Tor Logs Activity but Noone Seems to Care
  
  
 Wipe out these following paths-files out on a regular basis
before and after using Tor,
  
\\Tor Browser\\FirefoxPortable\\App\\Firefox\\|removed-files"
\\Tor Browser\\FirefoxPortable\\App\\Firefox\\|updater.exe"
\\Tor Browser\\FirefoxPortable\\App\\Firefox\\|updater.ini"
\\Tor Browser\\FirefoxPortable\\App\\Firefox\\|update-settings.ini"
\\Tor Browser\\FirefoxPortable\\App\\Firefox\\searchplugins\\|*.*"
\\Tor Browser\\FirefoxPortable\\Data\\profile\\chromeappsstore.sqlite"
\\Tor Browser\\FirefoxPortable\\Data\\profile\\|cookies.sqlite"
\\Tor Browser\\FirefoxPortable\\Data\\profile\\|cookies.sqlite-shm"
\\Tor Browser\\FirefoxPortable\\Data\\profile\\|cookies.sqlite-wal"
\\Tor Browser\\FirefoxPortable\\Data\\profile\\|formhistory.sqlite"
\\Tor Browser\\FirefoxPortable\\Data\\profile\\|mozilla-media-cache\\|*.*"
\\Tor Browser\\FirefoxPortable\\Data\\profile\\|places.sqlite-shm"
\\Tor Browser\\FirefoxPortable\\Data\\profile\\|places.sqlite"
\\Tor Browser\\FirefoxPortable\\Data\\profile\\|places.sqlite-wal"
\\Tor Browser\\FirefoxPortable\\Data\\profile\\bookmarkbackups\\|*.*"
\\Tor Browser\\FirefoxPortable\\Data\\profile\\|signons.sqlite"
\\Tor Browser\\FirefoxPortable\\Data\\profile\\startupCache\\|*.*"
  
  
HERE IS ONE OF THE BLEACH LOGS I’VE SAVED!
  
CLEANING COMPLETE - (24.790 secs)
--------------------------------------------------
18.1MB removed.
Secure file deletion enabled - Gutmann (35 passes)
--------------------------------------------------
  
Details of files deleted
--------------------------------------------------
IE Temporary Internet Files (2 files) 5.02MB
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat 16.00KB
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\????????.default\formhistory.dat 231 bytes
C:\Documents and Settings\Owner\Recent\Desktop.ini 150 bytes
C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\index.dat 16.00KB
C:\Documents and Settings\Owner\Local Settings\Temp\History\History.IE5\desktop.ini 145 bytes
C:\Documents and Settings\Owner\Local Settings\Temp\History\History.IE5\index.dat 16.00KB
C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\0N0N8WJW\desktop.ini 67 bytes
C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\AWBOPSUS\desktop.ini 67 bytes
C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\desktop.ini 67 bytes
C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\DCLCVC6R\desktop.ini 67 bytes
C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat 16.00KB
C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\SYEUN7FZ\desktop.ini 67 bytes
C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\????????.default\XPC.mfl 5.13KB
C:\Documents and Settings\Owner\Cookies\index.dat 16.00KB
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\AEU3LWKW\desktop.ini 67 bytes
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini 67 bytes
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat 16.00KB
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\K1DTPJAP\desktop.ini 67 bytes
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\L813DZKE\desktop.ini 67 bytes
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\MIKM0AVL\desktop.ini 67 bytes
C:\Documents and Settings\Owner\Desktop\TOR\Tor Browser\FirefoxPortable\Data\profile\cookies.sqlite 0.50MB
C:\Documents and Settings\Owner\Desktop\TOR\Tor Browser\FirefoxPortable\Data\profile\formhistory.sqlite 0.19MB
C:\Documents and Settings\Owner\Desktop\TOR\Tor Browser\FirefoxPortable\Data\profile\places.sqlite 10.0MB
C:\Documents and Settings\Owner\Desktop\TOR\Tor Browser\FirefoxPortable\Data\profile\bookmarkbackups\bookmarks-2014-07-24.json 3.06KB
C:\Documents and Settings\Owner\Desktop\TOR\Tor Browser\FirefoxPortable\Data\profile\signons.sqlite 0.31MB
C:\Documents and Settings\Owner\Desktop\TOR\Tor Browser\FirefoxPortable\Data\profile\startupCache\startupCache.4.little 1.87MB
C:\Documents and Settings\Owner\Desktop\TOR\Tor Browser\FirefoxPortable\Data\profile\chromeappsstore.sqlite 96.00KB
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\????????.default\history.dat 378 bytes
--------------------------------------------------
  
