Computer Security (AKA: prepare yourselfs for more underground forums)

A lot of people here probably know there are source forums, simply because there are non source forums. And before anyone screams at me "OMG now the feds know!", chill out, they already know. And are getting more and more aware beyond a doubt as well, there are numerous media articles which have pointed to the modern phenomenon.

I believe a sort of tipping point has reached where underground forums are no longer "security by obscurity" but rather "security by security".

So since at least a few of you will undoubtedly eventually end up on private forums, or may even start them yourselves, I have a little run down of the basic computer security methods that are "standards" in the private forum scene. I suggest people learn them early so they are ready to role if they ever get on any more underground forums.


1. GPG encryption for communications

This is to prevent things like Raw Deal from happening. For those of you who do not know, raw deal was the biggest international steroid bust ever, in the history of the world. It lead to hundreds of arrests, and focused on people who sold steroids online.

They were busted mostly because they put their trust in a third party E-mail encryption service, Hushmail, who eventually was forced by the federal government to tap the peoples accounts. Safe-mail is no safer. No webmail encryption is safe.

GPG is a program you download to your computer and use to generate two keys, one public and one private. The public key is more similar to an "open lock" that needs your "private key" to open once it has been shut. The private key is itself stored on your computer encrypted (a good comparison: "In a combination vault", the combination being your passphrase which you make yourself when you generate the key pair).

Anyways, you share your public key with everyone you want to have secure conversations with. A public key looks like this:



-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.7 (MingW32)

mQGiBElIkQARBACUJqZ1MFWwPFdlmivhP3XmzDQccd/wpQmuDu50iEGhonBEeTzn
d6LtgPXP8Wi+/gcSw+qi4VALjq+EWw1t684uC9VvJP9X2zpNueg6AQrWbZ4XRPA0
o/uWRK98PhdXODUqZ8UqJkAXvWe+8zCitk1ewDTU1qRFdvnD3eXeLH0u4wCg7RV2
BHWonATp/xGv4Sg/Q64b1tED/A3GvYTXvpKdFHoFMdULkCTz8txgX2urAGW14ZEY
RBoaKOcW+EtPz2SgZFpkjOh582mw/e2eZiuyWSg9FYkXIJ6OYX2KxKAMiB037ZYK
TPHAWbj7osGqZJkIt4D1Kkabh+Mg7RwbmwVWNpAM0qTtU9lfEDOXw/KPkXSEKlNz
Vm/YA/wL3q6TG3TvcFjwGlisvCbCIAnu/vS0e8Y28eJ2+8ToThFRfMUacp9NOOv2
5h7IWob6nisgfnJM/Wpi9ExycDQur8l7jpMbWBUQL0JYFOrZXAgvmsRb299kO9kN
LdLZGGpZ164Aa2uUlsv2IWgvcy/3R28zwCj5pnko3rorinJW9LQfZXhhbXBsZSA8
aGlwZm9ydW1zQGV4YW1wbGUuY29tPohgBBMRAgAgBQJJSJEAAhsDBgsJCAcDAgQV
AggDBBYCAwECHgECF4AACgkQUVex3Fh59hWpPwCgiw7xkySk1di4bCmq5jSkdS5Q
SO0AoJAdGkhndA5B/yUevrZ/Bef/vtuguQINBElIkQAQCAC3/hs/q/2rXqQ6yplU
7j3b0vuU6c/AO2AXka3Lkc95w71gMSgcopbAc92sfMUXzrc9QByt8noKv6F/2C1c
47LG1TGdLnALx8VoFhiIVQ6XK+nVBzWiwpaaCmxKmEAK0yUwIbbpr1eNtcgfh2gE
B7BsNtUkcAJ/6WDWJ0uNuXeW43XjrCgw8JsBOHQg7fOV9SRhN7grQdZHWEdV1Zcb
206x/FY94HhW6UZmD55nqW5H3hjvuBdJW3zCPPi6kNt1uqUAzzljXkDR6krYOwId
QhFw/j6TZfcuS9NKTFG+W1QBQOEi+hkfvz9PTfOPY4qeLNUzhV78INiiqsNl1N63
/EEnAAQLB/9Ly8l2vP/w9DV1OSPaz2sxSisyE4wjSPqqm+IsmB2p8nlT9x8R1Gzg
tMhHydqfUHdwhnG3m6SGoRd8dx/3gEp76hbHAb7NzGVW7alAD55Y7zcYQhQTQzRX
kdF6ie0Clp0y2joYjdsnbWC/SzhEFowlL5ohW5uvKTd0HPsS5k8vqXipnxfoA+Jn
68CWOVj79EtrgSDV2Gke5LHRl4tBBuJ/swkMLgHdzoDYN38W+DjMsoOx/fuuxQbs
ea2or5GWrUL5K0UNZEyavlHl3NaLab8M4iv+VKWTIKHerENxSn2ERjl5gc8+adDI
AcHWjyow6av3wsgQQWAlcCW01KX/Rz1MiEkEGBECAAkFAklIkQACGwwACgkQUVex
3Fh59hX4gACfdPBQPzqkY3Ql0poIzlNcFaj8OYoAn0ww24YX1nN+XeUGSDa6FyhD
ckU+
=2eKv
-----END PGP PUBLIC KEY BLOCK-----


