#archiveteam-bs 2017-09-16,Sat

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)

WhoWhatWhen
***etudier has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzz…) [00:13]
melas has joined #archiveteam-bs
_refeed_ has joined #archiveteam-bs
[00:19]
....... (idle for 32mn)
godane has quit IRC (Quit: Leaving.) [00:51]
.... (idle for 19mn)
BlueMaxim has joined #archiveteam-bs [01:10]
refeed has joined #archiveteam-bs
refeed has quit IRC (Connection closed)
refeed has joined #archiveteam-bs
__refeed_ has joined #archiveteam-bs
[01:17]
_refeed_ has quit IRC (Ping timeout: 600 seconds)
refeed has quit IRC (Read error: Connection reset by peer)
Honno has quit IRC (Read error: Operation timed out)
[01:25]
_refeed_ has joined #archiveteam-bs
__refeed_ has quit IRC (Read error: Connection reset by peer)
[01:36]
_refeed_ has quit IRC (Quit: Leaving) [01:44]
........ (idle for 38mn)
fie_ has quit IRC (Ping timeout: 255 seconds) [02:22]
fie_ has joined #archiveteam-bs [02:35]
.... (idle for 18mn)
brayden has quit IRC (Read error: Connection reset by peer)
godane has joined #archiveteam-bs
brayden has joined #archiveteam-bs
swebb sets mode: +o brayden
[02:53]
godaneso i think my wifi or comcast is fing with me [02:55]
***yuitimoth has quit IRC (Read error: error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac)
yuitimoth has joined #archiveteam-bs
yuitimoth has quit IRC (Read error: error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac)
yuitimoth has joined #archiveteam-bs
[02:59]
pizzaiolo has quit IRC (Quit: pizzaiolo) [03:09]
...... (idle for 28mn)
godane has quit IRC (Read error: Operation timed out) [03:37]
arkhive has joined #archiveteam-bs [03:42]
arkhiveI am having trouble resetting my password on archiveteam.org
i want to update some stuff on the wiki.
[03:43]
***drumstick has quit IRC (Ping timeout: 255 seconds) [03:55]
arkhive has quit IRC (Quit: My iMac has gone to sleep. ZZZzzz…)
yuitimoth has quit IRC (Read error: error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac)
yuitimoth has joined #archiveteam-bs
[04:08]
.... (idle for 18mn)
VADemon_ has joined #archiveteam-bs
VADemon has quit IRC (Ping timeout: 255 seconds)
[04:27]
.... (idle for 19mn)
melas has quit IRC (melas)
Sk1d has quit IRC (Ping timeout: 250 seconds)
[04:48]
Sk1d has joined #archiveteam-bs [04:56]
.............. (idle for 1h8mn)
drumstick has joined #archiveteam-bs
DFJustin has quit IRC (Remote host closed the connection)
[06:04]
......... (idle for 41mn)
drumstick has quit IRC (Ping timeout: 255 seconds)
drumstick has joined #archiveteam-bs
[06:48]
.... (idle for 18mn)
DFJustin has joined #archiveteam-bs
swebb sets mode: +o DFJustin
DFJustin has quit IRC (Remote host closed the connection)
[07:07]
Honno has joined #archiveteam-bs
DFJustin has joined #archiveteam-bs
swebb sets mode: +o DFJustin
[07:20]
.......... (idle for 48mn)
godane has joined #archiveteam-bs [08:11]
...... (idle for 29mn)
schbirid has joined #archiveteam-bs [08:40]
..... (idle for 21mn)
BartoCH has joined #archiveteam-bs [09:01]
......... (idle for 40mn)
schbiridanyone able to get this to run with wpull? i am onl ygetting an immediate FINISHED... https://pastebin.com/raw/1MQ63tD6
probably PEBKAC but whyyy
[09:41]
JAADEBUG Skipping ‘http://www.zeit.de/’.
Hmm
[09:46]
.... (idle for 15mn)
Aaaah
schbirid: The problem is in the reject regex.
Among others, you ignore /www\.zeit\.de/, which matches http://www\.zeit\.de/.
By the way, that regex could also use some other refinements, like replacing . with \. or removing the unnecessary backslashes in front of / and &.
And /gtm\.js\.html$ to only match at the end of URLs.
[10:02]
schbiridoops [10:06]
JAAThe debug output of wpull could definitely be a bit more verbose though. I monkey-patched the DemuxURLFilter to figure out what was going on.
That message should be something like "Skipping <URL> (reason: regex)".
[10:06]
schbirid\/(jobs|marktplatz|www|zeitreisen).zeit.de/ should not sk... oh
duh
man, how i wish wpull was maintained
[10:07]
JAAmaintainable*
trollius and exception-driven control flow doesn't make it easy. :-/
don't*
[10:11]
schbirid=( [10:12]
***yuitimoth has quit IRC (Read error: error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac)
yuitimoth has joined #archiveteam-bs
[10:24]
RichardG has quit IRC (Ping timeout: 260 seconds)
RichardG has joined #archiveteam-bs
[10:37]
Asparagir has quit IRC (Read error: Connection reset by peer)
godane has quit IRC (Read error: Operation timed out)
Asparagir has joined #archiveteam-bs
svchfoo3 sets mode: +o Asparagir
svchfoo1 sets mode: +o Asparagir
[10:51]
godane has joined #archiveteam-bs [11:02]
BlueMaxim has quit IRC (Quit: Leaving) [11:11]
sun_shine has quit IRC (Ping timeout: 245 seconds) [11:16]
Soni has quit IRC (Ping timeout: 272 seconds) [11:28]
..... (idle for 20mn)
Soni has joined #archiveteam-bs
Stiletto has quit IRC (Ping timeout: 250 seconds)
[11:48]
Soni has quit IRC (Ping timeout: 272 seconds) [11:56]
Soni has joined #archiveteam-bs
REiN^ has quit IRC (Read error: Operation timed out)
REiN^ has joined #archiveteam-bs
[12:05]
refeed has joined #archiveteam-bs [12:17]
.... (idle for 16mn)
drumstick has quit IRC (Read error: Operation timed out) [12:33]
Mateon1 has quit IRC (Read error: Operation timed out)
Mateon1 has joined #archiveteam-bs
[12:44]
...... (idle for 26mn)
etudier has joined #archiveteam-bs [13:11]
Mateon1 has quit IRC (Remote host closed the connection)
Mateon1 has joined #archiveteam-bs
[13:22]
dd0a13f37 has joined #archiveteam-bs [13:35]
........ (idle for 39mn)
dd0a13f37You were right about stating my intent
I got a reply from one of the service operators, they asked from where I was writing and what services I was operating
>Might want to explain a little bit about who you and why you want the info, so they don't think you work for the RIAA or MPAA or something.
[14:14]
........ (idle for 35mn)
Should I include this in my email:
The backups are uploaded to Internet Archive (archive.org), so the easiest way to back up the site would probably be to upload the gzipped torrent files via torrent directly from the server with aria2c or rtorrent (see http://archiveteam.org/index.php?title=Internet_Archive#Uploading_to_archive.org)
Or is there a better way?
[14:51]
.... (idle for 15mn)
schbiridwhat site? [15:07]
dd0a13f37itorrents.org
>Torrent files are cached on disk in gzip format making it extremely time consuming to search for any data contained within the torrent files.
