Re: OnionShare Tor
Most promising. If USG and other governments are not involved. Big if. At 11:16 PM 10/15/2019, you wrote:
https://blog.torproject.org/new-version-onionshare-makes-it-easy-anyone-publ...
https://github.com/cretz/bine https://github.com/jstrieb/urlpages http://wiki.yacy.net/index.php/En:YaCy-Tor https://blog.kozubik.com/john_kozubik/2009/06/free-speech-or-stone-age.html https://www.arweave.org/
On Wed, 16 Oct 2019 10:36:40 -0400 John Young <jya@pipeline.com> wrote:
Most promising.
HUH??! 'onionshare' is a piece of third-rate front-end for the US-millitary spying-network known as tor. Furthermore the author of 'onionshare' is a left-wing fascist who worked for the paypal-ebay-NSA propaganda outlet known as the intercept. The garbage he wrote was particularly toxic since the lee turd is just a shill of the americunt \democratic' party. And no doubt he's a 100% certified feminazi cunt. Maybe that's why you are promoting him.
If USG and other governments are not involved. Big if.
There's no 'if' here. Wortherless cunt micah lee is a 100% certified americunt agent, working both for tor-US-military and paypal-ebay.
Swarm of disclosure/discussion servers is much better than the very few famous seducing users and making it easy to intercept and plant malware. Even so, Tor, WikiLeaks, SecureDrop, Signal, et al, are most useful to divert attention from lesser knowns, in particular the least known which appear, disappear, reappear, change clothing, innovate, and resist bribery of investors, fans and all-siphon boogies. Once this list was constructive for discourse/discussion, say, its first few months before Wired launched it into advertising manipulation. Thereafter trash, users and content, took command. Occasionally, though, even now, jewels are offered among the nauseous dreck, so its worth enduring for those rarities to escape metasticizing cancerous, censorious and Trump-logorheaic SM and worst of all engorging, assaultive search engines no matter whether gov, com, ngo, edu, unicorn. Micah Lee is not as corrupt as pseudos dumping diseased feces here and much moreso in celebrated fora. Tor admits its USG complicity, pseudos hide it except for their noxious odor. At 01:10 PM 10/16/2019, you wrote:
On Wed, 16 Oct 2019 10:36:40 -0400 John Young <jya@pipeline.com> wrote:
Most promising.
HUH??! 'onionshare' is a piece of third-rate front-end for the US-millitary spying-network known as tor.
Furthermore the author of 'onionshare' is a left-wing fascist who worked for the paypal-ebay-NSA propaganda outlet known as the intercept. The garbage he wrote was particularly toxic since the lee turd is just a shill of the americunt \democratic' party.
And no doubt he's a 100% certified feminazi cunt. Maybe that's why you are promoting him.
If USG and other governments are not involved. Big if.
There's no 'if' here. Wortherless cunt micah lee is a 100% certified americunt agent, working both for tor-US-military and paypal-ebay.
On Wednesday, October 16, 2019, 12:03:21 PM PDT, John Young <jya@pipeline.com> wrote:
Swarm of disclosure/discussion servers is much better than the very few famous seducing users and making it easy to intercept and plant malware. Even so, Tor, WikiLeaks, SecureDrop, Signal, et al, are most useful to divert attention from lesser knowns, in particular the least known which appear, disappear, reappear, change clothing, innovate, and resist bribery of investors, fans and all-siphon boogies.
The way I see it, there are at least two ways to promote TOR. 1. Openly promote TOR: "TOR is great". "TOR is secure enough". "We don't need an improvement to TOR". and the second is: 2. Oppose potential improvements or augmented systems other than TOR. List their potential problems. Ignore their possible benefits. I think there are clearly people who are choosing to do the second kind of promotion of TOR. Jim Bell
On Thu, 17 Oct 2019 20:16:28 +0000 (UTC) jim bell <jdb10987@yahoo.com> wrote:
The way I see it, there are at least two ways to promote TOR. 1. Openly promote TOR: "TOR is great". "TOR is secure enough". "We don't need an improvement to TOR". and the second is: 2. Oppose potential improvements or augmented systems other than TOR. List their potential problems. Ignore their possible benefits. I think there are clearly people who are choosing to do the second kind of promotion of TOR.