After the person imports a copy of the public key to their computer, they can encrypt messages to you. They will write a message, then they will select to encrypt it with your public key (Example: Put the message to you in a box and locking it with the open lock [public key] that you gave them). An encrypted message looks like this:

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.7 (MingW32)

hQIOA0Rta1l7ytAeEAf9GiQyrjcmmarzznOD9roXNwu/xJlFyVMEwp3xUXTKWjhT
miQAFwSbw50FVcMIlYiYAVIwkX+jixGpQjHJyQr8pm8/7Wxaoai3GueHJscVLWTO
cYevt2xLqcua/XFdcTt2uuRTWj6o25g27BRGU8ys5TU9JO0/WxmtHiL5H64YN+xr
6V/U1NOGFbUWaXtHB8OaZn3X1rOSYJhxRl+CoD7BeoO4d/zbA9+JneiBPBiYBSQm
KvZj9zLKqLje18kyUj/6lzrs5HMVS21oCzP69NcevMwtxRQh6UzVt/fBkqKQ4SyQ
OWibE4PKS4wdCo0IoVynhLhZikYVZU9lMvQKHvHVOAgAkSIKhlZbn3P85P1bSB2l
nVX3tqslxkKSQctYpbX2KxtTMAA0UG9W6DqJpngFio+b5Ha+EEmg01AmiwoUgP0O
l2qCm8DxxA4115dYWOQex6i5Un0rjVH68IsxTvNcQPGSIcWqNnv4jwSjkNhJcXSU
tPPh1fK4W7/cpvH54lpn3eOd+DXM3273g7Q/064Qv+Xa+OifsccdeihWKRWerHd3
QvoNHHxf4eJY+dj1D6VV/fzl/+H+MbVSJg6IZ4I1+TPMfeRqp1XeXWpBxhHCDXz8
1H2BGWNASfHfM/mLMztiIUQ2RHjiQJgcSO4vCYn0E0lbXHhMhVlhcO/XjoWpJRM9
0NJCAdydio+jPdpxGtCN9k/4w3vRibxlQQ2S2gzuvnUH/vmozlLdhLndKiXlGTkW
seRHLqjTVu8oIl7n9tGPl+O6jYvx
=LVxo
-----END PGP MESSAGE-----

after they encrypt the message to you, they E-mail you the encrypted text block. Now if it gets intercepted, or there are "wiretaps", the only thing the person intercepting gets is that block of text. With out the private key to "open the box" (decrypt the message), that block of text is absolutely worthless. If a good password and strong key strength is used it will take tens of thousand of years to crack the message.

Once the person gets the message themselves though, they can open it with their private key. First they need to "get their private key out of its combination safe" (decrypt it). They do this by selecting the message from you and typing in their password. Then the message decrypts back to its original form and they can read it. They can then reply to you the same way.

GPG can also be used for Authentication. For example, if you need proof someone said something, or you need anonymous authentication of someones identity, you can have them sign a message.

Example:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I agree to whatever
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)

iD8DBQFJSJQZFwQJplEDBbQRAtxHAJwIIggdM63nHeOgJNcQN5PYrVsH0wCffRe5
NG7trvOBe2eg7kyExH21Iio=
=cEND
-----END PGP SIGNATURE-----

now anyone with my public key can confirm that I really did say what I said up there. If someone else changes "I agree to whatever" in ANY way (including me) it will invalidate the signature and will warn you when you check the signatures validity. If I want to change the message myself even, I will need to type the message again and resign it.

