that's not the issue though. Even if the server was behind NAT (and thus only knows its internal IP), it could still find out its real external ip by sending packets to some other machine on the internet and checking what the "from" address was from. preventing this leak can only be done by having a strict routing table and/or outbound firewall. having VMs/containers 7 layers deep wouldn't help if the packets could freely reach the internet unproxied.
Whonix is amazing. I recommend it to anyone who is serious about avoiding even sending a single packet over the clearnet.
I'd be asking hundreds of questions, taking courses, and using as many layers as would be reasonable to hide even my efforts at learning. I'd probably be obsessed with security, more so than I am now. Much more so, in fact.
Fortunately, I don't actually want to do anything illegal. That will make it easier. I do kind of want to learn how to set up a hidden service, but just to satisfy my curiosity.
With all the public posts, writing style analytics, and use of a common moniker across services, it seems that it may be possible to do just that on a large scale. It seems that it could be made trivial to narrow down lists of suspects by crunching large data sets that contain stuff like SO questions, AC posts on Slashdot, or responses on HN.
After all, how many people are actively seeking to secure a message board as a hidden service and doing so at that time? I sort of envision it as having some commonality with the timing attacks already in use to deanonymize Tor users.
Subject A asked about securing IP addresses for uploads and Sevice A got this feature two weeks later. Subject C asked about this security aspect and Service A has that concern. Subject Q asked about using this forum software and requested this modification. Service A uses that software, etc...
So, maybe Subjects A, C, and Q are all the same people.
While it doesn't prove much, it does potentially aid in narrowing down the list of suspects. Coupled with other bits of information, it may narrow the list down significantly.
That and there are huge sets of data out there. Processing that intelligently, and rapidly, could really change the way investigations are done.
However this is an active areas of research in both classified and (presumably) non-classified areas. See for example this search: https://scholar.google.com.au/scholar?q=related:KbJLbpaKfCkJ...
My original point was that OPSEC is hard if you're trying to be a topic expert in a short period of time. You don't need NSA tools to attack someone in that situation.
> It seems that it could be made trivial to narrow down lists of suspects by crunching large data sets that contain stuff like SO questions, AC posts on Slashdot, or responses on HN.
Is what XKEYSCORE does (or at least, it's the interface you use to query the above data sets which are collected as part of PRISM and the other programs).
Once again, HN has sent me off into a subject I'd not have found on my own. That's why I like HN as much as I do.
I think it might have been a Defcon or Black Hat talk on ways of communicating anonymously. They certainly didn't use a web forum, it was more along the lines of posting encrypted messages to Usenet that were widely distributed and could only be decrypted by the recipient.
This was taken as evidence that perfect operational security is possible even against nation-state actors committing a large (but not indefinite) amount of resources.
Maybe there should be some sort of informal game, perhaps played with the major law enforcement agencies, with the goal being to avoid identification. It could be justified by asserting that it would aid in training investigation techniques.
It needn't hand over monetary prizes, just admission of success. Maybe it could trade pictures of cats?
The illicit nature is probably one of the attractions. My understanding is that people become 'addicted' to it and strive to amass large collections. Few offenders have just a couple of images and videos but, instead, have vast collections. This is more so than is seen with legal pornographic material and possibly has something to do with the rarity and difficulty of access as well as inconsistency of access.
Disclosure: I used to date a lady who studied and worked with sex offenders. However, we seldom discussed her research and never her individual patients. So, I'm largely speculating with just a hint of regurgitating expert information.
So, with that said, it is largely still a fairly taboo subject of study. I guess there are many misconceptions and misunderstandings, even at the academic level. An example might be that sex offenders have a low rate of recidivism, even lower if narrowed to new sex offenses. On the other hand, they often have many victims prior to their first interaction with the justice system. Most victimization isn't done by strangers and involves grooming by a person close to the victim. That sort of stuff.
I don't have a solution, by the way. There has been some serious discussion of allowing current examples of confiscated CP to be used by those who are predisposed to such, but that goes over about as well as a lead balloon. It also doesn't solve the issue where they seem to want more and new material. Maybe CGI will be the answer? I'm just not sure that society will find that acceptable.
It isn't easy to have a conversation about it. She would very seldom disclose her work with the people she knew and had received death threats and had some instances of vandalism. Her work with offenders negatively impacted her social life.
So, we on HN might discuss it and try to remove our biases and be objective, but we are a rarity and previous threads might indicate that not everyone is willing to do so.
Sorry for the novella and meandering nature of my post. I'm not the greatest wordsmith.