Time |
Nickname |
Message |
00:13
π
|
|
etudier has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzzβ¦) |
00:19
π
|
|
melas has joined #archiveteam-bs |
00:19
π
|
|
_refeed_ has joined #archiveteam-bs |
00:51
π
|
|
godane has quit IRC (Quit: Leaving.) |
01:10
π
|
|
BlueMaxim has joined #archiveteam-bs |
01:17
π
|
|
refeed has joined #archiveteam-bs |
01:17
π
|
|
refeed has quit IRC (Connection closed) |
01:18
π
|
|
refeed has joined #archiveteam-bs |
01:20
π
|
|
__refeed_ has joined #archiveteam-bs |
01:25
π
|
|
_refeed_ has quit IRC (Ping timeout: 600 seconds) |
01:25
π
|
|
refeed has quit IRC (Read error: Connection reset by peer) |
01:28
π
|
|
Honno has quit IRC (Read error: Operation timed out) |
01:36
π
|
|
_refeed_ has joined #archiveteam-bs |
01:36
π
|
|
__refeed_ has quit IRC (Read error: Connection reset by peer) |
01:44
π
|
|
_refeed_ has quit IRC (Quit: Leaving) |
02:22
π
|
|
fie_ has quit IRC (Ping timeout: 255 seconds) |
02:35
π
|
|
fie_ has joined #archiveteam-bs |
02:53
π
|
|
brayden has quit IRC (Read error: Connection reset by peer) |
02:54
π
|
|
godane has joined #archiveteam-bs |
02:54
π
|
|
brayden has joined #archiveteam-bs |
02:54
π
|
|
swebb sets mode: +o brayden |
02:55
π
|
godane |
so i think my wifi or comcast is fing with me |
02:59
π
|
|
yuitimoth has quit IRC (Read error: error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac) |
02:59
π
|
|
yuitimoth has joined #archiveteam-bs |
02:59
π
|
|
yuitimoth has quit IRC (Read error: error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac) |
02:59
π
|
|
yuitimoth has joined #archiveteam-bs |
03:09
π
|
|
pizzaiolo has quit IRC (Quit: pizzaiolo) |
03:37
π
|
|
godane has quit IRC (Read error: Operation timed out) |
03:42
π
|
|
arkhive has joined #archiveteam-bs |
03:43
π
|
arkhive |
I am having trouble resetting my password on archiveteam.org |
03:44
π
|
arkhive |
i want to update some stuff on the wiki. |
03:55
π
|
|
drumstick has quit IRC (Ping timeout: 255 seconds) |
04:08
π
|
|
arkhive has quit IRC (Quit: My iMac has gone to sleep. ZZZzzzβ¦) |
04:09
π
|
|
yuitimoth has quit IRC (Read error: error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac) |
04:09
π
|
|
yuitimoth has joined #archiveteam-bs |
04:27
π
|
|
VADemon_ has joined #archiveteam-bs |
04:29
π
|
|
VADemon has quit IRC (Ping timeout: 255 seconds) |
04:48
π
|
|
melas has quit IRC (melas) |
04:49
π
|
|
Sk1d has quit IRC (Ping timeout: 250 seconds) |
04:56
π
|
|
Sk1d has joined #archiveteam-bs |
06:04
π
|
|
drumstick has joined #archiveteam-bs |
06:07
π
|
|
DFJustin has quit IRC (Remote host closed the connection) |
06:48
π
|
|
drumstick has quit IRC (Ping timeout: 255 seconds) |
06:49
π
|
|
drumstick has joined #archiveteam-bs |
07:07
π
|
|
DFJustin has joined #archiveteam-bs |
07:07
π
|
|
swebb sets mode: +o DFJustin |
07:11
π
|
|
DFJustin has quit IRC (Remote host closed the connection) |
07:20
π
|
|
Honno has joined #archiveteam-bs |
07:23
π
|
|
DFJustin has joined #archiveteam-bs |
07:23
π
|
|
swebb sets mode: +o DFJustin |
08:11
π
|
|
godane has joined #archiveteam-bs |
08:40
π
|
|
schbirid has joined #archiveteam-bs |
09:01
π
|
|
BartoCH has joined #archiveteam-bs |
09:41
π
|
schbirid |
anyone able to get this to run with wpull? i am onl ygetting an immediate FINISHED... https://pastebin.com/raw/1MQ63tD6 |
09:41
π
|
schbirid |
probably PEBKAC but whyyy |
09:46
π
|
JAA |
DEBUG Skipping βhttp://www.zeit.de/β. |
09:47
π
|
JAA |
Hmm |
10:02
π
|
JAA |
Aaaah |
10:02
π
|
JAA |
schbirid: The problem is in the reject regex. |
10:02
π
|
JAA |
Among others, you ignore /www\.zeit\.de/, which matches http://www\.zeit\.de/. |
10:05
π
|
JAA |
By the way, that regex could also use some other refinements, like replacing . with \. or removing the unnecessary backslashes in front of / and &. |
10:05
π
|
JAA |
And /gtm\.js\.html$ to only match at the end of URLs. |
10:06
π
|
schbirid |
oops |
10:06
π
|
JAA |
The debug output of wpull could definitely be a bit more verbose though. I monkey-patched the DemuxURLFilter to figure out what was going on. |
10:07
π
|
JAA |
That message should be something like "Skipping <URL> (reason: regex)". |
10:07
π
|
schbirid |
\/(jobs|marktplatz|www|zeitreisen).zeit.de/ should not sk... oh |
10:07
π
|
schbirid |
duh |
10:08
π
|
schbirid |
man, how i wish wpull was maintained |
10:11
π
|
JAA |
maintainable* |
10:11
π
|
JAA |
trollius and exception-driven control flow doesn't make it easy. :-/ |
10:11
π
|
JAA |
don't* |
10:12
π
|
schbirid |
=( |
10:24
π
|
|
yuitimoth has quit IRC (Read error: error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac) |
10:24
π
|
|
yuitimoth has joined #archiveteam-bs |
10:37
π
|
|
RichardG has quit IRC (Ping timeout: 260 seconds) |
10:38
π
|
|
RichardG has joined #archiveteam-bs |
10:51
π
|
|
Asparagir has quit IRC (Read error: Connection reset by peer) |
10:51
π
|
|
godane has quit IRC (Read error: Operation timed out) |
10:52
π
|
|
Asparagir has joined #archiveteam-bs |
10:53
π
|
|
svchfoo3 sets mode: +o Asparagir |
10:53
π
|
|
svchfoo1 sets mode: +o Asparagir |
11:02
π
|
|
godane has joined #archiveteam-bs |
11:11
π
|
|
BlueMaxim has quit IRC (Quit: Leaving) |
11:16
π
|
|
sun_shine has quit IRC (Ping timeout: 245 seconds) |
11:28
π
|
|
Soni has quit IRC (Ping timeout: 272 seconds) |
11:48
π
|
|
Soni has joined #archiveteam-bs |
11:50
π
|
|
Stiletto has quit IRC (Ping timeout: 250 seconds) |
11:56
π
|
|
Soni has quit IRC (Ping timeout: 272 seconds) |
12:05
π
|
|
Soni has joined #archiveteam-bs |
12:09
π
|
|
REiN^ has quit IRC (Read error: Operation timed out) |
12:09
π
|
|
REiN^ has joined #archiveteam-bs |
12:17
π
|
|
refeed has joined #archiveteam-bs |
12:33
π
|
|
drumstick has quit IRC (Read error: Operation timed out) |
12:44
π
|
|
Mateon1 has quit IRC (Read error: Operation timed out) |
12:45
π
|
|
Mateon1 has joined #archiveteam-bs |
13:11
π
|
|
etudier has joined #archiveteam-bs |
13:22
π
|
|
Mateon1 has quit IRC (Remote host closed the connection) |
13:22
π
|
|
Mateon1 has joined #archiveteam-bs |
13:35
π
|
|
dd0a13f37 has joined #archiveteam-bs |
14:14
π
|
dd0a13f37 |
You were right about stating my intent |
14:14
π
|
dd0a13f37 |
I got a reply from one of the service operators, they asked from where I was writing and what services I was operating |
14:16
π
|
dd0a13f37 |
>Might want to explain a little bit about who you and why you want the info, so they don't think you work for the RIAA or MPAA or something. |
14:51
π
|
dd0a13f37 |
Should I include this in my email: |
14:51
π
|
dd0a13f37 |
The backups are uploaded to Internet Archive (archive.org), so the easiest way to back up the site would probably be to upload the gzipped torrent files via torrent directly from the server with aria2c or rtorrent (see http://archiveteam.org/index.php?title=Internet_Archive#Uploading_to_archive.org) |
14:52
π
|
dd0a13f37 |
Or is there a better way? |
15:07
π
|
schbirid |
what site? |
15:07
π
|
dd0a13f37 |
itorrents.org |
15:08
π
|
dd0a13f37 |
>Torrent files are cached on disk in gzip format making it extremely time consuming to search for any data contained within the torrent files. |
15:08
π
|
dd0a13f37 |
>The torrent files are saved to disk in gzip format |
15:11
π
|
schbirid |
if i was them, i would not want to give out info about what my service was seeding. might be super illegal stuff inside and publishing that will lead LE or trolls to discover that easily |
15:12
π
|
dd0a13f37 |
They aren't seeding anything |
15:12
π
|
dd0a13f37 |
They're a torrent cache site, they're not indexing it either |
15:13
π
|
dd0a13f37 |
All they do is take torrents uploaded via API, hash them, store them as <hash>.torrent.gz, then serve them |
15:14
π
|
schbirid |
ooh |
15:14
π
|
schbirid |
mixed up with another site with similar layout in my head |
15:15
π
|
dd0a13f37 |
I'm just asking if it's the technologically best solution and if I should recommend it |
15:15
π
|
dd0a13f37 |
to make a torrent, seed with rtorrent/aria2, then upload to ia |
15:27
π
|
|
dd0a13f37 has quit IRC (Ping timeout: 270 seconds) |
15:31
π
|
|
dd0a13f37 has joined #archiveteam-bs |
15:36
π
|
dd0a13f37 |
Apparently, all EFnet servers don't block Tor https://trac.torproject.org/projects/tor/wiki/doc/BlockingIrc |
15:36
π
|
dd0a13f37 |
>βEFnet (most of the servers) |
15:36
π
|
dd0a13f37 |
Which ones don't? |
16:50
π
|
|
icedice has joined #archiveteam-bs |
16:56
π
|
|
pizzaiolo has joined #archiveteam-bs |
16:59
π
|
icedice |
Hi zino |
16:59
π
|
icedice |
"Parameters negotiated with site owner, so don't fiddle with them /zino" |
16:59
π
|
icedice |
^ regarding https://theseus.fi/ |
16:59
π
|
icedice |
What did the site owner say? |
17:00
π
|
icedice |
Was my archivation job a pain in the ass/expensive for them? |
17:00
π
|
dd0a13f37 |