  
Regarding the blackout of  \Firefox\Profiles\????????.default\
  
????????.default = eight unique numbers that identify each firefox user
  
This is just standard Mozilla Firefox, btw. Not Tor.
  
  
THE TOR CACHE LOGS THAT WERE BLEACHED ARE SEPERATED BELOW!
  
• cookies.sqlite---------------0.50MB
• formhistory.sqlite-----------0.19MB
• places.sqlite----------------10.0MB
• bookmarks-2014-07-24.json----3.06KB
• signons.sqlite---------------0.31MB
• startupCache.4.little--------1.87MB
• chromeappsstore.sqlite-------96.00KB
  
 The point being that Tor Browser still collects history logs and
cookies just like any other web browser. Here is a link to a report
about the dangers of cookie-cache logging,
  
http://news.cnet.com/8301-1009_3-57606178-83/nsa-tracks-google-ads-to-find-tor-users/
  
 “The NSA then cookies that ad, so that every time you go to a
site, the cookie identifies you. Even though your IP address
changed [because of Tor], the cookies gave you away.”
  
 In the NSA document titled “tor stinks” analysists admit one major
way to identify a targeted Tor connection is by tracking the cookies
(and evercookie.sol - which is an Adobe Flashplayer zombie cookie.)
  
“Use cookies to identify Tor users when they are not using Tor.”
  
“Investigate Evercookie persistence.”
  
http://cryptome.org/2013/10/nsa-tor-stinks.pdf
  
  
 My conclusion: most zero-day exploits against Tor still rely on
rather simple exploitation of third-party marketed cache , unless
that is to say those Black Hat hackers found a BACKDOOR implanted
by an insider, or they discovered undercover agencies hosting a
machine-infecting relay. Never-the-less, forward secrecy and offline
storage is still the best way to remain anonymous.
    <!DOCTYPE html>
<head>
<title>n3tBin</title>
<meta charset=utf-8 />
<meta name="robots" content="noarchive"/>
<link rel="stylesheet" type="text/css" media="screen" href="/pastebin.css?ver=4" />
<link rel="shortcut icon" href="/favicon.ico" type="image/vnd.microsoft.icon">