I think a key aspect of the tor mafia is that getting a few million dollars from the pentagon each year allows them to outcompete anybody who could challenge them. They don't even have to 'oppose' anything. Just fail to fund it.
Jim Bell
On Thursday, October 17, 2019, 05:43:04 PM PDT, Punk <punks@tfwno.gf> wrote: On Thu, 17 Oct 2019 20:16:28 +0000 (UTC) jim bell <jdb10987@yahoo.com> wrote:
The way I see it, there are at least two ways to promote TOR. 1. Openly promote TOR: "TOR is great". "TOR is secure enough". "We don't need an improvement to TOR". and the second is: 2. Oppose potential improvements or augmented systems other than TOR. List their potential problems. Ignore their possible benefits. I think there are clearly people who are choosing to do the second kind of promotion of TOR.
> I think a key aspect of the tor mafia is that getting a few million dollars from the pentagon each year allows them to outcompete anybody who could challenge them. They don't even have to 'oppose' anything. Just fail to fund it. That sounds quite correct. Somebody needs to challenge them. Jim Bell
On October 18, 2019 2:54:37 AM UTC, jim bell <jdb10987@yahoo.com> wrote:
On Thursday, October 17, 2019, 05:43:04 PM PDT, Punk <punks@tfwno.gf> wrote:
On Thu, 17 Oct 2019 20:16:28 +0000 (UTC) jim bell <jdb10987@yahoo.com> wrote:
The way I see it, there are at least two ways to promote TOR. 1. Openly promote TOR: "TOR is great". "TOR is secure enough". "We don't need an improvement to TOR". and the second is: 2. Oppose potential improvements or augmented systems other than TOR. List their potential problems. Ignore their possible benefits. I think there are clearly people who are choosing to do the second kind of promotion of TOR.
> I think a key aspect of the tor mafia is that getting a few million dollars from the pentagon each year allows them to outcompete anybody who could challenge them. They don't even have to 'oppose' anything. Just fail to fund it. That sounds quite correct. Somebody needs to challenge them. Jim Bell
Its difficult to get the momentum to write new code, get the nodes needed to make it useful, etc - for a whole new challenger. Not that it couldn't and shouldn't happen. In the meanwhile there are a number of interesting improvements to tor that no one at the project actually seems interested in...
On Fri, Oct 18, 2019 at 02:54:37AM +0000, jim bell wrote:
On Thursday, October 17, 2019, 05:43:04 PM PDT, Punk <punks@tfwno.gf> wrote:
On Thu, 17 Oct 2019 20:16:28 +0000 (UTC) jim bell <jdb10987@yahoo.com> wrote:
The way I see it, there are at least two ways to promote TOR. 1. Openly promote TOR: "TOR is great". "TOR is secure enough". "We don't need an improvement to TOR". and the second is: 2. Oppose potential improvements or augmented systems other than TOR. List their potential problems. Ignore their possible benefits. I think there are clearly people who are choosing to do the second kind of promotion of TOR.
> I think a key aspect of the tor mafia is that getting a few million dollars from the pentagon each year allows them to outcompete anybody who could challenge them. They don't even have to 'oppose' anything. Just fail to fund it. That sounds quite correct. Somebody needs to challenge them.
It seems that TOR could be as a starting point, if it were possible to validate the software before building upon it. I'm not sure it is, though. Jim's proposal would seem to require a few important things: 1. free software (of course) that is open to inspection 2. verifiable functionality 3. trustable deployment #1 implies the full stack, from network, to hardware, to OS, to libraries, to application. This is harder as you dig more deeply into what needs to be validated. #2 and #3 are also hard, whether using TOR or something completely new. Are #2 and #3 easier if we start with the TOR base software or design? With 600K+ lines of code, TOR is unwieldy to validate. The design could be a starting point. I'll make some obvious statements that I haven't seen in this thread yet (apologies if I missed them): Verifiable functionality means that the software, wherever it's deployed, can be trusted (to whatever extent is needed). This is challenging for any software, and more challenging when you need to worry about the entire stack including the hardware. Trustable deployment means that we can validate the nodes in the mesh, to whatever extent is needed. This is a perpetual issue with TOR, because players can do things antithetical to the design (such as collusion or surveillance).