According to itorrents, they get 10-15k torrents/d, so around 200MB/day. They had "almost all", so running a complete bittorrent DHT crawler would probably be quite cheap IF you manage to get a hold of all the legacy data |
17:01
π
|
dd0a13f37 |
although no, that can't be right, either they don't have it all or bittorrent usage has declined by a lot since some arbitrary date |
17:02
π
|
icedice |
I think BitTorrent usage will start going up again evenually |
17:03
π
|
JAA |
icedice: I believe they said that 1 concurrent connection is okay. |
17:04
π
|
icedice |
Once the MAFIAA starts making it too difficult for filehosting sites and streaming sites to operate some people will go back to the resilient torrents |
17:04
π
|
icedice |
JAA: Ok |
17:05
π
|
icedice |
The chat logs here are archived btw, right? |
17:05
π
|
JAA |
Yes. http://archive.fart.website/bin/irclogger_logs |
17:05
π
|
icedice |
Do you remember any details? Channel/date/nick? |
17:06
π
|
JAA |
They weren't here. zino contacted them via email, I think. |
17:06
π
|
icedice |
Ah, ok |
17:06
π
|
JAA |
He posted about it in #archivebot on 2017-09-07. |
17:07
π
|
icedice |
The chat logs are apparently restricted |
17:07
π
|
icedice |
Requires login |
17:07
π
|
JAA |
Yeah. Unfortunately, I don't know the password for those logs. |
17:08
π
|
icedice |
Ok |
17:08
π
|
JAA |
(If anyone does, I'd appreciated a PM.) |
17:08
π
|
icedice |
Do you remember if they were pissed off? |
17:08
π
|
JAA |
Well, they banned the pipeline's IP. |
17:08
π
|
icedice |
That's understandable |
17:09
π
|
JAA |
This is what zino wrote: "The Finnish National Library guy was OK with us continuing the crawl with a concurrency of 1. So he'll unblock us." |
17:09
π
|
icedice |
They probably thought it was a regular DDoS |
17:09
π
|
icedice |
Ok |
17:09
π
|
icedice |
Thanks |
17:09
π
|
JAA |
DoS* |
17:09
π
|
JAA |
I guess we did cause quite a bit of load on their server(s). |
17:10
π
|
icedice |
Weren't there three workers on that archivation job initially? |
17:10
π
|
JAA |
Yep |
17:10
π
|
icedice |
Wouldn't that make it distributed? |
17:10
π
|
JAA |
Which is the default |
17:10
π
|
JAA |
No |
17:10
π
|
JAA |
Three workers = three threads on the same machine. |
17:10
π
|
icedice |
Ah |
17:10
π
|
icedice |
Ok |
17:23
π
|
|
arkhive has joined #archiveteam-bs |
17:25
π
|
dd0a13f37 |
If they want to they can just start going after individual filesharers |
17:26
π
|
dd0a13f37 |
the future is likely popcorntime/similar for a short while then some hackjob that's just decentralized enough that the last parts of the puzzle can be put in some obscure country where it doesn't get taken down |
17:28
π
|
dd0a13f37 |
bittorrent is not secure or resillient, they could go after it a lot harder than they do right now |
17:34
π
|
|
arkhive has quit IRC (Quit: My iMac has gone to sleep. ZZZzzzβ¦) |
17:38
π
|
|
arkhive has joined #archiveteam-bs |
17:56
π
|
|
arkhive has quit IRC (Quit: My iMac has gone to sleep. ZZZzzzβ¦) |
18:01
π
|
|
etudier has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzzβ¦) |
18:06
π
|
zino |
icedice: JAA got yuu up to date. Unfortunately shortly after restarting the job it hung with 90k links left or something. I'd rather let it be stalled until I have time to look at it so that no one reschedules the job and lands me in more trouble with the Finns. |
18:08
π
|
icedice |
zino: I see, ok |
18:10
π
|
icedice |
dd0a13f37: a logless, leak proof VPN and/or an anonymously purchased seedbox takes care of that |
18:10
π
|
zino |
icedice, and fair warning, it might take weeks before I get to it. |
18:10
π
|
icedice |
Ok, that's fine |
18:12
π
|
icedice |
Even if we don't get those last links the site is still updating on more or less a yearly basis (students usually upload in the fall as far as I know, though there are probably a lot of exceptions to that as well), so the crawl could be redone in a few years or so |
18:14
π
|
icedice |
BitTorrent is currently the most resillient solution for filesharing though |
18:24
π
|
dd0a13f37 |
that doesn't make it resillient |
18:25
π
|
dd0a13f37 |
you could go after vpn providers like in russia, and they're only good for downloading |
18:25
π
|
dd0a13f37 |
there are much more resillient solutions, gnunet etc |
18:26
π
|
dd0a13f37 |
bittorrent needs indexers, trackers, torrent caches, they're all centralized points of failure |
18:26
π
|
dd0a13f37 |
can't you restrict the crawls to during the night if you're worried about load? can't imagine too many people wanting to download thesis papers at 5am |
18:29
π
|
dd0a13f37 |
the upload rate feels quite constant, look at https://theseus.fi/recent-submissions and replace offset with different values, then look at upload date |
18:42
π
|
icedice |
Can GNUnet handle huge filesizes and heavy loads from many downloaders? |
18:42
π
|
icedice |
VPN hides uploaders just as good |
18:42
π
|
icedice |
But yeah, dead torrents is a problem |
18:44
π
|
icedice |
VPN bans only happen in totalitarian countries like Russia, China, and in the future maybe the UK at most in Europe |
18:44
π
|
icedice |
But yeah, it's still an issue |
18:45
π
|
icedice |
Private trackers are pretty secure in general though and well-seeded |
18:48
π
|
dd0a13f37 |
Yes, GNUnet works like tor but instead of optimizing for low latency/low speed they optimized for high latency/high speed |
18:49
π
|
dd0a13f37 |
Nobody important cares about torrents right now, but people were really upset about it in the 00's |
18:50
π
|
dd0a13f37 |
All they do now is send out an abuse notice here and there, but they used to have lots of shady dealings (ddos, hacking, straight up bribery) |
18:50
π
|
dd0a13f37 |
No, it hides uploaders but running a tracker behind a VPN isn't possible (unless you have a static IP, and then you're not really talking about a vpn) |
18:51
π
|
dd0a13f37 |
Private trackers, same thing there, if they actually did give a shit they wouldn't be operational |
19:07
π
|
icedice |
Ah |
19:07
π
|
icedice |
I wasn't talking about trackers, just uploaders, but you're right |
19:08
π
|
icedice |
They could probably do what some torrent sites do for their main site though |
19:10
π
|
|
refeed has quit IRC (Ping timeout: 600 seconds) |
19:10
π
|
icedice |
Which is set up a reverse proxy to some bulletproof hosting provider in some country that is on unfriendly terms with the US or at least doesn't give a shit about what Americans think |
19:12
π
|
icedice |
For example, The Pirate Bay uses VinaHost - which is based in Vietnam - for their reverse proxy |
19:12
π
|
icedice |
Venezuela wo |
19:12
π
|
icedice |
uld probably also do the trick |
19:13
π
|
icedice |
RuTracker would probably be operational even if it was on their radar, which it is |
19:13
π
|
icedice |
since it's based in Russia |
19:14
π
|
icedice |
RuTracker was in some official MAFIAA piracy shitlist from 2016 |
19:16
π
|
VADemon_ |
Rutracker is not based in Russia else they'd have been taken down. (they're banned but still online) |
19:20
π
|
dd0a13f37 |
There are no bulletproof hosts though |
19:21
π
|
dd0a13f37 |
Why do you think botnets use decentralized architectures? |
19:22
π
|
dd0a13f37 |
They still need a domain, and you could just ask US ISPs to BGP hijack them |
19:23
π
|
dd0a13f37 |
There is nothing preventing someone from just doing a DoS attack on VinaHost until they stop hosting them |
19:25
π
|
dd0a13f37 |
The reverse proxy is the one that needs to be bulletproof, the backend can be hosted on amazon if you want |
19:26
π
|
dd0a13f37 |
That the internet is "technologically uncensorable" is just an illusion, the only reason Tor works in e.g. China is because the US is a safe haven. Running a tor entry guard/bridge inside china is an excercise in futility |
19:44
π
|
|
Xibalba has quit IRC (Remote host closed the connection) |
19:46
π
|
|
Xibalba has joined #archiveteam-bs |
19:50
π
|
icedice |
VinaHost is the reverse proxy |
19:50
π
|
icedice |
Nobody knows who is really hosting The Pirate Bay |
19:51
π
|
dd0a13f37 |
Yes, the real host doesn't matter since they will never get any abuse letters, the point of failure is vinahost |
19:51
π
|
icedice |
Yeah |
19:51
π
|
dd0a13f37 |
and TPB isn't heavily attacked. If you want to see what it looks like when someone with a large amount of resources wants to censor something, look at IS |
19:52
π
|
dd0a13f37 |
internet archive, twitter, liveleak, any domains get shut down in a matter of hours |
19:52
π
|
joepie91_ |
icedice: there's no such thing as a "logless VPN" (assuming referring to a third-party VPN service) as you can never verify that they are not keeping logs |
19:52
π
|
dd0a13f37 |
They could be bound by contract to not, though |
19:52
π
|
joepie91_ |
and VPN services absolutely _are not_ anonymous, the marketing from VPN service providers notwithstanding |
19:53
π
|
joepie91_ |
dd0a13f37: no, they can't |
19:53
π
|
joepie91_ |
