/g/ - Technology

install openbsd

[Make a Post]
[X]





Alternative internet thread Nanonymous No.3980 [D][U][F][S][L][A][C] >>3993 >>4018
File: f622d45271aa65faa175cdbffa6e9f4274fef20a158eff25de848430457cf64b.jpg (dl) (190.45 KiB)

Cease the "muh dystopia" faggotry. Let's fucking do something about it.
No bitching in this thread.
Let's share experiences and guides and try to actually work something out.
Here are some of my experiences.

= TOR =
I use tor all of the time.
It's like a shitty condom. Good enough for now, but I wouldn't want to rely on it. Setup is very simple (download tor, run it in the background, configure your browser to use localhost:9050 as the SOCKS proxy).

= Anonet =
I've tried Anonet today. It's some kind of a community based VPN and they even have their own DNS with their own TLDs. I couldn't get this to work. OpenVPN kept failing due to some kind of problem with one of their certificates. It's important to mention that I've tried it on a Fedora laptop I've had laying around. I may try it on my main OpenBSD machine later, and, if so, I'll update later.

= I2P and Freenet =
I will make absolutely no attempt to run any program written in Java, and neither should you. I'm a bit of a C fanatic, but other people have other choices and if a good program is written in C++ or Go or Rust or whatever, I'm fine with that. Java, however, is where I draw the fucking line. It's right up there with Microsoft's Dot Net framework.

= I2Pd =
I've tried I2Pd, an I2P client written in C++, on both OpenBSD and Void Linux, and had no luck on both of them. I've tried loading some I2P pages that I could find, but they all lead to some kind of index/home page bundled with I2Pd.

= Gopher =
I've gotten Gopher to work on an Arch machine a while ago (but you can probably get it to work anywhere). It's very minimal and tailored to be text only, which I like, but isn't very security/anonymity oriented. Sure, it may be text only but I'm sure that if it gets enough attention (((they))) will figure out a way to fuck things up. Yeah, you can use TOR on top of Gopher, but that seems to me like redundant suck-n'-fucking.

Currently I don't have much free time, but I plan on trying to develop some kind of an alternative network based on satellite dishes or antennas that people can build easily at home and built as a mesh network where encryption is mandatory. Maybe one day.

Nanonymous No.3981 [D]

>I will make absolutely no attempt to run any program written in Java, and neither should you.
Absolutely agree. Java is the ultimate shit PL. If anyone has any doubts about that try to find one single piece of software written in java that does not steal resources like a nigger. There is of course no such application because everything that uses Java is complete shit.

As of alternative network I believe it's better to focus on creating a software solution (another overlay network) instead. With any meshnet you need a lot of people to start using it at the same, at least in your area. Whereas for any software solution there is no such requirement. Also that net could use DC-nets instead of mix-nets to actually provide any anonymity


Nanonymous No.3983 [D]

> I've tried Anonet today. It's some kind of a community based VPN
sounds fucking stupid

>up. Yeah, you can use TOR on top of Gopher, but that seems to me like redundant suck-n'-fucking.
you mean gopher over Tor? no, that's not redundant...

>>I will make absolutely no attempt to run any program written in Java, and neither should you.
>Absolutely agree. Java is the ultimate shit PL. If anyone has any doubts about that try to find one single
same goes for C (almost all C code right now is inefficient as fuck despite not having any excuse) except you get RCEs.

Nanonymous No.3987 [D] >>3993

I think that the greatest chance we have is some sort of overlay network like Tor, but with a lesser focus on low-latency and a higher focus on anonymity and security. All these ideas suggesting that we setup our own mesh networks (which our governments will not allow) or create our own infrastructure are being unrealistic.
Tor provides a good compromise between performance and anonymity, but as you said it isn't enough.
What if we were to create an overlay network that provided no latency guarantees, and at every level of transport implemented obfuscation techniques?
If symmetric encryption is about mixing uncertainty (entropy), into data.. what other ways can we mix uncertainty into the behavior of a hypothetical networking protocol?
Is there a way to develop a protocol that is so uncertain (from an outside observer's point of view) that analysis of packet sizes, timing between packets, etc. is not useful for analysis?

