Great stuff! Thanks especially for the Stem bug report. It was a great catch. :)
On 2/20/17, m.aj...@tuta.io <m.aj...@tuta.io> wrote: > Hello, Tor Talk and Privacy Enthusiasts! > > Here are some small updates about my hobbyist project "Teach and encourage > people to use Tor." > > 1. I emailed Damian Johnson, the Stem developer, about the wide character > handling bug, which makes Stem fail to authenticate when Tor executable's > path contains Chinese or Japanese characters. This bug has been fixed now. > > 2. The content in my GitHub repo [1] is written in a style that young people > in China, Japan and possibly other countries can easily accept. It might > appear strange to a different group of audience. > > [1] https://github.com/m-ajiao/Dr.-Tanaka-Says > > 3. My GitHub repo got views from Reddit, Facebook and komica.org image > board. Though no stars, it gains a little bit of popularity. > > 4. News: [2] On Feb. 16th, Chinese man arrested in Japan for illegally > uploading cartoon episodes (I guess via peer-to-peer software). Police > typically won't take action if the amount of uploaded data does not exceed a > certain threshold. Up to now, at least 4 Chinese people have been arrested > for torrenting without any protection, over a monitored network. Lesson > learned: when doing something controversial or semi-illegal, know your > threats. When you have a basic understanding of the threat model, you don't > unconsciously put yourself in danger. For example, though not necessarily > enough, that guy should at least use some basic protection such as VPN. > > [2] > https://www.reddit.com/r/Piracy/comments/5uvouh/the_3rd_time_chinese_fansubber_arrested_in_japan > > 5. Got spikes on traffic graph on Feb. 18th and 19th. Most of them are not > unique viewers. (People were reviewing what they read?) > > 6. Got questions from Reddit: "Why is it exclusively in Chinese? Readers may > need translation." "Why is it addressed specifically to fansubbers? You may > want to expand it to larger audience." "Since this is the theme, you can > write about the specific threats and defenses for fansubbers." > I am trying to add more content, both general to all and specific to > fansubs, and English translations are coming very soon. > > 7. I quickly searched the web and read through the comments general Chinese > netizens left under the discussions of the Feb. 16th news. I saw people > mention public key encryption and "multi-hop VPN": > >> "The person who uploads video should use the public key from the group >> members in China." > >> "Look at American fansubs. They use multi-hop VPNs." >> > "Wow that really looks like spies." > > Generally, I saw better comments, in contrast with last year's comments, > which I mentioned in my previous email. Comment writers demonstrated a basic > grasp of encryption concept and its importance. The most interesting comment > is: > >> "What exactly is the Onion software?" > > Well, it is Tor, The Onion Router, or TBB, the Tor Browser Bundle. Both its > name and its traffic are heavily censored in China, but I believe people in > Japan have easier access to Tor software and Tor network. > > 8. I am writing about why the proprietary and inactive Perfect Dark [3] is > not OK. It is obvious to us, but the audience is the general Chinese young > people. I am trying to encourage readers to switch to free libre open source > privacy software and well-studied, more reliable anonymity networks. I have > listed the reasons, both generally and specifically why Perfect Dark is not > safe. > > [3] https://en.wikipedia.org/wiki/Perfect_Dark_%28P2P%29 > > - It has not been updated for a year. > - It is closed source, proprietary software. You can hardly check if the > software behaves correctly. Note that even security experts can get a > headache auditing things by reverse engineering. > - "You are too weak." It is using weak crypto -- RSA-1024. Now HTTPS > certificates using RSA-1024 are being revoked! > - Japanese cyber agency claims to have software used to decipher the traffic > of Perfect Dark. They claimed they were able to get the metadata of the > files being shared. But limited research effort had been made to figure out > how the cyber agency did it. The links to the sources are dead. > > I could only think of these 4 reasons. Any other suggestions on the reasons? > > -- > tor-talk mailing list - tor-talk@lists.torproject.org > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk