Re: Recommended privacy VPNs
On Sun, Jan 02, 2022 at 02:07:42PM +, Steven Schear wrote: > With cryptohippie gone what do you recommend? what do you need it for? for circumventing geoblocking of copyrightmaffia content? then any is good. but you can also just configure your tor to use exit nodes in the given country. if you do not trust the network you are visiting, then even a raspi at home with wireguard is good for not leaking anything in the guest network. if you don't wanna wireguard at home raspi, then just rent a cheap vps and run your wireguard there. alternatively using tor is also an option as long as your threatmodel does not contain the FVEY or the ruskies or chinese. if neither of the above apply to you, then the https that is deployed everywhere should be enough and you don't really need a vpn. btw raspis are affected by the global chip pandemic and i suspect them going up in price. so hodl your raspis!
Re: Leaks: WhistleBlowerAid.org - Safe Whistleblowing Workshop Livestream
On Sat, Jul 31, 2021 at 08:12:33PM -0400, Karl Semich wrote: > On Thu, Jul 29, 2021, 7:00 AM grarpamp wrote: > > intelexit.org aids people in leaving national security and includes > whistleblowing wasn't intelexit an art project by the berlin peng! collective?
Re: Public crypto audit report: lurch/OMEMO
On Wed, Jul 07, 2021 at 08:48:46PM +, coderman wrote: > > ‐‐‐ Original Message ‐‐‐ > > On Wednesday, June 16th, 2021 at 11:16 PM, ROOT@HardenedVault > wrote: > > > Dear Cypherpunks, > > We're glad to kill off some 0days for open source crypto implementations. > > Here's public crypto audit report: lurch/OMEMO > > > > https://hardenedvault.net/files/lurch-audit.pdf > > > i'm sorry you have to work with pidgin! :P~ > > but seriously: XMPP is inherently flawed, even with OMEMO over it... omemo is also kinda flawed: https://conversations.im/omemo/audit.pdf but then even signal is: https://eprint.iacr.org/2021/626
Re: Assange's Prosecution
On Wed, Jul 07, 2021 at 01:34:26AM -0700, David Barrett wrote: > https://twitter.com/dbarrett/status/1412690988024307717?s=19 this sweden thing has been dropped long ago. why are you so misinformed is this on purpose? https://www.bbc.com/news/world-europe-50473792 this wiki should help you understand better and clear all your misconceptions: https://challengepower.info/tools_to_fight_a_disinformation_campaign
Re: List Status
On Thu, May 27, 2021 at 05:16:59AM -0400, grarpamp wrote: > I'm not receiving messages from the > listserv to gmail. People post them since google checks sfp, and mailinglists violate that. hence any mail from an address with sfp will be dropped by google and the other feudal overlords. > they appear in archives, but after that > the listserv to gmail function appears broken. > I don't think any of the 'List Status' thread, > made it to my gmail box. Same for a bunch > more posts that I now discovered in the archives. > > However, unsubscribe and subscribe works, > so that part of the queue/delivery is still ok, > even those those management messages > all got spamfoldered by gmail. There are no > user defined filters here. > > I don't know if anyone is seeing my messages > to the list. > > I would generally check the listservs outbound > mail queues for excess spooling to gmail, and > specifically verify that some of the message-ids > got 'accepted' by gmail service from cpunks, > such as... > > 1105930251.4796.1621985406...@wamui-dingo.atl.sa.earthlink.net > 732012978.354083.1622093972...@mail.yahoo.com > ---end quoted text---
Re: Oblivious DNS-over-HTTPS
On Thu, Dec 10, 2020 at 02:17:36AM +, coderman wrote: > https://www.schneier.com/blog/archives/2020/12/oblivious-dns-over-https.html > > Oblivious DNS-over-HTTPS > > This[new > protocol](https://techcrunch.com/2020/12/08/cloudflare-and-apple-design-a-new-privacy-friendly-internet-protocol/), > called Oblivious DNS-over-HTTPS (ODoH), hides the websites you visit from > your ISP. > > > Here’s how it works: ODoH wraps a layer of encryption around the DNS query > > and passes it through a proxy server, which acts as a go-between the > > internet user and the website they want to visit. Because the DNS query is > > encrypted, the proxy can’t see what’s inside, but acts as a shield to > > prevent the DNS resolver from seeing who sent the query to begin