Nanonymous No.3988 [D]

>analysis of packet sizes, timing between packets, etc. is not useful for analysis
<dc-nets
there are some practical issues with dc-nets but this is the only hope for anonymous network


Nanonymous No.3989 [D]

what about GNUnet?

Nanonymous No.3993 [D][U][F]
File: 45f2e22fbb22cbfb48c198ee02d153c58f99f63a654db9eaee8de6b8339e8c37.pdf (dl) (7.71 MiB)

>>3980
>>3987

So what exactly is wrong with TOR? Would those problems be solved if the network was stronger/more diverse (exit nodes not ALL run by NSA), or if it had many more users?

Nanonymous No.3995 [D][U][F] >>4063
File: 93fb59275cc4c54991f5863f51f620a8fc75f1ee59baf1b2210fd38bf64480b2.pdf (dl) (167.26 KiB)

>So what exactly is wrong with TOR?
<no overhead traffic
<no random delays
which makes quite easy to correlate incoming and outgoing packets from any node.
>Would those problems be solved if the network was stronger/more diverse (exit nodes not ALL run by NSA), or if it had many more users?
solved? not. much harder to deanonymize? yes.
it would also help if obfs-like protocol was used for all between-node connectivity so all the traffic to/from a node would be harder to be recognized as tor-related traffic. This would allow to run a tor ralay-node that would not be obvious tor-node for the ISP. Given some effort this would still allow to uncover all the nodes but that's still a lot of harder compared to the situation where all nodes are public. This would mean that one extra step is required for any tor traffic analysis. While uncovering a single node would probably be not that hard, given a lot of new nodes each requiring some effort to be uncovered a large scale ops would be required to even know which ip's run tor-nodes at all.

what would help a lot more is to add some random overhead here-and-there and/or have relay-nodes add some random delay before forwading the packet to the next hop.

Anyway I still favor dining-cryptographers as an anonymizing solution and so should any non-nigger do.

Another idea would be to run overlay network inside other overlay network but this sounds like a nigger idea so I don't recommend.

Nanonymous No.4002 [D] >>4003 >>4063

OP here. I agree that C today is shit tier thanks to (((GNU))), but it's the best we've got. I've started studying compiler theory with the intention of making my own programming language. It'll be some kind of a generalised, more portable assembly. But fuck me if it wouldn't take me a few more years, because I want to build on solid foundations, not work something out without knowing what the fuck I'm doing.

My problem with TOR is that the final node that makes the request for you knows your IP. Why can't Tox-like communication be implemented between the nodes? I don't care if it hurts the performance. Internet today is too fast anyway. It'll force people to build more lightweight sites (such as nanochan, invidious, libgen, etc).

Nanonymous No.4003 [D]

>>4002
>the final node that makes the request for you knows your IP
pretty sure exit nodes don't know the source IP
but exit nodes are cancer anyway, which is why you should use hidden services and https whenever possible. it's like wearing 4 condoms instead of 1 which is obviously better ;3

Nanonymous No.4004 [D]

>Why can't Tox-like communication be implemented between the nodes?
actually if all the routers and other networking hardware would have tor router installed you could have the whole internet using onion routing. Funny thing is that it would actually be faster than TOR: let's say that a connection between the user and hidden service requires 6 hops in TOR. Now since TOR relays do not sit in one room and are not connected with ethernet cables directly they need internet to send the traffic. Each clearnet connection usually requires 10-30 hops to reach the destination. So for a 6 hop TOR connection you actually end up with 60-180 clearnet hops. Sooo, having all the networking devices support onion-routing would reduce the number of hops by at least one order of magnitude.
Also if we could have the combination of onion routing and freenet each node could work as a cache/CDN for hidden services. Of course you don't want your direct peer to know what you're downloading so you cant request cached content directly from closest relay-node but you could have like 6 hops to hidden-service and 3 hops to p2p freenet-style cache/CDN for fetching images and stuff. Of course HS would crypto-sign the content pushed to cache so you would know that images you get from cache where not modified by some nigger.