<script type="text/javascript" src="/pastebin.js?ver=3"></script>
</head>

<body onload="initPastebin()">
<div style="display:none;">
<h1 style="display: none;">pastebin - collaborative debugging</h1>
<p style="display: none;">pastebin is a collaborative debugging tool allowing you to share
and modify code snippets while chatting on IRC, IM or a message board.</p>
<p style="display: none;">This site is developed to XHTML and CSS2 W3C standards.  
If you see this paragraph, your browser does not support those standards and you 
need to upgrade.  Visit <a href="http://www.webstandards.org/upgrade/" target="_blank">WaSP</a>
for a variety of options.</p>
</div>
<div id="titlebar"><div align="center">n3tBin / <a href="http://rage.n3t-t3z.com">Home</a> / <a href="archive">Archive</a></div></div>
<div id="menu">
<h1>Recent Posts</h1>
<ul>
<li ><a href="http://rage.n3t-t3z.com/752">BreakingNewsBack</a><br/>3572 days ago</li><br/>
<li ><a href="http://rage.n3t-t3z.com/751">KILLCEN  cointel</a><br/>3573 days ago</li><br/>
<li ><a href="http://rage.n3t-t3z.com/750">KILLCEN  cyphers</a><br/>3574 days ago</li><br/>
<li ><a href="http://rage.n3t-t3z.com/749">KILLCEN  silicon</a><br/>3575 days ago</li><br/>
<li ><a href="http://rage.n3t-t3z.com/748">KILLCEN  techdir</a><br/>3576 days ago</li><br/>
<li ><a href="http://rage.n3t-t3z.com/747">KILLCEN  torrent</a><br/>3577 days ago</li><br/>
<li ><a href="http://rage.n3t-t3z.com/746">KILLCEN  treehug</a><br/>3579 days ago</li><br/>
<li ><a href="http://rage.n3t-t3z.com/745">KILLCEN  silverb</a><br/>3580 days ago</li><br/>
<li ><a href="http://rage.n3t-t3z.com/744">KILLCEN  exiledo</a><br/>3582 days ago</li><br/>
<li ><a href="http://rage.n3t-t3z.com/743">KILLCEN  dailyca</a><br/>3582 days ago</li><br/>
</ul>
<div class="meta">
<a class="newPost" href="/paste">Make new post</a>
<br />
<a class="arch" href="/archive">Archive</a>
<br /><br />
<a class="arch" href="irc://irc.n3t-t3z.com/n3t-t3z">n3t-t3z IRC</a>
<br /><br />
<span style="font-size:12px; font-weight:bold;">Friends:</span>
<br />
<a class="arch" href="http://www.freesteam.org">FreeSteam.org</a>
<br />
<a class="arch" href="http://www.haxtheplanet.com">HaxThePlanet</a>
</div>
</div>

