Duck Penis |
Posted on 19-09-15, 20:57
|
Stirrer of Shit
Post: #628 of 717 Since: 01-26-19 Last post: 1766 days Last view: 1764 days |
Posted by Nicholas Steel If you're running maximized, you'll always have the same resolution unless you change screen/OS/whatever. So maybe 1080p w/ Windows window decorations is fine, but if you can see that there's someone with their browser at 2556x1414 (2560x1440 - 4x26) that's fairly unique, and if you see it several times it's probably the same person. Posted by wertigon Just what 'university' did the supposed 'expert' go to, and why does he not know how to spell the name of the technology he is allegedly hacking? Nobody would run random .exe files they got through Tor Browser and there's a giant warning if you try to do it. But for instance PDF files are A-OK. By observing basic precautions it is possible to reach an extremely high level of security with Tor, while this is completely impossible with a VPN. As an aside, I am tired of this, not to say worship, but taking seriously of people ('experts') for the sole reason of having thrown their time away on an education. If you're just doing it to get a job, sure do whatever you have to, but to claim that there's some actual value in it is plainly absurd. There was a tradition in the temple of Dodona that oaks first gave prophetic utterances. The men of old, unlike in their simplicity to young philosophy, deemed that if they heard the truth even from ‘oak or rock,’ it was enough for them; whereas you seem to consider not whether a thing is or is not true, but who the speaker is and from what country the tale comes. This is not to say that it's impossible to become an expert through organized studies and that such should be trusted, but the inverse obviously doesn't hold - for the extreme example, look at exercise science. I would much rather get my advice from the biggest guy in the gym, provided he isn't on gear, than the alleged experts in the newspapers who discuss for days on end which machines should be used and quizzes anyone who disagrees about to what school they went. Posted by tomman No, it's from legitimate security researchers. As I recall it, it's plagiarized from an official list of "stuff you shouldn't do with Tor" from a few years ago, back when they were still using check.torproject.org and Disconnect. Posted by CaptainJistuce No, I was thinking of the whole "evil reflection" thing, like Rosenberg from El Cazador or Kurama from Elfen Lied. And as for Bond villains: There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this. |
wertigon |
Posted on 19-09-15, 22:48
|
Post: #94 of 205
Since: 11-24-18 Last post: 158 days Last view: 30 days |
Expert as in, I live, breathe and do this shit for a living (but granted, only 25% of my working time). While I have only hacked TOR in a lab, it is very possible. TOR (T... Onion Routing, forgot what the T stands for? The?) is an acronym therefore it should be spelt that way. Pretty much like HTTP, SSH or TLS. You don't like it, go complain to the Oxford English Dictionary team if you want to complain at someone. (Should be named TORP actually, but I digress) Granted, been a couple of years since I last dabbled with it, got bigger fish to fry in my daily life now. Still, I concluded TOR is far from a silver bullet and only useful in certain highly specialised scenarios back then, and I doubt it has changed now. |
CaptainJistuce |
Posted on 19-09-15, 23:43
|
Custom title here
Post: #694 of 1164 Since: 10-30-18 Last post: 66 days Last view: 3 days |
Posted by sureanemNavy, actually. Not CIA. And the point is that if it was actually that secure, they wouldn't have released it to the public. --- In UTF-16, where available. --- |
Duck Penis |
Posted on 19-09-16, 17:17
|
Stirrer of Shit
Post: #629 of 717 Since: 01-26-19 Last post: 1766 days Last view: 1764 days |