Nanonymous No.4012 [D][U][F]
File: de71947ca255a8d9657cd1ec38242578adf19f4bace6cba69eae54cb02a1a2e7.jpg (dl) (260.94 KiB)

>= TOR =
>= Anonet =
>= I2P and Freenet =
>= I2Pd =
>= Gopher =
All of them are Internet-based.
Like, it is a legit way to protect your privacy, hiding behind strong crypto and use the public channels, but it's not immune to physical disconnection.
>develop some kind of an alternative network based on satellite dishes or antennas that people can build easily at home and built as a mesh network where encryption is mandatory.
There are a lot of solutions involving radio, and rather decent, like, you can get connected miles away, but it's still not immune to CIA niggers kicking your door in in case of severe banning of unauthorized radio signalling, so it's not really a way to hide from (((them))).

All in all, some custom crypto (like, in all seriousness, just channeling everything through TOR as if it was meant for it is not 100% secure), preferrably obfuscated, is probably the best way.

Nanonymous No.4017 [D]

i2p is obviously the best choice just buy some ram you fucktard

Nanonymous No.4018 [D] >>4020

>>3980
What is even the point of this if our hardware is all backdoored?
Figure out how to create hardware that can be shown to be bug free and secure to a high confidence level, and then create a programming language that makes writing provably correct programs trivial.
Once this is done, design a secure OS with necessary userspace programs, and then we can discuss securing the goddamn network.

Nanonymous No.4020 [D] >>4021

>>4018
>muh hardware backdoors
none of this bullshit stopped tarrant, earnest or breivik, and none of the people arrested for wrongthink were following opsec properly, they were caught using conventional methods. I don't think hardware backdoors are a big deal for various reasons, but let's not derail the thread.

Nanonymous No.4021 [D] >>4023

>>4020
You should at least briefly explain why you think hardware backdoors aren't a big deal.

Nanonymous No.4023 [D]

>>4021
They are a problem, but when they're used, there's the possibility they can be exposed. That's a big liability, especially if they're being saved as a "nuclear option".

Everytime something like that is used, there's the possibility evidence will be left in a log somewhere on the network. This will prevent such options being used unless the target is high value. In other words, are the glowniggers going to risk a multi-million dollar project that took years to implement on some 16 year old LARPing as a head chopper? Or would they only use that option when dealing with other state actors or multinational megacorporations?

It is more likely that they would try to social-engineer low hanging fruit into tripping themselves up by intentionally misleading them with bad information through FUD, such as those tards that actively go around recommending webbrowser releases from a decade ago. These have known exploits ready-to-go should anyone be spotted actually using one.

Nanonymous No.4024 [D] >>4025

This would be specific to things like CPU/SoC/enterprise hardware bugs. Consumer crap like cellphones/home routers/IoT are a different story, those are likely to have intentionally placed software bugs (made to look like incompetence) that can be actively exploited and used for certain targets as zero-day vulnerabilities. Since consumer hardware is always changing, this makes those vulnerabilities replenishable as new hardware is released. You specifically mentioned hardware, but firmware is likely where you'd actually see them, for the reasons mentioned above.

Nanonymous No.4025 [D]

>>4024
>cellphones/home routers/IoT
If you're doing opsec right, you will never let unencrypted sensitive data touch cellphones and routers, and you won't have any Niggernet of Chings trash anywhere, either.
You can trust the CPU somewhat, due to above mentioned reasons. Unless you have a credible and feasible plan to execute lots of government officials or something, that's when you should be even more careful.

Nanonymous No.4060 [D] >>4118

>In other words, are the glowniggers going to risk a multi-million dollar project that took years to implement on some 16 year old LARPing as a head chopper?
you might be right, yeah, you probably are. But as a counterpoint, the cover stories could be used. For example some 1337 0-day could be used in silkroad investigation and that 0day lead to (((the info))) which in turn lead to DPR. Also during investigation they found the (((other info))) which also leads to (((the info))). Later when making this all public they present (((other info))) as the original data instead of (((the info))) to cover the original source of intel.

Nanonymous No.4063 [D] >>4065 >>4135

I agree with nanons pointing out that none of this is the "alternative". They're layers of encryption and obscurity for the current existing Internet. As for the actual alternative, you have to shelf the "worldwide" part of the WWW. Community-funded underwater, industrial quality cables cannot possibly happen in the foreseeable future. The alternative isn't radio either, because of aforementioned radio frequency legal enforcement (ham radio guys are fucked more than internet people in terms of law). So there's the minimalist option - develop and get involved in meshnets around your local area. Routers are widely available and there are several protocols being worked on (i.e. B.A.T.M.A.N.), the hard part is getting enough people together. Obviously this is is limited to urban areas, even if you mix routers with some other signals that can travel between separated areas (for example, IR laser-based ones). How would information travel in/out of these gated circles? Either via actual Internet, somehow circumventing censorship, or you carry around chunks of encrypted data with you across borders like people used to smuggle books. The only semi-global approach to an alternative would be satellites - but they will 100% get fucked with.

