Featured Articles

Continuous Documentation: Hosting Read the Docs on GitHub Pages (2/2)
WordPress Multisite on the Darknet (Mercator .onion alias)
Hardening Guide for phpList
Introducing BusKill: A Kill Cord for your Laptop
previous arrow
next arrow

Monitoring Tor .onion Websites (uptime alerts)

Uptime Monitoring of Tor .onion Websites

This article will present a few simple website availability monitoring solutions for tor onion services.

Problem

So you've just setup an Onion Service for your website, but how often do you actually check that it's working? Maybe it's a .onion alias to an existing website, and you usually only check it on the clearnet. What's to prevent the darknet presence of your website from going down for weeks without you noticing?

Indeed, it's important to monitor your .onion websites so that you can discover and fix issues before your customers do. But how? Most of the popular uptime monitoring solutions (pingdom, freshping, statuscake, etc) certainly can't monitor .onion websites.

This guide will enumerate some solutions for monitoring .onion websites, so you get an email alert if your site goes down.

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael


. . . → Read More: Monitoring Tor .onion Websites (uptime alerts)

WordPress Multisite on the Darknet (Mercator .onion alias)

How to use a .onion with Wordpress Multisite

This article will describe how to point a .onion domain at your existing wordpress sites (on wordpress multisite) so that your website will be accessible both on the clearnet and directly on the darknet via a .onion domain.

Intro

There are numerous security benefits for why millions of people use tor every day. Besides the obvious privacy benefits for journalists, activists, cancer patients, etc -- Tor has a fundamentally different approach to encryption (read: it's more secure).

Instead of using the untrustworthy X.509 PKI model, all connections to a v3 .onion address is made to a single pinned certificate that is directly correlated to the domain itself (the domain is just a hash of the public key + some metadata).

Moreover, some of the most secure operating systems send all the user's Internet traffic through the Tor network -- for the ultimate data security & privacy of its users.

In short, your users are much safer communicating to your site using a .onion domain than its clearnet domain.

For all these reasons, I wanted to make all my wordpress sites directly available to tor users. Unfortunately, I found that it's not especially easy to point a .onion domain at
. . . → Read More: WordPress Multisite on the Darknet (Mercator .onion alias)

We're on the Darknet! Visit this site at our tor .onion

Visit this site on our .onion

This website is now accessible on the darknet. And how!

Why

Fun fact: the most popular website on the darknet is facebook. There are hundreds of other popular sites on the darknet, including debian, the CIA, the NYT, the BBC, ProPublica, and--now--michaelaltfield.net.

michaelahgu3sqef5yz3u242nok2uczduq5oxqfkwq646tvjhdnl35id.onion

michaelahgu 3sqef5yz3u2 42nok2uczdu q5oxqfkwq64 6tvjhdnl35i     d.onion

All of these organizations chose to make their websites available over .onion addresses so their website will be accessible from millions of daily tor users without leaving the darknet. Besides the obvious privacy benefits for journalists, activists, cancer patients, etc -- Tor has a fundamentally different approach to encryption (read: it's more secure).

Instead of using the untrustworthy X.509 PKI model, all connections to a v3 .onion address is made to a single pinned certificate that is directly correlated to the domain itself (the domain is just a hash of the public key + some metadata).

Moreover, some of the most secure operating systems send all the user's Internet traffic through the Tor network -- for the ultimate data security & privacy of its users.

In short, your users are much safer communicating to your site using a .onion domain than its clearnet domain.

For all these reasons, I
. . . → Read More: We're on the Darknet! Visit this site at our tor .onion

New Thumb Drive Encryption Procedure

In this article, I'll describe a procedure for preparing a brand-new USB flash drive for use. First we'll securely erase all the data on the drive, then we'll encrypt the entire drive, and--finally--we'll check the drive for bad blocks.

Ah, remember the good-ole days of spinning disks? When your OS could tell your hard *disk* to shred a specific sector? Like it or not, those days are gone in the land of USB flash volumes.

There's a lot of great reads on the complications of securely erasing data on a USB thumb drive. Unfortunately, a lot of the techniques are not universal to all technologies or manufacturers. Consequently, my approach is more ignorant, straight-forward, and broad (at the risk of causing these cheap usb drives to fail sooner & the process taking longer):

First, I make sure never to write any unencrytped data to the disk Second, when I want to wipe the disk, I fill it entirely with random data

Below are the commands that I use to prepare a new usb drive for my use immediately after purchase. These commands are presented as a rough guide; they're mostly idempotent, but you probably want to copy & paste them
. . . → Read More: New Thumb Drive Encryption Procedure

How to check the Public Key Algorithm used for a given gpg key (ie: RSA vs DSA)

Today I discovered how to validate the Public Key Algorithm that's used for a given gpg key. Unfortunately, it's extremely unintuitive & took quite a bit of digging to figure out how. So I'm leaving this here in hopes it helps someone in their future searches.