>The torrent files are saved to disk in gzip format
[15:07]
schbiridif i was them, i would not want to give out info about what my service was seeding. might be super illegal stuff inside and publishing that will lead LE or trolls to discover that easily [15:11]
dd0a13f37They aren't seeding anything
They're a torrent cache site, they're not indexing it either
All they do is take torrents uploaded via API, hash them, store them as <hash>.torrent.gz, then serve them
[15:12]
schbiridooh
mixed up with another site with similar layout in my head
[15:14]
dd0a13f37I'm just asking if it's the technologically best solution and if I should recommend it
to make a torrent, seed with rtorrent/aria2, then upload to ia
[15:15]
***dd0a13f37 has quit IRC (Ping timeout: 270 seconds)
dd0a13f37 has joined #archiveteam-bs
[15:27]
dd0a13f37Apparently, all EFnet servers don't block Tor https://trac.torproject.org/projects/tor/wiki/doc/BlockingIrc
>​EFnet (most of the servers)
Which ones don't?
[15:36]
............... (idle for 1h14mn)
***icedice has joined #archiveteam-bs [16:50]
pizzaiolo has joined #archiveteam-bs [16:56]
icediceHi zino
"Parameters negotiated with site owner, so don't fiddle with them /zino"
^ regarding https://theseus.fi/
What did the site owner say?
Was my archivation job a pain in the ass/expensive for them?
[16:59]
dd0a13f37According to itorrents, they get 10-15k torrents/d, so around 200MB/day. They had "almost all", so running a complete bittorrent DHT crawler would probably be quite cheap IF you manage to get a hold of all the legacy data
although no, that can't be right, either they don't have it all or bittorrent usage has declined by a lot since some arbitrary date
[17:00]
icediceI think BitTorrent usage will start going up again evenually [17:02]
JAAicedice: I believe they said that 1 concurrent connection is okay. [17:03]
icediceOnce the MAFIAA starts making it too difficult for filehosting sites and streaming sites to operate some people will go back to the resilient torrents
JAA: Ok
The chat logs here are archived btw, right?
[17:04]
JAAYes. http://archive.fart.website/bin/irclogger_logs [17:05]
icediceDo you remember any details? Channel/date/nick? [17:05]
JAAThey weren't here. zino contacted them via email, I think. [17:06]
icediceAh, ok [17:06]
JAAHe posted about it in #archivebot on 2017-09-07. [17:06]
icediceThe chat logs are apparently restricted
Requires login
[17:07]
JAAYeah. Unfortunately, I don't know the password for those logs. [17:07]
icediceOk [17:08]
JAA(If anyone does, I'd appreciated a PM.) [17:08]
icediceDo you remember if they were pissed off? [17:08]
JAAWell, they banned the pipeline's IP. [17:08]
icediceThat's understandable [17:08]
JAAThis is what zino wrote: "The Finnish National Library guy was OK with us continuing the crawl with a concurrency of 1. So he'll unblock us." [17:09]
icediceThey probably thought it was a regular DDoS
Ok
Thanks
[17:09]
JAADoS*
I guess we did cause quite a bit of load on their server(s).
[17:09]
icediceWeren't there three workers on that archivation job initially? [17:10]
JAAYep [17:10]
icediceWouldn't that make it distributed? [17:10]
JAAWhich is the default
No
Three workers = three threads on the same machine.
[17:10]
icediceAh
Ok
[17:10]
***arkhive has joined #archiveteam-bs [17:23]
dd0a13f37If they want to they can just start going after individual filesharers
the future is likely popcorntime/similar for a short while then some hackjob that's just decentralized enough that the last parts of the puzzle can be put in some obscure country where it doesn't get taken down
bittorrent is not secure or resillient, they could go after it a lot harder than they do right now
[17:25]
***arkhive has quit IRC (Quit: My iMac has gone to sleep. ZZZzzz…)
arkhive has joined #archiveteam-bs
[17:34]
.... (idle for 18mn)
arkhive has quit IRC (Quit: My iMac has gone to sleep. ZZZzzz…) [17:56]
etudier has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzz…) [18:01]
zinoicedice: JAA got yuu up to date. Unfortunately shortly after restarting the job it hung with 90k links left or something. I'd rather let it be stalled until I have time to look at it so that no one reschedules the job and lands me in more trouble with the Finns. [18:06]
icedicezino: I see, ok
dd0a13f37: a logless, leak proof VPN and/or an anonymously purchased seedbox takes care of that
[18:08]
zinoicedice, and fair warning, it might take weeks before I get to it. [18:10]
icediceOk, that's fine
Even if we don't get those last links the site is still updating on more or less a yearly basis (students usually upload in the fall as far as I know, though there are probably a lot of exceptions to that as well), so the crawl could be redone in a few years or so
BitTorrent is currently the most resillient solution for filesharing though
[18:10]
dd0a13f37that doesn't make it resillient
you could go after vpn providers like in russia, and they're only good for downloading
there are much more resillient solutions, gnunet etc
bittorrent needs indexers, trackers, torrent caches, they're all centralized points of failure
can't you restrict the crawls to during the night if you're worried about load? can't imagine too many people wanting to download thesis papers at 5am
the upload rate feels quite constant, look at https://theseus.fi/recent-submissions and replace offset with different values, then look at upload date
[18:24]
icediceCan GNUnet handle huge filesizes and heavy loads from many downloaders?
VPN hides uploaders just as good
But yeah, dead torrents is a problem
VPN bans only happen in totalitarian countries like Russia, China, and in the future maybe the UK at most in Europe
But yeah, it's still an issue
Private trackers are pretty secure in general though and well-seeded
[18:42]
dd0a13f37Yes, GNUnet works like tor but instead of optimizing for low latency/low speed they optimized for high latency/high speed
Nobody important cares about torrents right now, but people were really upset about it in the 00's
All they do now is send out an abuse notice here and there, but they used to have lots of shady dealings (ddos, hacking, straight up bribery)
No, it hides uploaders but running a tracker behind a VPN isn't possible (unless you have a static IP, and then you're not really talking about a vpn)
Private trackers, same thing there, if they actually did give a shit they wouldn't be operational
[18:48]
.... (idle for 16mn)
icediceAh
I wasn't talking about trackers, just uploaders, but you're right
They could probably do what some torrent sites do for their main site though
[19:07]
***refeed has quit IRC (Ping timeout: 600 seconds) [19:10]
icediceWhich is set up a reverse proxy to some bulletproof hosting provider in some country that is on unfriendly terms with the US or at least doesn't give a shit about what Americans think
For example, The Pirate Bay uses VinaHost - which is based in Vietnam - for their reverse proxy
Venezuela wo
uld probably also do the trick
RuTracker would probably be operational even if it was on their radar, which it is
since it's based in Russia
RuTracker was in some official MAFIAA piracy shitlist from 2016
[19:10]
VADemon_Rutracker is not based in Russia else they'd have been taken down. (they're banned but still online) [19:16]
dd0a13f37There are no bulletproof hosts though
Why do you think botnets use decentralized architectures?