GPG is a VERY important bit of software you should all familiarize yourselves with. It makes it next to impossible for communications to be wire tapped, and also can provide authentication and is a good way to enforce promises if a dispute of what was said is likely to happen.



2. Tor

GPG allows for you to have secure communications between you and others. But in some cases, you may not know who you are working with. Also in some cases ANY communication with someone could be suspect. So it is good to not only be secure between, but to be secure from.

Tor does this. Tor makes it much more difficult for you to be traced down over the internet. It is a special design of proxy that is intended for fairly strong anonymity. Tor by itself is not perfect anonymity but it is strong enough that it would be quite expensive and time consuming to track someone who is using Tor down. Tor + public wifi = extremely anonymous online.

With normal internet, your communications look like this:


You---->ISP---->Website/Mail server/IM server ETC

Your IP is a number assigned to you by your ISP that can be used to uniquely identify you. When you connect to a website, send someone and Email or instant message, your IP can be and almost always is logged. It would be trivial for the right people to track you down.

With Tor, your connection looks like this:

You------>ISP---->Tor Enter Node---->Tor Relay Node---->Tor Exit Node---->Website/Mail Server/IM server ETC

so the IP that is seen by the Website, mailserver, IM server, or whatever, is not yours but is the Exit nodes. The Exit node will need to be located and a subpoena issued to them demanding logs. and most nodes are not required to log and many don't, in which case it is near impossible to trace you back with out advanced international traffic analysis (Which you can bet your ass would be very expensive and complicated to pull off!). Even if the last node logs, the relay or enter node might not log. If all three of them log it can be traced back to you, if someone goes to the trouble and expense of getting subpoenas for all three different nodes (keep in mind tor nodes are distributed through out most of the world, so usually you have three nodes each in a different country, making legal work harder.)

Tor needs to be configured properly however or it will cause more harm than good. When using Tor, Flash, Java, Javascript, and Active X should be turned off. Cookies should be cleared between sessions. Also, ONLY websites that use SSL (HTTPS://) should be accessed. Tor nodes are run by thousands of volunteers around the entire world, but anyone can run a node. People who run exit nodes can and do sniff traffic that exits them, so you must make sure to only use Tor for either websites that don't have sensitive information on them, or websites that use SSL (SSL makes it so exit nodes who would sniff can not sniff).

Also for IM and Email etc, GPG should be used for communications that take place over the Tor network. For encrypted IMs look up Pidgin and OTR (off the record).


So with GPG used to encrypt communications and Tor (preferably Tor with public Wifi) used to obscure your location, you are pretty damn safe. First of all, communications you have with others can not be wire tapped. Second of all, it would be very difficult and expensive (and in some but not all cases impossible) to track you down (be it the person you are talking to tracing you, or someone who notices you talking to said person tracing you.)

3. Truecrypt

Another standard security measure. Truecrypt can be used to encrypt the entire contents of your hard drive, making it impossible for anyone to access your computer with out your passphrase. Truecrypt 6 allows for hidden operating systems even, which is an awesome feature.

Pretty much with a hidden operating system, when you turn on your computer you are asked for your password. With out a password NO ONE stands a real chance of getting onto your computer, even the most advanced government agencies can't break AES-256 encryption (it is actually military standard encryption).

Anyways, you might be ordered by a judge to give up your passphrase. That is why hidden OS is cool, you actually have two passphrases. One takes you to a totally clean desktop that you can do normal things on that you are not worried about. The other takes you to another desktop that you use for more sketchy things. That way you can give up a password if ordered to do so, and they can't really prove that you have two passwords as a lot of people set it up to only have one.

So really, people should start learning how to set up and use GPG, how to set up and use Tor and how to truecrypt their hard drives. There are dozens of other security programs and precautions people take to stay safe, but these are the main three and everyone should start familiarizing themselves with these three programs as they are becoming standards and already are standards in some areas.

 

Very useful, should be stickied IMO.

 

The DEA has full time people who monitor stuff like that 40 hours a week I’m sure they know pretty much every supplier and “source forum”.

Encryption..? the only unbreakable encryption is controlled by the government when they learn how to break it then they release it to the private sectors.

