tooconservative  posted on  2015-08-16   13:14:03 ET  Reply   Trace   Private Reply  


#31. To: TooConservative, nolu chan, A K A Stone (#22) (Edited)

Why so secretive, bucky?

I can not tell a lie and will not let the cats out of the bag.

Stone has repeatedly indicated that I use many, Many, MANY IP addresses to log into his website. No body can duplicate my use, either.

Stone can also vouch for chan's IP addresses. They are the same each and every tyme unless his Provider, is set to refresh the user lists (very rare) since he is a broadband subscriber.

buckeroo  posted on  2015-08-16   13:23:14 ET  Reply   Trace   Private Reply  


#32. To: TooConservative (#22) (Edited)

I notice you are awfully quick to sneer at others but refuse to even identify your browser, what software you use, etc.

Kinda like he treats posters regarding presidential candidates. Quick to shit on them all... refuses to announce who he supports.

That kind of deception should send up alarms towards his credibility. Bucky is only here to disrupt. He is and always has been a troll.

I'm the infidel... Allah warned you about. كافر المسلح

GrandIsland  posted on  2015-08-16   13:35:42 ET  Reply   Trace   Private Reply  


#33. To: TooConservative (#0)

Install adblockers to be more secure.

Take your pick.

https://en.wikipedia.org/wiki/UBlock

https://addons.mozilla.org/en-us/firefox/addon/ublock/

https://addons.mozilla.org/en-us/firefox/addon/ublock/reviews/

µBlock - 214,818 users

https://addons.mozilla.org/en-us/firefox/addon/adblock-plus/

https://addons.mozilla.org/en-us/firefox/addon/adblock-plus/reviews/

AdBlock Plus - 19,564,935 users

- - - - -

https://addons.mozilla.org/en-US/firefox/addon/adblock-plus-pop-up-addon/

https://addons.mozilla.org/en-US/firefox/addon/adblock-plus-pop-up-addon/reviews/

AdBlock Plus, Pop-up Addon - 1,164,851 users

- - - - -

https://addons.mozilla.org/en-Us/firefox/addon/adblock-edge/

AdBlock Edge - Discontinued

nolu chan  posted on  2015-08-16   13:43:01 ET  Reply   Trace   Private Reply  


#34. To: nolu chan, TooConservative (#33)

All anyone has to perform to easily eliminate user ad tracking is to clean their cache memories from tyme to tyme; no specialized "ad blocker crap." It is easy, too; while not using any pull-down menus from ANY browser.

But ad tracking software is just one symptom of loss of anonymity. Why not just become anonymmous?

buckeroo  posted on  2015-08-16   13:57:34 ET  Reply   Trace   Private Reply  


#35. To: TooConservative (#29)

How do you know it isn't NSA and/or FBI?

You don't.

It's open source. You really think NSA/FBI is behind the open source development of TAILS?

You can download "special" copies from bogus sites set up by the NSA or FBI. Shocker.

If you want to be secure from the FBI/NSA, your solution of µBlock isn't going to do it. The solution to that is stay off the grid.

nolu chan  posted on  2015-08-16   14:02:25 ET  Reply   Trace   Private Reply  


#36. To: TooConservative (#30)

Yep. You don't use Tor/TAILS yourself even if you want to wallpaper this thread about using Tor/TAILS to prevent malicious ad network attacks from sites like Drudge.

Whatever you say. You would know better than I what I use and do not use.

nolu chan  posted on  2015-08-16   14:04:51 ET  Reply   Trace   Private Reply  


#37. To: buckeroo (#31)

Stone has repeatedly indicated that I use many, Many, MANY IP addresses to log into his website. No body can duplicate my use, either.

Anyone can use proxies, paid or free. So what?

That still does nothing to protect your (unnamed) browser from driveby malicious ad network attacks.

Tooconservative  posted on  2015-08-16   14:08:49 ET  Reply   Trace   Private Reply  


#38. To: nolu chan, TooConservative (#35)

TooConservative isn't too savvy about serious GNU software. We frequectly use signatures to authenticate software besides the website (itself). Often the software is not a download exectable file. It is an ISO image. Or we use torrent.

His fears leave him in the dust. I doubt he has programmed with any high level program.

buckeroo  posted on  2015-08-16   14:09:11 ET  Reply   Trace   Private Reply  


#39. To: TooConservative (#37)

I am not using a proxie.

buckeroo  posted on  2015-08-16   14:09:51 ET  Reply   Trace   Private Reply  


#40. To: nolu chan (#33)

Take your pick.

True. If you look in the Chrome Store or the Google Play store, you'll find tons more. That's because it is open-source stuff and easy to crank out new versions.

And they all use the same blacklists/whitelists, it seems.

Tooconservative  posted on  2015-08-16   14:10:29 ET  Reply   Trace   Private Reply  



      .
      .
      .

Comments (41 - 77) not displayed.

TopPage UpFull ThreadPage DownBottom/Latest

[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Mail]  [Sign-in]  [Setup]  [Help]  [Register] 

Please report web page problems, questions and comments to webmaster@libertysflame.com