They still need a domain, and you could just ask US ISPs to BGP hijack them
There is nothing preventing someone from just doing a DoS attack on VinaHost until they stop hosting them
The reverse proxy is the one that needs to be bulletproof, the backend can be hosted on amazon if you want
That the internet is "technologically uncensorable" is just an illusion, the only reason Tor works in e.g. China is because the US is a safe haven. Running a tor entry guard/bridge inside china is an excercise in futility
[19:20]
.... (idle for 18mn)
***Xibalba has quit IRC (Remote host closed the connection)
Xibalba has joined #archiveteam-bs
[19:44]
icediceVinaHost is the reverse proxy
Nobody knows who is really hosting The Pirate Bay
[19:50]
dd0a13f37Yes, the real host doesn't matter since they will never get any abuse letters, the point of failure is vinahost [19:51]
icediceYeah [19:51]
dd0a13f37and TPB isn't heavily attacked. If you want to see what it looks like when someone with a large amount of resources wants to censor something, look at IS
internet archive, twitter, liveleak, any domains get shut down in a matter of hours
[19:51]
joepie91_icedice: there's no such thing as a "logless VPN" (assuming referring to a third-party VPN service) as you can never verify that they are not keeping logs [19:52]
dd0a13f37They could be bound by contract to not, though [19:52]
joepie91_and VPN services absolutely _are not_ anonymous, the marketing from VPN service providers notwithstanding
dd0a13f37: no, they can't
contracts are null and void in a legal investigation and that's the only point where you're ever going to find out anyway
[19:52]
icediceThe Iron Dong at least makes the whack-a-mole game a bit more difficult
https://vc.gg/blog/announcing-the-iron-dong-hidden-service-backup-system.html
[19:53]
joepie91_the idea of using VPNs for anonymity is 100% snakeoil [19:53]
dd0a13f37No, they would still violate the contract, they can't be forced to keep logs, so they would have to proactively (as opposed to reactively) do something [19:53]
icediceI figured it wouldn't take long before you popped up :D [19:53]
joepie91_(and entirely perpetuated by the providers selling the services, because it has almost no operational costs and high profits, ie. lucrative business) [19:54]
icediceRead some of the arguements on GitHub
There are about 200+ VPN services
[19:54]
joepie91_dd0a13f37: this is not representative of how these investigations work in reality [19:54]
icediceThe vast majority of them are pure shit [19:54]
joepie91_no, not "the vast majority of them" --- *every single one of them* is dishonest and should be avoided. [19:54]
icedicePrivate Internet Access is confirmed to not log [19:54]
joepie91_bullshit. [19:54]
dd0a13f37There are VPN providers that have held up in court though. [19:54]
joepie91_there is no such thing as "confirmed to not log" [19:55]
icediceEither that or they just straight up lied in court to protect someone behind a bomb threat [19:55]
joepie91_a specific party at one point either decided to make the claim without basis, or inspected a system that *at the time* did not show any evidence of logging
this is worthless if what you're going for is protection from authorities
[19:55]
dd0a13f37If they've been in 100 court cases before, in all of which they've been confirmed not to keep logs, extrapolating, what will happen time #101? [19:56]
joepie91_icedice: very possible. [19:56]
dd0a13f37But why? [19:56]
joepie91_because it is operationally far cheaper and safer to quietly hand over logs and then publicly state on the record that they don't have logs? [19:56]
icediceProtonVPN, Mullvad, AirVPN, and OVPN.com are pretty much the only VPN services I'd classify as good enough [19:57]
dd0a13f37Most civilized countries have public police investigations [19:57]
joepie91_if you're willing to bet your freedom on that not being the case, then go ahead - but the idea that you can somehow 'confirm' reliably that a VPN service doesn't log, as a third party, is a complete myth [19:57]
icediceAnd if I do something that needs complete anonymity then it would be via Tor Browser [19:57]
joepie91_dd0a13f37: right, those same civilized countries where the exact papertrail for investigations was retroactively made up to protect intelligence sources, and showing massive overreach from intelligence agencies? [19:58]
icediceBut for the most part I want to be able to torrent
To not have my ISP log all of my shit
[19:58]
joepie91_not a very convincing argument. [19:58]
icedice(I trust any of those four VPN providers more than the fuckwads at my shady ISP) [19:58]
dd0a13f37sweden doesn't have any such track record, neither does it have a sufficiently functioning police [19:58]
joepie91_okay, I'm tired of arguing pseudo-privacy tropes for tonight [19:59]
icediceIt's not a perfect system, but it works well enough for the purposes I use it for [20:00]
dd0a13f37There is a difference between reactive and proactive, and there is a difference between getting one record from an inverted index and iterating over all of them [20:00]
icediceI don't plan on leaking state secrets via VPN or something [20:00]
joepie91_(it's always the same series of arguments and I'm tired of running the same discussion on a loop for hours on end) [20:00]
icediceBut it's nice to have an encrypted connection on school WiFi [20:00]
dd0a13f37What are your thoughts on VPN providers with diskless servers? [20:00]
icedicebs
I sent an email to Mullvad asking if they could consider implementing it like OVPN.com had
and they told me that it doesn't matter
since an attacker could just have the traffic redirected and recorded elsewhere or something like that
I can pull up the exact quote if you want
And it's also nice to have some extra protection against data brokers and tracking companies
[20:00]
dd0a13f37that's a fair point tbh [20:03]
icediceand yeah, I know about browser fingerprinting [20:03]
dd0a13f37just use torbrowser like a normal person
that way you know exactly what guarantees you're getting and which ones you aren't
[20:03]
icediceI've taken countermeasures against that as well, like Random Agent Spoofer
Why not both
[20:04]
dd0a13f37random agent spoofer just adds to your fingerprint man
Because torbrowser is the absolute minimum, you can't get less
[20:04]
icediceI have it change for every request
I don't want to run everything via Tor Browser
[20:04]
dd0a13f37You're not protected against: canvas fingerprinting, web font fingerprinting, resolution (even without JS thanks to mediaqueries), js execution time,etc [20:05]
icediceFirefox is good enough for me even if the protection isn't 100% [20:05]
dd0a13f37torproject has spent tremendous amounts of time on protecting against fingerprinting, it's still not 100% with JS
But random agent is just pure placebo
[20:05]
icediceThere are two add-ons against canvas tracking, but they probably don't work anymore thanks to the WebExtensions thing [20:06]
dd0a13f37Use one agent and have it be something reasonably common that fits with your browser
Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0
[20:06]
icediceThat still collects all my info to one profile
Running Tor Browser over VPN gives you a few advantages:
Your ISP can't see that you're running Tor
[20:07]
dd0a13f37that's irrelevant and you could use bridges for it
Tor over VPN is useful, but running random ua in it is not
[20:08]
icediceThere is some protection against correlation attacks, zero day exploits, and malware that pings out your non-Tor IP
An extra layer
[20:09]
dd0a13f37yes, but if you're not using tbb then you're doing something very wrong [20:10]
icediceI don't need TBB for everything [20:10]
dd0a13f37then you shouldn't use tor [20:11]
icediceIf I want to post something anonymously or something I'd use Tor Browser over VPN
If it's just everyday stuff then I just use VPN
[20:11]
dd0a13f37tor and tbb or regular connection and regular browser, mixing them is just an accident bound to happen [20:11]
icediceI just use Tor Browser
I don't use the standalone Tor network software
[20:12]
dd0a13f37yes, which is secure, but it becomes less secure and not more by installing random agent spoofer
tor browser has a built in copy of tor, tor(daemon) is just useful for torifying other software
but browsers are such a big can of worms that you can't just chuck localhost:9050 in the proxy settings and call it a day
[20:12]
icediceI don't modify Tor Browser [20:13]
dd0a13f37good [20:13]
icedice(not that stupid)
Aside from the security settings (enable/disable JavaScript and all that) I don't touch anything
Firefox I have to heavily modify to have some sort of privacy
[20:13]
VADemon_the about:addons loads google tracking scripts ;) [20:14]
icediceit does? [20:15]
VADemon_https://www.ghacks.net/2017/07/13/privacy-blunder-firefox-getaddons-page-google-analytics/ [20:15]
dd0a13f37if you want privacy in firefox just modify it to become as similar to TBB as possible (user agent to tor, disable webrtc and canvas in about config, some more stuff in about:config) [20:16]
VADemon_The website it loads inside of about:addons does, but it's mozilla's website yet still [20:16]
dd0a13f37that's about it
i got to switch over to palemoon soon, firefox is going straight down the drain
[20:16]
VADemon_The TotalSpoof add-on sets your UA to a common value. I believe it's better to use some generic wide-spread FF UA than using Tor Browser's [20:19]
dd0a13f37they're the same thing
torbrowser's ua is the most common ff ua
[20:19]
VADemon_oh ok [20:20]
dd0a13f37https://panopticlick.eff.org/
one in 121.77/6.93 bits
what does your "privacy friendly" firefox get you?