>>3995
I think, for a project as big as Tor, it's not feasible (considering the funding) to try and mask traffic because it's an arms race they cannot win. But things like random delays would help a lot with anonymity.

>>4002
Starting over from scratch is basically dooming any bigger project to obscurity or eternal hobby status. I'm not sure why people don't at least try to port safety-critical things (like I2P daemons and the like) to something like Ada. Are there any language/compiler specific problems I'm missing?

Nanonymous No.4065 [D] >>4126

>>4063
Just run a torrent client in the background downloading a bunch of torrents (you'll need to add some http trackers, not the most common UDP ones) and set it to a lower QoS setting in the OS. If you don't want to overload the Tor network then just set a global limit of 100KB. That would make most timing correlation attacks near impossible.

Nanonymous No.4076 [D]

>has a complex about Java so doesnt use the most privacy enhancing framework of them all, Freenet


Nanonymous No.4118 [D]

>>4060
What you just described is "parallel construction". At least for the USA, the different glower orgs will have their own collection of tools. For example, CIA niggers and FBI will have access to tools that local/state LE won't. Local LE may use something like a Stingray device to illegally snoop around and then use parallel construction to explain how they found someone/something, or they could also just use a "confidential informant".
Stingray devices are known tech, so there's no risk in using it. However, the use of such a device can lead to arrest patterns that will indicate something is going on in the background that even parallel construction wont hide.

Nanonymous No.4126 [D]

>>4065
>That would make most timing correlation attacks near impossible.
if you just access TOR, then maybe it would work. Even if not impossible, timing will be obviously much much harder. Agree. If running HS tho, not so much.
Also it would be much more effective if everyone or at least many users would be doing so.

Nanonymous No.4135 [D] >>4136

>>4063
One way to connect isolated networks could be some sort of wifi enabled devices that are physically moved around on a regular schedule. The latency would be horrible, but it might be a way to send files from one location to another, by letting the devices sync at the isolated networks. Vehicles would probably be the host for such devices.

Nanonymous No.4136 [D] >>4188

>>4135
Already exist https://piratebox.cc/start problem is always the same, not enough people, not enough incentive to do so(at least for now), who is gonna set up the vehicles? Who is gonna organize them? How do you sync the networks in each city, in a global scale? Where do you take the money to do all of this? And even if you could do all of this what's the point if the moment the operation starts becoming big, the glowers are gonna notice and shut it down.

If we had a way to launch our own communication cubesats that would be better.

Nanonymous No.4141 [D] >>4143

the web was a mistake. here is my bullshit of the day. i want to know whether there's a point in rinsing/straining brown lentils before you cook them. every bag of them you buy, no matter what brand, says "wash and rinse" in the directions. but why the fuck? it's not in capital letters so it must not matter. Now to get a definitive answer, you should just be able to type in "an advanced search engine" like Google, "why wash lentils". Instead you get a bunch of retards discussing the issue with no points again and again and after 20 pages you forget what you were doing. Just look at this retarded bullshit:
http://vegweb.com/community/dine-n-dish/eeek-i-forgot-rinse-lentils
The topic is quickly hijacked with "you wash them so you can find the rocks". No you fucking don't. Washing them doesn't help you find the rocks. You just pick them out by hand. Fuck off. If you don't know the answer, don't answer.

Also, a typical problem with webshit here, the quotes are just included directly in the text, because they did some database migration or my browser configuration prevents me from seeing whatever bullshit is needed to see quote boxes. So it looks like two people posted the exact same thing. Another typical problem is they have a database migration, and any shit that should be escaped, such as "<" gets obfuscated and re-escaped wrong. Webmasters should never have been trusted with this. Forums should just be a dedicated application like Freenet Message System (but without webshit).

