WingNews logo WingNews GitHub [2]

spaceboy's comments

spaceboy | 9 years ago | on: StrongSwan – IPsec VPN for Linux, Android, FreeBSD, Mac OS X, Windows

> A bit over a week spent trying to make it work, and it never did

I feel your pain. I remember trying to install DNSCrypt[1] on Linux and failing miserably. I was convinced it would work if only I found the right solution online, or if only the right amount of caffeine was in my bloodstream, or if by sheer effort of will I could get it working, but I still failed. I partially got it installed, error messages galore in my terminal, and all my /paths/ were wrong. It was a humbling experience. I quickly uninstalled it as I don't want partially working, broken soft running on my machine.

I guess for this situation a decent OpenVPN client would be ideal like Viscosity[2]

[1] https://www.dnscrypt.org/

[2] https://www.sparklabs.com/viscosity/

spaceboy | 9 years ago | on: Websites can now fingerprint a device when multiple browser instances are used

> I wonder if we can come up with a widely adopt(able|ed) fingerprint that we can mask ourselves with, do any of these identifying bits actually make the web more usable for us?

https://anonymous-proxy-servers.net/en/jondofox.html

JonDofox with JS turned off and uBlock origin installed. There's actually a small pool of users with this config but it needs to be bigger. As you said, as soon as we get consensus on what config to use, we can all switch to it en-masse.

spaceboy | 9 years ago | on: Elon Musk: Humans must merge with machines or become irrelevant in AI age

Can't help but bring up the notion of envy these people (technocrats specifically) have for the biological miracle that is the human body. They can simulate the human brain all they want, but they'll never match it, as it's orders of magnitude more complex than any supercomputer they can dream of. And it has free will, which AI does not. AI is impotent at making free decisions because it's deliberately constrained by the programmers to think rigidly and inside their own custom black box. There's no room to roam unless we get to Mars where we can unleash AI and watch it make free decisions, which I suspect Musk is trying to do...Turning planets into giant labs where AI can be less constrained.

spaceboy | 9 years ago | on: Man jailed 16 months, and counting, for refusing to decrypt hard drives

Windows doesn't wipe the memory properly though, and the default browser (MS Edge for Win10, and plain old IE for older versions), are awful default browsers, forensically speaking.

I'll leave this link here for those who use Tails and need to wipe files and other data, either there and then, or after the fact of deletion (clearing files from free space):

https://tails.boum.org/doc/encryption_and_privacy/secure_del...

spaceboy | 9 years ago | on: Man jailed 16 months, and counting, for refusing to decrypt hard drives

There's nothing about TailsOS that could arouse suspicion if there's nothing persistent on it that could arouse suspicion, or draw more attention to you. TailsOS is strictly a utility like a wrench or a screwdriver. Providing you exit TailsOS properly and watch the screen as it's wiping the memory to ensure it has infact wiped. TailsOS can prove to be an innocuous O.S after you unload it from memory. They might ask questions, but they have nothing on you.

Bringing a Windows OS is stupid as Windows doesn't clean up properly after shutting down and leaves a forensic footprint which is difficult to cleanup unless you use something like Bleachbit[1] or CCleaner after using Windows. You typically want to offload cleaning up to the O.S level and avoid using such tools such as CCLeaner in the first place (Keep in mind, since this is Windows, there are issues with free space on the drive that leave deleted files remaining on the hard-disk, even after explicitly stating they should be deleted).

With TailsOS, In other words, you can browse freely and with peace of mind that you won't leave a forensic footprint behind, giving you an upper-hand over other passengers who have to self-censor their browsing for fear of scrutiny at a later date from border officers.

[1] https://www.bleachbit.org

[2] https://www.piriform.com/CCLEANER

spaceboy | 9 years ago | on: Man jailed 16 months, and counting, for refusing to decrypt hard drives

I thought the U.S had better key disclosure law[1] than other countries? Personally I would rather not self-incriminate myself by revealing a key, no matter how draconian and lengthy the sentencing was. Why, you ask? Well I consider all my own personal data likened to an extension of my own mind, and revealing a key is like slicing a thin part of my brain and attempting to pick its contents. Never a gentlemanly thing to do in any circumstance.

In terms of being stopped and searched when traveling, I just carry a TailsOS bootable live USB. My laptop doesn't have a hard-drive and boots entirely from my TailsOS USB stick. I did not enable any persistent storage and any bookmarks I need to remember, I simply remember them by rote, like in that movie The Book of Eli[2]. My threat model is such that I don't want anybody knowing my business when traveling. The intrusiveness should only go so far as one question, like "Business or Pleasure?" and that's all.

[1] https://en.wikipedia.org/wiki/Key_disclosure_law#United_Stat...

[2] https://en.wikipedia.org/wiki/The_Book_of_Eli

spaceboy | 9 years ago | on: Show HN: Rumuki, a prenup for sex tapes

Even though web beacons / trackers like Google Analytics are fairly harmless, I still wouldn't trust them in this app because they often sit close to the main app's code and can be MITM'd to do bad things like send back snippets of a recording, or metadata about a recording like the name of the video file. That is, of course if this app has such beacons. I haven't sat between the traffic of this app (ab)using Burp Suite or Fiddler[2] to give a proper opinion

[1] https://portswigger.net/burp/

[2] http://www.telerik.com/fiddler

spaceboy | 9 years ago | on: Raymond Smullyan has died

Apparently this scene from The Labyrinth is based on the heaven/hell logic puzzle he devised: https://www.youtube.com/watch?v=ReFhu8KYbmU

> Many of his logic problems are extensions of classic puzzles. Knights and Knaves involves knights (who always tell the truth) and knaves (who always lie). This is based on a story of two doors and two guards, one who lies and one who tells the truth. One door leads to heaven and one to hell, and the puzzle is to find out which door leads to heaven by asking one of the guards a question. One way to do this is to ask "Which door would the other guard say leads to hell?". This idea was famously used in the 1986 film Labyrinth.

According to: https://en.wikipedia.org/wiki/Raymond_Smullyan

spaceboy | 9 years ago | on: How to Setup a Secure VPN Server on Raspberry Pi or DigitalOcean

> Use a VPN and now you're only vulnerable to the VPS service and the NSA

You can always try 'chaining' VPNs together, or stacking them on top of each other so that if one of the VPS servers is compromised, a TLA gets nothing but encrypted traffic and can't see what you're doing. The only caveat here is the 'exit' VPS is always going to have to be unencrypted. This is why it's worth looking into offshore VPS providers in non-five-eyes countries. I'm not sure what countries these are. I haven't done the research.

Typically I achieve chaining by doing the following:

- Hardware VPN that I connect to as normal. Personally I use http://www.pivpn.io/

- Then I connect to another VPN on my host/hypervisor machine

- Then I fire up Virtualbox and run another VPN inside the VM

- The chain now has three hops, and the exit VPN is on a box that I control. I avoid Digital Ocean like the plague as it's a US company.

spaceboy | 9 years ago | on: Ask HN: How should Twitter win back Wall Street

They really need to make their promoted tweets cheaper. I attached a credit card with $100.00 to spend on ADs and Twitter burned through it in a week for a few paltry 'promoted tweets' that had very little engagement or views.
page 1
more