Posted by https://2019.www.torproject.org/docs/faq.html.en#WhyCalledTor Did you learn everything you know about Tor from news articles wertigon? Posted by CaptainJistuce Navy made it, but the main beneficiaries inside the US government sure are the CIA. It does not follow. By that line of reasoning AES and the like should have backdoors too since it was standardized by the US government, not to talk about Bitcoin. Historically, the US government's backdoors have only been of the kind that they were damn sure an adversary couldn't exploit, so something of the public/private key kind (e.g. Dual_EC_DRBG) would have been their only choice. And as for that, it's hardly the dried-and-shut case of "NSA uses their superior cryptography skills to hide invisible backdoors in every single cryptography algorithm freely available on the open market" - people knew something was up even in the early 2000's. IBM got some mystery meat S-boxes for DES from the NSA, and everyone thought they were backdooring it, but they were actually making it more secure: Controversies arose out of classified design elements, a relatively short key length of the symmetric-key block cipher design, and the involvement of the NSA, nourishing suspicions about a backdoor. Today it is known that the S-boxes that had raised those suspicions were in fact designed by the NSA to actually remove a backdoor they secretly knew (differential cryptanalysis). However, the NSA also ensured that the key size was drastically reduced such that they could break it by brute force attack (the computing power to brute force DES however did not exist in 1975). (As an aside, it must be a very painful position to be in to have everyone accusing you of introducing backdoors when you were actually trying to help them stay safe but being unable to tell them because you would endanger them) The US government has realized extreme geopolitical gains from the Internet in general and Tor in particular, and this alone pays for it a thousand times over. No serious nation-state actor would have the precise combination of greed and stupidity required to pull off such a suicidally risky 'keep the cake and eat it' move. The US is already an open society, and as such the damage from even perfect cypherpunk-style anonymity is negligible, especially when compared to what that might do to China/Iran/Russia, and what it already has done to a whole host of countries before. There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this. |
Kawaoneechan |
Posted on 19-09-16, 17:23
|
Secretly, I'm William Shatner
Post: #397 of 599 Since: 10-29-18 Last post: 198 days Last view: 5 hours |
I've seen people who use Lua almost daily consistenly call it LUA. Of all the personal insults you could've slung at werti, that was the lamest. |
Duck Penis |
Posted on 19-09-16, 19:42
|
Stirrer of Shit
Post: #630 of 717 Since: 01-26-19 Last post: 1766 days Last view: 1764 days |
It's not as much of an insult as it is pointing out the failure to observe a useful shibboleth. Wild guess here, for which I have absolutely no proof, these are people who learned Lua through the U of Life because they wanted to actually make something - presumably for video games - and are not all too interested in hearing about useless academic concepts like "higher-order functions" or "lambdas". Whereas, for Tor, the opportunity of "learning by doing" is quite limited (what people in the AI business would call "one-shot learning"), and as such one does indeed need to read quite dry technical documents to understand how it works. In other words, as the project themselves observe, it's a much more useful nitpick, like when Mr. Schmidt pronounced it "Thor," as in the Norse god of thunder. There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this. |
BearOso |
Posted on 19-09-17, 02:27
|
Post: #119 of 175 Since: 10-30-18 Last post: 1453 days Last view: 1453 days |
Posted by sureanem You know—-Tor, the god of Tunder. |
funkyass |
Posted on 19-09-17, 04:41
|
Post: #90 of 202
Since: 11-01-18 Last post: 663 days Last view: 19 days |
tsor, god of tsundere |
wertigon |
Posted on 19-09-17, 08:57
|
Post: #95 of 205
Since: 11-24-18 Last post: 158 days Last view: 30 days |
Lol. At the end of the day I got better things to do than argue meaningless semantic shit on the internet. You have been fairly warned about the shortcomings of TOR; what you do with that information is up to you. :) (Also, scandinavian here, so I would rather not confuse TOR with a certain god of thunder, but I digress) |
CaptainJistuce |
Posted on 19-09-17, 10:40 (revision 3)
|
Custom title here
Post: #695 of 1164 Since: 10-30-18 Last post: 66 days Last view: 3 days |
Posted by sureanem If the CIA was using it, they would have blocked the public release. Prevent anyone from studying it for potential vulnerabilities, and prevent them from even gaining any insight into how the CIA communicates. Also, TOR traffic is identifiable and blockable. Therefore, the CIA would not use it if it was public knowledge.