[20:21]
VADemon_less google pwnership [20:22]
***schbirid has quit IRC (Quit: Leaving) [20:23]
dd0a13f37this is for torbrowser [20:23]
icedice<VADemon_> The TotalSpoof add-on sets your UA to a common value. I believe it's better to use some generic wide-spread FF UA than using Tor Browser's [20:34]
dd0a13f37they're both the same thing [20:34]
icediceNice, I'll probably replace Random Agent Switcher with TotalSpoof [20:34]
VADemon_I didn't know Tor Browser doesnt have its own UA. and it sounded like it did [20:34]
dd0a13f37De facto it has, it's just the one that's shared by the most others [20:35]
FroggingI'm more concerned about HTML5 canvas fingerprinting [20:35]
dd0a13f37you can disable canvas
don't lose out on much
[20:35]
VADemon_one in 6500 browsers, so current TotalSpoof's definitely bad [20:35]
icediceDisable JavaScript [20:35]
VADemon_NoScript + uBlock Origin do the 99% of the job [20:35]
icediceThat disables the canvas trackers
And wrecks most webpages
https://alternativeto.net/list/security-and-privacy-enhancing-firefox-add-ons
^ I'm using all of this minus RequestPolicy (ain't nobody got time for that) and Mailvelope
[20:35]
dd0a13f37doesn't firefox send a list of your addons [20:38]
Froggingsometimes when I really don't want to be watched, I make a brand new VM or VPS [20:38]
dd0a13f37check your panopticlick score [20:38]
icediceOh, and Cookie AutoDelete instead of Self-Destructing Cookies
Since Self-Destructing Cookies won't become a WebExtension
The site has been calculating my fingerprint for forever
Do I need to enable cookies for that site or something?
Or maybe one of my many uBlock Origin filterlists is blocking something for the site?
[20:38]
VADemon_uBlock Origin blocks it, NoScript won't allow to run ANYTHING to begin with [20:40]
icediceBut I can already tell you that my fingerprint is probably unique
And I get a new fingerprint for each webpage I visit
[20:41]
***lag has quit IRC (Remote host closed the connection) [20:41]
dd0a13f37didn't noscript have some really severe issues? [20:42]
icediceYeah, but I only use NoScript to block pop-ups / pop-unders [20:42]
Froggingsevere issues like what? [20:42]
dd0a13f37don't remember, might have been something with the developer [20:42]
icedice^ response to VADemon_'s comment
The NoScript site has some ads that are almost impossible to block that appear on the update pages
Advertising some crapware PC cleaner iirc
PC Speedbooster or whatever
But Tor Browser still uses NoScript, so it can't be too bad then
[20:42]
dd0a13f37they change the settings though
there's no whitelist
by default
[20:44]
FroggingI'm running AdNauseam with dynamic filtering set such that it only runs on sites I explicitly specify [20:44]
icediceI tried AdNauseum
I like the idea, but it fucked up my browsers preformance to the point that it almost crashed within the first try
[20:45]
JAAI block most ads at the DNS level. [20:46]
icedicePlus I prefer to block ads instead of toying around with them
<Frogging> sometimes when I really don't want to be watched, I make a brand new VM or VPS
You'd have to purchase that VPS anonymously then
[20:46]
***frontop has quit IRC () [20:46]
icediceAnd Bitcoin is useless for that now btw [20:47]
Froggingif I can do my bit to disrupt/unbalance the ad economy it makes me happy
yes, true
[20:47]
JAAicedice: Why "now"? [20:48]
icediceSo either an anonyous crypto-currency like Monero/Dash/Zerocoin, pre-paid cards like Paysafecard/Mint Prepaid/Neosurf, pre-paid debit/credit cards or cash [20:48]
Froggingthough I'm more concerned with automated systems linking requests together than I am with someone singling me out to try and steal my info from the VPS provider
unfortunately I think many of them do not accept prepaid CCs
[20:48]
icediceThey don't have to steal the info from your VPS provider [20:49]
dd0a13f37if you're going to buy a brand new vps you might as well just use tor browser, it's not so slow [20:49]
icediceJust coerce the VPS provider
Especially if it's in Five Eyes
[20:49]
Froggingor that
maybe they already have all the info from VPS providers
[20:50]
icediceI'd probably use https://abelohost.com/ if I was to get a VPS to use as VPN [20:50]
Froggingwhat do you think of PrivateInternetAccess? [20:51]
icediceSince apparently Private Layer has gone to shit [20:51]
Frogginghttps://www.privateinternetaccess.com/ [20:51]
icediceIt's American
That alone is enough for me to not use it
[20:51]
Froggingyes, but their FAQ says that America is one of the few countries that doesn't require them to retain logs [20:52]
icediceThe US is one of the worst jurisdictions in the world to run online services in if you care about privacy [20:52]
dd0a13f37But they're one of the best for freedom of speech
So you have to pick your poison
[20:53]
icediceAll the US government needs to do is send a National Security Letter + gag order demanding that PIA starts logging users and handing the US government backdoor access [20:53]
dd0a13f37I've had this idea about running a site that dynamically moves content [20:53]
icediceAnd then they either have to comply, shut down their company, or go to prison
Like with Lavabit
[20:54]
dd0a13f37so it has one server in germany used by default, if something is reported for hate speech it's moved to the US server, if it's reported for DMCA it gets moved to egypt/iraq
and so on
[20:54]
icediceIceland has a pretty good jurisdiction
But Freedom of Speech protection depends on what you're discussing
[20:54]
dd0a13f37US has very strong no matter what [20:55]
icediceTrue, but if your site is about US government leaks, the US is a shitty place to be
If your site critizises immigration, you probably want to stay out of the UK, Germany, and Sweden
[20:55]
dd0a13f37Then everywhere is
discussing them won't give you any problems
and leaking them will even if you're in venezuela
0..9 in ascii is encoded as 30..39 when viewed in hexadecimal
how fucking neat isn't that
[20:57]
icedicehttps://translate.google.com/translate?sl=sv&tl=en&js=y&prev=_t&hl=en&ie=UTF-8&u=https%3A%2F%2Fsv.wikipedia.org%2Fwiki%2FFlashback_Forum&edit-text=&act=url [20:59]
dd0a13f37Flashback is hosted in the US
and for some unclear reason has rules against hate speech
[20:59]
icedice^ Flashback moved to the US since it wasn't politically correct enough for Sweden [20:59]
dd0a13f37which are not enforced
that has to do with Law on responsibility for electronical bulletin boards
[20:59]
icedicebrb [21:00]
***icedice has quit IRC (Quit: Leaving)
icedice has joined #archiveteam-bs
[21:00]
dd0a13f37https://web.archive.org/web/20060504212948/http://www.sweden.gov.se:80/content/1/c6/02/61/42/43e3b9eb.pdf [21:04]
icediceFrogging: Private Internet Access' one pro is that they have been tested in court
The fact that they don't log could change though, depending on how hard the US government pressures them
[21:05]
dd0a13f37https://www.flashback.org/regler 1.03 Incitement of racial hatred[hate speech] It's forbidden to threaten or express dislike against specially threatened [protected] groups, in regard to race, skin color, national or ethnical origin, faith or sexual identity. [21:06]
Froggingwow, wtf [21:07]
dd0a13f37dislike is a bad translation though
but it's essentially parroted from swedish law for some unclear reason
[21:07]
Froggingthe first one you posted says it does not apply to "services that are protected by the Freedom of the Press Act or the Fundamental Low on Freedom of Expression" [21:08]
icediceThe UK's anti-hate new speech law is even worse [21:08]
FroggingLaw* [21:08]
icedice* new anti-hate speech law [21:08]
dd0a13f37Yes, that's if they have an issuing permit which is granted to newspapers, this also makes them immune to large parts of the law on personal data
which is why aftonbladet could legally hire hackers to hack flashback and then dox some random people
[21:08]
icediceUnder the UK's new anti-hate speech law it's the "victim" who decides if you have broken the law [21:09]
Froggingsource? [21:10]
dd0a13f37Which one? "Criminal Justice and Immigration Act 2008"? [21:10]
JAAThe German one is also pretty bad. [21:11]
dd0a13f37swedish one is surprisingly sane all things considered, it doesn't restrict "relevant and trutful" statements nor statements made in private [21:13]
***fie_ has quit IRC (Leaving)
fie has joined #archiveteam-bs
[21:15]
icediceFrogging: https://www.youtube.com/watch?v=yfLl3KUnxSk#t=8m7s
^ the exact quote of the law is there in the video (can't find it on CPS' website atm)
And a bunch of source links are in the description
<JAA> The German one is also pretty bad.
