Mastodawn

http://librarypunk.gay/e/160-sciopnet-feat-jonny-and-jez-part-1/

>And this is exactly why Linux distributions have been distributing ISOs using torrents for years. Aside from the sort of piracy thing, that's the other thing that BitTorrent gets used a lot for, and it means that the small organizations throwing up their own Linux distro can distribute it without it completely crashing their tiny servers.

You're not wrong :P Pic related. It annoys me that #tails @tails recently moved away from having torrents as a form of downloading.

>Yeah, it makes me, think about, and something I've thought about before but haven't really explored is you know how when you go on Archive.org and there's a file, and one of your options is just to download a torrent. Why don't we do that for institutional repositories and data repositories?

That's one of my favourite parts of the Internet Archive :D

>Because those are starting to get big. I mean, I know one of the reasons is because, like, we use proprietary software for our institutional repository and Clarabate and Elsevier don't want to support that.

Elsevier, the bane of my academic existence.

-----

Also, vis-a-vis webseeds... what's stopping a Tor onion service from being the HTTP(S) endpoint? Those are pretty damn hard to bring down (from a legal standpoint). I'd assume the main limitation is that BitTorrent clients don't speak "onion service," but that's a fixable problem. Hell, what's stopping the trackers themselves from being onion services?

#BitTorrent #SciOp #Tor #OnionService

Show thread

Kevin Karhan

Mar 16

@dw_innovation @torproject I wounder if anyone else thought about some good "#Homepage, but on the #Tor network" ?

Cuz I do have a curated list of bona-fide sites that are available as #OnionService|s and certainly we need more "#TechIlliterates" and #Normies to use #TorBrowser for said bona-fide activities more...

lists.d/onion.domains.list.tsv at main · greyhat-academy/lists.d

List of useful things. Contribute to greyhat-academy/lists.d development by creating an account on GitHub.

GitHub

Kevin Karhan

Mar 16

Personally I expect the #FCC to sooner or later ban #journalism aka. anyone who isn't praising #Trump 24/7 and banning #journalists as well as #media from overseas as a whole.

So I'd hope that @dw_innovation / #DWnews improves upon their work re: access, not just for people from heavily censored locations like #Russia ¹ but generally.
- Please do make a presence in the #Fediverse beyond merely watching out but also more prominently advertise your #OnionService on @torproject / #Tor: https://dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion

For those curious, there's a checker tool to see if #Roskomnadzor blocked a #domain...

https://www.dw.com/en/youtube-whatsapp-blocked-in-russia/a-75940102

#InternetCensorship #Censorship #MediaFreedom #PressFreedom #InformationWarfare #Disinformation #Propaganda #Oppression #Germany

How Russians cope with censorship: Questions to a DW expert

How can Russians stay informed when many international news websites are blocked and Russian media shut down? Anja Terveen, Customer Experience Manager at DW recently conducted a survey and we asked about the results.

Deutsche Welle

Kevin Karhan

Mar 12

On a different note, @Bundesregierung really needs to "kick @bnd in the groin" for not having any secure means of contact on the site as in a public form (similar to the Pubkey Submission) and pubkey to reach the actual ingress for #BND.

Even if those wanting to submit information would have to do the "Offline PGP method" at worst-case.
- I mean, fucking Langley is able to do it better, including an #OnionService on @torproject / #Tor to accept submissions.

Of all the budget they have I'd assume BND to at least make that easy.

I mean, it's not that easy. @dw_innovation / #DWnews have an #OnionService and tools like #OnionBalance even make it even easier than ever before!

Report Information

BND

Show thread

Kevin Karhan

Mar 10

@lackthereof no, it's not because unlike #Phones and #PhoneNumbers, #eMail is not necessarily traceable by circumstances.

Because a Phone "Line" (regardless of whether it's POTS, ISDN, VoIP, GSM, VoLTE, …) and #telephony in general are designed for realtime communication, they inherently necessitate an active, ongoing connection.
- Even if it's just some App/PBX/… to connect to the provider and constantly state "I am on the network and able to recieve calls!" (with PSTN networks, there a physical line that gets assumed to have a phone connected)…

Whereas with eMail (and any #asynchronous #communication) you don't have that requirement.

So unless the provider is being taken over or otherwise "cooperative" there's no means for a sender to know where, when and how a message was retrieved unless the recipient wants the sender to know of it!
- Besides, even if you don't have an eMail provider like cock.li which natively supports @torproject / #Tor useage with an #OnionService, unless said provider explicitly prevents you from doing so, you can use not just Tor but also other techniques to make it extremely hard (not necessarily impossible, but at least unfeasible at scale!) to get tracked down.
- In fact, you could even use #Sneakernet - Style distribution through "#MeatProxies" and #DeadDrops (aka. #dr0p) to further twart tracing attempts.