The government, in a post-9/11 world, is not going to release an open, untracable communication standard into the wild for everyone to use. They don't even want american citizens going unmonitored(and to hell with legality), much less random dudes from Pablochevakia. If your arguments for how great TOR is were accurate, then the release would have been blocked to prevent "the terrorists" from using it. Do not confuse the 21st century political environment with 1975's. Also, IBM figured out differential cryptanalysis and selected the substitution boxes to be resistant. The NSA just declared differential cryptanalysis classified so that IBM couldn't release the information about it publicly. Because they wanted to preserve the vulnerability in other encryption schemes. And then they badgered IBM and the NIST to use shorter keys, so that they could still brute-force DES(the final standard used a longer key than the NSA had requested, but a shorter key than IBM felt was appropriate). So no, the NSA did NOT make DES better. They made it a little worse, and prevented anyone else in encryption development from knowing about a serious vulnerability for two decades, preserving themselves a way to break into most encryption not developed by IBM. Note also that DES was only approved for use on unclassified data. Why was it forbidden from use on classified data if not because it was known-vulnerable? The answer, of course, is because the NSA already knew it could be brute-forced by anyone with a sufficient budget, like a major world power's intelligence division. Most assuredly because they were already doing it. Just to figure out if the ruskies could, I'm sure. The NSA would never spy on american citizens. The US government has realized extreme geopolitical gains from the Internet in general and Tor in particular, and this alone pays for it a thousand times over. What political gains has the US seen from the public release of TOR? The US is already an open society, and as such the damage from even perfect cypherpunk-style anonymity is negligible, especially when compared to what that might do to China/Iran/Russia, and what it already has done to a whole host of countries before. You honestly know nothing about american society or politics. --- In UTF-16, where available. --- |
tomman |
Posted on 19-09-17, 11:40
|
Dinosaur
Post: #545 of 1317 Since: 10-30-18 Last post: 2 days Last view: 5 hours |
Once again, how a thread dedicated to show how Mozilla keeps failing to our world became sureanem's soapbox and his Reality Distortion Field!? I can't even frame this guy anymore as a Slashdot, a Hackernews, a Reddit, a 4chan, or even a "50 cent army" employee. I don't give a fuck about how Tor is pronounced, because I don't use it (I do have a install just for fun, not for any actual purpose, plus it defaults to Asstralis/Quantum Firefux, so I don't even bother launching it) Seriously, dude, cut it off. Mozilla is a cancer on its own (mostly thanks to Google), and that's more than enough for this thread. Licensed Pirate® since 2006, 100% Buttcoin™-free, enemy of All Things JavaScript™ |
Kawaoneechan |
Posted on 19-09-17, 12:10 (revision 1)
|
YEEEEAAAAH~!
Post: #399 of 599 Since: 10-29-18 Last post: 198 days Last view: 5 hours |
You remember those little buttons that'd you see on really old websites, "Netscape Now" and such? The kind that I more or less parody on the page for my P&C game? I'm seriously considering making one about sane and simple pages, that aren't 90% JavaScript frameworks, 8% layout markup, and only 2% actual content. And then put it on my site's landing page, being an example. edit: |
tomman |
Posted on 19-09-17, 12:39
|
Dinosaur
Post: #546 of 1317 Since: 10-30-18 Last post: 2 days Last view: 5 hours |
If I ever relaunch my website, I guess it's time to remove the IE-specific bits that were inserted with Frontpage XP, almost two decades ago (like the rollover effect over the left navbar - now you can achieve that with pure CSS but back then Frontpage came with their small pile of IE-only Javascripts). It's also a shame that <BGMUSIC> no longer works, and its replacements at some point involved Flash (YUCK!), or more scriptfuckery :/ Licensed Pirate® since 2006, 100% Buttcoin™-free, enemy of All Things JavaScript™ |