Yeah, was just about to say that
Germany wants to police websites on an international level
[21:23]
JAAGermany wants the website's *operators* to police their websites. [21:25]
dd0a13f37how? [21:25]
JAAWell, basically. [21:25]
Froggingbrb starting a controversial website [21:25]
icediceAnd censor stuff for people who don't even live in Germany
56 million euro fines
[21:25]
dd0a13f37But not the other way around? They wouldn't censor foreign websites? [21:25]
Frogginghow do they fine people who don't live in germany [21:26]
icediceif appropriate action is not taken within 24 hours it's fine time iirc
idk
[21:26]
JAA"Obviously illegal" content has to be deleted within 24 hours, less obvious cases must be reviewed within 7 days. [21:27]
dd0a13f37Anyone here interested in scraping bittorrent and has a VPS with decent internet and aria2c (available in repos)?
https://pastebin.com/Nz672PWc
[21:27]
JAAAt least small platforms aren't affected by NetzDG. It's only relevant for social networks with more than 2M users, I think. [21:28]
dd0a13f37would build a nice starting point, when you have the most common ones then you can start with the more interesting scraping techniques
So basically just facebook?
[21:29]
JAAFacebook, Twitter, YouTube, and so on [21:30]
dd0a13f37facebook being forced to censor stuff is no big freedom of speech problem tbh [21:31]
VADemon_dd0a13f37: I have an idle dedi. [21:31]
odemgbruh
godane we got em
[21:31]
JAAodemg: The 24k tapes? [21:31]
dd0a13f37the big issue is when people feel they should take matters into their own hands (internet archive) and censor stuff
which is the only big political censorship on the internet i've ever seen
VADemon_: Interested in bittorrent scraping?
[21:31]
odemgJAA, yiss [21:32]
JAANice! [21:32]
VADemon_Totally. I even have logs of my own bittorrenting to find the scraping bots :P [21:32]
dd0a13f37check out the pastebin link [21:32]
godaneodemg: thats good [21:33]
odemgthank fuck, but also thanks myspleen for thinking they could get their hands on it :p [21:33]
dd0a13f37There is no public torrent archive, if you can download the easy ones properly then you can focus on the hard parts
as in, from another torrent, not from scraping
its a bit ugly but it should work
[21:33]
VADemon_Scraping as in archiving or simply indexing? [21:34]
dd0a13f37scraping as in getting the torrent files but not downloading what they point to
getting all(all) torrent files is feasible (2-3tb of content at most), getting even a small fraction of torrent file contents is just impossible
you would end up with a large folder of files like "da39a3ee5e6b4b0d3255bfef95601890afd80709.torrent"
[21:34]
VADemon_I need to tthink twice about it, because the server is located in germany and there have been precedents of lawyers catching up/downloaders of piracy torrents [21:37]
dd0a13f37indexing the files later on is trivial, all you need to do is put them into a bencode parser, put the results in a database, and apply fts directly to files
you're not downloading the files though
just the torrent files
[21:37]
VADemon_I know. [21:37]
dd0a13f37if you have a VPN an ugly solution is to just install openvpn on the server while it's running [21:38]
icediceJAA: About Bitcoin anonymity: http://cordis.europa.eu/news/rcn/141335_en.html
There was also a post on /r/DarknetMarkets from someone who works with anti-money laundering for Australian banks who had attended a Blockchain analysis seminar
[21:44]
dd0a13f37xmr.to
they also have an onion apparently http://xmrto2bturnore26.onion/
but really, they missed that train, if they want to do something now their only option is dos attacks on bitcoin nodes
[21:47]
icediceApparently CIA sponsored big data company Palantir Technologies (started by Peter Thiel) has invented a system that with the help of banks can correlate Bitcoin payments back to the bank accounts used to purchase them
Can't find the thread atm though :/
[21:49]
dd0a13f37you can buy with cash, you could also use monero and an exchange as a tumbler (for example xmr.to as i linked earlier) [21:50]
JAAYeah, but what's new about that?
Bitcoin was never designed to be anonymous.
Well, you can use it completely anonymously by mining, but...
[21:50]
icedicehttps://www.reddit.com/r/DarkNetMarkets/comments/51hs6n/antimoney_laundering_and_counter_terrorism/d7c37k2/ [21:53]
dd0a13f37There is also coinjoin [21:53]
icedice^ found the author
The thread follow-up thread seems to be gone though
Is Coinjoin like a Bitcoin tumbler?
Because Palantir Technologies' system can detect that
[21:53]
dd0a13f37>Out of habit spending habits
that's the only new one to me
You know how bitcoin transactions work? You have X inputs, and Y outputs. The hash of the txn has to be signed by all inputs.
[21:54]
icediceAnd when the author posted the follow up thread he mentioned that the system had been in use by Five Eyes banks for nine months [21:55]
dd0a13f37might be roleplaying
So what you do is you find some people who want to send coinjoin transaction, they send their transactions to some server, then you get a block
you only need to check that you're spending the right amount of money and that your recipient(s) are getting what you want them to
[21:55]
icediceOk [21:56]
dd0a13f37then you sign it
and you don't know or care about the other transactions or who sent thme
so it's essentially a decentralized tumbler
and monero exists, if I was selling drugs on the darknet I would just pull all the transactions through monero
[21:56]
icediceAnd btw, I'm not into Darknet Markets. I just find some of the posts interesting to read from time to time
Like the post where they discuss how to bury millions underground
<dd0a13f37> and monero exists, if I was selling drugs on the darknet I would just pull all the transactions through monero
Yup
If I was to buy something anonymously online and the seller would be all right with not being anonymous, like a VPS, I'd probably buy using Paysafecard
[21:58]
dd0a13f37if the seller is non-anonymous there already is a very simple solution
cash in mail
[22:01]
icediceBuy one of those in cash from a kiosk in a large city
Yeah, but there a few cons there
1. You could get scammed
[22:01]
dd0a13f37such as?
the seller can even fuck around with post boxes to be anonymous
1. good luck getting a chargeback with your anonymous paysafecard, the cost of a burner phone would be larger
[22:02]
icedice2. It could get intercepted (though you could put it in a birthday card to arouse less suspicion I guess) [22:03]
JAAPSC isn't anonymous in Germany anymore since a few years, by the way.