Proxies the government owns tons of them and ones they don’t they can pull your IP out of if they want to.

They have access to all sorts of databases westenuinon, paypal, fedex, UPS

It all leaves digital trails and they have experts that spend their entire lives reading and studying digital trails. They just sit around and monitor stuff then when someone attracts too much attention they pay them a visit.

They are already steps ahead of the game just raking out the sand and watching people leave prints.

 

Some Tor exit node IPs have been banned by this forum because they were used for abuse. That made me sad, but I kind of understand.

I hinted when I asked about it that it'd be nice if once I logged in as a member, they could allow me to use the tor IPs....but that's probably too complicated.

I guess a combination of authentication and tor is the solution, as you suggest. I'd be nice if someone built or added to an existing open source board server that would make it easy for people putting up these sites. Until then, I doubt we'll see a lot of forums getting very secure.

 

I agree with the general idea of your post...that if they really want to work and are competent they will be able to track anyone. I'm not sure how competent they are at looking at all that data and putting everything together.

That I don't agree with. There are ways to steal private keys and stuff like that by hacking computer...but breaking encryption is not controlled by the government. There are a lot of encryption techniques which are studied and tested by a lot of extremely smart mathematicians and the like. I don't think the the feds could brainwash or pay off all these guys, and I don't think the feds are smarter than these guys.
They may have faster computers, which are able to get through encryption faster using brute force...but I don't think they can just un-encrypt anything they want.

 

I think they can. Anything that can be encrypted can be unencrypted. But it takes time, requires expensive Hardware to be tied up, requires expensive software, and also requires a couple good old fashioned humans as well.

So the question is not, can they find me? The question is have I done enough to warrant being found?

For most people, using such methods only attracts unwanted attention. But for those who have cause for concern in regards to security, a proxy / public Wi-Fi combo is advisable. Them there would be my thoughts.

 

I second making this post sticky. I could not have put it more eloquently that Mr. Shadow illustrating the importance of protecting yourselves. My personal recipe:

Tor, PGP, public WiFi, and web-based proxies (hidemyass.com, et al) as they are easy to utilize and daisy-chain.

I also recommend ApAz... http://apaz.labs.libre-entreprise.org/ With a little research, most of you can learn to find vulnerable or free places to leverage this script.

 

@binary_shadow:

Would be very interested in your thoughts for a dynamic private forum system. I think some of us know of a few providers allowing instant forum generation (www.domain.TLD/random_string). I'm thinking... a combination of open forums utilizing PGP via single-use email accounts to communicate public keys. Incorporate public wi-fi, daisy-chained proxies and migrating forum schedules should provide enough anonymity. Will it prevent a mole? No... but it will protect the participants. This leaves but one remaining hole... rat vendors. Please look past the jumbled thoughts... has been a long day.

Thoughts?

 

looks lore like hackers script , the way it is set up says to me that it does incrypt and also is very thought out and yes the oen guy is right the dea and what not does look for ppl who can hack so that they know wht to do to make there stytem stronger

 

^^ uhm.... what?

At any rate... the encryption rate for PGP is sufficient to thwart prying eyes not because of lack of ability (who knows how much computing power is at the ready of the govt.) but of interest. I've no evidence that non-suppliers are even on the radar. I would assume attention is paid analyzing more important, threatening-to-our-way-of-life situations.

As for the necessary computing power for brute force infiltration of... <paranoia> world-wide zombie spam-net, electric sheep, SETI, holy-crap! </paranoia>

 

Sufficient encryption can not be cracked even by the government. Maybe if they get quantum computers it can be cracked, but it can not with traditional computers. And no one besides for conspiracy nuts thinks quantum computers are real yet, scientists still debate that they might not even be a possibility.

Zihger the only truly unbreakable encryption is called a "one time pad" and it is mathematically proven to be totally unbreakable. The only problem is it is very difficult to apply it, and there are flaws in key distribution. It was used by the Russians to spy on USA during the cold war, they would use predetermined pages on predetermined issues of popular magazines and news papers for the pads. Unless the magazine or newspaper page that correlated to the encrypted message was found out, the encrypted message could not possibly be mathematically decrypted.

AES and GPG can be decrypted with various different techniques, but sans quantum computing power, it will take longer to decrypt a message properly encrypted with AES and a long passphrase than there is time left in the universe.