Kawaoneechan |
Posted on 19-09-17, 13:58
|
Secretly, I'm PZ Myers
Post: #400 of 599 Since: 10-29-18 Last post: 198 days Last view: 5 hours |
Then you cannot has my button 😛 |
tomman |
Posted on 19-09-17, 19:15
|
Dinosaur
Post: #547 of 1317 Since: 10-30-18 Last post: 2 days Last view: 5 hours |
https://news.slashdot.org/story/19/09/17/1750247/firefox-moving-to-a-faster-4-week-release-cycle The buzzword of the day: "agile". Because releasing software When It's Done is for dinosaurs - looks like hipster coders compete to see who can cram more half-assed "features" and flaws in their modern pieces of so-called software. Combined with Valve's "it compiles, SHIP IT" attitude, no wonder why I want to get the hell away from interacting with software in general nowadays :/ Licensed Pirate® since 2006, 100% Buttcoin™-free, enemy of All Things JavaScript™ |
tomman |
Posted on 19-09-29, 12:48
|
Dinosaur
Post: #559 of 1317 Since: 10-30-18 Last post: 2 days Last view: 5 hours |
Apparently I'm not the only one against D'OH!: the (soon to be the former?) Kingdom of Great Britain really hates it, to the point of nominating Mozilla as a "Internet Villain" (whatever that means): https://news.slashdot.org/story/19/07/05/1438257/internet-group-brands-mozilla-internet-villain-for-supporting-dns-privacy-feature Well, it's actually some of their ISPs which believe that they have the sacred right to Mozilla finally caved in, by "promising" that D'OH! will not be the default for England and its territories: https://news.slashdot.org/story/19/09/29/0434233/firefox-promises-uk-government-dns-over-https-wont-be-default-in-uk D'OH! is a bad idea, but governments spying on you and censoring your porn are a absolutely terrible idea. Fuck, everybody is evil, let's go shopping~ (also: tinfoil hat nerds complaining that UK/US are authoritarian states, without knowing exactly what the fuck is an authoritarian state, and I certainly speak as a citizen from one of said authoritarian hellholes. Someone should forcefully pull those nerds out of their mothers' basements and send them to my shithole for a year, so they can actually learn how it's living in a true authoritarian hell!) Licensed Pirate® since 2006, 100% Buttcoin™-free, enemy of All Things JavaScript™ |
Duck Penis |
Posted on 19-09-29, 13:41
|
Stirrer of Shit
Post: #648 of 717 Since: 01-26-19 Last post: 1766 days Last view: 1764 days |
I'm not quite sure I follow. Do you defend the UK censors' alleged sovereign right to censor the Internet, or do you concede that this would indeed be a major blow towards such censorship but still assert that it's not worth it because it would undermine your idiosyncratic blocking solutions? There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this. |
tomman |
Posted on 19-09-29, 18:26
|
Dinosaur
Post: #560 of 1317 Since: 10-30-18 Last post: 2 days Last view: 5 hours |
Any government trying to censor you is beyond evil, and that has no excuse. Mozilla (or anyone else) conceding to the censors' requests is another way to say "fuck you" to your userbase. Having said that, I still insist that D'OH! is NOT the solution. You're trading enemies (your ISP/government -> Cloudflare & co.), plus layering more shit on top of HTTPS because that for the web frat boys all problems look like nails when all you have is a hammer is not the way to go. TLS on top of system-wide DNS? Cool, bring it on. HTTP + client-side DNS? Oh hell no. There are no winners here, I'm sad to say. Licensed Pirate® since 2006, 100% Buttcoin™-free, enemy of All Things JavaScript™ |
creaothceann |
Posted on 19-09-29, 20:00
|
Post: #206 of 456 Since: 10-29-18 Last post: 47 days Last view: 4 days |
Posted by tomman I can think of better criteria... My current setup: Super Famicom ("2/1/3" SNS-CPU-1CHIP-02) → SCART → OSSC → StarTech USB3HDCAP → AmaRecTV 3.10 |
CaptainJistuce |
Posted on 19-09-29, 20:47
|
Custom title here
Post: #712 of 1164 Since: 10-30-18 Last post: 66 days Last view: 3 days |
Posted by tommanWHOOO!!!!!!!! --- In UTF-16, where available. --- |