contracts are null and void in a legal investigation and that's the only point where you're ever going to find out anyway |
19:53
π
|
icedice |
The Iron Dong at least makes the whack-a-mole game a bit more difficult |
19:53
π
|
icedice |
https://vc.gg/blog/announcing-the-iron-dong-hidden-service-backup-system.html |
19:53
π
|
joepie91_ |
the idea of using VPNs for anonymity is 100% snakeoil |
19:53
π
|
dd0a13f37 |
No, they would still violate the contract, they can't be forced to keep logs, so they would have to proactively (as opposed to reactively) do something |
19:53
π
|
icedice |
I figured it wouldn't take long before you popped up :D |
19:54
π
|
joepie91_ |
(and entirely perpetuated by the providers selling the services, because it has almost no operational costs and high profits, ie. lucrative business) |
19:54
π
|
icedice |
Read some of the arguements on GitHub |
19:54
π
|
icedice |
There are about 200+ VPN services |
19:54
π
|
joepie91_ |
dd0a13f37: this is not representative of how these investigations work in reality |
19:54
π
|
icedice |
The vast majority of them are pure shit |
19:54
π
|
joepie91_ |
no, not "the vast majority of them" --- *every single one of them* is dishonest and should be avoided. |
19:54
π
|
icedice |
Private Internet Access is confirmed to not log |
19:54
π
|
joepie91_ |
bullshit. |
19:54
π
|
dd0a13f37 |
There are VPN providers that have held up in court though. |
19:55
π
|
joepie91_ |
there is no such thing as "confirmed to not log" |
19:55
π
|
icedice |
Either that or they just straight up lied in court to protect someone behind a bomb threat |
19:55
π
|
joepie91_ |
a specific party at one point either decided to make the claim without basis, or inspected a system that *at the time* did not show any evidence of logging |
19:55
π
|
joepie91_ |
this is worthless if what you're going for is protection from authorities |
19:56
π
|
dd0a13f37 |
If they've been in 100 court cases before, in all of which they've been confirmed not to keep logs, extrapolating, what will happen time #101? |
19:56
π
|
joepie91_ |
icedice: very possible. |
19:56
π
|
dd0a13f37 |
But why? |
19:56
π
|
joepie91_ |
because it is operationally far cheaper and safer to quietly hand over logs and then publicly state on the record that they don't have logs? |
19:57
π
|
icedice |
ProtonVPN, Mullvad, AirVPN, and OVPN.com are pretty much the only VPN services I'd classify as good enough |
19:57
π
|
dd0a13f37 |
Most civilized countries have public police investigations |
19:57
π
|
joepie91_ |
if you're willing to bet your freedom on that not being the case, then go ahead - but the idea that you can somehow 'confirm' reliably that a VPN service doesn't log, as a third party, is a complete myth |
19:57
π
|
icedice |
And if I do something that needs complete anonymity then it would be via Tor Browser |
19:58
π
|
joepie91_ |
dd0a13f37: right, those same civilized countries where the exact papertrail for investigations was retroactively made up to protect intelligence sources, and showing massive overreach from intelligence agencies? |
19:58
π
|
icedice |
But for the most part I want to be able to torrent |
19:58
π
|
icedice |
To not have my ISP log all of my shit |
19:58
π
|
joepie91_ |
not a very convincing argument. |
19:58
π
|
icedice |
(I trust any of those four VPN providers more than the fuckwads at my shady ISP) |
19:58
π
|
dd0a13f37 |
sweden doesn't have any such track record, neither does it have a sufficiently functioning police |
19:59
π
|
joepie91_ |
okay, I'm tired of arguing pseudo-privacy tropes for tonight |
20:00
π
|
icedice |
It's not a perfect system, but it works well enough for the purposes I use it for |
20:00
π
|
dd0a13f37 |
There is a difference between reactive and proactive, and there is a difference between getting one record from an inverted index and iterating over all of them |
20:00
π
|
icedice |
I don't plan on leaking state secrets via VPN or something |
20:00
π
|
joepie91_ |
(it's always the same series of arguments and I'm tired of running the same discussion on a loop for hours on end) |
20:00
π
|
icedice |
But it's nice to have an encrypted connection on school WiFi |
20:00
π
|
dd0a13f37 |
What are your thoughts on VPN providers with diskless servers? |
20:00
π
|
icedice |
bs |
20:01
π
|
icedice |
I sent an email to Mullvad asking if they could consider implementing it like OVPN.com had |
20:01
π
|
icedice |
and they told me that it doesn't matter |
20:02
π
|
icedice |
since an attacker could just have the traffic redirected and recorded elsewhere or something like that |
20:02
π
|
icedice |
I can pull up the exact quote if you want |
20:03
π
|
icedice |
And it's also nice to have some extra protection against data brokers and tracking companies |
20:03
π
|
dd0a13f37 |
that's a fair point tbh |
20:03
π
|
icedice |
and yeah, I know about browser fingerprinting |
20:03
π
|
dd0a13f37 |
just use torbrowser like a normal person |
20:03
π
|
dd0a13f37 |
that way you know exactly what guarantees you're getting and which ones you aren't |
20:04
π
|
icedice |
I've taken countermeasures against that as well, like Random Agent Spoofer |
20:04
π
|
icedice |
Why not both |
20:04
π
|
dd0a13f37 |
random agent spoofer just adds to your fingerprint man |
20:04
π
|
dd0a13f37 |
Because torbrowser is the absolute minimum, you can't get less |
20:04
π
|
icedice |
I have it change for every request |
20:05
π
|
icedice |
I don't want to run everything via Tor Browser |
20:05
π
|
dd0a13f37 |
You're not protected against: canvas fingerprinting, web font fingerprinting, resolution (even without JS thanks to mediaqueries), js execution time,etc |
20:05
π
|
icedice |
Firefox is good enough for me even if the protection isn't 100% |
20:05
π
|
dd0a13f37 |
torproject has spent tremendous amounts of time on protecting against fingerprinting, it's still not 100% with JS |
20:06
π
|
dd0a13f37 |
But random agent is just pure placebo |
20:06
π
|
icedice |
There are two add-ons against canvas tracking, but they probably don't work anymore thanks to the WebExtensions thing |
20:06
π
|
dd0a13f37 |
Use one agent and have it be something reasonably common that fits with your browser |
20:07
π
|
dd0a13f37 |
Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0 |
20:07
π
|
icedice |
That still collects all my info to one profile |
20:07
π
|
icedice |
Running Tor Browser over VPN gives you a few advantages: |
20:07
π
|
icedice |
Your ISP can't see that you're running Tor |
20:08
π
|
dd0a13f37 |
that's irrelevant and you could use bridges for it |
20:08
π
|
dd0a13f37 |
Tor over VPN is useful, but running random ua in it is not |
20:09
π
|
icedice |
There is some protection against correlation attacks, zero day exploits, and malware that pings out your non-Tor IP |
20:09
π
|
icedice |
An extra layer |
20:10
π
|
dd0a13f37 |
yes, but if you're not using tbb then you're doing something very wrong |
20:10
π
|
icedice |
I don't need TBB for everything |
20:11
π
|
dd0a13f37 |
then you shouldn't use tor |
20:11
π
|
icedice |
If I want to post something anonymously or something I'd use Tor Browser over VPN |
20:11
π
|
icedice |
If it's just everyday stuff then I just use VPN |
20:11
π
|
dd0a13f37 |
tor and tbb or regular connection and regular browser, mixing them is just an accident bound to happen |
20:12
π
|
icedice |
I just use Tor Browser |
20:12
π
|
icedice |
I don't use the standalone Tor network software |
20:12
π
|
dd0a13f37 |
yes, which is secure, but it becomes less secure and not more by installing random agent spoofer |
20:12
π
|
dd0a13f37 |
tor browser has a built in copy of tor, tor(daemon) is just useful for torifying other software |
20:13
π
|
dd0a13f37 |
but browsers are such a big can of worms that you can't just chuck localhost:9050 in the proxy settings and call it a day |
20:13
π
|
icedice |
I don't modify Tor Browser |
20:13
π
|
dd0a13f37 |
good |
20:13
π
|
icedice |
(not that stupid) |
20:14
π
|
icedice |
Aside from the security settings (enable/disable JavaScript and all that) I don't touch anything |
20:14
π
|
icedice |
Firefox I have to heavily modify to have some sort of privacy |
20:14
π
|
VADemon_ |
the about:addons loads google tracking scripts ;) |
20:15
π
|
icedice |
it does? |
20:15
π
|
VADemon_ |
https://www.ghacks.net/2017/07/13/privacy-blunder-firefox-getaddons-page-google-analytics/ |
20:16
π
|
dd0a13f37 |
if you want privacy in firefox just modify it to become as similar to TBB as possible (user agent to tor, disable webrtc and canvas in about config, some more stuff in about:config) |
20:16
π
|
VADemon_ |
The website it loads inside of about:addons does, but it's mozilla's website yet still |
20:16
π
|
dd0a13f37 |
that's about it |
20:16
π
|
dd0a13f37 |
i got to switch over to palemoon soon, firefox is going straight down the drain |
20:19
π
|
VADemon_ |
