Upside: it looks hard to remove all entropy sources from a real machine. A network dump is then enough to reveal the password. Attacker gets more information about the protocol (useful for next MITM attempts), but cannot decrypt harddisk.Ī better attack by intruders is to remove all entropy sources from the powered-down system. In case of a non-match, TPB knows there is a MITM, halts the protocol, assumes the server is untrustworthy. In case of a match, TPB assumes the connection is safe, sends the harddisk encryption key. If there is a MITM, the session keys won't match. TPB checks that the session key received matches the session key in use. Server sends session keys over the SSL connection, possibly obfuscated.
The best counterdefense of The Pirate Bay would be a multistage protocol, like this:įirst encryption key activates some server-side encrypted executable for the rest of the protocol. An attacking data center could thus use this cert+keypair for a MITM, snooping the harddisk password.
Disk aid tpb password#
The password supplier can verify that the other end has a good server certificate before sending the password, but this server cert+keypair must reside in unencrypted storage. The password cannot reside on the server itself ( instant fail), so it must be supplied over a network connection, let's say encrypted with SSL. The defense seems to include full-disk encryption. I think it's relatively simple to attack, even without intruding in the motherboard or buses. I understand that all these servers must have ssh keys to them (or something to that effect) and those keys could all be tied to one person, so non-technical approaches - ie: attacking the admins through social engineering or otherwise - would be more feasible. The hosting providers have no idea that they’re hosting The Pirate Bay, and even in the event they found out it would be impossible for them to gather data on the users. Can this be insecure?Īnother important note is that the server images are password-protected and encrypted (another anti-snooping measure). The transit router and load balancer are physically managed by the admins while the application servers are virtual and with many different cloud providers (on multiple continents), and the communication between the servers and load balancer is encrypted (so as to prevent snooping on the cloud provider's part). If a server receives no communication from the load balancer then it shuts down automatically That load balancer points to one of many servers hosting their application It points to a load balancer (also owned by TPB admins) That transit router is owned and operated by the administrators at TPB (The Pirate Bay) The break-down of access to their website is: Here is the article by with very many interesting tidbits of information.