with. > > IETF[memo](https://tools.ietf.org/html/draft-pauly-dprive-oblivious-doh-02). > > The[paper](https://arxiv.org/pdf/2011.10121.pdf): > > > Abstract:The Domain Name System (DNS) is the foundation of a human-usable > > Internet, responding to client queries for host-names with corresponding IP > > addresses and records. Traditional DNS is also unencrypted, and leaks user > > information to network operators. Recent efforts to secure DNS using DNS > > over TLS (DoT) and DNS over HTTPS (DoH) havebeen gaining traction, > > ostensibly protecting traffic and hiding content from on-lookers. However, > > one of the criticisms ofDoT and DoH is brought to bear by the small number > > of large-scale deployments (e.g., Comcast, Google, Cloudflare): DNS > > resolvers can associate query contents with client identities in the form > > of IP addresses. Oblivious DNS over HTTPS (ODoH) safeguards against this > > problem. In this paper we ask what it would take to make ODoH practical? We > > describe ODoH, a practical DNS protocol aimed at resolving this issue by > > both protecting the client’s content and identity. We implement and deploy > > the protocol, and perform measurements to show that ODoH has comparable > > performance to protocols like DoH and DoT which are gaining widespread > > adoption,while improving client privacy, making ODoH a practical privacy > > enhancing replacement for the usage of DNS. ---end quoted text--- i heard it requires to attach a pubkey to the request which cloudflare uses to encrypt to the response. 1/ pubkey crypto expensive 2/ cloudflare can still track you based on your pubkey it's the usual creepy cloudflare shit. fuck cloudflare!
Re: binary to 5-letter words encoder/decoder
On Sat, Oct 17, 2020 at 10:39:43PM +0200, Stefan Claas wrote: > Hi all, > > I recently finished the English word list for my encoder/decoder and thought > I would share the program with you. i see that list contains the words young and youth. you really want to avoid words in that list that have a close phonetic similarity in case these words are read out over an audio communication channel. there is such word lists already available, you don't have to reinvent the wheel. pgpwords is decades old and does exactly so.
Re: Self-Sovereign ID Tech
On Tue, Jan 07, 2020 at 01:48:38PM +, stef wrote: > On Tue, Jan 07, 2020 at 12:25:01AM -0500, grarpamp wrote: > > https://www.computerworld.com/article/3512108/frustration-over-growing-privacy-and-security-failures-advancing-self-sovereign-identities.html > > https://github.com/WebOfTrustInfo/rwot5-boston/blob/master/topics-and-advance-readings/self-sovereign-identity-primer.md > > > > There is a growing movement among fintech companies, banks, healthcare > > services, universities and others toward disintermediating the control > > of online user identities in favor of supporting end-user controlled > > decentralized digital wallets based on P2P blockchain. Self-sovereign > > identity (SSI) is a term used to describe the digital movement that > > recognizes an individual should own and control their identity without > > intervening administrative authorities. The wallets would carry > > encryption keys provided by third parties and could be used to > > digitally sign transactions or provide access to verifying > > information, everything from bank-issued credit lines to diplomas -- > > all of which are controlled by the user through public key > > infrastructure (PKI). The blockchain ledger and PKI technology is > > hidden behind user-friendly mobile applications. Currently, there are > > more proof-of-concept projects than production systems involving a > > small number of organizations. The pilots, being trialed in > > government, financial services, insurance, healthcare, energy and > > manufacturing, don't yet amount to an entire ecosystem, but they will > > grow over the next few years, according to Gartner. > > you guys should have a look at IRMA at https://privacybydesign.foundation/en/ > > it works in a totally decentralized way (except for the keyshare server, which > is a brilliant piece in itself) without any of that blockchain bullshit. there > is code, apps for phones, and if you are dutch you even have attributes by the > dutch gov like residence, birth and nationality as such, work is now done to > expand into the healthcare sector. btw the protocol comes from Camenisch and Lysyanskaya.
