[liberationtech] Use GNU social or similar as static-IP Twitter-proxy (was: when you are using Tor, Twitter will blocked your acc)
2014-06-08 23:58 skrev Jacob Appelbaum: I've had my twiter account locked half a dozen times (web client, using Tails) in the last few weeks. It seems to be some new security heuristic where one is still able to login to change the password but the account is locked from generating new public (or DM) events. It is a super annoying security feature to say the least. It's easily solved by simply not connecting to their service by first-hand. Use a proxy or something similar and this problem will go away. Personally I was using a GNU social instance as sort of a Twitter proxy (posting, importing, replying) until I felt it was time to delete the Twitter account entirely. Besides GNU social (previously StatusNet, it was running in identi.ca) there's a couple of other alternatives, one of which is Friendica. These software - besides being fully libre and open source - are actually full-blown federating social networks which easily replace many features from the proprietary networks. But maybe, as the argument usually goes must be where everyone else are, these free social softwares might act best as a simple static-IP-proxy for tweeting. Benefits are: 1) Not tracked as easily using IP-based methods. 2) If using tracking countermeasures, not banned as often. ;) 3) You can decide yourself to set it up as, say, a Tor hidden service. Considering how I believe very few on this list actually trust Twitter (nowadays at least), I figured it would be good to introduce the mentioned non-replacing alternatives. -- Mikael Nordfeldth https://blog.mmn-o.se/ XMPP/mail: m...@hethane.se -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Amazing New Privacy Product for Webcams
2014-03-02 20:39 skrev Tony Arcieri: And the same thing could more or less be accomplished with less than $0.10 worth of black tape? Maybe one should purchase their sticker (even though it uses a proprietary adhesive) and perform some electromagnetic spectrum analysis with a flashlight or something to study the product's translucency. Penetration testing of security hardware has never been cheaper. -- Mikael Nordfeldth http://blog.mmn-o.se/ XMPP/mail: m...@hethane.se -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] New secure XMPP server
2013-12-29 22:04 skrev Anthony Papillion: I'm definitely open to supporting XEP-0198. I'm not sure there's a plugin for the server I'm using (OpenFire) that supports it though. I'll look around. I thought OpenFire had problems with chained certificates[1], such as the ones I'm using with intermediate CAcert class3 cert. This causes my server's TLS connections to an OpenFire server to be regarded as insecure and (since there's no bidirectional server link support in OpenFire) the replying server connection is made in cleartext. My XMPP server's using Prosody[2]. That's so far the best XMPP server software I've found, especially if the goal - as with your setup - is to be secure. (best feature imho is server-specific verify-by-certificate-hash support the in latest versions, for servers with trusted admins but untrusted CAs or self-signed certs) Prosody also defaults to sane, recommended encryption settings, have insecure SSL versions, prefer TLSv1.2 etc. (except that there are problems with GNU/Linux distributions like Ubuntu where Canonical etc. disable TLSv1.2 in their system libs). As long as the chained certificates bug is still present, I would recommend scouting around for other serverside solutions than OpenFire. And it's dead-simple to configure Prosody, you essentially just need your certificates, vhost name and possible conference server setup. Not sure about any migration solutions with OpenFire-foo, though, but there's migration script for ejabberd-Prosody at least. So look around :) [1] http://issues.igniterealtime.org/browse/OF-405 [2] https://prosody.im/ -- Mikael Nordfeldth http://blog.mmn-o.se/ XMPP/mail: m...@hethane.se -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Passlok's broken security model
On tor 15 aug 2013 00:07:22, Francisco Ruiz r...@iit.edu wrote: I guess not, but I'm only using site44 for the time being because it's free. I'm also changing the code with some frequency. In a more final installation, I'll have my own server. Perhaps you can recommend a shared https server that can be trusted? Not that https can be trusted just because it's https, but I guess you could just use public source repositories. Then you have several kinds of verification possible; https on multiple sites (obscures mitm attacks), hash (compare between two separate https servers), crypto-signature (embed an openpgp public key in the repo). Public repository sites I use and recommend: https://gitorious.org https://github.com personal git repo -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] ENGAGE Open data community
2013-07-24 22:14, Michael Rogers skrev: On 23/07/13 19:33, Mikael MMN-o Nordfeldth wrote: PSI is Public Sector Information. It's the common term in European politics on the subject of open data within the public sector. [...] Oddly enough, it's a quite popular thing within the European Union, despite its other attempts to destroy free flow of information. Perhaps that's not so odd if we consider who's in a position to make effective use of a giant blob of machine-readable data. Is it (a) the average citizen, or (b) the consulting company set up by the former public servant who collected that data? I'm hoping it's (c) the data mining journalist with some programming skill or at least knows some hackers :) -- Mikael Nordfeldth http://blog.mmn-o.se/ Xmpp/mail: m...@hethane.se -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Secure and Cheap Provider in Sweden or Iceland?
2013-06-13 20:51, Lorenzo Franceschi Bicchierai skrev: In lieu of the recent NSA leaks, I'm going to transfer my website to a new provider in either Sweden or Iceland (because well, you never know). Griffin Boyce suggested I use moln.is http://moln.is, do you guys have any other suggestion? Any other kind of advice? Hi, another choice is to find someone in Sweden willing to be your proxy to send an encased Raspberry Pi with installed SD card and power cable/adapter to FS Data, as they offer free (gratis) hosting with 1 Mb/s full duplex: Info [Swedish]: https://fsdata.se/server/raspberry-pi-colocation/ Requirements: Only 1 per Swedish citizen. Case max size: 10x3x7 cm You get: 1 routable, PTR:able IP (not IPv6 yet) and 100GB/month. Even if they would quit this gratis service after a couple of months (remember to keep backups ;)), it'd be worth the small cost of purchase and shipping. Their official response on the company blog is however that they're not going to end the gratis service in the foreseeable future. I've no idea whether FS Data are devoted to good privacy policies or anything. But then again, I don't think those things mean a whole lot when dealing with third-party hosting anyway. Any profit-driven company offering a service like this will either: 1) let the police take your computer when they come with a warrant. 2) be raided by the police so they get whichever computer they want. (even Bahnhof, who many will probably recommend as they have managed to pull several PR stunts on privacy and integrity, are fully commercial and won't stand up against the police if they have a warrant) Another choice is just to move here. Thanks to our relatively high taxes, we've got good healthcare and social security. You're very welcome (and we currently are in need of some more people fighting for a free internet, but no real panic just as of yet). -- Mikael Nordfeldth http://blog.mmn-o.se/ XMPP/mail: m...@hethane.se -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech