Finding the Bad Guy’s in Tor -triangulated irregular network

gAtO ThInKiNg – a car GPS works very simple, It takes the delay time from one geo-positioned satellite and compares is to another geo-positional satellite and estimates the position of the GPS in my CAR – I think they call it satellite triangulation or something cool, it’s been done with radios to guide pilots navigate ever since they developed radios. We do it with satellite and we can use networks too.

triangulated irregular network  -So now apply this to the Tor bad guy’s websites- a hidden service!math_clouadTag

With a simple command you can get the time it takes to crawl a website, so you have one server in the U.S one is South America, one in Europe and one in Asia and we run the same command getting the delays from each location. I bet with a little math and some basic network tools we could figure out the geo-location of any given website in Tor. One of my good mentors told me that in my crawls I was capturing timing information, we all see timing information with a simple ping command in the clear web but in Tor – UDP is unsupported so it does not work -//- we must take into account the Tor network thru-put and utilization bit that’s easy to get from a number of Tor tools.

Reverse triangulation of a network server should be easy to find with a little math, just take a good sample and the longer you wait the more data you collect and the better the chance you can find a geo-location of a website. We do this in the clear web all the time we can see bad areas of the world that are bad spammers, and other like mail from Africa Prince Scams offering you millions if you send them some money to cover the transfer, or Russian and Chinese phishing attacks. So we know geo-location and some IP are more prime to bad actors and we can draw a profile, a geo-location of a place and/or  country or an ISP so not having the IP of a Tor server may not be neededto find them we could use network triangulation. “triangulated irregular network  ” So the same thing can be done with networks and timing delays of data back and forth from a // client <–> Tor OR <–>server.

I got a crazy Idea that may or may-not work, but it sounds good—//  so— Now if I can only find a government grant and a good math major to help out and we have a big business model to find the bad guy’s geo-location even in Tor – gAtO oUt…

Advertisements

Currency of the Cyber Economy

gAtO tHiNk- the bad evil hackers are the least of your worries, the real bad guys are the corporate geeks that want every click, every nuance of your digital life and they tell you it’s to give you a better web experience. WoW I didn’t know that selling all my information as I go from site to site is a good thing for me. How about if I’m sick and search for my medical problems will my insurance company want that information to raise my payments. You betcha they do!!!

I’m doing some Tor work now so I’m away from the hump and grind but I been changing my search engines because like google they know what I look for and they give me the same crap and then I switch to yahoo and soon the have me profiled then Bing, whoa!!! what a mistake but I expected very little from them anyway. They were robbing us blind back before Netscape days.

Think about those high tech security geeks they get paid big bucks to guard the hen house and you hear about a new hack every other day why because if you understand the “book” the same one every security geek get’s all those certification all teach the same old done thing and that’s their job to take the masses and control them but the ones that think for themselves are the true pioneers, the ones that dance to a different drum. Look I don’t have any certifications anymore and I know more today about the Tor network than most people around. That’s what interest me and that’s what I like.

The currency of information economy is going swell and the big corporate boys are all for selling everything you do so use Tor and be safe and have a little privacy. Be different and use the tools that work for you and keep your digital breadcrumbs to yourself. I know your not doing anything wrong and you don’t have to prove it to anybody. People say if I use Tor then people will think that I’m a bad guy. Oh Me, Oh My do you really care about other’s control of you. It’s a propaganda war just to keep you afraid of Tor because with it they cannot sell your data. Don’t sell your click for free make them earn them -gATO OuT

PEDO’s gAtO is Hunting YOU!

gAtO hAs – been meeting some very good people that have the ugly dirty job of going after pedophiles and gATO is sicken that this problem is becoming so big. I like most people hear of these sick wackos and my skin crawls but I am guilty of not doing anything to stop this. In my research into the Tor’s Dark Web I found so much ugly Pedo stuff but I always said to myself this is some else job but it’s not.

All cyber security professionals should work together to find and go after these sick bastards that haunt our children nightmare. When I first saw the “Pedo Bear Wiki” in Tor’s I was in shock at how they do business in plain site thinking that they are safe. This is also a big black eye for everyone because this does not just happen in Tor’s Dark Web but in the clear web were we all do work, and talk to friends. Facebook, Twitter is full of them, you may of added them as friends. In the normal Internet these people thrive and then they go into Tor and people start saying Oh well in Tor it’s all about these perverts. They give Tor a bad name because it works so well to mask you.

Be on Notice pedo’s that gATO has found ways to find you in the Tor-onion network. I can find the IP of your hidden-service website, I can also find your clients if your not careful. I am launching some Tor tools that I am developing that may allow me to find your IP and then your -geo location. I am working on some other offensive cyber tools to go after these Pedo Sites in the clear web and especially in Tor. So the hunt begins pedophiles you have been warned this coming year we will find you and destroy you then give the police a chance to lock you up for life. Yeah your safe in Tor, keep thinking that – gATO hunts for RaTz like yOu.