Something something anti-money-laundering laws. Can't remember the details.
[22:03]
icedice3. Most people who pay by mail probably leave their fingerprints all over it [22:04]
dd0a13f372. you could just wrap it in paper
3. you could use gloves, it's only a problem if the seller keeps the envelopes
[22:04]
icediceYeah [22:05]
dd0a13f37you're only worried about it being suspicious enough to get a postal worker to open it, they're not going to open random packages [22:05]
JAAdd0a13f37: In Germany, they do sometimes. [22:06]
dd0a13f37the risk of paysafecard, tracking where it was bought, cameras, there is much more unpredictability than dumping a letter inside a mailbox
JAA: do what?
[22:06]
JAAOpen random packages [22:06]
dd0a13f37Yes, but in the context of random checks
it's not drugs or anything, there are several perfectly legal vpn providers that accept cash in mail
[22:06]
icediceYup [22:07]
dd0a13f37so they would definitely not steal something from when they're checking drugs/whatever [22:07]
JAATrue
I'm not so sure about the stealing part, but yeah.
[22:07]
icedicehttps://www.webhostingtalk.com/showthread.php?t=1537627
^ Private Layer seems to have gone to shit
I guess I'd probably use Orangewebsite (or maybe AbeloHost if it needed to be cheaper) for an anonymous VPS server for VPN
[22:08]
JAAOh, interesting that you mention it. [22:10]
icediceAny other good privacy respecting non-Five Eyes VPS providers that have decent support? [22:10]
JAAThe Daily Stormer's newest domain is registered through Orangewebsite. [22:10]
***felti has joined #archiveteam-bs [22:11]
icediceNot planning on buying anything, but I like to look around at stuff like that [22:11]
dd0a13f37support is bad
the worse support, the better
support aren't your friends, they're also responsible for abuse handling
if they copypaste a template email in russian 2 months after receiving the request that's obviously better than responding politely and handing over your data
[22:11]
icediceOrangewebsite and AbeloHost both have great support according to reviews [22:13]
dd0a13f37that's bad [22:13]
icediceBut neither willingly hand over customer data [22:13]
dd0a13f37they still respond to abuse [22:13]
icediceAnd at least AbeloHost ignores DMCA notices
Since that carries no weight in the Netherlands
[22:14]
dd0a13f37VPN providers have the advantage of sharing one IP
but they have european DMCA versions
don't remember the name
BREIN?
[22:14]
JAAYep, BREIN [22:14]
icediceAbeloHost basically doesn't give a shit until it goes to a Dutch court [22:14]
JAAWell, that's the organisation that sues ISPs etc. [22:15]
dd0a13f37well, that's good, but OVH is infamous for having terrible support
and also hosting tons of botnet, spam, etc
[22:15]
icediceIt's used a lot for hosting porn sites [22:15]
dd0a13f37so I'd trust them more [22:15]
JAAHahaha
Lolno
[22:15]
icediceSince DMCA is apparently a pain in the ass (pun not intended) for porn site operators [22:15]
dd0a13f37there is nothing illegal about porn, if they're hosting child porn then you can start discussing freedom of speech [22:15]
JAAA few years ago, dozens of private trackers, all hosted at OVH, got killed.
Operators arrested etc.
[22:16]
dd0a13f37Yes, of course, sometimes accidents happen [22:16]
icediceNo, regular porn [22:16]
dd0a13f37but in general
they're slower
yes of course
europe has the court ruling, you know the noe
[22:16]
JAAPossible, but I wouldn't trust them at all.
Although the relevant people somehow heard about it before the shit hit the fan, so quite a few of the trackers had already shut down by the time police came knocking at OVH's door.
[22:17]
icedicePeople use it because hosting in America means that you always risk getting dropped by your hosting company when someone reports that there's copyrighted porn there [22:18]
dd0a13f37there is also cockbox (romania) [22:18]
icedicelol [22:18]
Froggingthere's this also https://www.nearlyfreespeech.net/
not a VPS however. web hosting/domain registration.
[22:18]
icediceI know about both of those yeah [22:19]
JAAYeah, I think someone in here uses it actually. [22:19]
icediceNearlyFreeSpeech is 'Murican though, wouldn't use that for privacy purposes [22:19]
dd0a13f37just use whichever one is cheapest, you can always throw a vpn with port forwarding on it [22:19]
FroggingI've thought of doing that. It might be tricky to set up though
in a manner that is reliable, I mean
lots of API back-and-forth and failure modes
[22:20]
icediceThe owner of OrangeWebsite is said to be an anarchist that strongly supports freedom of speech and both he and the company itself were strongly against the SOPA and PIPA legislations. [22:20]
dd0a13f37use tor for administration
a hidden service
then use iptables to make the vpn work
all that's left is fixing dns leaks, but some vpn providers run open dns
[22:21]
icediceOrangewebsite allows Tor exit nodes to be hosted there, so props to them for that [22:22]
dd0a13f37http://curia.europa.eu/juris/document/document.jsf;jsessionid=9ea7d2dc30d6433616c7b67942fa86b0f894d32c8ed8.e34KaxiLc3qMb40Rch0SaxyMbhz0?text=&docid=187646&pageIndex=0&doclang=en&mode=lst&dir=&occ=first&part=1&cid=1774727 curia.europa.eu/juris/document/document.jsf;jsessionid=9ea7d2dc30d6433616c7b67942fa86b0f894d32c8ed8.e34KaxiLc3qMb40Rch0SaxyMbhz0?text=&docid=191707&pageIndex=0&doclang=en&mode=lst&dir=&occ=first&part=1&cid=1774727
that's nice, then you can set up a tor exit node and allow all ports, then the 1% of actually relevant abuse notices can be blamed on tor
[22:22]
Froggingpfft [22:23]
dd0a13f37but really, unless you're doing some really edgy shit it's enough to just host it yourself on a .onion service [22:24]
icediceI think AbeloHost is also used a bit for warez hosting [22:26]
dd0a13f37Can't they just use I2P? [22:27]
icediceI'm fine with the setup I have [22:28]
dd0a13f37For warez hosting I mean
I2P is underrated
[22:28]
icediceProtonVPN keeps the copyright nazis away and my IP away from trackers
Don't really need anything more
Ah
[22:28]
dd0a13f37yes, VPN is fine for you, but if you want to host an actual warez server
why not just host it on i2p?
