FPGA Hardware backdoors, regarding « TOR/VPN fingerprinting family anonymity breach fix » with a custom FPGA based « Single Socket » Ethernet Controller.

[chan] Crypto-Anarchist Federation
Jul 6 11:51

Dear Crypto-Anarchist comrades, I had promised to write down a crypto-analysis of the solution I am proposing for the BitMessage Secure Station to fix TOR/VPN « fingerprinting family » identification technics used by spying agencies to track and desanonymize all TOR/VPN sessions. ◼︎◼︎◼︎◼︎◼︎◼︎ ◼︎ PART 1 ◼︎ ◼︎◼︎◼︎◼︎◼︎◼︎ ► Fingerprints and fingerprinting identification technics : As a reminder, this identification technic family, that cannot be patched by software (Because most fingerprints are coming directly from hardware and integrated circuits unerasable serial numbers, characteristics or functionalities), consists in tagging the whole TCP/IP traffic of a user, going through TOR or VPN’s tunnels, with any kind of « fingerprints » allowing the identification of a user, into hidden channels (or not) inserted into the TCP/IP traffic generated by the applications & OS running on the user’s computer. There are two kinds of « fingerprinting based identification technics » : ◼︎ The passive ones (No specific piece of malware needed to be installed on the target’s computer) : This family includes all the known passive fingerprinting identification technics performed through web browsers (. ◼︎ The active ones : They rely on a software implant, that can be installed persistently on the target’s computer, or be pre-installed in BIOS / OS or other computer subsystems at will (HDD, SSD, PCIe cards). Passive and active fingerprinting identification technics are well known, here is a paper written by fascist FEDS themselves describing them : http://cs.emis.de/LNI/Proceedings/Proceedings228/375.pdf ► The « Single TCP/IP socket » custom ethernet controller trick to disable the fingerprinting based identification technics : STMAN found this trick after studying for at least 5 years all the fingerprinting based identification technics, particularly regarding the well known TOR Browser that managed alone to destroy the whole (H)ac(k)tivists scenes worldwide, including groups like Anonymous, and pushed the whole international Free Press under the absolute control of fascist feds. Understanding how this trick stops the exploitation of all the fingerprinting based identification technics is rather simple : Building a dedicated FPGA based Ethernet Controller that « by design » can handle only one TCP/IP socket, to a fixed IP/PORT destination that are entered manually into a register into the FPGA, through a dedicated keyboard directly connected to the FPGA (To ensure no change can be made through software hacking technics of the IP/PORT of destination set into this custom made Ethernet Controller) prevents a infected computer running TOR from exploring the user’s LAN to hack other devices on the LAN in order to exfiltrate « fingerprints » that would allow the user identification. Doing so, the user has only to apply a simple security procedure consisting in keeping all the « fingerprints » coming from the computer running TOR through this special custom made Ethernet Controller unknown to FEDS. As you can understand, we don’t indeed fix the hardware fingerprints, which would require to build from scratch a computer exclusively made out of Free Integrated Circuits that by design would contain no fingerprints. Indeed, the best we can do and we actually do with this trick is : ◼︎ Keep all the hardware fingerprints (Integrated Circuits Serial Numbers, USB and other subsystems like HDD fingerprints & serial numbers, VGA/HDMI/DVI monitors serial numbers, DDRAM modules serial numbers) of the computer that is going to be used with TOR or VPN strictly untied to the user’s identity. This is indeed done through a security procedure consisting mainly in buying a dedicated computer in cash, and dedicate it exclusively for TOR anonymous usage, EXCLUSIVELY - NO EXCEPTIONS - or the whole theory is destroyed and fucked up. ◼︎ Connect this dedicated TOR computer (Low cost Raspberry Pi, without Wifi/bluetooth, is a perfect candidate) to the user’s LAN through the custom FPGA made « Single TCP/IP Socket » Ethernet Controller, that will prevent an attacker from hacking other devices on the user’s LAN in search of fingerprints on other devices that are known to spying agencies that keep collecting every fingerprint they can to associate them to identities thanks to huge database (NSA mastering this shit). In other words, what we do is to prevent exploiting successfully the fingerprints of the dedicated TOR computer on the user’s LAN. ◼︎◼︎◼︎◼︎◼︎◼︎◼︎◼︎◼︎◼︎ ◼︎ END OF PART 1 ◼︎ ◼︎◼︎◼︎◼︎◼︎◼︎◼︎◼︎◼︎◼︎ Next parts coming very soon.

[chan] wikileaks
BM-2cVFHKC263sXfXYF7JU3n4FPLY9HD5H7SC

Subject Last Count
BitMessage Secure Station's architecture security review : White Papers & Publications about Designing Secure Hardware and fighting Hardware Backdoors. Sep 18 22:19 2
Great article about fighting Hardware Backdoors and how to design secure open-hardware open-core systems (BitMessage Secure Station) Sep 17 12:01 1
Bottle at the sea request about Raspberry Pi potential undocumented RF side channel. Sep 16 23:46 1
ISS Space Station - Augmented Virtual Reality Sep 14 07:19 3
I wouldn't recommend researching who is behind gangstalking Sep 14 07:11 1
Your privacy - VPN & Firefox (+ other Gecko browsers)* rev. 0.3.7 Sep 12 08:35 2
FORGET FLAT EARTH Sep 6 12:03 2
Your privacy - VPN & Firefox (+ other Gecko browsers)* rev. 0.3.6 Sep 4 18:08 1
NSA is able to decrypt SSL, 4G, VPN and SSH connections. Sep 4 12:12 1
NSA has infected 50,000 computers worldwide [state on 2013]. Sep 4 12:04 1
etherpad Sep 4 07:41 8
HIRE A PROFESSIONAL PROGRAMMER/HACKER Sep 4 07:31 2
Your privacy - VPN & FireFox (+ other Gecko browsers)* rev. 0.3.5 Sep 3 16:00 1
USA "democracy" (spy-o-cracy) :/ Sep 2 16:26 1
Your privacy - VPN & FireFox (+ other Gecko browsers)* rev. 0.3.3 Aug 24 15:44 5
DuckDuckGo Aug 24 12:24 2
This Address is now NUKED Aug 23 19:15 1
FBI Arrests Hacker Who Hacked No One (new american "democracy") Aug 23 08:25 1
How to Make Your Own ProxyHam for Anonymous Browsing Aug 23 07:35 1