The TotalSpoof add-on sets your UA to a common value. I believe it's better to use some generic wide-spread FF UA than using Tor Browser's |
20:19
π
|
dd0a13f37 |
they're the same thing |
20:19
π
|
dd0a13f37 |
torbrowser's ua is the most common ff ua |
20:20
π
|
VADemon_ |
oh ok |
20:21
π
|
dd0a13f37 |
https://panopticlick.eff.org/ |
20:21
π
|
dd0a13f37 |
one in 121.77/6.93 bits |
20:21
π
|
dd0a13f37 |
what does your "privacy friendly" firefox get you? |
20:22
π
|
VADemon_ |
less google pwnership |
20:23
π
|
|
schbirid has quit IRC (Quit: Leaving) |
20:23
π
|
dd0a13f37 |
this is for torbrowser |
20:34
π
|
icedice |
<VADemon_> The TotalSpoof add-on sets your UA to a common value. I believe it's better to use some generic wide-spread FF UA than using Tor Browser's |
20:34
π
|
dd0a13f37 |
they're both the same thing |
20:34
π
|
icedice |
Nice, I'll probably replace Random Agent Switcher with TotalSpoof |
20:34
π
|
VADemon_ |
I didn't know Tor Browser doesnt have its own UA. and it sounded like it did |
20:35
π
|
dd0a13f37 |
De facto it has, it's just the one that's shared by the most others |
20:35
π
|
Frogging |
I'm more concerned about HTML5 canvas fingerprinting |
20:35
π
|
dd0a13f37 |
you can disable canvas |
20:35
π
|
dd0a13f37 |
don't lose out on much |
20:35
π
|
VADemon_ |
one in 6500 browsers, so current TotalSpoof's definitely bad |
20:35
π
|
icedice |
Disable JavaScript |
20:35
π
|
VADemon_ |
NoScript + uBlock Origin do the 99% of the job |
20:35
π
|
icedice |
That disables the canvas trackers |
20:35
π
|
icedice |
And wrecks most webpages |
20:36
π
|
icedice |
https://alternativeto.net/list/security-and-privacy-enhancing-firefox-add-ons |
20:37
π
|
icedice |
^ I'm using all of this minus RequestPolicy (ain't nobody got time for that) and Mailvelope |
20:38
π
|
dd0a13f37 |
doesn't firefox send a list of your addons |
20:38
π
|
Frogging |
sometimes when I really don't want to be watched, I make a brand new VM or VPS |
20:38
π
|
dd0a13f37 |
check your panopticlick score |
20:38
π
|
icedice |
Oh, and Cookie AutoDelete instead of Self-Destructing Cookies |
20:38
π
|
icedice |
Since Self-Destructing Cookies won't become a WebExtension |
20:39
π
|
icedice |
The site has been calculating my fingerprint for forever |
20:39
π
|
icedice |
Do I need to enable cookies for that site or something? |
20:40
π
|
icedice |
Or maybe one of my many uBlock Origin filterlists is blocking something for the site? |
20:40
π
|
VADemon_ |
uBlock Origin blocks it, NoScript won't allow to run ANYTHING to begin with |
20:41
π
|
icedice |
But I can already tell you that my fingerprint is probably unique |
20:41
π
|
icedice |
And I get a new fingerprint for each webpage I visit |
20:41
π
|
|
lag has quit IRC (Remote host closed the connection) |
20:42
π
|
dd0a13f37 |
didn't noscript have some really severe issues? |
20:42
π
|
icedice |
Yeah, but I only use NoScript to block pop-ups / pop-unders |
20:42
π
|
Frogging |
severe issues like what? |
20:42
π
|
dd0a13f37 |
don't remember, might have been something with the developer |
20:42
π
|
icedice |
^ response to VADemon_'s comment |
20:43
π
|
icedice |
The NoScript site has some ads that are almost impossible to block that appear on the update pages |
20:43
π
|
icedice |
Advertising some crapware PC cleaner iirc |
20:43
π
|
icedice |
PC Speedbooster or whatever |
20:44
π
|
icedice |
But Tor Browser still uses NoScript, so it can't be too bad then |
20:44
π
|
dd0a13f37 |
they change the settings though |
20:44
π
|
dd0a13f37 |
there's no whitelist |
20:44
π
|
dd0a13f37 |
by default |
20:44
π
|
Frogging |
I'm running AdNauseam with dynamic filtering set such that it only runs on sites I explicitly specify |
20:45
π
|
icedice |
I tried AdNauseum |
20:45
π
|
icedice |
I like the idea, but it fucked up my browsers preformance to the point that it almost crashed within the first try |
20:46
π
|
JAA |
I block most ads at the DNS level. |
20:46
π
|
icedice |
Plus I prefer to block ads instead of toying around with them |
20:46
π
|
icedice |
<Frogging> sometimes when I really don't want to be watched, I make a brand new VM or VPS |
20:46
π
|
icedice |
You'd have to purchase that VPS anonymously then |
20:46
π
|
|
frontop has quit IRC () |
20:47
π
|
icedice |
And Bitcoin is useless for that now btw |
20:47
π
|
Frogging |
if I can do my bit to disrupt/unbalance the ad economy it makes me happy |
20:47
π
|
Frogging |
yes, true |
20:48
π
|
JAA |
icedice: Why "now"? |
20:48
π
|
icedice |
So either an anonyous crypto-currency like Monero/Dash/Zerocoin, pre-paid cards like Paysafecard/Mint Prepaid/Neosurf, pre-paid debit/credit cards or cash |
20:48
π
|
Frogging |
though I'm more concerned with automated systems linking requests together than I am with someone singling me out to try and steal my info from the VPS provider |
20:49
π
|
Frogging |
unfortunately I think many of them do not accept prepaid CCs |
20:49
π
|
icedice |
They don't have to steal the info from your VPS provider |
20:49
π
|
dd0a13f37 |
if you're going to buy a brand new vps you might as well just use tor browser, it's not so slow |
20:49
π
|
icedice |
Just coerce the VPS provider |
20:50
π
|
icedice |
Especially if it's in Five Eyes |
20:50
π
|
Frogging |
or that |
20:50
π
|
Frogging |
maybe they already have all the info from VPS providers |
20:50
π
|
icedice |
I'd probably use https://abelohost.com/ if I was to get a VPS to use as VPN |
20:51
π
|
Frogging |
what do you think of PrivateInternetAccess? |
20:51
π
|
icedice |
Since apparently Private Layer has gone to shit |
20:51
π
|
Frogging |
https://www.privateinternetaccess.com/ |
20:51
π
|
icedice |
It's American |
20:52
π
|
icedice |
That alone is enough for me to not use it |
20:52
π
|
Frogging |
yes, but their FAQ says that America is one of the few countries that doesn't require them to retain logs |
20:52
π
|
icedice |
The US is one of the worst jurisdictions in the world to run online services in if you care about privacy |
20:53
π
|
dd0a13f37 |
But they're one of the best for freedom of speech |
20:53
π
|
dd0a13f37 |
So you have to pick your poison |
20:53
π
|
icedice |
All the US government needs to do is send a National Security Letter + gag order demanding that PIA starts logging users and handing the US government backdoor access |
20:53
π
|
dd0a13f37 |
I've had this idea about running a site that dynamically moves content |
20:54
π
|
icedice |
And then they either have to comply, shut down their company, or go to prison |
20:54
π
|
icedice |
Like with Lavabit |
20:54
π
|
dd0a13f37 |
so it has one server in germany used by default, if something is reported for hate speech it's moved to the US server, if it's reported for DMCA it gets moved to egypt/iraq |
20:54
π
|
dd0a13f37 |
and so on |
20:54
π
|
icedice |
Iceland has a pretty good jurisdiction |
20:54
π
|
icedice |
But Freedom of Speech protection depends on what you're discussing |
20:55
π
|
dd0a13f37 |
US has very strong no matter what |
20:55
π
|
icedice |
True, but if your site is about US government leaks, the US is a shitty place to be |
20:56
π
|
icedice |
If your site critizises immigration, you probably want to stay out of the UK, Germany, and Sweden |
20:57
π
|
dd0a13f37 |
Then everywhere is |
20:57
π
|
dd0a13f37 |
discussing them won't give you any problems |
20:57
π
|
dd0a13f37 |
and leaking them will even if you're in venezuela |
20:59
π
|
dd0a13f37 |
0..9 in ascii is encoded as 30..39 when viewed in hexadecimal |
20:59
π
|
dd0a13f37 |
how fucking neat isn't that |
20:59
π
|
icedice |
https://translate.google.com/translate?sl=sv&tl=en&js=y&prev=_t&hl=en&ie=UTF-8&u=https%3A%2F%2Fsv.wikipedia.org%2Fwiki%2FFlashback_Forum&edit-text=&act=url |
20:59
π
|
dd0a13f37 |
Flashback is hosted in the US |
20:59
π
|
dd0a13f37 |
and for some unclear reason has rules against hate speech |
20:59
π
|
icedice |
^ Flashback moved to the US since it wasn't politically correct enough for Sweden |
20:59
π
|
dd0a13f37 |
which are not enforced |
21:00
π
|
dd0a13f37 |
that has to do with Law on responsibility for electronical bulletin boards |
21:00
π
|
icedice |
brb |
21:00
π
|
|
icedice has quit IRC (Quit: Leaving) |
21:03
π
|
|
icedice has joined #archiveteam-bs |
21:04
π
|
dd0a13f37 |
https://web.archive.org/web/20060504212948/http://www.sweden.gov.se:80/content/1/c6/02/61/42/43e3b9eb.pdf |
21:05
π
|
icedice |
Frogging: Private Internet Access' one pro is that they have been tested in court |
21:06
π
|
icedice |
The fact that they don't log could change though, depending on how hard the US government pressures them |
21:06
π
|
dd0a13f37 |
https://www.flashback.org/regler 1.03 Incitement of racial hatred[hate speech] It's forbidden to threaten or express dislike against specially threatened [protected] groups, in regard to race, skin color, national or ethnical origin, faith or sexual identity. |
21:07
π
|
Frogging |
wow, wtf |
21:07
π
|
