oxeo0/blog-contributions
1
0
Fork 0
mirror of http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions.git synced 2025-07-02 06:46:42 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

create article file and get started on the intro

Browse source
This commit is contained in:
midas 2025-01-21 14:29:28 +01:00
parent b03d0b2024
commit 1a5daa1371
1 changed files with 218 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

218
opsec/cloud_provider_adversary/index.html Normal file
View file

@ -0,0 +1,218 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="High Availability and anonymity">
<meta name="author" content="MulliganSecurity">
<link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
<title>Why is High Availability Important for Deniability ?</title>
<!-- Bootstrap core CSS -->
<link href="../../assets/css/bootstrap.css" rel="stylesheet">
<link href="../../assets/css/xt256.css" rel="stylesheet">
<!-- Custom styles for this template -->
<link href="../../assets/css/main.css" rel="stylesheet">
<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
<script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
<![endif]-->
</head>
<body>
<!-- Static navbar -->
<div class="navbar navbar-inverse-anon navbar-static-top">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand-anon" href="\index.html">The Nihilism Blog</a>
</div>
<div class="navbar-collapse collapse">
<ul class="nav navbar-nav navbar-right">
<li><a href="/about.html">About</a></li>
<li><a href="/blog.html">Categories</a></li>
<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
<li><a href="/contact.html">Contact</a></li>
</ul>
</div><!--/.nav-collapse -->
</div>
</div>
<!-- +++++ Posts Lists +++++ -->
<!-- +++++ First Post +++++ -->
<div id="anon2">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/mulligan_sec.jpeg" width="50px" height="50px"> <ba>Mulligan Security - 21 / 01 / 2025</ba></p>
<p>
<h1> How safe am I from my cloud provider? </h1>
Since the 2010's VPS have become cheaper and widely available. From your local mom and pop datacenter where you can rent a baremetal Pi equivalent to highly secured Amazon datacenters and on-demand cpu/bandwidth allocation you can now find a broad range of options for your operational and security needs.
<br>
<br>
If clandestinity is a requirement, there also are cryptocurrency-based options in jurisdictions without LEO cooperation treatises with your own.
<br><br>
But, <b>what if the adversary is already inside?<b><br>
in this post we are going to do a threat modelling exercise:<br><br>
<ol>
<li>Context and assumptions: what are the capabilities of our adversary? what about our own OPSEC requirments?</li>
<li>Threats: what the adversary might want to acomplish (their goal)</li>
<li>Attack Scenarii: a quick list of possible attacks</li>
<li>Mitigation measures: what we can do to make those attack uneconomical, harder</li>
</ol>
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /grey -->
<div id="anon2">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<p>
<h2> <b>Attack Scenario</b> </h2>
The adversary has identified a probable city of residence for the administrator of a hidden service. In order to narrow down their search perimeter they will do the following:
<br>
<ol>
<li>Target 1 group of city block and send someone to the internet backbone for this city block to cut it off from the internet</li>
<li>Check whether the onion service <b>is still up</b></li>
<li>If it goes down, add it to the suspect pool</li>
</ol>
</p>
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /grey -->
<div id="anon3">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<p>
<h2> <b>How can high availability help?</b> </h2>
In the above scenario if the onion service operator had setup a <b>redundant, highly available server then connections would have been seamlessly sent to another server</b> in the redundancy pool, thus preventing the adversary
from extracting location information based on their operation. This works best with a server in a <b>different country or region</b>, making a coordinated attack by several adversaries a requirement in order to use this method for deanonymization.
</p>
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /grey -->
<div id="anon2">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<p>
<h2> <b>Adversary Attack Flow</b> </h2>
Below is a chart depicting an adversary attack flow. As shown, high availability will prevent the adversary from progressing beyond their initial step of uptime-based target acquisition.
<br>
<br>
<img src="ha_attack_flow.png" width="75%" height="75%">
<br>
As you can see the adversarie's playbook is quite simple:
<br><br>
<ol>
<li>Identify a list of potential suspects</li>
<li>Cut them off the internet</li>
<li>Check whether this action made the hidden service unreachable</li>
</ol>
Those actions are easily perpetrated by law enforcement as they only require: <br>
<ul>
<li>DSLAM level access to the internet backbone used by the suspects (impacting a perimeter like a city block)</li>
<li>City block level access to the power grid in order to run disruptive actions</li>
</ul>
<br>
Both of those are trival to obtain for LEOs (law enforcement officers).
<br><br>
<img src="attack_diagram.svg">
<br>
This Diagram shows where the attack takes place and how a redundant setup prevent such attacks from confirming the physical location of the hidden service.
<br>
<br>
<b>In conclusion, your hidden service is one downtime away from having its location disclosed to an adversary, so you need to make sure it has High Availability</b>
</p>
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /grey -->
<!-- +++++ Footer Section +++++ -->
<div id="anonb">
<div class="container">
<div class="row">
<div class="col-lg-4">
<h4>Nihilism</h4>
<p>
Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
</p>
</div><!-- /col-lg-4 -->
<div class="col-lg-4">
<h4>My Links</h4>
<p>
<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FH4g7zPbitSLV5tDQ51Yz-R6RgOkMEeCc%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAkts5T5AMxHGrZCCg12aeKxWcpXaxbB_XqjrXmcFYlDQ%253D&data=%7B%22type%22%3A%22group%22%2C%22groupLinkId%22%3A%22c3Y-iDaoDCFm6RhptSDOaw%3D%3D%22%7D">SimpleX Chat</a><br/>
</p>
</div><!-- /col-lg-4 -->
<div class="col-lg-4">
<h4>About Mulligan Security</h4>
<p style="word-wrap: break-word;"><u>Donate XMR:</u><br>86NCojqYmjwim4NGZzaoLS2ozbLkMaQTnd3VVa9MdW1jVpQbseigSfiCqYGrM1c5rmZ173mrp8RmvPsvspG8jGr99yK3PSs</p></br><p><u>Contact:</u> mulligansecurity@riseup.net <br><a href="http://msec2nnqtbwh5c5yxpiswzwnqperok5k33udj7t6wmqcleu3ifj34sqd.onion">website</a></p>
</div><!-- /col-lg-4 -->
</div>
</div>
</div>
<!-- Bootstrap core JavaScript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
</body>
</html>