People shouldn't be paying for things with western union or paypal, but with E-currency accounts registered to false information and accessed with proxy.


Salmon, these methods will not draw attention to people because if used correclty these methods make it impossible to tie actions online to people.

as for my thoughts on dynamic private forums. It is simple to set up a forum offshore (Panama is usually considered the most private place). GPG should be made a requirement for members to participate, the GPG key could be added to their forum profile page. There is no reason to keep public keys private. I don't see how you could incorporate public wifi or daisy chained proxies but you could set it up as a Tor hidden service, which would require members to use Tor to access it and would also provide the actual server the forum is hosted on with the same level of anonymity as tor offers web surfers. The best way to get around rat vendors is to set up PO boxes with fake IDs and let packages sit for a few weeks before picking them up. 24/7 surveillance on a PO box gets expensive fast. Assume three LE and three shifts per 24 hours, LE make what 40 grand a year? 365 days a year.

40 grand a year * 9 cops a day = $360,000 a year

$360,000 / 365 days a year = $986 a day

if you wait for three weeks before going to pick up a package it already cost them just under $21,000 to pay for the 24/7 surveillance. Unless you are getting serious assloads of shit it is not worth the time to bust you. They can't go straight to you because the address on record is fake, and they wont even know what you look like because usually the PO places won't scan IDs. Just wear a hat and gloves when you get the box so you are not easy to recognize and don't leave any prints. And if you work with a rat vendor he wont know your real info.

 

Articulate.... complete....

Much appreciated.

 

Do you know who owns the proxy?
And even if you own it do you think they can’t get your info out of it?

Do you know who Really owns TOR?

I wouldn't be surprised if it was Interpol or CIA.

 

nothing is secure anymore, when ORD happened the "secure" email providers all cooperated with LE

 

Well Tor is the proxy that would be used, and it is run by around two thousand volunteers distributed through out the world. It has no official owner, anyone with a computer and internet connection can set up as a node. Sure exit nodes can sniff your information, that is why you should only use tor with websites encrypted with SSL, so if they do sniff all they get is blocked os aes-256 encrypted text they can't do anything with. Sure some nodes are run by the government probably. But they still can't crack AES-256 SSL encryption, and unless they own your entire circuit they can't trace the connections back to you with out very expensive traffic analysis. With out Tor they could easily trace it back to you with a warrant for the Ecurrency company. Properly used Tor will not put you at more risk than not using Tor, improperly used it can decrease anonymity and security. But if you use it properly it helps a ton. Tor + WIFI would help the most. Also chaining a proxy to the end of Tor can significantly decrease the anonymity and security it offers unless it is a SSL enabled proxy just so you know.

Tor hidden services are end to end encrypted with multi layered encryption, they make it much harder to find servers and any interceptor is going to need to decrypt aes-256 at least once possibly up to three times. not going to happen.

 

Yes the secure email providers lied about their security abilities, but self encryption is still very secure.

Hushmail operated GPG for individuals who used their service. This is a huge security risk, to trust a third party company with your private keys. Hushmail severely overstated their ability to protect people. What they did in operation raw deal was not cracking GPG, but simply logging paraphrases when they were typed in. For a split second the passphrase was in plain text on hushmails servers, and that was long enough for them to log it and use it to decrypt the messages and turn them over to DEA. Also for people who used java instead of javascript with hushmail, they simply bugged the java applet to log passphrases and send them back.

No third party email provider is secure. Using GPG yourself and keeping your private key private, instead of paying a third party company to do this (which none of them can really do, hush and safe mail are snake oil), will keep you very very secure. The government couldn't crack the E-mails stored on hush, they had to use other methods to get the passphrases. Using GPG yourself makes you immune from these techniques as the private key and passphrase is stored on your computer, not another companies server.

 

I just quickly wanted to say..


...on the forums I am part of now, GPG is required as is Tor etc. They cannot down right stop the government from tracking you down but they will sure as hell help. BE SMART

 

All these talks about the incredible possibilities and abilities the secret service is supposed to have really piss me off. Even the big NSA isn't the centre of research, thousands of scientists around the world develop, verify and audit cryptographic algorithms (for example). But of course, all of them live in darkness, only those who for for the NSA/CIA see the light.

I like what you are writing, this thread basically contains everything the average user needs to know.