dd0a13f37 |
dislike is a bad translation though |
21:07
π
|
dd0a13f37 |
but it's essentially parroted from swedish law for some unclear reason |
21:08
π
|
Frogging |
the first one you posted says it does not apply to "services that are protected by the Freedom of the Press Act or the Fundamental Low on Freedom of Expression" |
21:08
π
|
icedice |
The UK's anti-hate new speech law is even worse |
21:08
π
|
Frogging |
Law* |
21:08
π
|
icedice |
* new anti-hate speech law |
21:08
π
|
dd0a13f37 |
Yes, that's if they have an issuing permit which is granted to newspapers, this also makes them immune to large parts of the law on personal data |
21:09
π
|
dd0a13f37 |
which is why aftonbladet could legally hire hackers to hack flashback and then dox some random people |
21:09
π
|
icedice |
Under the UK's new anti-hate speech law it's the "victim" who decides if you have broken the law |
21:10
π
|
Frogging |
source? |
21:10
π
|
dd0a13f37 |
Which one? "Criminal Justice and Immigration Act 2008"? |
21:11
π
|
JAA |
The German one is also pretty bad. |
21:13
π
|
dd0a13f37 |
swedish one is surprisingly sane all things considered, it doesn't restrict "relevant and trutful" statements nor statements made in private |
21:15
π
|
|
fie_ has quit IRC (Leaving) |
21:15
π
|
|
fie has joined #archiveteam-bs |
21:23
π
|
icedice |
Frogging: https://www.youtube.com/watch?v=yfLl3KUnxSk#t=8m7s |
21:23
π
|
icedice |
^ the exact quote of the law is there in the video (can't find it on CPS' website atm) |
21:23
π
|
icedice |
And a bunch of source links are in the description |
21:24
π
|
icedice |
<JAA> The German one is also pretty bad. |
21:24
π
|
icedice |
Yeah, was just about to say that |
21:24
π
|
icedice |
Germany wants to police websites on an international level |
21:25
π
|
JAA |
Germany wants the website's *operators* to police their websites. |
21:25
π
|
dd0a13f37 |
how? |
21:25
π
|
JAA |
Well, basically. |
21:25
π
|
Frogging |
brb starting a controversial website |
21:25
π
|
icedice |
And censor stuff for people who don't even live in Germany |
21:25
π
|
icedice |
56 million euro fines |
21:25
π
|
dd0a13f37 |
But not the other way around? They wouldn't censor foreign websites? |
21:26
π
|
Frogging |
how do they fine people who don't live in germany |
21:26
π
|
icedice |
if appropriate action is not taken within 24 hours it's fine time iirc |
21:26
π
|
icedice |
idk |
21:27
π
|
JAA |
"Obviously illegal" content has to be deleted within 24 hours, less obvious cases must be reviewed within 7 days. |
21:27
π
|
dd0a13f37 |
Anyone here interested in scraping bittorrent and has a VPS with decent internet and aria2c (available in repos)? |
21:28
π
|
dd0a13f37 |
https://pastebin.com/Nz672PWc |
21:28
π
|
JAA |
At least small platforms aren't affected by NetzDG. It's only relevant for social networks with more than 2M users, I think. |
21:29
π
|
dd0a13f37 |
would build a nice starting point, when you have the most common ones then you can start with the more interesting scraping techniques |
21:30
π
|
dd0a13f37 |
So basically just facebook? |
21:30
π
|
JAA |
Facebook, Twitter, YouTube, and so on |
21:31
π
|
dd0a13f37 |
facebook being forced to censor stuff is no big freedom of speech problem tbh |
21:31
π
|
VADemon_ |
dd0a13f37: I have an idle dedi. |
21:31
π
|
odemg |
bruh |
21:31
π
|
odemg |
godane we got em |
21:31
π
|
JAA |
odemg: The 24k tapes? |
21:31
π
|
dd0a13f37 |
the big issue is when people feel they should take matters into their own hands (internet archive) and censor stuff |
21:32
π
|
dd0a13f37 |
which is the only big political censorship on the internet i've ever seen |
21:32
π
|
dd0a13f37 |
VADemon_: Interested in bittorrent scraping? |
21:32
π
|
odemg |
JAA, yiss |
21:32
π
|
JAA |
Nice! |
21:32
π
|
VADemon_ |
Totally. I even have logs of my own bittorrenting to find the scraping bots :P |
21:32
π
|
dd0a13f37 |
check out the pastebin link |
21:33
π
|
godane |
odemg: thats good |
21:33
π
|
odemg |
thank fuck, but also thanks myspleen for thinking they could get their hands on it :p |
21:33
π
|
dd0a13f37 |
There is no public torrent archive, if you can download the easy ones properly then you can focus on the hard parts |
21:34
π
|
dd0a13f37 |
as in, from another torrent, not from scraping |
21:34
π
|
dd0a13f37 |
its a bit ugly but it should work |
21:34
π
|
VADemon_ |
Scraping as in archiving or simply indexing? |
21:34
π
|
dd0a13f37 |
scraping as in getting the torrent files but not downloading what they point to |
21:35
π
|
dd0a13f37 |
getting all(all) torrent files is feasible (2-3tb of content at most), getting even a small fraction of torrent file contents is just impossible |
21:36
π
|
dd0a13f37 |
you would end up with a large folder of files like "da39a3ee5e6b4b0d3255bfef95601890afd80709.torrent" |
21:37
π
|
VADemon_ |
I need to tthink twice about it, because the server is located in germany and there have been precedents of lawyers catching up/downloaders of piracy torrents |
21:37
π
|
dd0a13f37 |
indexing the files later on is trivial, all you need to do is put them into a bencode parser, put the results in a database, and apply fts directly to files |
21:37
π
|
dd0a13f37 |
you're not downloading the files though |
21:37
π
|
dd0a13f37 |
just the torrent files |
21:37
π
|
VADemon_ |
I know. |
21:38
π
|
dd0a13f37 |
if you have a VPN an ugly solution is to just install openvpn on the server while it's running |
21:44
π
|
icedice |
JAA: About Bitcoin anonymity: http://cordis.europa.eu/news/rcn/141335_en.html |
21:46
π
|
icedice |
There was also a post on /r/DarknetMarkets from someone who works with anti-money laundering for Australian banks who had attended a Blockchain analysis seminar |
21:47
π
|
dd0a13f37 |
xmr.to |
21:48
π
|
dd0a13f37 |
they also have an onion apparently http://xmrto2bturnore26.onion/ |
21:49
π
|
dd0a13f37 |
but really, they missed that train, if they want to do something now their only option is dos attacks on bitcoin nodes |
21:49
π
|
icedice |
Apparently CIA sponsored big data company Palantir Technologies (started by Peter Thiel) has invented a system that with the help of banks can correlate Bitcoin payments back to the bank accounts used to purchase them |
21:49
π
|
icedice |
Can't find the thread atm though :/ |
21:50
π
|
dd0a13f37 |
you can buy with cash, you could also use monero and an exchange as a tumbler (for example xmr.to as i linked earlier) |
21:50
π
|
JAA |
Yeah, but what's new about that? |
21:50
π
|
JAA |
Bitcoin was never designed to be anonymous. |
21:51
π
|
JAA |
Well, you can use it completely anonymously by mining, but... |
21:53
π
|
icedice |
https://www.reddit.com/r/DarkNetMarkets/comments/51hs6n/antimoney_laundering_and_counter_terrorism/d7c37k2/ |
21:53
π
|
dd0a13f37 |
There is also coinjoin |
21:53
π
|
icedice |
^ found the author |
21:53
π
|
icedice |
The thread follow-up thread seems to be gone though |
21:54
π
|
icedice |
Is Coinjoin like a Bitcoin tumbler? |
21:54
π
|
icedice |
Because Palantir Technologies' system can detect that |
21:54
π
|
dd0a13f37 |
>Out of habit spending habits |
21:55
π
|
dd0a13f37 |
that's the only new one to me |
21:55
π
|
dd0a13f37 |
You know how bitcoin transactions work? You have X inputs, and Y outputs. The hash of the txn has to be signed by all inputs. |
21:55
π
|
icedice |
And when the author posted the follow up thread he mentioned that the system had been in use by Five Eyes banks for nine months |
21:55
π
|
dd0a13f37 |
might be roleplaying |
21:56
π
|
dd0a13f37 |
So what you do is you find some people who want to send coinjoin transaction, they send their transactions to some server, then you get a block |
21:56
π
|
dd0a13f37 |
you only need to check that you're spending the right amount of money and that your recipient(s) are getting what you want them to |
21:56
π
|
icedice |
Ok |
21:56
π
|
dd0a13f37 |
then you sign it |
21:56
π
|
dd0a13f37 |
and you don't know or care about the other transactions or who sent thme |
21:57
π
|
dd0a13f37 |
so it's essentially a decentralized tumbler |
21:57
π
|
dd0a13f37 |
and monero exists, if I was selling drugs on the darknet I would just pull all the transactions through monero |
21:58
π
|
icedice |
And btw, I'm not into Darknet Markets. I just find some of the posts interesting to read from time to time |
21:58
π
|
icedice |
Like the post where they discuss how to bury millions underground |
21:59
π
|
icedice |
<dd0a13f37> and monero exists, if I was selling drugs on the darknet I would just pull all the transactions through monero |
21:59
π
|
icedice |
Yup |
22:01
π
|
icedice |
If I was to buy something anonymously online and the seller would be all right with not being anonymous, like a VPS, I'd probably buy using Paysafecard |
22:01
π
|
dd0a13f37 |
if the seller is non-anonymous there already is a very simple solution |
22:01
π
|
dd0a13f37 |
cash in mail |
22:01
