>From: Cathal Garvey <cathalgarvey(a)cathalgarvey.me>
As far as "where to get it", here's a copy:
>https://ngrok.com:61924/owncloud/public.php?service=files&t=264659e23e8733b…
>
>Cert is self-signed:
>SHA1: 63:9B:E2:FA:D8:A9:66:DE:46:B7:E4:C2:18:47:73:04:C0:12:FE:1F
>SHA256:
>CF:D2:82:0D:C8:65:CE:EB:2E:3F:36:EC:DA:9E:82:4E:2E:BD:51:19:6A:7E:11:65:50:40:57:9E:B8:79:8D:A2
I apologize for belatedly thanking you for TextSecure download link. Two days ago, I downloaded it despite the browser warning the certificate was not valid:
"ngrok.com:61924 uses an invalid security certificate. The certificate is not trusted because it is self-signed. The certificate is only valid for isadora-amd64 (Error code: sec_error_unknown_issuer)"
I installed TextSecure on my Droid 3 which does have a cellular account. TextSecure works if airplane mode is not on. Turning airplane mode on and wifi on, TextSecure does not work. Yet, description of TextSecure is that it works over wifi, data and/or SMS.
I installed TextSecure on my Motorola droid 4. I use Droid 4 as a PDA. No cellular account. How can I get TextSecure to work over wifi?
Thanks.
Badbiosvictim, formerly bluelotus
journos:
NSA: We're in YOUR BOTNET
http://www.theregister.co.uk/2015/01/19/nsa_steals_malware/
> The NSA quietly commandeered a botnet targeting US Defence agencies to
> attack other victims including Chinese and Vietnamese dissidents,
> Snowden documents reveal.
Allegedly snowden doc from TFA:
http://www.spiegel.de/media/media-35689.pdf
---
Questions:
I read some botnets use crypto to CC.
> 1. How the NSA broke the crypto?
> 2. Which browser the dear NSA used used
> in the alleged Snowden screenshots?
(maybe firefux)
Just landed beta: open source, minilock-based crypto, really nice
design. Server side storage of end-to-end encrypted files and messages,
1.3Gb of storage for free. No ads.
https://peerio.com
I expect that the "product" will end up being "storage space", which is
fine by me! Right now the server code isn't open, though the protocol
(and therefore API) is very well documented in the git source:
https://github.com/PeerioTechnologies/peerio-client
Expect to see it banned in the UK soon. :)
On Mon, Jan 19, 2015 at 7:39 PM, Mueller, Alex
<alex.mueller(a)lrz.tu-muenchen.de> wrote:
>> has somebody an idea of the possiblity to protect afs / coda server
>> behind tor?
As a Hidden Service? Most anything TCP should be possible,
if you need UDP or to present IP binding and embedded semantics
to applications, you may want to try onioncat (at least for now), or
use a different [anonymity] network that is more IP[v6] friendly
like CJDNS or Phantom or somesuch.
http://en.wikipedia.org/wiki/OpenAFShttp://www.openafs.org/https://www.onioncat.org/
As you mentioned filesystems, I'll include a recent thread below
which you may further look into...
========
On Fri, Jan 16, 2015 at 7:40 AM, Greg Troxel <gdt(a)ir.bbn.com> wrote:
> ianG <iang(a)iang.org> writes:
grarpamp wrote:
>> I've come up with a problem that needs a secure cloudy (handwavy) data
>> storage solution.
>>
>> The only think I can think of is Tahoe-LAFS. I get the feeling that
>> it is the only game in town... but why not ask? Is there a plausible
>> "competitor" to Tahoe?
>
> Please explain your actual requirements. Tahoe does well at not
> storing plaintext and redundancy across large numbers of servers.
> However, it doesn't do well at:
> - mixing storage from different users (accounting)
> - garbage collection (expiration vs lease renewal)
> - acting like a posix filesystem (FUSE interface is weak)
> - speed
You might find something here...
https://en.wikipedia.org/wiki/MaidSafehttps://en.wikipedia.org/wiki/Comparison_of_file_sharing_applicationshttps://en.wikipedia.org/wiki/Anonymous_P2Phttps://en.wikipedia.org/wiki/Comparison_of_distributed_file_systemshttps://en.wikipedia.org/wiki/List_of_file_systems#Distributed_file_systems
I'm looking for something that will run entirely within an
anonymous p2p network, has data redundancy minimums
on the storage automatically handled by the system, some
number of redundant access points, and mounts posix-like
(nfs/zfs/iscsi/smb/cifs) for all participants. At least readonly
for everyone, and readwrite for the owner of any particular
subtree, like AFS.
========
After TrueCrypt, many tens of proposed continuations,
and even brand new competing projects appeared, such as:
https://www.gostcrypt.org/
Have any of those many projects gained following, review,
support, opensource license, and ongoing development
work such that they can now be considered the in fact
TrueCrypt successor / new independant solution?
https://startpage.com/do/search
Claims to use google and gives proxy option.
Any feedback?
(the number of results for some queries differ from
google, might be country/IP related).
So,
Mirmir wrote:
> | 13. Targeted attacks against PGP key ids are possible
>
> This is an advantage of Keybase. Then we're not depending on the KeyID,
> or even on the fingerprint, but rather on an identity that's multiply
> and independently authenticated.
I keep hearing more and more about keybase, and I have a problem with it. It's
a centralised service, owned and controlled by a single entity; moreover, the
keys are tied to online identities controlled by corporate third parties
(Twitter, Facebook, et al). I don't see a Diaspora/The Federation support, for
instance.
My problem with this is two-fold:
1. It might allow abuse, esp. MITM attacks. If Keybase becomes a /de facto/
standard of acquiring keys, it seems trivial to me for them to replace a
valued target's key with something a LEA would provide.
2. It still promotes the closed, walled-gardens. Diaspora or GNU Social
support would not be that hard to implement.
--
Pozdrawiam,
Michał "rysiek" Woźniak
Zmieniam klucz GPG :: http://rys.io/pl/147
GPG Key Transition :: http://rys.io/en/147