Re: Self-Sovereign ID Tech
On Tue, Jan 07, 2020 at 12:25:01AM -0500, grarpamp wrote: > https://www.computerworld.com/article/3512108/frustration-over-growing-privacy-and-security-failures-advancing-self-sovereign-identities.html > https://github.com/WebOfTrustInfo/rwot5-boston/blob/master/topics-and-advance-readings/self-sovereign-identity-primer.md > > There is a growing movement among fintech companies, banks, healthcare > services, universities and others toward disintermediating the control > of online user identities in favor of supporting end-user controlled > decentralized digital wallets based on P2P blockchain. Self-sovereign > identity (SSI) is a term used to describe the digital movement that > recognizes an individual should own and control their identity without > intervening administrative authorities. The wallets would carry > encryption keys provided by third parties and could be used to > digitally sign transactions or provide access to verifying > information, everything from bank-issued credit lines to diplomas -- > all of which are controlled by the user through public key > infrastructure (PKI). The blockchain ledger and PKI technology is > hidden behind user-friendly mobile applications. Currently, there are > more proof-of-concept projects than production systems involving a > small number of organizations. The pilots, being trialed in > government, financial services, insurance, healthcare, energy and > manufacturing, don't yet amount to an entire ecosystem, but they will > grow over the next few years, according to Gartner. you guys should have a look at IRMA at https://privacybydesign.foundation/en/ it works in a totally decentralized way (except for the keyshare server, which is a brilliant piece in itself) without any of that blockchain bullshit. there is code, apps for phones, and if you are dutch you even have attributes by the dutch gov like residence, birth and nationality as such, work is now done to expand into the healthcare sector.
Re: Hungary: new NGO law passed
let me call bullshit on this. (look at my email tld, besides that i'm also affected by this whole thin in many other sad ways) On Mon, Jun 19, 2017 at 12:05:49AM +1000, Zenaan Harkness wrote: > On Sat, Jun 17, 2017 at 08:56:46PM +0200, János Sugár wrote: > > The Hungarian Parliament passed a new law on non-governmental > > organizations today, which is widely thought to attack civil > > society in Hungary and has been criticized by the European > > Commission. The Hungarian Civil Liberties Union (TASZ) said it will > > apply civil disobedience. > > Your plug does not mention the rather public (but only for those > following the Hungarian debate) stoush between Orban and > George Soros. there is no such "stoush" it's a made up campaign to distract from the corruption and political incompetence of the hungarian government. by targeting exactly those who fight the corruption and criminal actions of the current government. it's transparency intl, corruption investigative journos, and human rights laywers that are the target of this campaign. mostly orgs that were hailed by the current government when they were not in power. let's also not forget that orban himself was financed by soros in the late 80ies, and some of his cronies were even attending central european university in the 2000nds. it's like in 1984 where eurasia is suddenly an enemy, it just changes with the current interests of the governing cabal. its governing by distracting with made up enemies and scandals to distract from everything else, cheap but effective political sleight-of-hand. lets also not forget that orban lost his support in the eu, and looked for other allies, russia immediately saw an opportunity and made hungary the bridgehead of russian interests (much like the UK is for US interests), there was even a campaign to get as many people hungarian nationality (which was seemingly abused by many ex-soviet country citizens) providing natural access to schengen - a super nice gift for spies in the eu. > George Soros is widely thought to attack civil society where did you get this from? that is totally not true, he is being blamed for financing some of the ngos that are fighting against the cronyism and corruption of the current government. > We in the West are well trained in "shouting down" any action which > "does not match Western