π
|
icedice |
Buy one of those in cash from a kiosk in a large city |
22:02
π
|
icedice |
Yeah, but there a few cons there |
22:02
π
|
icedice |
1. You could get scammed |
22:02
π
|
dd0a13f37 |
such as? |
22:02
π
|
dd0a13f37 |
the seller can even fuck around with post boxes to be anonymous |
22:02
π
|
dd0a13f37 |
1. good luck getting a chargeback with your anonymous paysafecard, the cost of a burner phone would be larger |
22:03
π
|
icedice |
2. It could get intercepted (though you could put it in a birthday card to arouse less suspicion I guess) |
22:03
π
|
JAA |
PSC isn't anonymous in Germany anymore since a few years, by the way. |
22:03
π
|
JAA |
Something something anti-money-laundering laws. Can't remember the details. |
22:04
π
|
icedice |
3. Most people who pay by mail probably leave their fingerprints all over it |
22:04
π
|
dd0a13f37 |
2. you could just wrap it in paper |
22:04
π
|
dd0a13f37 |
3. you could use gloves, it's only a problem if the seller keeps the envelopes |
22:05
π
|
icedice |
Yeah |
22:05
π
|
dd0a13f37 |
you're only worried about it being suspicious enough to get a postal worker to open it, they're not going to open random packages |
22:06
π
|
JAA |
dd0a13f37: In Germany, they do sometimes. |
22:06
π
|
dd0a13f37 |
the risk of paysafecard, tracking where it was bought, cameras, there is much more unpredictability than dumping a letter inside a mailbox |
22:06
π
|
dd0a13f37 |
JAA: do what? |
22:06
π
|
JAA |
Open random packages |
22:06
π
|
dd0a13f37 |
Yes, but in the context of random checks |
22:07
π
|
dd0a13f37 |
it's not drugs or anything, there are several perfectly legal vpn providers that accept cash in mail |
22:07
π
|
icedice |
Yup |
22:07
π
|
dd0a13f37 |
so they would definitely not steal something from when they're checking drugs/whatever |
22:07
π
|
JAA |
True |
22:07
π
|
JAA |
I'm not so sure about the stealing part, but yeah. |
22:08
π
|
icedice |
https://www.webhostingtalk.com/showthread.php?t=1537627 |
22:08
π
|
icedice |
^ Private Layer seems to have gone to shit |
22:10
π
|
icedice |
I guess I'd probably use Orangewebsite (or maybe AbeloHost if it needed to be cheaper) for an anonymous VPS server for VPN |
22:10
π
|
JAA |
Oh, interesting that you mention it. |
22:10
π
|
icedice |
Any other good privacy respecting non-Five Eyes VPS providers that have decent support? |
22:10
π
|
JAA |
The Daily Stormer's newest domain is registered through Orangewebsite. |
22:11
π
|
|
felti has joined #archiveteam-bs |
22:11
π
|
icedice |
Not planning on buying anything, but I like to look around at stuff like that |
22:11
π
|
dd0a13f37 |
support is bad |
22:11
π
|
dd0a13f37 |
the worse support, the better |
22:12
π
|
dd0a13f37 |
support aren't your friends, they're also responsible for abuse handling |
22:12
π
|
dd0a13f37 |
if they copypaste a template email in russian 2 months after receiving the request that's obviously better than responding politely and handing over your data |
22:13
π
|
icedice |
Orangewebsite and AbeloHost both have great support according to reviews |
22:13
π
|
dd0a13f37 |
that's bad |
22:13
π
|
icedice |
But neither willingly hand over customer data |
22:13
π
|
dd0a13f37 |
they still respond to abuse |
22:14
π
|
icedice |
And at least AbeloHost ignores DMCA notices |
22:14
π
|
icedice |
Since that carries no weight in the Netherlands |
22:14
π
|
dd0a13f37 |
VPN providers have the advantage of sharing one IP |
22:14
π
|
dd0a13f37 |
but they have european DMCA versions |
22:14
π
|
dd0a13f37 |
don't remember the name |
22:14
π
|
dd0a13f37 |
BREIN? |
22:14
π
|
JAA |
Yep, BREIN |
22:14
π
|
icedice |
AbeloHost basically doesn't give a shit until it goes to a Dutch court |
22:15
π
|
JAA |
Well, that's the organisation that sues ISPs etc. |
22:15
π
|
dd0a13f37 |
well, that's good, but OVH is infamous for having terrible support |
22:15
π
|
dd0a13f37 |
and also hosting tons of botnet, spam, etc |
22:15
π
|
icedice |
It's used a lot for hosting porn sites |
22:15
π
|
dd0a13f37 |
so I'd trust them more |
22:15
π
|
JAA |
Hahaha |
22:15
π
|
JAA |
Lolno |
22:15
π
|
icedice |
Since DMCA is apparently a pain in the ass (pun not intended) for porn site operators |
22:15
π
|
dd0a13f37 |
there is nothing illegal about porn, if they're hosting child porn then you can start discussing freedom of speech |
22:16
π
|
JAA |
A few years ago, dozens of private trackers, all hosted at OVH, got killed. |
22:16
π
|
JAA |
Operators arrested etc. |
22:16
π
|
dd0a13f37 |
Yes, of course, sometimes accidents happen |
22:16
π
|
icedice |
No, regular porn |
22:16
π
|
dd0a13f37 |
but in general |
22:16
π
|
dd0a13f37 |
they're slower |
22:16
π
|
dd0a13f37 |
yes of course |
22:17
π
|
dd0a13f37 |
europe has the court ruling, you know the noe |
22:17
π
|
JAA |
Possible, but I wouldn't trust them at all. |
22:18
π
|
JAA |
Although the relevant people somehow heard about it before the shit hit the fan, so quite a few of the trackers had already shut down by the time police came knocking at OVH's door. |
22:18
π
|
icedice |
People use it because hosting in America means that you always risk getting dropped by your hosting company when someone reports that there's copyrighted porn there |
22:18
π
|
dd0a13f37 |
there is also cockbox (romania) |
22:18
π
|
icedice |
lol |
22:18
π
|
Frogging |
there's this also https://www.nearlyfreespeech.net/ |
22:18
π
|
Frogging |
not a VPS however. web hosting/domain registration. |
22:19
π
|
icedice |
I know about both of those yeah |
22:19
π
|
JAA |
Yeah, I think someone in here uses it actually. |
22:19
π
|
icedice |
NearlyFreeSpeech is 'Murican though, wouldn't use that for privacy purposes |
22:19
π
|
dd0a13f37 |
just use whichever one is cheapest, you can always throw a vpn with port forwarding on it |
22:20
π
|
Frogging |
I've thought of doing that. It might be tricky to set up though |
22:20
π
|
Frogging |
in a manner that is reliable, I mean |
22:20
π
|
Frogging |
lots of API back-and-forth and failure modes |
22:20
π
|
icedice |
The owner of OrangeWebsite is said to be an anarchist that strongly supports freedom of speech and both he and the company itself were strongly against the SOPA and PIPA legislations. |
22:21
π
|
dd0a13f37 |
use tor for administration |
22:21
π
|
dd0a13f37 |
a hidden service |
22:21
π
|
dd0a13f37 |
then use iptables to make the vpn work |
22:21
π
|
dd0a13f37 |
all that's left is fixing dns leaks, but some vpn providers run open dns |
22:22
π
|
icedice |
Orangewebsite allows Tor exit nodes to be hosted there, so props to them for that |
22:22
π
|
dd0a13f37 |
http://curia.europa.eu/juris/document/document.jsf;jsessionid=9ea7d2dc30d6433616c7b67942fa86b0f894d32c8ed8.e34KaxiLc3qMb40Rch0SaxyMbhz0?text=&docid=187646&pageIndex=0&doclang=en&mode=lst&dir=&occ=first&part=1&cid=1774727 curia.europa.eu/juris/document/document.jsf;jsessionid=9ea7d2dc30d6433616c7b67942fa86b0f894d32c8ed8.e34KaxiLc3qMb40Rch0SaxyMbhz0?text=&docid=191707&pageIndex=0&doclang=en&mode=lst&dir=&occ=first&part=1&cid=1774727 |
22:23
π
|
dd0a13f37 |
that's nice, then you can set up a tor exit node and allow all ports, then the 1% of actually relevant abuse notices can be blamed on tor |
22:23
π
|
Frogging |
pfft |
22:24
π
|
dd0a13f37 |
but really, unless you're doing some really edgy shit it's enough to just host it yourself on a .onion service |
22:26
π
|
icedice |
I think AbeloHost is also used a bit for warez hosting |
22:27
π
|
dd0a13f37 |
Can't they just use I2P? |
22:28
π
|
icedice |
I'm fine with the setup I have |
22:28
π
|
dd0a13f37 |
For warez hosting I mean |
22:28
π
|
dd0a13f37 |
I2P is underrated |
22:28
π
|
icedice |
ProtonVPN keeps the copyright nazis away and my IP away from trackers |
22:29
π
|
icedice |
Don't really need anything more |
22:29
π
|
icedice |
Ah |
22:30
π
|
dd0a13f37 |
yes, VPN is fine for you, but if you want to host an actual warez server |
22:30
π
|
dd0a13f37 |
why not just host it on i2p? |
22:30
π
|
dd0a13f37 |
it's private anyway, so taking a few minutes to set it up for anyone interested doesn't matter |
22:31
π
|
icedice |
I though we were still talking about self-hosted VPN on VPS servers |
22:32
π
|
dd0a13f37 |
oh right, for the truly paranoid |
22:32
π
|
icedice |
But yeah, that's an idea |
22:32
π
|
icedice |
You don't get to mask you traffic though |
22:33
π
|
icedice |
Unless you maybe invite some folks onto your VPN server |
22:33
π
|
dd0a13f37 |
if the server is behind i2p, everyone connecting will have to use i2p |
22:33
π
|
icedice |
I was talking about self-hosted VPN |
22:34
π
|
dd0a13f37 |
you can make openvpn look like SSL |
22:34
π
|
dd0a13f37 |
on port 443 |
22:34
π
|
icedice |
Yeah |
22:34
π
|
icedice |
And run it behind restrictive firewalls |
22:34
π
|
dd0a13f37 |
it's much better in practice to use a commercial provider, then your IP is shared with others |
22:34
π
|
dd0a13f37 |