it's private anyway, so taking a few minutes to set it up for anyone interested doesn't matter
[22:30]
icediceI though we were still talking about self-hosted VPN on VPS servers [22:31]
dd0a13f37oh right, for the truly paranoid [22:32]
icediceBut yeah, that's an idea
You don't get to mask you traffic though
Unless you maybe invite some folks onto your VPN server
[22:32]
dd0a13f37if the server is behind i2p, everyone connecting will have to use i2p [22:33]
icediceI was talking about self-hosted VPN [22:33]
dd0a13f37you can make openvpn look like SSL
on port 443
[22:34]
icediceYeah
And run it behind restrictive firewalls
[22:34]
dd0a13f37it's much better in practice to use a commercial provider, then your IP is shared with others
and ovpn.com apparently also offers a proxy that strips away tracking from pages
https://iknowwhatyoudownload.com/ for example this is not very funny if you're using a self hosted vpn
[22:34]
joepie91_dd0a13f37: https://gist.github.com/joepie91/5a9909939e6ce7d09e29#but-i-want-to-confuse-trackers-by-sharing-an-ip-address [22:38]
dd0a13f37The reasonable assumption is, if they have a track record of not handing over logs, to assume that this is true rather than that "they" have fabricated court records for unclear reasons. >The $10/month that you're paying for your VPN service doesn't even pay for the lawyer's coffee, so expect them to hand you over. That only applies if they have them. In addition, some services such as OVPN have insurance for that purpose. [22:41]
Froggingjoepie91_: What does one do about WebGL fingerprints? NoScript for that too? [22:41]
dd0a13f37HMA did lose business from it, but their keeping logs was publically known from before
joepie91_: Your rebuttal is about tracking for advertising purposes. If there are 100 users with IP X, how will they know which one is me?
For torrenting etc
[22:41]
icediceEarthVPN also probably keeps logs even though they say they don't [22:43]
Frogginghe makes a concession for that in the next section dd0a13f37
"You want to hide your IP from a very specific set of non-government-sanctioned adversaries - for example, circumventing a ban in a chatroom or preventing anti-piracy scareletters."
[22:43]
dd0a13f37Not really [22:43]
Froggingbut then goes onto say set up your own on a VPS... which would defeat that use case [22:43]
icediceThey claim that it was the data center keeping logs that got one of their customers busted, but I don't buy it [22:43]
dd0a13f37we don't have scareletters here, so only the government would care about it
not that they do, our police isn't working
[22:44]
joepie91_"Your rebuttal is about tracking for advertising purposes." -- no, it's not, that is only one of the examples. [22:44]
dd0a13f37But that's what you're attacking. [22:44]
Froggingjoepie91_: but what of protocols where the only identifying information is the IP address (such as torrents) [22:44]
dd0a13f37If they do keep logs, then there's no way of proving I'm the one doing the offending activity since multiple people were using that IP [22:45]
joepie91_that premise is wrong
there's plenty of identifying information in TCP alone
[22:45]
icediceSetting up a leak proof VPN is hard: https://vpntesting.info/ [22:45]
joepie91_further fingerprinting can be done by probing the client on the other end
whether TCP or UDP
etc.
different clients behave differently on different OSes in different versions
[22:45]
icediceSo that's something to take into consideration as well [22:45]
dd0a13f37Also, using a VPN hides your physical location from geoip [22:45]
joepie91_with different kernel modules
and so on and so forth
[22:45]
Froggingjoepie91_: but you *would* want to mask your traffic from your IP address in addition to concerns about TCP info leaks, no? [22:45]
joepie91_when it's about scareletters, yes - but "sharing an IP" isn't relevant there
(scareletter senders don't care whose machine it is, they just hold the IP subscriber responsible)
[22:46]
Frogginga VPS wouldn't accomplish that either; I've gotten scareletters when torrenting on a VPS [22:46]
icediceOr I guess the leaks is more about the VPN client software than the VPN infrastructure [22:47]
dd0a13f37joepi91_ Say I feel the urge to send in a bomb threat to a school. 100 people were using that IP at that time. They turn over the logs. Who gets brought in for questioning?
joepie91_: *
[22:47]
joepie91_Frogging: point being to put yourself in a locale that scareletter senders don't care about :P
dd0a13f37: whoever was on the other end of the connection at that time.
[22:48]
icedicehttps://torrentfreak.com/vpn-providers-no-logging-claims-tested-in-fbi-case-160312/ [22:48]
dd0a13f37IPs are shared [22:48]
joepie91_... [22:48]
dd0a13f37if there are multiple people on one IP at one point in time [22:48]
joepie91_you really need to read up more on how VPNs work
*external* IPs are shared
individual connections are logged, datetime/origin/external
therefore datetime stamp + external can be matched to origin IP
whether external IP is shared is irrelevant
[22:48]
dd0a13f37Isn't it just the leases? [22:49]
joepie91_no
(also, s/IP/IP+port/ in the above)
(plus protocol)
point here being: the provider can easily correlate individual connections or datagrams to specific subscribers to the service, so long as the right amount of logging for that purpose is set up
iirc this is the default in many setups as well
[22:49]
***drumstick has joined #archiveteam-bs [22:51]
joepie91_VPN provider has full visibility of all traffic and metadata
at all times
it's effectively just a proxy
[22:51]
dd0a13f37Is it really? What log level does that require [22:52]
joepie91_going to vary by VPN protocol and implementation
and - or at least this was true ~2 years ago - there are certain logs in the default OpenVPN implementation that you can't disable without source patches
don't remember the extent of them, it's been a while
[22:52]
dd0a13f37But you still haven't answered the reactive/proactive thing
A VPN provider that keeps logs can be forced to hand them over, sure
But that a VPN provider would proactively keep logs while claiming the opposite is fraud, and you're not making a convincing argument for why that would be the case
[22:53]
joepie91_I don't particularly feel like an in-depth discussion as these discussions are extremely tiring and mood-destroying, and for every person I argue with there are two million more that still stubbornly believe the snakeoil they bought into is legitimate
but whether this is "fraud" is jurisdiction-dependent, as are the consequences for it
and in particular when the interests of governmental parties align with misrepresenting the logging policy, which they do, it's not at all certain that such claims are truthful
is it proven that every VPN provider logs? no. but "there are incentives for them to misrepresent their logging policy" should be enough to make you think thrice about trusting your traffic with them
the goal here isn't to prove that every VPN provider logs, the goal is to point out that you're trusting a single party with your sketchy traffic that has a number of incentives to behave against your best interests, and that it is an industry full of crooks
at best that is an unwise thing to get involved in, at worst it can cost you your freedom or - depending on where you are and what you're doing - your life
[22:55]
icediceProtonVPN seems honest though. Instead of just saying "no logs" they admit that they log timestamps in order to prevent bruteforce attempts [22:59]
joepie91_question remains whether that's all they log. [22:59]
icediceI think I'll switch my ISP's DNS to one of these:
https://dnscrypt.is/
https://servers.opennicproject.org/edit.php?srv=ns1.zh.ch.dns.opennic.glue
https://servers.opennicproject.org/edit.php?srv=ns22.nl.dns.opennic.glue
[22:59]
Froggingopennic :D [22:59]
joepie91_like, for example, the idea that "sorry we don't have logs" translates to "okay good day sir" and the cops leaving through the front door, is very misguided [23:00]
icedicehttps://servers.opennicproject.org/edit.php?srv=ns1.nh.nl.dns.opennic.glue
https://servers.opennicproject.org/edit.php?srv=ns3.ro.dns.opennic.glue
[23:00]
joepie91_"sorry we don't have logs" is far more likely to translate to "okay then we're going to hold you responsible for the traffic since you can't prove it was a customer of yours"
whiiiiich is why there's an incentive for a provider to keep logs
[23:00]
dd0a13f37It would quite clearly be fraud in Sweden, the country in which both I and my VPN provider reside. They also have disincentives to do so which are stronger. They claim to have a specific configuration (a specific set of configuration files), so actively making false statements would require them to edit them before posting them which is more than just lying. The worst-case scenario, in the case that the VPN provider doesn't wholesale save my traffic
the situation I was in before. There are multiple cases of police investigations where you can see lines like "the IP number X.X.X.X belongs to a VPN provider" and it's apparent that that they don't even try, in some cases corresponcence is even posted.
