A portable router that conceals your Internet traffic

Ryan Lackey (left) holds up a prototype PORTAL travel router during his Def Con presentation with Marc Rogers (right).
Sean Gallagher

The news over the past few years has been spattered with cases of Internet anonymity being stripped away, despite (or because) of the use of privacy tools. Tor, the anonymizing “darknet” service, has especially been in the crosshairs—and even some of its most paranoid users have made a significant operational security (OPSEC) faux pas or two. Hector “Sabu” Monsegur, for example, forgot to turn Tor on just once before using IRC, and that was all it took to de-anonymize him. (It also didn’t help that he used a stolen credit card to buy car parts sent to his home address.)

If hard-core hacktivists trip up on OPSEC, how are the rest of us supposed to keep ourselves hidden from prying eyes? At Def Con, Ryan Lackey of CloudFlare and Marc Rogers of Lookout took to the stage (short their collaborator, the security researcher known as “the grugq,” who could not attend due to unspecified travel difficulties) to discuss common OPSEC fails and ways to avoid them. They also discussed their collaboration on a set of tools that promises to make OPSEC easy—or at least easier—for everyone.

Called Personal Onion Router To Assure Liberty (PORTAL), the project is a pre-built software image for an inexpensive pocket-sized “travel router” to automatically protect its owner’s Internet traffic. Portal provides always-on Tor routing, as well as “pluggable” transports for Tor that can hide the service’s traffic signature from some deep packet inspection systems.

Read 12 remaining paragraphs | Comments

Internet routers hitting 512K limit, some become unreliable

From performance issues at hosting provider Liquid Web to outages at eBay and LastPass, large networks and websites suffered a series of disruptions and outages on Tuesday. Some Internet engineers are blaming the disruptions on a novel technical issue that impacts older Internet routers.

At the heart of the issue, the growth of routable networks on the Internet overwhelmed the amount of memory set aside in infrastructure hardware, typically routers and switches, that determines the appropriate way to route data through the Internet. For the first time, the lists of routable networks—also called border gateway protocol (BGP) tables—surpassed a significant power of two (two to the 19th power or 512K). Many older routers limit their use of a specialized, and expensive, type of memory known as ternary content-addressable memory (TCAM) to 512K by default.

When the tables outgrew the space allotted for them, the routers shut down or slowed.

Read 10 remaining paragraphs | Comments

ParanoiDF – PDF Analysis & Password Cracking Tool

ParanoiDF is a PDF Analysis Suite based on PeePDF by Jose Miguel Esparza. The tools/features that have been added are – Password cracking, redaction recovery, DRM removal, malicious JavaScript extraction, and more. We have posted about a few PDF related tools before, including the one this tool is based on: - peepdf – Analyze &...

Read the full post at darknet.org.uk

Snowden: The NSA, not Assad, took Syria off the Internet in 2012

An Arbor Networks graphic showing the sudden drop-off in network traffic from Syria on November 29, 2012 as the country was essentially erased from network routing tables.

In a Wired interview with well-known National Security Agency journalist James Bamford that was published today, Edward Snowden claimed that the US accidentally took most of Syria off the Internet while attempting to bug the country's traffic. Snowden said that back in 2013 when he was still working with the US government, he was told by a US intelligence officer that NSA hackers—not the Assad regime—had been responsible for Syria’s sudden disconnect from the Internet in November and December of 2012.

The NSA's Tailored Access Office (TAO), Snowden said, had been attempting to exploit a vulnerability in the router of a “major Internet service provider in Syria.” The exploit would have allowed the NSA to redirect traffic from the router through systems tapped by the agency’s Turmoil packet capture system and the Xkeyscore packet processing system, giving the NSA access to enclosures in e-mails that would otherwise not have been accessible to its broad Internet surveillance.

Instead, the TAO’s hackers “bricked” the router, Snowden said. He described the event as an “oh shit” moment, as the TAO operations center team tried to repair the router and cover their tracks, to no avail.

Read 3 remaining paragraphs | Comments