and ovpn.com apparently also offers a proxy that strips away tracking from pages |
22:36
π
|
dd0a13f37 |
https://iknowwhatyoudownload.com/ for example this is not very funny if you're using a self hosted vpn |
22:38
π
|
joepie91_ |
dd0a13f37: https://gist.github.com/joepie91/5a9909939e6ce7d09e29#but-i-want-to-confuse-trackers-by-sharing-an-ip-address |
22:41
π
|
dd0a13f37 |
The reasonable assumption is, if they have a track record of not handing over logs, to assume that this is true rather than that "they" have fabricated court records for unclear reasons. >The $10/month that you're paying for your VPN service doesn't even pay for the lawyer's coffee, so expect them to hand you over. That only applies if they have them. In addition, some services such as OVPN have insurance for that purpose. |
22:41
π
|
Frogging |
joepie91_: What does one do about WebGL fingerprints? NoScript for that too? |
22:41
π
|
dd0a13f37 |
HMA did lose business from it, but their keeping logs was publically known from before |
22:42
π
|
dd0a13f37 |
joepie91_: Your rebuttal is about tracking for advertising purposes. If there are 100 users with IP X, how will they know which one is me? |
22:43
π
|
dd0a13f37 |
For torrenting etc |
22:43
π
|
icedice |
EarthVPN also probably keeps logs even though they say they don't |
22:43
π
|
Frogging |
he makes a concession for that in the next section dd0a13f37 |
22:43
π
|
Frogging |
"You want to hide your IP from a very specific set of non-government-sanctioned adversaries - for example, circumventing a ban in a chatroom or preventing anti-piracy scareletters." |
22:43
π
|
dd0a13f37 |
Not really |
22:43
π
|
Frogging |
but then goes onto say set up your own on a VPS... which would defeat that use case |
22:43
π
|
icedice |
They claim that it was the data center keeping logs that got one of their customers busted, but I don't buy it |
22:44
π
|
dd0a13f37 |
we don't have scareletters here, so only the government would care about it |
22:44
π
|
dd0a13f37 |
not that they do, our police isn't working |
22:44
π
|
joepie91_ |
"Your rebuttal is about tracking for advertising purposes." -- no, it's not, that is only one of the examples. |
22:44
π
|
dd0a13f37 |
But that's what you're attacking. |
22:44
π
|
Frogging |
joepie91_: but what of protocols where the only identifying information is the IP address (such as torrents) |
22:45
π
|
dd0a13f37 |
If they do keep logs, then there's no way of proving I'm the one doing the offending activity since multiple people were using that IP |
22:45
π
|
joepie91_ |
that premise is wrong |
22:45
π
|
joepie91_ |
there's plenty of identifying information in TCP alone |
22:45
π
|
icedice |
Setting up a leak proof VPN is hard: https://vpntesting.info/ |
22:45
π
|
joepie91_ |
further fingerprinting can be done by probing the client on the other end |
22:45
π
|
joepie91_ |
whether TCP or UDP |
22:45
π
|
joepie91_ |
etc. |
22:45
π
|
joepie91_ |
different clients behave differently on different OSes in different versions |
22:45
π
|
icedice |
So that's something to take into consideration as well |
22:45
π
|
dd0a13f37 |
Also, using a VPN hides your physical location from geoip |
22:45
π
|
joepie91_ |
with different kernel modules |
22:45
π
|
joepie91_ |
and so on and so forth |
22:45
π
|
Frogging |
joepie91_: but you *would* want to mask your traffic from your IP address in addition to concerns about TCP info leaks, no? |
22:46
π
|
joepie91_ |
when it's about scareletters, yes - but "sharing an IP" isn't relevant there |
22:46
π
|
joepie91_ |
(scareletter senders don't care whose machine it is, they just hold the IP subscriber responsible) |
22:46
π
|
Frogging |
a VPS wouldn't accomplish that either; I've gotten scareletters when torrenting on a VPS |
22:47
π
|
icedice |
Or I guess the leaks is more about the VPN client software than the VPN infrastructure |
22:47
π
|
dd0a13f37 |
joepi91_ Say I feel the urge to send in a bomb threat to a school. 100 people were using that IP at that time. They turn over the logs. Who gets brought in for questioning? |
22:47
π
|
dd0a13f37 |
joepie91_: * |
22:48
π
|
joepie91_ |
Frogging: point being to put yourself in a locale that scareletter senders don't care about :P |
22:48
π
|
joepie91_ |
dd0a13f37: whoever was on the other end of the connection at that time. |
22:48
π
|
icedice |
https://torrentfreak.com/vpn-providers-no-logging-claims-tested-in-fbi-case-160312/ |
22:48
π
|
dd0a13f37 |
IPs are shared |
22:48
π
|
joepie91_ |
... |
22:48
π
|
dd0a13f37 |
if there are multiple people on one IP at one point in time |
22:48
π
|
joepie91_ |
you really need to read up more on how VPNs work |
22:49
π
|
joepie91_ |
*external* IPs are shared |
22:49
π
|
joepie91_ |
individual connections are logged, datetime/origin/external |
22:49
π
|
joepie91_ |
therefore datetime stamp + external can be matched to origin IP |
22:49
π
|
joepie91_ |
whether external IP is shared is irrelevant |
22:49
π
|
dd0a13f37 |
Isn't it just the leases? |
22:49
π
|
joepie91_ |
no |
22:49
π
|
joepie91_ |
(also, s/IP/IP+port/ in the above) |
22:49
π
|
joepie91_ |
(plus protocol) |
22:50
π
|
joepie91_ |
point here being: the provider can easily correlate individual connections or datagrams to specific subscribers to the service, so long as the right amount of logging for that purpose is set up |
22:51
π
|
joepie91_ |
iirc this is the default in many setups as well |
22:51
π
|
|
drumstick has joined #archiveteam-bs |
22:51
π
|
joepie91_ |
VPN provider has full visibility of all traffic and metadata |
22:51
π
|
joepie91_ |
at all times |
22:51
π
|
joepie91_ |
it's effectively just a proxy |
22:52
π
|
dd0a13f37 |
Is it really? What log level does that require |
22:52
π
|
joepie91_ |
going to vary by VPN protocol and implementation |
22:53
π
|
joepie91_ |
and - or at least this was true ~2 years ago - there are certain logs in the default OpenVPN implementation that you can't disable without source patches |
22:53
π
|
joepie91_ |
don't remember the extent of them, it's been a while |
22:53
π
|
dd0a13f37 |
But you still haven't answered the reactive/proactive thing |
22:54
π
|
dd0a13f37 |
A VPN provider that keeps logs can be forced to hand them over, sure |
22:54
π
|
dd0a13f37 |
But that a VPN provider would proactively keep logs while claiming the opposite is fraud, and you're not making a convincing argument for why that would be the case |
22:55
π
|
joepie91_ |
I don't particularly feel like an in-depth discussion as these discussions are extremely tiring and mood-destroying, and for every person I argue with there are two million more that still stubbornly believe the snakeoil they bought into is legitimate |
22:56
π
|
joepie91_ |
but whether this is "fraud" is jurisdiction-dependent, as are the consequences for it |
22:56
π
|
joepie91_ |
and in particular when the interests of governmental parties align with misrepresenting the logging policy, which they do, it's not at all certain that such claims are truthful |
22:57
π
|
joepie91_ |
is it proven that every VPN provider logs? no. but "there are incentives for them to misrepresent their logging policy" should be enough to make you think thrice about trusting your traffic with them |
22:58
π
|
joepie91_ |
the goal here isn't to prove that every VPN provider logs, the goal is to point out that you're trusting a single party with your sketchy traffic that has a number of incentives to behave against your best interests, and that it is an industry full of crooks |
22:59
π
|
joepie91_ |
at best that is an unwise thing to get involved in, at worst it can cost you your freedom or - depending on where you are and what you're doing - your life |
22:59
π
|
icedice |
ProtonVPN seems honest though. Instead of just saying "no logs" they admit that they log timestamps in order to prevent bruteforce attempts |
22:59
π
|
joepie91_ |
question remains whether that's all they log. |
22:59
π
|
icedice |
I think I'll switch my ISP's DNS to one of these: |
22:59
π
|
icedice |
https://dnscrypt.is/ |
22:59
π
|
icedice |
https://servers.opennicproject.org/edit.php?srv=ns1.zh.ch.dns.opennic.glue |
22:59
π
|
icedice |
https://servers.opennicproject.org/edit.php?srv=ns22.nl.dns.opennic.glue |
22:59
π
|
Frogging |
opennic :D |
23:00
π
|
joepie91_ |
like, for example, the idea that "sorry we don't have logs" translates to "okay good day sir" and the cops leaving through the front door, is very misguided |
23:00
π
|
icedice |
https://servers.opennicproject.org/edit.php?srv=ns1.nh.nl.dns.opennic.glue |
23:00
π
|
icedice |
https://servers.opennicproject.org/edit.php?srv=ns3.ro.dns.opennic.glue |
23:00
π
|
joepie91_ |
"sorry we don't have logs" is far more likely to translate to "okay then we're going to hold you responsible for the traffic since you can't prove it was a customer of yours" |
23:00
π
|
joepie91_ |