However the message boards are still a weak point. What we need is a board software with build in cryptographic support. As long as the boards have only a limited size, pcc would offer a limited solution. If multiple recipients are specified, GPG creates a cipher-text that all recipients can decrypt. It would be too cumbersome to do the encryption/decryption for every single post by hand, it has to be done automatically. Such board software doesn't exists yet, as far as I know, but it's certainly possible to develop it.
The advantages of such a system are obvious. Even if the board is hacked or the server is seized,none of the information is compromised.

 

Encryption on such a large scale would be impractical. Even encrypting a single letter to a few dozen recipients generates a giant text block. Plus even with the best group encryption methods, a single leak makes them all for nothing. Also it would only work for static groups, if a new member joined a forum using PCC all messages would need to be decrypted and then encrypted again with all the old keys and the new members key as well.

Also if the encryption is done automatically on the server it would have a similar vulnerability to what was exploited in hushmail (The message could be sniffed before the server encrypts it, or if decryption is automatic so could passphrases).

A custom forum was in development that used automated gpg for the PM system, but not the posts. That is in my opinion the best solution. Also only the encryption was automated, decryption was done client side, firegpg makes this easy (just click on an encrypted message and type in your passphrase and it decrypts to plain text on screen, quite neat). This gets around the vulnerabilities of hushmail where private keys and passphrases can be sniffed. It still has the vulnerability that decrypted messages can be sniffed in the split second that the are not encrypted on the server, but if the server is ever compromised only new messages will be vulnerable. Messages sent before server compromise would still be uncrackable. Of course manual encryption through PM is still best.

The best method for a fully encrypted forum would be semi-public private keys and a client side program that retrieves information from a server.

There are designs for a project such as this, with drug forums as the end goal. But they have never been realized unfortunately.

The general theme is this:

A client side program for members and a server side program to be hosted on an offshore server in Panama.

The server is run as a Tor hidden service to make pin pointing its location very difficult, minimizing the chances of it being located by non members and also minimizing the chances of it being seized.

As the server is a Tor hidden service, the client would need to automatically incorporate the Tor network, so all connections to the server from the clients would take place over Tor. This would make it difficult for members to be traced back even if the server was seized, which as I said before is pretty unlikely in itself.

Because it is a Tor hidden service accessed over Tor, all communications to and from the server would be automatically encrypted with layers of encryption, at least as secure as SSL and depending on the node more secure.

The installer program from the client would install it to a USB drive and then encrypt it with AES-256 and also include a throw away passphrase in case anyone was ever court ordered to give up a passphrase.

Anyways, the member would mount the encrypted USB after installing it and run the client. The client connects to the server over Tor like I already explained.

As far as group encryption goes, each client would have a copy of the same private key. This would be a semi-public private key in that it would be shared but only with members. A member would type a message in the client side program (which would have a GUI that looks similar to a forum in a browser) and when they hit submit, the message would be encrypted to the public key of the shared private key. The message would then be uploaded to the server.

When other members log on to the server, the encrypted message would be downloaded to their computer over the tor network as previously explained, and would be decrypted with the shared private key. A large shared keyfile could be used to replace passphrases and make decryption automated client side.

This way, if the server is seized, only members with the private key could compromise the server. Random LE with out the private key would only have encrypted text and no key.

Authentication would be done with actual private keys. There would be a shared private/public keypair for group encryption/decryption and then each member would have an actual personal public/private gpg keypair. The server would have a list of all members public GPG keys. When a user goes to log on they would be presented with a large randomly generated string or numbers, letters and special characters. They would need to clear sign the string with their actual private key and upload it to the server with the client for authentication. The server would verify the signed information is the same as the information it presented to the user, and then would authenticate the signature and match it to the users public key. This way passwords are not stored on the server hashed but are actually stored on the clients computer. The member does not need to remember a password and user name, they only need to remember the passphrase to their private key so they can clear sign a text string. If the text string is random and changes each time a user logs in, this also removes most risk of sniffing etc, and removes the risk of hashed passwords being cracked. This would work very well for authentication.

When a new member joins the forum, they get a copy of the client program + shared-private/public keys and would upload a self signed copy of their public key.

I can't think of a more secure system. This system has had a lot of speculation and first stage work done on it with the goal of eventually being used for drug forums ,but it never seems to get finished.

 

SECURENYM is said to be safe