MtGox scam attempt

gAtO FoUnD a – Cyber Crooks – a user with the nick ‘torstatusnet’ dropped by today posting false claims that the MtGox is now on the .onion network.

Finally MtGox network Tor! Dear friends MtGox site has finally an anonymous site on Tor network Now it is possible to make anonymous transactions in the world’s largest portfolio of bitcoins. I thought they would never join the Tor network, but announced on her website that the new site is in http://6xjgdqlmvesefnkp.onion/. It seems that the MtGox guarantee confidentiality, and I think that will become the major tool for exchanging bitcoins … Pass by there and check …

So here’s the thing (It’s clearly a scam), took 2 minutes to figure it out.
First of all there’s NO official info from MtGox that they have a onion url.
Second is the error message that shows when you enter any random data into the login.
It routes you to this error:

http://6xjgdqlmvesefnkp.onion.bd.to/login.php

The system has an error. Sorry for the inconvenience, we will try to fix it as soon as possible. Thank you.
If you look closely at the onion url it routes a clearnet domain.

The system has an error. Sorry for the inconvenience, we will try to fix it as soon as possible. Thank you.

<!-- Hosting24 Analytics Code -->
<script type="text/javascript" src="http://stats.hosting24.com/count.php"></script>
<!-- End Of Analytics Code -->

Also the clearnet domain contains the following:

http://6xjgdqlmvesefnkp.onion.bd.to/

Your website is up and running!

Bitcoins are Under Attack

gAtO tHiNk – the monetary system is f%^k and so are we.  My good friend Pierluigi and I have been busy putting together a new bookDigital Virtual Currency and Bitcoins – coming out in a week or so and the picture of the state of all currency is really in bad shape. Virtual currency is not new it is more a transactional system than currency but unlike PayPa, Visa, Mastercard with Bitcoins you can become a miner and create your own coins. check it out- https://blockchain.info/nodes-globe 2002_currency_

I have include the table of content so you can see our approach to understanding what is happening and the war that global bankers ar wagging on this new system of currency. Why are they fighting it so hard because more people are beginning to see that a currency that is not control by global bankers and by the people and for the people is a better solution. Of course they are vilifying Bitcoins but as other systems have tried to get their teeth into this new worldwide currency Bitcoin come out on Top.

We hope that you will gain some knowledge from our newest venture into this mad, mad world of money- as they say “Follow the money” and we did but I can tell you the more I learned the madder I got that we have been tricked into thinking that the global bankers are the good guy. Facts is the world is in debt over 10 times over just on interest alone. The world owns more than we create – THE WORLD not a nation. and if look real hard 1% of the people control 40% of the wealth in this world. It is not a national issue it’s a world issue.

We are just cyber security professional but this has been an eye opener as we see the Monterey Market System as a sham to keep the people of the world in an ever ending debt -gAtO OuT

You can pre- order just send us a message-

Table of Contents

Foreword 

Digital Virtual Currency and Bitcoins

   Digital virtual Currency Steps In: 

1. What is Digital currency: 

Digital Currency:

