Show threadStrypeyJul 9, 2024

I don't want Goggle calling the shots anywhere, let alone the open web. But the push for HTTPS everywhere is being driven just as much by Mozilla. Which is why they launched Let's Encrypt as a free service (as is speech *and* as in beer) with the Linux Foundation, EFF etc;

https://sdtimes.com/akamai/eff-wants-make-https-default/

One reason is that it makes attack tools like the Great Cannon less effective.

https://citizenlab.ca/2015/04/chinas-great-cannon/

#HTTPS #LetsEncrypt #GreatCannon #Mozilla #EFF

@davew

EFF wants to make HTTPS the default protocol

A coalition of companies is trying to promote Internet security with information campaigns and an open-source HTTPS protocol

SD Times
Show threadKevin Karhan Sep 1, 2023

All #HurricaneElectric does is act in self-defense against a hostile network.
https://www.youtube.com/watch?v=i4n6zmajfsM

And OFC they must have the right to refuse to provide services like transit.

That's common practice and it's called #DROP [ #DontRouteOrPeer ] and it's the reason the #PRC can't #DDoS the entire internet with their #GreatCannon [which is weaponization of #GreatFirewall infrastructure]...

#DropCloudflare Pt. 3: Alternatives to Cloudflare that don't facilitate transphobia

Cloudflare has supported hate and harassment site KiwiFarms for almost a decade.This video is the final of three in a series covering the harm the site does,...

YouTube
Kevin Karhan Jun 19, 2023

@thefreehunter do you even know how much #compute power #Facebook can throw at things?

They can literally go #GreatCannon like the #GreatFirewall and #DoS / #DDoS single instances just with exess farts of their datacenters.

So expect them to go full #EmbraveEnhanceAndExtinguish if not #racketeer by virtue of their computational power and demand bs like "direct peering" and "premium cashing"...

Also you do realize that #NSAbook is literally a front for #US #intel?
https://mstdn.social/@kkarhan/110567775622980369

Kevin Karhan :verified: (@[email protected])

@[email protected] @stux #NSAbook is our enemy, because they not only WILL but ALREADY DO SNITCH ON USERS! And not only in regards to #PRISM, but literally ratting out #LGBTQIA in #MENA nations and people seeking #Abortions in the #USA and #Poland... https://mstdn.social/@kkarhan/110567700762933288

Mastodon 🐘
Show threadKevin Karhan Jun 7, 2023

@forthy The only working fix to not get abused onto a barrel for "The #GreatCannon of #China" is to ban all unencrypted traffic and only - if ever - restrict JavaScript to allow-lists only....

And whilst VPNs are being cracked down, SSH tunnels ain't and like with all rules and laws, enforcement is very selective...

Kevin Karhan Jun 7, 2023

Does anyone have a comprehensive list of #GreatFirewall #nodes?

After all, they are also being abused to launch #JavaScript-based AMP-#DDoS's and I'd just want to neuter the #GreatCannon...

https://youtu.be/ywIKoLalFpE?t=391

StarLink Dish Hacked With $25 Device

YouTube
Hans-Christoph SteinerApr 11, 2023

#ArsTechnica's article on exploiting #Zimbra is a nice example to work through to understand how an advanced #cyber #targeted #attack works
https://arstechnica.com/information-technology/2023/03/pro-russian-hackers-target-elected-us-officials-supporting-ukraine/2/

Does anyone have any examples of advanced #cybersecurity #attacks that were not targeted? I guess the #GreatCannon and maybe #QUANTUMINSERT #FOXACID are examples. I'd love to see a story about a recent exploit like this (those two examples don't really work when HTTPS is used).

Pro-Russian hackers target elected US officials supporting Ukraine

Group tracked since 2021 exploits unpatched Zimbra servers to hack email accounts.

Ars Technica
StrypeyApr 20, 2019
@how I agree, but there is a certain basic level of security practice that can see off untargeted attacks from #ScriptKiddies, #BotNets etc. Things like keeping software up-to-date. It's remarkable how many under-trained muppets like me are employed as sysadmins, creating a massive and easily exploited resource that can then be used in targeted attacks with tools like the #GreatCannon. In fact I would probably do a better sysadmin job than a lot of them.