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael


. . . → Read More: How to check the Public Key Algorithm used for a given gpg key (ie: RSA vs DSA)

HPKP Best Practices for Let's Encrypt

This post describes how to generate a few backup public key hashes to add to your HTTP Public Key Pinning (HPKP) config that might save you from bricking your domain if Let's Encrypt ever gets untrusted like StartCom did.

If you have a healthy distrust of the X.509 PKI trust model, then you've probably heard of HPKP (and probably also HSTS & CAA). Website certificate pinning was a trend first started by google, who hard-coded a pin of their certificates in their Chrome browser. Eventually, google helped build a more standardized pinning method under RFC 7469. And today, it's supported by Chrome, Firefox, and Opera.

Pinning is a great TOFU improvement to https, but--if misconfigured--you could "brick" your domain--making it so that your client's browsers will refuse to let them access your site for months or years (interestingly, this has also caused some security experts to think of how HPKP could be abused in ransom-ware). Therefore, it's a good idea to follow a few HPKP Best Practices.

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael


. . . → Read More: HPKP Best Practices for Let's Encrypt

Howto Guide: Whole House VPN with Ubiquiti + Cryptostorm (netflix safe!)

This post will describe what hardware to buy & how to configure it so that you have 2 wireless networks in your house: One that seamlessly forces all of the traffic on that network through a VPN--and one that connects to the Internet normally . When finished, the internet activity for any device connected to the first network will be entirely encrypted so that the ISP cannot see which websites are visited*, what software you use, and what information you send & receive on the internet.

* Assuming your config doesn't leak DNS; see improvements section

Update 2017-08-25: Added "kill switch" firewall rule that prevents LAN traffic from escaping to the ISP unless it passed through the VPN's vtun0 interface first. Following this change, if the VPN connection is down, the internet will not be accessible (as desired) over the 'home' wifi network (without this, the router bypasses the VPN by sending the packets straight to the ISP--giving a false sense of privacy).

Update 2021-02-01: Fixed GitHub URL of cryptostorm's free OpenVPN configuration file Update 2021-02-14: Fixed GitHub URL of cryptostorm's paid OpenVPN configuration file

Update: I wrote this guide in 2017. It's intended for an audience that has
. . . → Read More: Howto Guide: Whole House VPN with Ubiquiti + Cryptostorm (netflix safe!)

Eavesdropping Analysis of PGP Metadata

This post attempts to answer the following question: If an evesdropper intercepts a message encrypted with gpg, how much information will they be able to extract from the message without a decryption key?

I will show the unencrypted metadata added to a GPG-encypted message, and I will present commands that can be used to extract this unencrypted metadata.

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael


. . . → Read More: Eavesdropping Analysis of PGP Metadata

Extend GPG Key Expiration

I came back from my "cross-country bicycle trip":http://1guy2biketrips.michaelaltfield.net to discover I could no longer send signed email because my key expired! I've also changed colleges from "SPSU":http://www.spsu.edu/ to "UCF":http://www.ucf.edu, and my old college is expiring my email address, so here's what I need to do:

# Extend my key's expiration another year # Add new email address to subkey # Save updates to key # Export a new public key

Background Information GPG

"GPG (GNU Privacy Guard)":http://www.gnupg.org/ (used here) is a popular, cross-platform implementation of "OpenPGP (Pretty Good Privacy)":http://en.wikipedia.org/wiki/Pretty_Good_Privacy defined in "RFC 4880":http://tools.ietf.org/html/rfc4880. OpenPGP outlines a standard, open message format for maintaining the "confidentiality":http://en.wikipedia.org/wiki/Information_security#Confidentiality and "integrity":http://en.wikipedia.org/wiki/Information_security#Integrity of electronic messages.

Why Subkeys?

"Public Key Cryptography":http://en.wikipedia.org/wiki/Public-key_cryptography is long, complicated, and well outside the scope of this post. However, one thing I never fully understood was the functional purpose of subkeys. Thankfully, "the GPG documentation":http://www.gnupg.org/gph/en/manual.html is excellent.

So, there's 2 major things I want to accomplish by using GPG with my email

# Confidentiality through encryption # Integrity through signatures

The designers of PGP viewed the signature role as indefinitely important while the encryption role as dynamic overtime. Therefore, when we first generate a keypair, 2 keys are created: 1 primary key for
. . . → Read More: Extend GPG Key Expiration