<div id="content">
<div id="topInfo">

<p style="text-align:center; font-size:17px; font-weight:bold;">Copyright &copy; 2007-2011, <a style="text-align:center; font-size:17px; font-weight:bold;" href="http://www.n3t-t3z.com">n3t-t3z Team</a> <img style="vertical-align:middle;" src="http://www.n3t-t3z.com/misc/ussr32.png"></p>
</div>
<form name="editor" method="post" action="/">
<input type="hidden" name="parent_pid" value=""/>
<div id="paste">
<div id="fmt">Syntax Highlighting: <select name="format">
<option selected="selected" value="text">None</option><option  value="c">C</option><option  value="cpp">C++</option><option  value="csharp">C#</option><option  value="html4strict">HTML (4.0.1)</option><option  value="java">Java</option><option  value="javascript">Javascript</option><option  value="php">PHP</option><option  value="python">Python</option><option  value="ruby">Ruby</option><option  value="xml">XML</option><option value="text">----------------------------</option><option  value="text">None</option><option  value="abap">ABAP</option><option  value="actionscript">ActionScript</option><option  value="ada">Ada</option><option  value="apache">Apache Log File</option><option  value="applescript">AppleScript</option><option  value="asm">ASM (NASM based)</option><option  value="asp">ASP</option><option  value="autoit">AutoIT</option><option  value="bash">Bash</option><option  value="blitzbasic">BlitzBasic</option><option  value="bnf">Backus-Naur form</option><option  value="c">C</option><option  value="c_mac">C for Macs</option><option  value="caddcl">CAD DCL</option><option  value="cadlisp">CAD Lisp</option><option  value="cfdg">CFDG</option><option  value="cpp">C++</option><option  value="cpp-qt">C++/QT</option><option  value="csharp">C#</option><option  value="cfm">ColdFusion</option><option  value="css">CSS</option><option  value="d">D</option><option  value="delphi">Delphi</option><option  value="diff">Diff</option><option  value="div">DIV</option><option  value="dos">DOS</option><option  value="dot">GraphiViz</option><option  value="eiffel">Eiffel</option><option  value="fortran">Fortran</option><option  value="freebasic">FreeBasic</option><option  value="genero">Genero (4GL)</option><option  value="gettext">gettext</option><option  value="glsl">GLSL</option><option  value="gml">Game Maker (GML)</option><option  value="groovy">Groovy</option><option  value="haskell">Haskell</option><option  value="html4strict">HTML (4.0.1)</option><option  value="idl">Uno IDL</option><option  value="inno">Inno</option><option  value="io">IO</option><option  value="ini">INI file</option><option  value="java">Java</option><option  value="java5">Java 5</option><option  value="javascript">Javascript</option><option  value="kixtart">KiXtart</option><option  value="latex">LaTeX</option><option  value="lisp">Lisp</option><option  value="lotusformulas">Lotus Formulas</option><option  value="lotusscript">Lotus Scripts</option><option  value="lua">Lua</option><option  value="matlab">MatLab</option><option  value="mirc">mIRC</option><option  value="mpasm">MPASM</option><option  value="mysql">MySQL</option><option  value="mxml">MXML</option><option  value="nsis">NullSoft Installer</option><option  value="objc">Objective C</option><option  value="ocaml">OCaml</option><option  value="ocaml-brief">Ocaml (Brief)</option><option  value="oobas">Openoffice.org BASIC</option><option  value="oracle8">Oracle 8</option><option  value="pascal">Pascal</option><option  value="per">Per (4GL)</option><option  value="perl">Perl</option><option  value="php">PHP</option><option  value="php-brief">PHP (Brief Version)</option><option  value="plsql">PL/SQL</option><option  value="python">Python</option><option  value="qbasic">QBasic/QuickBASIC</option><option  value="robots">robots.txt</option><option  value="rails">Rails</option><option  value="ruby">Ruby</option><option  value="sas">SAS</option><option  value="scala">Scala</option><option  value="scheme">Scheme</option><option  value="sdlbasic">SDLBasic</option><option  value="smalltalk">Smalltalk</option><option  value="smarty">Smarty</option><option  value="sql">SQL</option><option  value="tcl">TCL</option><option  value="thinbasic">thinBasic</option><option  value="tsql">T-SQL</option><option  value="vb">VisualBasic</option><option  value="vbnet">VB.NET</option><option  value="vhdl">VHDL</option><option  value="visualfoxpro">VisualFoxPro</option><option  value="winbatch">Winbatch</option><option  value="reg">Windows Registry</option><option  value="xml">XML</option><option  value="xpp">X++</option><option  value="z80">Z80 Assembler</option></select></div>
<div id="notes">To highlight particular lines, prefix each line with @@<br />Pressing TAB inserts 3 spaces</div>
<textarea id="code" class="codeedit" name="code2" cols="80" rows="10" onkeydown="return catchTab(this,event)"></textarea>
</div>
<div id="pasteInfo">
<div class="end"></div>
<div id="namebox">
<label for="poster">Paste Name</label><br/>
<input type="text" maxlength="24" size="24" id="poster" name="poster" value="" />
<input type="submit" name="paste" value="Send"/>
<br />
</div>
<div id="expirybox">
<div id="expiryradios">
<label>How long should your post be retained?</label><br/>

<input type="radio" id="expiry_day" name="expiry" value="d" checked="checked" />
<label id="expiry_day_label" for="expiry_day">a day</label>

<input type="radio" id="expiry_month" name="expiry" value="m"  />
<label id="expiry_month_label" for="expiry_month">a month</label>

<input type="radio" id="expiry_forever" name="expiry" value="f"  />
<label id="expiry_forever_label" for="expiry_forever">forever</label>
</div>

<div id="expiryinfo"></div>
</div>


<script>
var RecaptchaOptions = {
   theme : 'clean'
};
</script>
   <div id="recaptcha"><script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LcEBwIAAAAAAN005U-M2xLPbGNFO3yvpXLIi8NS"></script>

	<noscript>
  		<iframe src="http://api.recaptcha.net/noscript?k=6LcEBwIAAAAAAN005U-M2xLPbGNFO3yvpXLIi8NS" height="300" width="500" frameborder="0"></iframe><br>
  		<textarea name="recaptcha_challenge_field" rows="3" cols="40"></textarea>
  		<input type="hidden" name="recaptcha_response_field" value="manual_challenge">
	</noscript></div>
<!-- The password box -->
<div id="password"><label class="passProtected" for="password">Password (Optional)</label><br /><input class="bringDown" type="input" size="21" value="" name="password" /></div>
<div class="end"></div>
</div>
</form>
</div>
</body>
</html>