>"sorry we don't have logs" is far more likely to translate to "okay then we're going to hold you responsible for the traffic since you can't prove it was a customer of yours"
That is not how swedish law works, which is an implementation of an EU directive.
[23:00]
joepie91_(like I said: I don't intend to go into an in-depth discussion.) [23:02]
icedicedd0a13f37: Mullvad, OVPN.com, VPNTunnel, or IPredator?
I'm guessing Mullvad?
[23:02]
dd0a13f37mullvad since they're the cheapest last time I checked and has a good track record [23:03]
JAA(dd0a13f37: FYI, the web client cuts off long lines without telling you. For example, your first message three minutes ago ends with "wholesale save my traffic".) [23:03]
icediceMullvad is great [23:03]
dd0a13f37. The worst-case scenario, in the case that the VPN provider doesn't wholesale save my traffic (which sure would be something), is that my IP is exposed, the situation I was in before.
Was the missing part
[23:04]
icediceDon't require any personal info to set up an account [23:04]
dd0a13f37If efnet wouldn't ban Tor I wouldn't be using this shitty web client [23:04]
icediceAnd they have even started selling retail boxes with anonymous account codes in Swedish stores
dd0a13f37 have you tried https://convos.by/ ?
[23:04]
dd0a13f37joepie91_: Your interpretation of holding VPN providers responsible is just straight up wrong, see http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32000L0031&from=EN under "Mere conduit" [23:07]
icediceThere's also http://ircanywhere.com/ but it hasn't been updated since November 4th, 2015 [23:08]
dd0a13f37convos is a client for a bouncer or something like that [23:08]
icediceI think I'll probably go with https://dnscrypt.is/ [23:08]
dd0a13f37I'm using a proxy inside of the tor browser to access webchat
why not opennic?
[23:08]
icediceI prefer Iceland as jurisdiction [23:09]
dd0a13f37Both of those need a server to set them up on [23:09]
icediceBesides, both OpenNic DNS operators and non-OpenNic DNS operators can lie about the DNS server being logless
Yeah
I thought you guys were into self-hosting
There's always IRC Cloud, but then they'd have your chat history
[23:10]
JAAdnscrypt.is sounds a bit like snake oil as well.
"DNSCrypt provides encryption for DNS similarly to how SSL/TLS does it for HTTP."
[23:11]
dd0a13f37But then I could just ssh into the vps [23:11]
JAAWell, except the hostname is still transferred in cleartext in HTTPS. [23:11]
dd0a13f37they are operated by https://1984hosting.com/ which I think has a good track record [23:12]
JAASo a passive MitM will no longer be able to see your DNS queries, but if you access the host through HTTP or HTTPS afterwards, he can still see the relevant hostnames there. (And let's face it, that's the majority of the traffic.) [23:12]
dd0a13f37dnscrypt is a well known technology as far as I know, blaming the provider for this is just rude [23:13]
JAAI disagree. They make it sound as though DNSCrypt will prevent an eavesdropper from figuring out what you're accessing, and that's just wrong. [23:15]
dd0a13f37https://www.opendns.com/about/innovations/dnscrypt/ [23:16]
JAAI'm talking only about the provider's wording, not about the underlying technology.
I know what DNSCrypt is and how it works.
[23:16]
dd0a13f37In the same way the SSL turns HTTP web traffic into HTTPS encrypted Web traffic, DNSCrypt turns regular DNS traffic into encrypted DNS traffic that is secure from eavesdropping and man-in-the-middle attacks.
It's the same wording
[23:16]
JAAWell yeah, OpenDNS is pretty crappy anyway.
So I'm not surprised about that.
[23:17]
dd0a13f37yeah, but they probably based it on that
they're not to blame here
[23:17]
JAAWell, since they even named the entire service after it, they should be a bit more transparent about what it actually does. [23:19]
***balrog has quit IRC (Quit: Bye)
balrog has joined #archiveteam-bs
swebb sets mode: +o balrog
[23:20]
icediceDNSCrypt is useless and outdated, as far as I've heard [23:24]
dd0a13f37I've gotten a response from 1/4 so far [23:25]
icediceI just want a logless DNS in a privacy respecting jurisdiction [23:25]
dd0a13f37from itorrents
I don't expect any from torrentproject
so 1/3
[23:25]
icedicePreferably outside of the EU [23:25]
JAAWhat do you mean by "outdated"? [23:25]
icediceWhat happened to TorrentProject [23:25]
dd0a13f37Nobody knows [23:25]
icediceDNSCrypt uses 1024 bit encryption [23:26]
dd0a13f37They went 403 on main page, .onion is still online (serving 403)
Mail didn't bounce
Just went dark one day
[23:26]
icediceMinimum nowadays would be 2048 bit [23:26]
JAAIt has always been pretty useless regarding what it was advertised as. I do use it sometimes though to get around firewalls blocking normal DNS.
Ah, right.
[23:26]
icediceI read some article that shit all over it [23:26]
***balrog has quit IRC (Read error: Operation timed out) [23:27]
icediceDon't remember much, but by the end it was pretty clear that there was no real point in using it [23:27]
dd0a13f37https://torrentfreak.com/the-pirate-bay-website-runs-a-cryptocurrency-miner-170916/ welcome to the new internet
Would people be interested in scraping the bittorrent DHT/collecting indexes? Should I add it to suggested projects?
[23:27]
icediceIf you want to add something, add Salon.com
https://nypost.com/2017/08/03/salon-struggling-to-pay-its-rent/
[23:34]
***BartoCH has quit IRC (Quit: WeeChat 1.9) [23:36]
dd0a13f37Isn't that for newsgrabber? [23:37]
icedice?
No idea what that is
[23:40]
dd0a13f37http://www.archiveteam.org/index.php?title=NewsGrabber [23:41]
***balrog has joined #archiveteam-bs
swebb sets mode: +o balrog
dd0a13f37 has quit IRC (Quit: Page closed)
dd0a13f37 has joined #archiveteam-bs
[23:41]
arkiver#newsgrabber [23:44]
dd0a13f37It's a shame about the pdf archives though
But I guess that's a job for release groups et al
[23:46]
***icedice has quit IRC (Quit: Leaving) [23:48]
JAAicedice: So I've tried getting dnscrypt-proxy to spit out more information about the keys, but I've failed. I also couldn't find anything in the protocol specs. Are you sure you aren't confusing this with DNSSEC?
Welp
(DNSCrypt uses elliptic curve cryptography, so "1024 bit" doesn't make much sense in the context. I didn't find any information about key sizes anywhere though.)
[23:48]
dd0a13f37Curve25519
In the current version, the construction, originally implemented in the NaCl cryptographic library and exposed under the name "crypto_box", uses the Curve25119 elliptic curve in Montgomery form and the hsalsa20 hash function for key exchange, the XSalsa20 stream cipher, and Poly1305 for message authentication. The public and secret keys are 32 bytes long in storage. The MAC is 16 bytes long, and is prepended to the ciphertext.
[23:52]
***icedice has joined #archiveteam-bs [23:52]
icediceOk, thanks for the info [23:53]
JAAThe root keys in DNSSEC are 1024 bit RSA. But as I just found out, they'll be replaced by 2048 bit keys next month.
About fucking time...
[23:53]

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)