Bloomberg: China's Mass Surveillance More Sophisticated Than Thought

[jim bell]

Bloomberg: China's Mass Surveillance More Sophisticated Than Thought.
https://www.bloomberg.com/news/articles/2019-05-01/alibaba-backed-face-scans-show-big-tech-ties-to-china-s-xinjiang

The solution to quantum computers cracking cryptography — Quartz

[jim bell]

https://qz.com/1605685/the-solution-to-quantum-computers-cracking-cryptography/

Re: Assange Court Rulings

[John Young]

Sorry, needs a PDF extension

https://cryptome.org/2019/05/assange-sentencing-2019-0501.pdf

At 03:54 PM 5/2/2019, you wrote:

The first of the URL's below returns with a 404 error.

   Jim Bell



On Thursday, May 2, 2019, 12:38:54 PM PDT, John Young 
 wrote:



R v Julian Assange (Bail Act offence)
Sentencing Remarks of HHJ Deborah Taylor
Southwark Crown Court
1 May 2019

https://cryptome.org/2019/05/assange-sentencing-2019-0501

Related:

https://cryptome.org/2019/05/sureties-julian-assange-08102012.pdf

https://cryptome.org/2019/05/assange-ruling-6-feb-2018.pdf

https://cryptome.org/2019/05/assange-ruling-2-13-feb-2018.pdf

Anti-Sybil (re: Explain... all the Nodes)

[grarpamp]

On 5/2/19, Herbert Karl Mathé  wrote:
> I strongly believe certain issues need be brought up into conscious, and
> into presence: into discussion, actually.
>
> Therefore appreciating this as it might fit too well into context
>
> Keeping things below surface, or trying so, has too often proven to be a
> very bad idea as these will come up sooner or later anyway, then with much
> higher magnitude. Even worse, trust is then destroyed.

As said before, the category of Anti Sybil Web of Trust Projects
needs considered, and could even cover such speculative subjects.

It's not about analysing the meta of one node or one operator,
even if a true positive hit, in general the yield is approximately
zero percent of any overlay network's nodes, it's about stepping
back and agnostically analysing them all.

Go investigate and collate all the possible meta informations...

Node location, payment, OS, ISP, uptimes, anon / nym / PGP / GovID,
workplace, politic, blogs, whatever else you can imagine,
including incorporating what's already in the consensus, contact,
MyFamily, nickname, both real world and virtual infos,
operator to operator p2p Web of Trust...

No node has to supply any infos.

Put it all in a db and give users tools to select node sets.

Some users might select State's, or State's workers or
even Statist's nodes, over say anon nodes, as maybe they
feel they have to play by some "rules" that anon nodes don't.
Others might reject operators that post stupid pics on Facebook.
Or all Ubuntu relays. Or nodes that engage in free speech
they don't like, some in Tor Project would love that selector, lol.

It doesn't matter, it's a meta project, with it you can accept or
reject on whatever whim you wish by node fingerprints in your client.

And if the Sybil WoT project ends up discovering some interesting
potential threats classes among the entire node set, you win.
Until then, you are potentially missing all of that, and are not
raising Sybil's costs of doing business by forcing them to
expend much resource into playing real world Web of Trust
against users who might select to use various positive-meta-ranking
and or WoT structures. Right now Sybil's cost is only a little hosting.

If not, you can still report bad exits and other actual technical
node and traffic mangling to tor-relays and or bad-relays,
at least until someone DHT's or otherwise distributes tor
away from the more centralized DA design.

Note that Tor's architecture does not protect much against
Global Passive Adversary of NSA style fiber Vampires,
that threat does not require Sybil nodes, nor do they
have to be Global or Govt, even Tier-N backbones can
tap, analyse, and do nefarious things like and with that,
including sell, give, and partner it all away.
Though they can and do run Sybil nodes to help inject,
manipulate, block, see, etc traffic, nodes, and clients.

On flip perspective, maybe you really don't want to develop
WoT's and such, simply because enabling creeping featureism
of it all can lead to exclusivity and control whereby valuable anon
diversity is selected away from and purged. That would be very bad.

Either way, other than the usual design, protocol, code, and "Lawfare"
exploit space, and the coming Quantum Compute adversary, Sybil and Vampire
are likely todays biggest remaining threats to overlay networks.

None of todays networks seem to be trying to do anything to stop
Sybil, and only a few networks put Vampire as any sort of priority [1].
While Vampire may perhaps be solved with some technical measures,
Sybil may require some sort sort of human based measures.


[1] Curiously, cryptocurrencies do employ Anti-Sybil in various
proofs of work (adversary cost raising), and can help defund Vampires.

Re: Happy World Password Day!!! :D

[Cecilia Tanaka]

On Thu, May 2, 2019, 16:32 jim bell  wrote:

>
> On Thursday, May 2, 2019, 7:42:03 AM PDT, Cecilia Tanaka <
> cecilia.tan...@gmail.com> wrote:
>
>
> >Oh, you know, "123456", "password", and "admin" are so old fashioned
> passwords...  ;)
>
> Don't worry, I'm safe!   I upgraded to "123456789" days ago!
>  
>

Hahahaha!!!  Thanks a lot for making me laugh, sweetie!  <3

Do you remember my "kryptonite" are charming InfoSec German guys?  Well, I
will kick the Tor Project Meetup with my both feet  (one at time, don't
worry about accidents!)  and will watch Malte Spitz talking and discussing
privacy with friends tonight, woohooo!!!  ;D

(But he is also a politician, aaargh!!!  Politicians are a disgrace to
humanity!  But hope he can teach me something interesting, at least!  :D)

>

Re: Assange Court Rulings

[jim bell]

 The first of the URL's below returns with a 404 error.
                       Jim Bell


On Thursday, May 2, 2019, 12:38:54 PM PDT, John Young  
wrote:  
 
 R v Julian Assange (Bail Act offence)
Sentencing Remarks of HHJ Deborah Taylor
Southwark Crown Court
1 May 2019

https://cryptome.org/2019/05/assange-sentencing-2019-0501

Related:

https://cryptome.org/2019/05/sureties-julian-assange-08102012.pdf

https://cryptome.org/2019/05/assange-ruling-6-feb-2018.pdf

https://cryptome.org/2019/05/assange-ruling-2-13-feb-2018.pdf



  

Assange Court Rulings

[John Young]

R v Julian Assange (Bail Act offence)
Sentencing Remarks of HHJ Deborah Taylor
Southwark Crown Court
1 May 2019

https://cryptome.org/2019/05/assange-sentencing-2019-0501

Related:

https://cryptome.org/2019/05/sureties-julian-assange-08102012.pdf

https://cryptome.org/2019/05/assange-ruling-6-feb-2018.pdf

https://cryptome.org/2019/05/assange-ruling-2-13-feb-2018.pdf

Re: Happy World Password Day!!! :D

[jim bell]

 

On Thursday, May 2, 2019, 7:42:03 AM PDT, Cecilia Tanaka 
 wrote:  
 
 https://nationaldaycalendar.com/world-password-day-first-thursday-in-may/

>Celebrate the World Password Day changing or upgrading your p455w0rd$, dear 
>all.  <3
>Oh, you know, "123456", "password", and "admin" are so old fashioned 
>passwords...  ;)

Don't worry, I'm safe!   I upgraded to "123456789" days ago!     
               Jim Bell  

Re: Happy World Password Day!!! :D

[Cecilia Tanaka]

On Thu, May 2, 2019, 13:40 Steve Kinney  wrote:

>
> Passwords are so old fashioned - and they present the most easily and
> frequently exploited weakness in security systems.   


> Needs a "password education" or better, "password eradication" day.
>

Yup.  You're correct, Steve.  ;)

Wish you, my pumpkin, and a. were here.

You because I desperately need massage, shiatsu, and hugs.

My pumpkin because I will work as volunteer in another CryptoRave (Friday
and Saturday), and after all the music and dance, I will go to VII BITCONF
- "Brazilian Conference about Bitcoins and other Cryptocoins"  (Sunday and
Monday).  It will be a bit crazy, but pretty fun.

And, finally, I needed a. very much because I don't know if I should go to
the Tor Meetup tonight or not.  I do really hate when some jerk says sh*t
about Jake just to provoke and hurt me.  Loyalty and friendship are just
empty words nowadays.  :(((

Well, at least one of them thinks I am "a good girl with bad friends".  But
it hurts the same...  <\3

Wish me luck and pray for me, my dear Steve.  If God exists, I bet They
love you much more than me.  I do!  <3

>

Re: Happy World Password Day!!! :D

[Steve Kinney]

On 5/2/19 10:40 AM, Cecilia Tanaka wrote:
> https://nationaldaycalendar.com/world-password-day-first-thursday-in-may/
> 
> Celebrate the World Password Day changing or upgrading your p455w0rd$,
> dear all.  <3
> 
> Oh, you know, "123456", "password", and "admin" are so old fashioned
> passwords...  ;)

Passwords are so old fashioned - and they present the most easily and
frequently exploited weakness in security systems.  We do have solutions...

Randomly generated pass phrases:

http://diceware.com

Most people will only need three or four pass phrases, including the one
that decrypts / unlocks one's portable database of unique. 'randomly'
generated, impossible to memorize, effectively brute-force-proof
credentials:

https://keepass.info/

Lose your database file, lose access to everything?  Not likely - if you
scatter copies of the database "everywhere", and update the copies when
you add or change any credentials.

Needs a "password education" or better, "password eradication" day.

:o)






signature.asc
Description: OpenPGP digital signature

Happy World Password Day!!! :D

[Cecilia Tanaka]

https://nationaldaycalendar.com/world-password-day-first-thursday-in-may/

Celebrate the World Password Day changing or upgrading your p455w0rd$, dear
all.  <3

Oh, you know, "123456", "password", and "admin" are so old fashioned
passwords...  ;)

Kisses, hugs and ** , hahaha!!!  <3

Ceci
--
Loving.  Caring.  Sharing.  Being Excellent To Each Other And To Our
Hackerspace.  <3
--
"Don't let anyone rob you of your imagination, your creativity, or your
curiosity.  It's your place in the world; it's your life.  Go on and do all
you can with it, and make it the life you want to live."  -  Mae Jemison

Re: Demonstration of a tinc network linked through Tor v3 onions

[Ann Brown]

On Thursday, May 2, 2019 2:09 AM, grarpamp  wrote:

> On 4/29/19, Ann Brown annobr...@protonmail.com wrote:
>
> > I was wondering whether OnionCat opens a new circuit for each packet stream,
> > and whether tinc (like OpenVPN) instead uses circuits on longer timescales.
> > I suppose that I could log that, and see.
>
> OnionCat doesn't talk to tor controller to "open" and manage
> its own circuits, it's subject to SocksPort circuitry in tor(1).
> onion to onion uses same circuit, while circuit remains valid.
> usefeature extended_events verbose_names
> setevents stream circ

OK, thanks. My best guess then is differences in how Tor handles v2 vs v3 
onions. I can't test OnionCat with v3 onions, so I'll do tinc with v2 onions, 
and see how it works. > > But it's still voluntary, right?

> > But it's still voluntary, right? So one can random walk until non-blocking
>
> Yes. Some relay operators may be staying on those
> older versions for that reason.

Right.

Sent with ProtonMail Secure Email.