Shadow Economy

   System D and technology 

   The Cyber Underground 

   Black market payment 

   Perfect Money 

   Liberty Reserve 

   Webmoney 

   Pecunix 

   Voucher-Safe 

Digital Currency -Trust Thru A Consensus 35

Where does Digital Currency get it’s value? 35

   Trust Thru A Consensus 37

Cyber-War Digital -Vs- Global Currency 39

Cyber Death Of The Banking Industry 42

   Those that control the quantity of currency have all the power. 42

   Cyber Fixed Rate Exchange 2012 43

System D- Bitcoin’s Underground Economy 47

Digital Currency and Policy Makers 50

   American Express Gamer Digital Virtual Currency 50

   Facebook Credits 50

   Google Bucks 51

   Moba-coin 51

   Mastercard 51

How a bit coin Transaction Works: 53

   Iran and Bitcoins: 53

2. Who uses Digital Currency 55

Bitcoin -Vs- Evil Global Bankers 55

   Credit Cards 2 BTC-Bitcoin – BTC-Bitcoin 2 Credit Cards 55

Case Study Black Market Silk Road 57

Money Laundering in -The Digital Virtual World- 63

   Games: 63

DC -Digital Currency – Launder CASH to Bitcoins 64

USD (Major banks, 7-11, Walmart, CVS) 64

Bitcoins cannot be traced back to the Owner 65

Happy Satoshi Nakamoto -Bitcoin- Day Nov 1 67

   money $$ with – NO GOVERNMENT  – NO BANKS 67

Underground Financial Networks 69

   Reloadable Debit Cards – Basics 69

Western Union /MoneyGrams Basics 71

   E-currency Basics 73

   Trust Networks Basic 76

   Borrowed Bank Accounts / Underground ATM cards 77

   Mule Networks 78

Global Bankers Fear Bitcoins 79

   European Central Bank report October 2012 report: 81

Secure Bitcoin Trading Online 84

   Introduction: 84

   Credit Cards 2 BTC-Bitcoin – BTC-Bitcoin 2 Credit Cards 84

   Creating a secure identity: 85

   Setting up OpenPGP email 86

   Use Bitcoin-OTC 87

   Using the Web-Of-Trust 87

   Use an escrow 88

3. Digital Currency Financial Stuff 89

Bitcoin and Forex Trading 89

   But really let’s take a look at FNIB – and Bit4X – 90

Bit4X – the  new kid on the block – 90

Digital Currency 92

Top Ten Bitcoin Financial Charts 92

Virtual Currency Schemas 

Virtual Currencies and banking, disaster or opportunity? 98

   Price stability 99

   Risks to financial stability 99

   Risks to payment system stability 100

Bitcoin Still Up 137% YTD 2012 102

   Geek Stuff – API to Bitcoin Block 103

Buying bitcoins 104

   Major Exchanges 104

   Exchanges are listed in alphabetical order. 104

   Fixed Rate Exchanges & Others 118

   Direct / Bulk Buying 123

   Other Financial Services 123

   Physical Bitcoins 124

4. Legality of Digital Currency 125

Bitcoins entities and possible legal responsibilities 125

Law enforcement and financial institutions against bitcoins 127

Legality of Bitcoins-Digital Currency? 130

   Virtual Currency Real or Not 130

2012 timeline of the legality of Bitcoins around the world: 133

5. Governments and Digital Currency 142

Government -Vs- Bitcoin Anonymity 142

Canadian Mintchip And Bitcoins -Whats Up 147

   The MintChip System 148

   Hosted MintChip (Cloud Account) 148

   Transactions-Sender and Receiver 149

   MintChip Value 149

   Sustainability 150

   Architecture 150

   The MintChip – Value Creation 150

   The MintChip – Security Overview 151

6. Business and  Digital Currency 152

Merchant Tools for Digital Virtual Currency 152

   A basic overview of the Payment Gateway follows 153

   List of Features and Advantages 153

   Mt.Gox “Pay Now” Button 154

   Now supporting Magento! 154

Mt.Gox instant Merchant API 155

7. Cyber Crime Digital Currency 156

Cyber Crime Digital Currency 156

Cybercrime and Anonymous Cyber Economy 158

   Impact of digital currency schema on financial ecosystem 158

Digital currency schemas 160

Money laundering 165

Theft of digital currency 170

   Malware, the new generation of digital robbers 174

   Bitcoin Botnet Mining 176

   Deep Web, Botnet and Bitcoin mining … a dangerous mix 183

Counterfeit digital currency and double spending attacks 190

   A race attack 192

   The Finney attack 192

Bitcon and money laundering 194

   Simple scenarios for money laundering 196

How To- Digital Money Laundering 199

   Digital Currency ExchangeExchangers 2010 202

8. Bitcoin and Digital Virtual Currency 204

Get a Bitcoin Wallet and Make FREE-BitCoins Yourself 123 204

   My Mining Machine 205

Bitcoin Miners Pools and how it works – 206

Bitcoin Wallet 210

   Who, What and Where is a Bitcoin Wallet? 210

Bitcoin Qt 211

The beginning of the Bitcoin question 214

   What is the Bitcoin Distribution Network? 214

   Analysis of the model 216

   The model 216

   How does Bitcoin work? 218

Bitcoin  exchange operates as a bank 222

Welcome to the Dot-BIT project 226

Miner: 226

   Current Miners 228

   OZCoin – http://ozco.in 228

   P2Pool 229

How Anonymous is Bitcoin? 231

   What Users Can Do To Increase Anonymity 231

Bitcoin Mining Scam 233

   The Bitcoin Miner Scam 234

   Bitcoin Scam -How does it work? 235

Satoshi Nakamoto, the manhunt 238

   Who developed Bitcoin Virtual Currency Schema? 240

9. Future of Digital Currency 246

Bitcoin and Digital Currency in the New World 246

Dominate The Future With Bitcoin 248

10. Geek Stuff Digital Currency tools and tricks 256

Address Tags 256

   What Are Address Tags? 256

gATO Mining Rig – Information 258

   ATI Radeon HD 4670: 259

Bitcoin Miner for Websites 260

   Quick Start Guide to add the Miner to your website 260

   Explaining the Miner to your visitors 261

   Fees 261

   Requirements 262

   Advanced Usage 263

 

Dutch government to give law enforcement authorities the power to hack into computers. This also means hidden servers on tor

gAtO ThInK – It’s time to fight back and tighten the security!

The Dutch government wants to give law enforcement authorities the power to hack into computers, including those located in other countries, for the purpose of discovering and gathering evidence during cybercrime investigations.

The Dutch government wants to give law enforcement authorities the power to hack into computers, including those located in other countries, for the purpose of discovering and gathering evidence during cybercrime investigations.

In a letter that was sent to the lower house of the Dutch parliament on Monday, the Dutch Minister of Security and Justice Ivo Opstelten outlined the government’s plan to draft a bill in upcoming months that would provide law enforcement authorities with new investigative powers on the Internet.

According to the letter, the new legislation would allow cybercrime investigators to remotely infiltrate computers in order to install monitoring software or to search them for evidence. Investigators would also be allowed to destroy illegal content, like child pornography, found during such searches.

These investigative powers would not only cover computers located in the Netherlands, but also computers located in other countries, if the location of those computers cannot be determined.

However, if the investigators can establish that a computer of interest is located in a foreign country, they will have to ask for assistance from the authorities in that country.

In his proposal, Opstelten used a case in which investigators from the Dutch National Police infiltrated “hidden” Tor websites that hosted child pornography, as an example of a situation in which the geographical location of the computers couldn’t be determined.

The Tor network allows its users to set up so-called “hidden services” that are only accessible from within the network using special addresses. When accessing such a service, a user’s connection is routed through several random Tor nodes, which prevents him from determining the real Internet Protocol (IP) address of the server hosting the service.

The Dutch police investigation referenced by Opstelten in his letter took place in August 2011 and two of the infiltrated Tor websites were hosted on servers located in the U.S.

The new legislation will provide strict safeguards for the proposed investigative powers, Opstelten said. Law enforcement authorities will only be able to exercise such powers when investigating offenses that carry a maximum prison sentence of four years or more and only after obtaining authorization from a judge, he said. Furthermore, all such actions will be automatically logged and the logs will be accessible for later review.

Cybercrime is a serious problem that needs to be tackled, but the proposed measures are not the right ones and they pose a serious risk to cybersecurity, Ot van Daalen, the director of Dutch digital rights organization Bits of Freedom, said Friday.

First of all, allowing police investigators to hack computers in other countries might encourage other governments to introduce similar legislation, but not necessarily with the same limitations, van Daalen said. “This could escalate into a digital arms race.”

The proposed legislation would create an incentive for governments to keep software vulnerabilities secret because they would need to exploit those vulnerabilities to attack systems used by cybercriminals, van Daalen said.

There are already security companies and independent researchers that sell zero-day exploits — exploits for unpatched vulnerabilities — to governments instead of reporting the vulnerabilities to vendors. In addition, some governments have openly admitted to developing military cyberoffensive capabilities.

Van Daalen believes that expanding the potential use of such exploits by law enforcement agencies will help the zero-day exploit market grow, which in turn will result in fewer vulnerabilities being reported and patched.

Governments could also pressure vendors to delay fixing vulnerabilities, van Daalen said. An example of this was when the Dutch government convinced Microsoft to delay the blacklisting of the DigiNotar digital certificates on Windows computers in the Netherlands for a few days in order to allow the government to take measures, despite the fact that the issue represented a security risk for all Windows users in the country, he said.

“There’s no doubt that there’s already a growing (and disquieting) market in the for-fee disclosure and exploitation of vulnerabilities, and this proposal could certainly further legitimize it: the possible advantages in terms of action against criminals (leaving aside ethical objections) have to be balanced against the likely, deleterious effects on the community of Internet users as a whole,” said David Harley, a senior research fellow at antivirus vendor ESET, via email on Friday.

Harley agrees with van Daalen that the proposed legislation could have a global impact. “It’s not possible to guarantee that the effects of these measures will be restricted to criminal elements: if the proposal succeeds in its present form, collateral damage in terms of the application of monitoring and attack technologies could be worldwide,” he said.

“Is it really feasible to take this approach effectively without breaching the sovereignty of other states? Even if agreement could be reached with other states on international legislation, does this proposal take into account the quid pro quo of giving foreign agencies such sweeping rights of access to the systems of its own citizens?,” Harley asked. “It seems to me that there’s a parallel here with the fact that many in the U.S. seem quite happy with alleged cyberespionage and sabotage against Iran yet show surprise and discontent that those claims have been used as justification for similar action by other nations.” – gATO OuT