values" which we are well indoctrinated in this is not so much about the values, but the antitheses of these values, like cronyism, corruption, and destroying the possibility to be represented either in media, in governance or in the public in general if you are not aligned with the regime running the country. > - the ultimate sanctity of NGO's that have no transparency about > their funding, nor their intentions, and notwithstanding their > actions which may well be directly opposed to the interests of the > majority in a given country - bullshit, the ngos in question have and had totally public accounting. unlike the government which makes it as hard as possible to have a look at how our public money gets spent. this is the total reverse of the saying: "privacy=protection of weak from scrutiny by powerful. Transparency=exposure of powerful to scrutiny by weak." > e.g. the conservative "we don't want unlimited refugees from countries > where no real vetting can occur" again bullshit, the eu wants to spread the refugees over all countries, in this action it's less than 2000 refugees that should be hosted by hungary. also it would make much more sense to actually host the refugees by those countries who profit from the warmongering where the refugees come from, so the US and other military export countries should host these refugees. i went to a refugee camp and talked to those people, all of them were deserting wars they didnt want to fight, went to countries close (like turkey) but were exploited there as they were in a very vulnerable position, so they escaped to somewhere further, the eu. > [...] cut the rest of the trolling. pls do your pro-russian propaganda somewhere else.
Re: Adding [Cypherpunks] at the beginning of a subject by default
On Sat, Apr 29, 2017 at 01:41:46AM -0400, grarpamp wrote: > No, the real standard in use decades before the masses fucked up > the internet is to use a capable mailer and capable filters and conform > yourself to the awesome. If you're getting too much mail, turn it into not > much mail with neomutt, maildrop, msmtp, fetchmail, etc. Users can > also fuck around with Thunderbird or Mailpile. If you're using gmail > webinterface, good luck, it's garbage. people who don't understand the technology they are using, wth are they doing on a cypherpunks list anyway?
Re: Malicious, targeted, OS updates. How likely do you think it is?
On Wed, Jan 18, 2017 at 01:15:01PM -0600, Anthony Papillion wrote: > What are your thoughts? Am I crazy? Is this a 'well, we KNOW THAT > already' moment that I am just catching up on? i think you discovered the use-case for reproducible builds.
Re: GOST cryptography -- Russian Federation's crypto algorithms
On Sat, Oct 22, 2016 at 02:11:02PM +0300, Sergey Matveev wrote: > >Current standards are standards, not "western standards". > > There is no "world" or "common" standards. Standards are always related > to something. > > >And why should > >we use somehing like this: https://eprint.iacr.org/2016/071.pdf? > > What is the problem? S-box is not randomly chosen? Does it hurt this > blockcipher security? No. in fact according to the abstract of that paper: "However, the small 4-bit S-Boxes do not have very good cryptographic properties. In fact, one of them has a probability 1 differential. " is the abstract wrong?
Re: Permutations to scalars and back again.
On Mon, Sep 12, 2016 at 11:09:06AM +1000, James A. Donald wrote: > I need to be able to do two of the following three tasks. > > Generate a permutation of eighteen ones and eighteen zeros with equal > probability for each permutation. Or equivalently shuffle eighteen black > cards and eighteen red cards. > > Sequentially generate all possible permutations with each permutation > generated once and only once. > > Map between permutations and scalars, such that each permutation maps to > unique number, and the set of numbers that represents valid permutations is > dense. > > Could someone point me to the relevant literature, or literature for > converting between different representations of a permutation? > > Since there are only two classes of items being shuffled, this class of > permutations has a variety of special and convenient properties. https://stackoverflow.com/questions/1506078/fast-permutation-number-permutation-mapping-algorithms -- otr fp: https://www.ctrlc.hu/~stef/otr.txt
