I_Byte's comments

This is what I use! I recommend it.

You may be able to find an extension for your browser of choice to do just that! I have one for Firefox but I’m on mobile right now and can’t find it. I can send it later if you’d like. But they do exist!

Veracrypt 1.18 was audited in 2016 by the Open Source Technology Improvement Fund [0]. It is incredibly unlikely that a random NSA backdoor is sitting around on a high profile open source project like Veracrypt. If you are still skeptical you are free to take a look at all of the source yourself [1].

[0] - https://ostif.org/the-veracrypt-audit-results/

[1] - https://github.com/veracrypt/VeraCrypt

The GitHub link you posted appears to 404.

This article, while not specifically about the euphemism, details it's origin and use among pilots.

https://captain-al-speaking.com/2018/12/06/flying-west/

Let us say that there is nothing beyond death, does that really mean that life is ultimately pointless? I'd argue that the idea that there is nothing beyond death is what makes life all the more meaningful. We are only going to get one shot at all of this, we better make it count.

From this I derive the motivation to work hard at what I do and ultimately try to contribute to the problems we face as a species before I pass. It also makes me appreciate the raw human connection that we can all experience: love, passion, friendship.

I may not be the one to light the altar of discovery that allows us to say, cure cancer or become a spacefaring species, but I will proudly carry the torch and pass it on.

I feel this. As a first year Computer Science student at university I am currently torn between staying as CS or switching to Computer Engineering. I am really interested in the low level aspects of computers from a software perspective (OS development, assembly, compilers) but I feel my education in my area of interest won’t be complete if I don’t also understand things from a hardware perspective.

With the old v2 hidden services (16 character long onion addresses) it was possible to recover the onion addresses of any service running on the Tor network while the v2 hidden service was running.

However, that issue was only present in v2 hidden services. v2 has been depreciated in favor of the new v3 hidden service protocol (56 character long onion addresses) which is not vulnerable to this issue. This new protocol contains a full ed2559 elliptic curve public key in the onion address. The key in the onion address is used to derive what are called "blind keys". These "blinded keys" are then announced to the Tor network in such a way that nobody can recover the original public key without prior knowledge of the it, leaving them unable to establish a connection with the hidden service.

I have only briefly elaborated on how v3 hidden services work. If you are interested in a more in depth and technical explanation I encourage you to read:

[0] - https://gitweb.torproject.org/torspec.git/tree/rend-spec-v3.... [1] - https://gitlab.torproject.org/legacy/trac/-/wikis/doc/NextGe...

This is incorrect. A Tor hidden service is fundamentally different from port forwarding. If you don't have the hidden services onion address (v3 address) then you physically cannot make a connection to the hidden service. This is because the onion address is the hidden services public key.

You can scan the entire internet for open ports, you can't scan the Tor network for hidden services to connect to unless you already have the hidden services onion addresses.

This is completely incorrect. It is physically impossible to make a connection to a hidden service without the hidden services onion address (I am talking about the current v3 onion addresses, the ones that are 56 characters long). This is thanks to the fact that the onion address itself is the hidden services public key.

If you keep your onion address private then nobody can connect to your hidden service or even know that it exists. Simple as that.

I think I cleared up what was left unmentioned here https://news.ycombinator.com/item?id=30620496

I like your initial explanation sp332, I thought it was good so I elaborated on it.

I think I may be able to help sort out the confusing bits. I know a lot about Tor so if you have any further questions feel free to ask. Sp332's comment is a good explanation so I will simply expand upon it. Also, if I misunderstood your question let me know.

Tor works by ensuring that there is three Tor relays between the Tor client (the software that connects to the Tor network) and the destination the Tor client is connecting to.

However, what happens when you want to establish a connection between two hosts who are both using Tor through the Tor network? Well, in that case both Tor programs establish a path through three Tor relays and link the last Tor relays in each of their separate chains together (if you are interested in learning about how each Tor program knows the others end point look up "Tor hidden service directory"). Now with both ends of their Tor relay chains linked, both hosts can communicate with each other securely and anonymously over the Tor network. (For example: you are using Tor browser to connect to a hidden service. Both Tor browser and the hidden service make a chain of three Tor relays each and connect the chains together through the last node of each chain. The Tor browser only knows the relays that it uses for its chain + the end of the hidden services chain. The hidden service only knows the relays in its chain + the last relay in your chain. Thus keeping you both anonymous.)

I hope this helps!

Thank you for sharing this story! I really enjoyed it!

The depreciation of v2 addresses is the best course of action in this case. v2 addresses consist of the first 80 bits of the SHA-1 hash of the hidden services 1024 bit public RSA key. This sentence alone is enough to make any cryptographer cringe, it is really bad! (SHA-1 has been shown to be broken and it is suspected that 1024 bit RSA can be cracked by any determined well funded state actor)

Also, Tor Project has had v2 address depreciation on it's roadmap for 2 years now, they have given hidden service operators plenty of time to prime their community for the v2 --> v3 switch. This gradual change is way better than scrambling to depreciate v2 addresses in response to some state actor publicly breaking the RSA keys of v2 hidden services.

> I thought I owned my tor domain

You may now, but if v2 is kept around soon you won't be the only one with the domains private key.

From my point of view the store model simply is more convenient for consumers and worth the extra price. I know that I stopped pirating games, music and movies when I started using Steam, Spotify and Netflix.

I think that the Twitter thread is less about bias from datasets used to train ML apps and is more in reference to the application of biased ML apps that are supposed to identify criminals (which have been historically bad at identifying non-white individuals apart from each other).

I feel as though the general message that the tweet threads author is trying to convey isn’t very clear. I wish they would clarify what they mean.

Archived in case it is deleted.

https://web.archive.org/web/20210829234321/https://community...

Try using https://deepl.com. I usually get better results than google translate with this site.

What was this board originally dedicated to?

The status code of the imagination.