On Friday, October 18, 2019, 09:56:12 AM PDT, Greg Newby <gbnewby@pglaf.org> wrote: On Fri, Oct 18, 2019 at 02:54:37AM +0000, jim bell wrote: > > > On Thursday, October 17, 2019, 05:43:04 PM PDT, Punk <punks@tfwno.gf> wrote: > > On Thu, 17 Oct 2019 20:16:28 +0000 (UTC) > jim bell <jdb10987@yahoo.com> wrote: > > >> The way I see it, there are at least two ways to promote TOR. > >> 1. Openly promote TOR: "TOR is great". "TOR is secure enough". "We don't need an improvement to TOR". > >> and the second is: > >> 2. Oppose potential improvements or augmented systems other than TOR. List their potential problems. Ignore their possible benefits. > >> I think there are clearly people who are choosing to do the second kind of promotion of TOR. > > > > I think a key aspect of the tor mafia is that getting a few million dollars from the pentagon each year allows them to outcompete anybody who could challenge them. They don't even have to 'oppose' anything. Just fail to fund it. > That sounds quite correct. Somebody needs to challenge them. >It seems that TOR could be as a starting point, if it were possible to validate the software before building upon it. I'm not sure it is, though. >Jim's proposal would seem to require a few important things: 1. free software (of course) that is open to inspection 2. verifiable functionality 3. trustable deployment >#1 implies the full stack, from network, to hardware, to OS, to libraries, to application. This is harder as you dig more deeply into what needs to be validated. >#2 and #3 are also hard, whether using TOR or something completely new. >Are #2 and #3 easier if we start with the TOR base software or design? With 600K+ lines of code, TOR is unwieldy to validate. The design could be a starting point. >I'll make some obvious statements that I haven't seen in this thread yet (apologies if I missed them): >Verifiable functionality means that the software, wherever it's deployed, can be trusted (to whatever extent is needed). This is challenging for any software, and more challenging when you need to worry about the entire stack including the hardware. >Trustable deployment means that we can validate the nodes in the mesh, to whatever extent is needed. This is a perpetual issue with TOR, because players can do things antithetical to the design (such as collusion or surveillance). I think it's important to put up and run SOMETHING, a network separate from TOR, even if it must initially use pre-existing software that hasn't been completely verified. (yet) There's an enormous difference between a mere promise (it's coming "real soon now", as Jerry Pournelle used to say) and an actual useable system. A currently-useable system would ignite far more interest, including donations perhaps, than a mere promise, especially if the software was all open-sourced and potentially verifiable, with the knowledge that it would be verified or replaced in the future. Jim Bell Interesting historical interest: In about 1979 when I was studying at MIT, I was logged onto a computer system. (It might have been either network node "70" or "134". Strange that I remember that!) I did a WHOIS command, listing the other users of the system. Some other student, looking over my shoulder, said, "Hey, that's Jerry Pournelle!", because one of those logged in was "pourne". I, never having been a science fiction buff, didn't know who "Jerry Pournelle" was. So, the fellow student explained it to me. Cut to about 1983, when my small company, SemiDisk Systems, was at the West Coast Computer Faire in San Francisco, manning the booth. A man came up to the booth, and he said "I'm Jerry Pournelle". I responded, "Hey, I know who you are, but it's not the way you might think!".