whiiiiich is why there's an incentive for a provider to keep logs |
23:00
π
|
dd0a13f37 |
It would quite clearly be fraud in Sweden, the country in which both I and my VPN provider reside. They also have disincentives to do so which are stronger. They claim to have a specific configuration (a specific set of configuration files), so actively making false statements would require them to edit them before posting them which is more than just lying. The worst-case scenario, in the case that the VPN provider doesn't wholesale save my traffic |
23:01
π
|
dd0a13f37 |
the situation I was in before. There are multiple cases of police investigations where you can see lines like "the IP number X.X.X.X belongs to a VPN provider" and it's apparent that that they don't even try, in some cases corresponcence is even posted. |
23:01
π
|
dd0a13f37 |
>"sorry we don't have logs" is far more likely to translate to "okay then we're going to hold you responsible for the traffic since you can't prove it was a customer of yours" |
23:02
π
|
dd0a13f37 |
That is not how swedish law works, which is an implementation of an EU directive. |
23:02
π
|
joepie91_ |
(like I said: I don't intend to go into an in-depth discussion.) |
23:02
π
|
icedice |
dd0a13f37: Mullvad, OVPN.com, VPNTunnel, or IPredator? |
23:02
π
|
icedice |
I'm guessing Mullvad? |
23:03
π
|
dd0a13f37 |
mullvad since they're the cheapest last time I checked and has a good track record |
23:03
π
|
JAA |
(dd0a13f37: FYI, the web client cuts off long lines without telling you. For example, your first message three minutes ago ends with "wholesale save my traffic".) |
23:03
π
|
icedice |
Mullvad is great |
23:04
π
|
dd0a13f37 |
. The worst-case scenario, in the case that the VPN provider doesn't wholesale save my traffic (which sure would be something), is that my IP is exposed, the situation I was in before. |
23:04
π
|
dd0a13f37 |
Was the missing part |
23:04
π
|
icedice |
Don't require any personal info to set up an account |
23:04
π
|
dd0a13f37 |
If efnet wouldn't ban Tor I wouldn't be using this shitty web client |
23:04
π
|
icedice |
And they have even started selling retail boxes with anonymous account codes in Swedish stores |
23:07
π
|
icedice |
dd0a13f37 have you tried https://convos.by/ ? |
23:07
π
|
dd0a13f37 |
joepie91_: Your interpretation of holding VPN providers responsible is just straight up wrong, see http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32000L0031&from=EN under "Mere conduit" |
23:08
π
|
icedice |
There's also http://ircanywhere.com/ but it hasn't been updated since November 4th, 2015 |
23:08
π
|
dd0a13f37 |
convos is a client for a bouncer or something like that |
23:08
π
|
icedice |
I think I'll probably go with https://dnscrypt.is/ |
23:08
π
|
dd0a13f37 |
I'm using a proxy inside of the tor browser to access webchat |
23:08
π
|
dd0a13f37 |
why not opennic? |
23:09
π
|
icedice |
I prefer Iceland as jurisdiction |
23:09
π
|
dd0a13f37 |
Both of those need a server to set them up on |
23:10
π
|
icedice |
Besides, both OpenNic DNS operators and non-OpenNic DNS operators can lie about the DNS server being logless |
23:10
π
|
icedice |
Yeah |
23:10
π
|
icedice |
I thought you guys were into self-hosting |
23:10
π
|
icedice |
There's always IRC Cloud, but then they'd have your chat history |
23:11
π
|
JAA |
dnscrypt.is sounds a bit like snake oil as well. |
23:11
π
|
JAA |
"DNSCrypt provides encryption for DNS similarly to how SSL/TLS does it for HTTP." |
23:11
π
|
dd0a13f37 |
But then I could just ssh into the vps |
23:11
π
|
JAA |
Well, except the hostname is still transferred in cleartext in HTTPS. |
23:12
π
|
dd0a13f37 |
they are operated by https://1984hosting.com/ which I think has a good track record |
23:12
π
|
JAA |
So a passive MitM will no longer be able to see your DNS queries, but if you access the host through HTTP or HTTPS afterwards, he can still see the relevant hostnames there. (And let's face it, that's the majority of the traffic.) |
23:13
π
|
dd0a13f37 |
dnscrypt is a well known technology as far as I know, blaming the provider for this is just rude |
23:15
π
|
JAA |
I disagree. They make it sound as though DNSCrypt will prevent an eavesdropper from figuring out what you're accessing, and that's just wrong. |
23:16
π
|
dd0a13f37 |
https://www.opendns.com/about/innovations/dnscrypt/ |
23:16
π
|
JAA |
I'm talking only about the provider's wording, not about the underlying technology. |
23:16
π
|
JAA |
I know what DNSCrypt is and how it works. |
23:16
π
|
dd0a13f37 |
In the same way the SSL turns HTTP web traffic into HTTPS encrypted Web traffic, DNSCrypt turns regular DNS traffic into encrypted DNS traffic that is secure from eavesdropping and man-in-the-middle attacks. |
23:17
π
|
dd0a13f37 |
It's the same wording |
23:17
π
|
JAA |
Well yeah, OpenDNS is pretty crappy anyway. |
23:17
π
|
JAA |
So I'm not surprised about that. |
23:17
π
|
dd0a13f37 |
yeah, but they probably based it on that |
23:17
π
|
dd0a13f37 |
they're not to blame here |
23:19
π
|
JAA |
Well, since they even named the entire service after it, they should be a bit more transparent about what it actually does. |
23:20
π
|
|
balrog has quit IRC (Quit: Bye) |
23:23
π
|
|
balrog has joined #archiveteam-bs |
23:23
π
|
|
swebb sets mode: +o balrog |
23:24
π
|
icedice |
DNSCrypt is useless and outdated, as far as I've heard |
23:25
π
|
dd0a13f37 |
I've gotten a response from 1/4 so far |
23:25
π
|
icedice |
I just want a logless DNS in a privacy respecting jurisdiction |
23:25
π
|
dd0a13f37 |
from itorrents |
23:25
π
|
dd0a13f37 |
I don't expect any from torrentproject |
23:25
π
|
dd0a13f37 |
so 1/3 |
23:25
π
|
icedice |
Preferably outside of the EU |
23:25
π
|
JAA |
What do you mean by "outdated"? |
23:25
π
|
icedice |
What happened to TorrentProject |
23:25
π
|
dd0a13f37 |
Nobody knows |
23:26
π
|
icedice |
DNSCrypt uses 1024 bit encryption |
23:26
π
|
dd0a13f37 |
They went 403 on main page, .onion is still online (serving 403) |
23:26
π
|
dd0a13f37 |
Mail didn't bounce |
23:26
π
|
dd0a13f37 |
Just went dark one day |
23:26
π
|
icedice |
Minimum nowadays would be 2048 bit |
23:26
π
|
JAA |
It has always been pretty useless regarding what it was advertised as. I do use it sometimes though to get around firewalls blocking normal DNS. |
23:26
π
|
JAA |
Ah, right. |
23:26
π
|
icedice |
I read some article that shit all over it |
23:27
π
|
|
balrog has quit IRC (Read error: Operation timed out) |
23:27
π
|
icedice |
Don't remember much, but by the end it was pretty clear that there was no real point in using it |
23:27
π
|
dd0a13f37 |
https://torrentfreak.com/the-pirate-bay-website-runs-a-cryptocurrency-miner-170916/ welcome to the new internet |
23:30
π
|
dd0a13f37 |
Would people be interested in scraping the bittorrent DHT/collecting indexes? Should I add it to suggested projects? |
23:34
π
|
icedice |
If you want to add something, add Salon.com |
23:34
π
|
icedice |
https://nypost.com/2017/08/03/salon-struggling-to-pay-its-rent/ |
23:36
π
|
|
BartoCH has quit IRC (Quit: WeeChat 1.9) |
23:37
π
|
dd0a13f37 |
Isn't that for newsgrabber? |
23:40
π
|
icedice |
? |
23:40
π
|
icedice |
No idea what that is |
23:41
π
|
dd0a13f37 |
http://www.archiveteam.org/index.php?title=NewsGrabber |
23:41
π
|
|
balrog has joined #archiveteam-bs |
23:41
π
|
|
swebb sets mode: +o balrog |
23:43
π
|
|
dd0a13f37 has quit IRC (Quit: Page closed) |
23:43
π
|
|
dd0a13f37 has joined #archiveteam-bs |
23:44
π
|
arkiver |
#newsgrabber |
23:46
π
|
dd0a13f37 |
It's a shame about the pdf archives though |
23:46
π
|
dd0a13f37 |
But I guess that's a job for release groups et al |
23:48
π
|
|
icedice has quit IRC (Quit: Leaving) |
23:48
π
|
JAA |
icedice: So I've tried getting dnscrypt-proxy to spit out more information about the keys, but I've failed. I also couldn't find anything in the protocol specs. Are you sure you aren't confusing this with DNSSEC? |
23:48
π
|
JAA |
Welp |
23:50
π
|
JAA |
(DNSCrypt uses elliptic curve cryptography, so "1024 bit" doesn't make much sense in the context. I didn't find any information about key sizes anywhere though.) |
23:52
π
|
dd0a13f37 |
Curve25519 |
23:52
π
|
dd0a13f37 |
In the current version, the construction, originally implemented in the NaCl cryptographic library and exposed under the name "crypto_box", uses the Curve25119 elliptic curve in Montgomery form and the hsalsa20 hash function for key exchange, the XSalsa20 stream cipher, and Poly1305 for message authentication. The public and secret keys are 32 bytes long in storage. The MAC is 16 bytes long, and is prepended to the ciphertext. |
23:52
π
|
|
icedice has joined #archiveteam-bs |
23:53
π
|
icedice |
Ok, thanks for the info |
23:53
π
|
JAA |
The root keys in DNSSEC are 1024 bit RSA. But as I just found out, they'll be replaced by 2048 bit keys next month. |
23:54
π
|
JAA |
About fucking time... |