Or to put it simple:

You can ring up someone and thus circumstantially verify the chain of #PhoneNumber -> #IMSI -> #ICCID -> #SIM -> #IMEI -> Device -> Location -> Owner quite quickly.
- Whereas you can't positively verify whether an eMail address and/or #XMPP+#OMEMO account belongs to me unless I want you to know that it does!

So either way a phone number is just a horrible means of doing that.

And don't even get me started on the fact that legally speaking noone truly owns their number.
- Because even if you got some spechal case number (like UPT was) you still depend on neither regulators nor telcos to not block or otherwise interfere with it. Which is in contrast to say an OnionService which can only be shutdown effectively by sabotage aka. (more or less figurately) "unplugging" it.

I mean, it's not as if I didn't gave @signalapp a fair chance.

I wanted #Signal to be good - honestly...
- But I'm old enough that things rarely are that simple as #TechPopulism & #Propaganda claim it to be.
- Just like 5th grade #SexEd is not a substitute for Endocrinology, Gynecology and Andrology and actually licensed, medical professionals.

So any #Messenger service that requires a #Phone Number for signup and/or useage is truly not a real replacement and inherently makes PROVEN WRONG assumptions [i.e. that it is legal and possible to obtain a phone number anonymously at someone's juristiction] about it's customers' ability to shield their privacy…

Cuz all the "#Metadata" claims of Signal are complete #MarketingLies by virtue of them storing a Phone Number and not just being (as per admission by @Mer__edith) 'hard locked-in' with #aws but also subject to #CloudAct.
They certainly are not deploying real #E2EE cuz you neither get #SelfCustody nor #SelfHosting and have to blindly trust them (aka. "#TrustMeBro!") that what they release as #SourceCode is actually what they deploy.
- It's like all those "#VPN" shillings which one cannot verify to be true or false!

THIS is why I am going fucking ballistic on #TechPopulism aiming at #TechIlliterates because it's spreading a "false sense of #security" whilst completely disregarding absolute fundamentals when it comes to the underlying systems.

And I don't mean shit like #Govware of the #SS7 kind, but absolute basics in #ITsec, #InfoSec, #OpSec & #ComSec that every @cryptoparty / @cryptoparty / #CryptoParty worth it's name touches on.
- Signal can't and won't save peoples' asses and the sooner we realize that "complex problems are hard to fix" the less we waste Resources on #HoneyPots that stench like #CrytpoAG & #ANØM!

ProtonMail Sends User IP and Device Info to Swiss Authorities.

YouTube

Show thread

Kevin Karhan

Mar 7

@Em0nM4stodon and that's why noone should use #ProtonMail and their shitty #PGP setup!

Only #SelfCustody and communicating solely over #Tor can help.
- But @[email protected] fucked up their #OnionService, so I'll stay with @monocles which at least #DontBlockTor and allow anonymous Payment options (#CashByMail & #Monero)…

Is Proton Mail Really Private, Secure, and Anonymous?

In this video I tackle the topic of whether or not Proton mail is Really Private, Secure, and AnonymousPrivacy Watchdogs article about Proton mail being a ho...

YouTube

Show thread

Kevin Karhan

Mar 6

@gilde @nyansen @nocci @torproject das liegt an den Betreibern, nicht an #Tor!

Jene seiten.einfach konsequent mit Nicht-Traffc bestrafen und/oder die Betreiber solange nerven.bis.die.nen #OnionService anbieten!

Kevin Karhan

Mar 6

Interessanterweise hat @bnd auf deren "Kontaktseite" keinen Pubkey oder eMail-Adresse gelistet.

Andere "Partnerdienste" kriegen es hin mindestens nen #OnionService auf @torproject / #Tor aufzusetzen oder gleich nen @securedrop - Setup zum hosten.
- Leute, das geht besser… Gerade bei #NatSec!

#plzfix #InfoSec #OpSec #ComSec #ITsec #BND

Informationen mit uns teilen | BND

BND

Show thread

Kevin Karhan

Mar 6

@poppyhaze Personally, I'll just give #Ofcom the finger as their bullshit.violates #GDPR & #BDSG so hard that I'd rather migrate anything to @torproject as #OnionService than comply with such #Cyberfascism as a matter of principle…

Still, I do approve of any subversions and hacks of such systems regardless!

Show thread

Kevin Karhan

Feb 21

@mullvadnet The #UK is a #cyberfascist hellscape and the only working mitigation at this point is to basically help affected users with the option of #SSHtunneling and #customBridges to circumvent #cyberfascism the same way people circumvent it in #Russia and "P.R." #China!

At least unlike #Proton you actually have a good & working #OnionService so people don't have to expose themselves on the #ClearWeb but can just use @torproject /#TorBrowser to buy a #VPN from you.
- Not that I endorse you or any #VPNs but I've to at least say when someone does something good and accepts #Monero and uses #Tor in a "#BonaFide" way...