Mr Nobody 1 Posted ... (edited) Dear Internet Freedom Friends, Hello from the Other Side! First, let me please be the first to congratulate you for using SSL tunnel, and not obfs4!Friendly reminder: Glorious Kazakhstan has pwned obfs4!https://trac.torproject.org/projects/tor/ticket/20348 Turns out, it wasn't even hard to do! We respectfully ask our DARPA Onion Friends - why do they create a unique protocol, to obfuscate the unique nature of traffic? Who thought that this even made sense as an idea, so much that they wanted to develop four iterations of it, and counting? Why not just use SSL tunnel, which looks 100% not unique and exactly like SSL, because it is? So easy to develop - it already exists! When DARPA sends us people, they aren't sending their best! Still, they ask for donations - like they have no money! Maybe, they should ask Echelon to stop running all those node farm NGOs in Germany and France, to save the money for them? Must cost a lot to keep all those Tor logs! Many such cases - enough to correlate! Sad!https://en.wikipedia.org/wiki/Parallel_constructionUnfriendly reminder: Glorious Kazakhstan has pwned all public Tor entry nodes with IP blacklist! Glorious Kazakhstan only needed to pwn obfs4 because of private bridges! For public listed nodes, they just ask for the list, then block it! Very easy! Not smart! No obfs4 pwn required! It's as easy as this: Glorious Kazakhstan: "Excuse me sir, I would very much like to pwn you bigly. May I have the target list?" DARPA Onion Friends (not the brightest): "Yes, perfect, here is the target list." Should have been only bridges from the beginning! It doesn't solve all privacy problems if your packets are SSL or obfs4 inside! They route directly to publicly listed private network server! Nature of traffic is written in the header! It's automatically checked against public VPN server list!Hostile reminder:Glorious Kazakhstan has list of everyone who pings public listed VPN servers! It does not matter if they blacklist public listed servers today, tomorrow, or not until the next political emergency. They still have public server list, and ISPs have user logs, and they can compare them to create dox list of VPN users. (Basically, same as what NSA does for Tor users.)https://www.cnet.com/news/nsa-likely-targets-anybody-whos-tor-curious/ They won't go after all those people, but persons of interest can be cross-referenced to that list, now or in the future. Totally unacceptable! Please fix this! Don't be reactive, like noobs! Noobs get pwned! Security is paranoia - everyone else is pwned! Don't wait for users to get pwned to patch! You lose a pair of clients - I lose my pair of яйца! Bad deal! The worst! Can't do it!Please offer private bridges! Preferably, unique bridges! Minimum, offer unique private bridge through AWS. Best, also offer bridges through some Party corp in Hong Kong, for jurisdiction variety. Neutral countries aren't a real thing, so just offer tunnels on both sides of the line. This would be like if you took the meek pluggable transport concept, but each user got his own private meek server. Please friends, I have no time to be setting up my own OpenVPN server as SSL bridge. I have important elections to meddle in! I am not the only one with this problem. I am just one of the only ones who understands the problem. I am very tired of "world famous hackers" who quit and flipped to FBI before age 25 and pretend like they know or care about this. They are cowards. You only get famous when you get pwned. If you are good, you are just another nobody, and if you figure something out about something, you don't tell anyone. Since you are at least doing SSL and running an onion, you seem like you are the only ones seriously trying to not be stupid. I respect this effort and salute you. So please let me tell you for free.Public listing is not the right way to run private networks! I know everyone else does it this way. Let me tell you something more.Everyone else is going to get pwned. Having your name on any of these lists is like for little opsec baby who does not know history book chapter about Great Purge.https://en.wikipedia.org/wiki/Great_Purge There is no advantage to "public listed private network" setup and it is an oxymoron. Saves you cost of bulk rental of minimum servers from AWS or similar mega server farms. Costs you being on lists. Bad deal. This is just lazy "fix it when it breaks" security from corporate celebrity babies who think Great Cyber War will never come. Don't copy that. You have no idea how bad things really are. You have no idea how much worse things are going to get. Always prepare first for the worst possible outcome. - Just Another Nobody Edited ... by Mr Nobody 1 User of AirVPN reacted to this Quote Share this post Link to post
Maggie144 12 Posted ... Thanks for bringing a smile and a laugh (election meddling) unique private bridges would be awesome to have. +1 guess this would also solve the stream-ability-issue users report - except for Amzn probably, these guys are relentless Quote Share this post Link to post