4 minute read

ers to people keeping themselves anonymous online. He goes by the online handle, “The Grugq”, and Grugq has his own blog which can be found at the following webpage.

It should be noted that Grugq was at one time on the payroll of the US government for finding and selling zero day exploits. If you remember the previous post about how the US federal government is the singlemost purchaser of malware in the world, well Grugq was one of those who sold malware to the government. Unfortunately for him, when he went public about it, they no longer wanted to buy malware from him because they like to maintain their own anonymity when purchasing these exploits. And here is a short biography from an online website.



The Grugq is an Information Security Professional who has has worked with digital forensic analysis, binary reverse engineering, rootkits, Voice over IP, telecommunications and financial security. He has reported to be an exploit broker for 15% of the sale. Last but not least, he has also spoken at various security conferences.


He developed “userland exec”

He is the author of Hash (hacker shell), a tool to enable people to evade detection while penetrating a system.

He has released a voip attack software.

Claims to have made mad loot on being an exploit broker (middleman).

Why are we talking about the Grugq? Who cares? Well, he has some of the best information on keeping yourself anonymous and maintaining privacy online and he is somebody who you should all familiarize yourselves with. He writes blog posts, and he has done video presentations at security and hacker conferences, with his most famous presentation, at least in the world of Silk Road being the one he did on OpSec. Since I know it is hard for Tails users to watch videos on YouTube, I decided to download it from YouTube and upload it to so you all can watch it. The presentation is about 1 hour long, and an essential to everyone who wishes to maintain their anonymity online. Remember, you only have to screw up once.

SHA1 Sum: 1a9e6c67a527b42a05111e1b18c7a037744bb51e
MD5 Sum: b6de41da8d1fca2fabf725f79d2a90df

Once you have downloaded the file, I want you to check something called the checksum of the file. The checksum is where the contents of the entire file get plugged into a mathematical algorithm and output a specific string. You can see the two strings above. This is something you should all get into the habit of doing when possible is verifying the checksum of your files. If you remember when we talked about signature files and PGP, this is another method of verifying your downloads but not as good as the signature files. It should however, whenever provided be performed to verify your downloads when the signature file + PGP combination is not available.

Once you have downloaded the file in Tails, the first thing you should do, is move the file you downloaded to your tmp folder. In order to do this, look up at the top and click Places -> Computer -> File System -> tmp. This is where you move the file your downloaded to, and to keep things easier, rename the file and you will see why you want to do that in a second.

Next we are going to open a terminal window (like a DOS prompt) by clicking the black rectangle icon in the upper left center area of Tails. Once you have opened your terminal window, we are going to perform some Linux commands.

cd /tmp – This will change the current directory you are operating within the terminal to your tmp folder and allow you to more easily access the files in that folder.

sha1sum – This will perform a SHA1 checksum on the file you just downloaded, and you can see why you wanted to rename the file. It should give you the same output as the SHA1 sum listed above.

md5sum – This will perform an MD5 checksum on the file you just downloaded, and is another way of checking the file. SHA1 is better because it is harder produce the same output twice with different file contents using SHA1 versus MD5, but nonetheless, use both whenever possible and always check your downloaded files.

Ok, assuming your downloaded video passed the checksum test, you can be assured that the video file that I uploaded has not been tampered with, or had any malicious code injected into it. When even a single character is changed in the source code of a given file, the checksum output will be completely different. Most people think it may be off by a a few characters, but the difference is always quite large and is why performing checksums is an important way of verifying your downloads.

Since you now have a 1 hour video presentation that you all need to watch and rewatch (You can do this in Tails), I will end this post and continue with my next post from the assumption that you can completed watching this highly recommended and endorsed (by SR administrators and moderators) video on OpSec. We will start looking more into the recommendations from the Grugq. He will be an invaluable resource of information for us, and I will mainly be translating some of his posts into a more understandable format for those of you who are less technically capable and also keeping them on the Silk Road forum hidden services.



Updated: 2014-02-13