Any such issue like "why rinse lentils" should immediately link to a post written 20 years ago or whenever the web was made. If you look up a topic on the internet, such as a recipe or "how to" or any retardedly simple such bullshit, the post you get sure as fuck should have been written 20 years ago because the problem has been solved 2000 years ago. Instead, you get a brand new article filled with clickbait, Amazon affiliate links, and the worst possible non-explanation of the topic possible, from some fuckhead who has no authority on the subject who expects you to just trust this fuck.

Also it's impossible to use the web for any non-commercial purpose. Imagine if I wanted to review music or criticize devices used in pop music and put audio clips in the post. It would be taken down because MUH DMCA MUH PIRACY.

Nanonymous No.4143 [D]

>>4141
Are you okay, Nanon?

Nanonymous No.4144 [D] >>4146 >>4189

I can't strees enough that anything you look up should have been written 20 yeass ago. Imagine you want a chile recipe. Do you want the one from 600 years ago, or do you want the one written 5 minutes ago, which is the exact same thing but with some stupid cheese or flax added as an ingredient that doesn't even change the dish in any perceptable way, and the entire page filled with ads and monetization features? BTW anyone who complains about adblockers (not that I use one since I dont need one since I have JS disabled) is likely one of the faggots who authors such articles.

Nanonymous No.4146 [D][U][F] >>4147 >>4148
File: 2728f7c5c257a4888e7931cba6d8464c47d039535c52dfa265e76ae0a1d4e392.png (dl) (171.97 KiB)

>>4144
>thinking that disabling js means not seeing any ads ever

Nanonymous No.4147 [D][U][F] >>4148 >>4189
File: f8c0c0870f20cd604ba77d82de758a0fc2a940c9f8eb8fa0c06f8f10e1390bf0.jpg (dl) (89.78 KiB)

He >>4146 is right BTW.
You should use some 3rd party request blocker too, like RequestPolicy (or uMatrix, which does both JS and Web Requests blocking).
And you can use an actual adblocker for some locally (1st party) supplied stuff, if it is ever needed.

Nanonymous No.4148 [D][U][F] >>4149
File: eb6aeae5c9886c27df3f897429e640e69367bdd94bf70abe3de33bc98505a3ed.gif (dl) (50.78 KiB)

>>4146
No, I think (from 15 years of browsing), with JS disabled you hardly see any ads. The main problem with ads anyway isn't that they're there - it's that they do shit like popups and waste CPU/memory, which they almost never do without JS.

The amount of noise from a typical "best practices UX" website is already far worse than a small ad in the corner or the middle of the post. Pic related (made with broken gimp broken wm and broken laptop with no mouse and dont have time to recompile with png support or convert X to png)

>>4147
samefag, even if distinct people
no, you shouldn't use browser plugins. they have no advantage, increase attack surface, and make performance worse. the web should just be nuked. use links -g

Nanonymous No.4149 [D][U][F]
File: 18797d8738c793d37a240d29d970b8d1c42b34a24e118e4d2f1549d3f42884ba.jpg (dl) (328.83 KiB)

>>4148
It's not like I'm happy to use them, yaknow.
Overall, I think they do help.

Nanonymous No.4188 [D]

>>4136
Sats are not really feasible because of economic reasons. Not unless you find some really wealthy person to back it and that isn't likely.

That piratebox concept looks like a good start, but it seems too localized. The piratebox for endpoints makes sense, but without some sort of inter-node communication, they're just islands of isolated activity.

The most important organizational part should focus on education/information as opposed to telling individuals what to specifically do. If someone sees something they can do and care about the goals, they'll likely act on it. Creating good documentation is the key, many potential allies likely lack the know-how, but have the will. Creating task specific documentation modules: e.g. "Hardware construction/setup", "OS install/config", "Inter-node setup/operation", would provide those interested people, with a will, a way to move forward. Most people get burnt out because they're each individually trying to create an overarching solution.

The fist step is to identify endgoals/objectives. One thing that still seems a bit up-in-the-air, is whether this alt-net should be completely isolated (no re-use of existing Internet hardare/services) or if encrypted bridging/overlays are acceptable.

Nanonymous No.4189 [D]

>>4144
>>4147
He is right, although he should really start a new thread for "Why Web 2.0 sucks balls" because it deserves it's own.