Isn't that why networks like i2p exist? On Fri, Oct 18, 2019, 8:19 PM jim bell <jdb10987@yahoo.com> wrote: > On Friday, October 18, 2019, 09:56:12 AM PDT, Greg Newby < > gbnewby@pglaf.org> wrote: > > > On Fri, Oct 18, 2019 at 02:54:37AM +0000, jim bell wrote: > > > > > > > On Thursday, October 17, 2019, 05:43:04 PM PDT, Punk <punks@tfwno.gf> > wrote: > > > > On Thu, 17 Oct 2019 20:16:28 +0000 (UTC) > > jim bell <jdb10987@yahoo.com> wrote: > > > > >> The way I see it, there are at least two ways to promote TOR. > > >> 1. Openly promote TOR: "TOR is great". "TOR is secure enough". > "We don't need an improvement to TOR". > > >> and the second is: > > >> 2. Oppose potential improvements or augmented systems other than > TOR. List their potential problems. Ignore their possible benefits. > > >> I think there are clearly people who are choosing to do the second > kind of promotion of TOR. > > > > > > > I think a key aspect of the tor mafia is that getting a few million > dollars from the pentagon each year allows them to outcompete anybody who > could challenge them. They don't even have to 'oppose' anything. Just fail > to fund it. > > That sounds quite correct. Somebody needs to challenge them. > > > >It seems that TOR could be as a starting point, if it were possible to > validate the software before building upon it. I'm not sure it is, though. > > >Jim's proposal would seem to require a few important things: > 1. free software (of course) that is open to inspection > 2. verifiable functionality > 3. trustable deployment > > >#1 implies the full stack, from network, to hardware, to OS, to > libraries, to application. This is harder as you dig more deeply into what > needs to be validated. > > >#2 and #3 are also hard, whether using TOR or something completely new. > > >Are #2 and #3 easier if we start with the TOR base software or design? > With 600K+ lines of code, TOR is unwieldy to validate. The design could be > a starting point. > > >I'll make some obvious statements that I haven't seen in this thread yet > (apologies if I missed them): > > >Verifiable functionality means that the software, wherever it's deployed, > can be trusted (to whatever extent is needed). This is challenging for any > software, and more challenging when you need to worry about the entire > stack including the hardware. > > >Trustable deployment means that we can validate the nodes in the mesh, to > whatever extent is needed. This is a perpetual issue with TOR, because > players can do things antithetical to the design (such as collusion or > surveillance). > > > > I think it's important to put up and run SOMETHING, a network separate > from TOR, even if it must initially use pre-existing software that hasn't > been completely verified. (yet) There's an enormous difference between a > mere promise (it's coming "real soon now", as Jerry Pournelle used to say) > and an actual useable system. > > A currently-useable system would ignite far more interest, including > donations perhaps, than a mere promise, especially if the software was all > open-sourced and potentially verifiable, with the knowledge that it would > be verified or replaced in the future. > > Jim Bell > > > Interesting historical interest: > > In about 1979 when I was studying at MIT, I was logged onto a > computer system. (It might have been either network node "70" or "134". > Strange that I remember that!) I did a WHOIS command, listing the other > users of the system. Some other student, looking over my shoulder, said, > "Hey, that's Jerry Pournelle!", because one of those logged in was > "pourne". I, never having been a science fiction buff, didn't know who > "Jerry Pournelle" was. So, the fellow student explained it to me. > > Cut to about 1983, when my small company, SemiDisk Systems, was at the > West Coast Computer Faire in San Francisco, manning the booth. A man came > up to the booth, and he said "I'm Jerry Pournelle". I responded, "Hey, I > know who you are, but it's not the way you might think!". > > >
On Fri, 18 Oct 2019 21:06:09 +0100 Steven Schear <schear.steve@gmail.com> wrote:
Isn't that why networks like i2p exist?
yes, I was about to mention that i2p does have some of the characteristics that a tor replacement should have. Like 1) all users are also routers. 2) it's not funded by the pentagon. 3) there are no central 'directory authorities' - it's a p2p network. https://geti2p.net/en/comparison/tor looks like i2p COULD do traffic padding, but it's not doing it. "Other potential benefits of I2P but not yet implemented" "create a tunnel that will handle 500 messages / minute, where the endpoint will inject dummy messages if there are insufficient messages" for what it's worth, I tried i2p in the past a few times and abandoned it after a few days because I didn't find any interesting content in the network. My assumption was that if there was no 'illegal' content, then the system must have some (serious) flaw. On second thought I realize that's not necessarily the case at all.
On Fri, Oct 18, 2019 at 06:44:58PM -0300, Punk - Stasi 2.0 wrote:
On Fri, 18 Oct 2019 21:06:09 +0100 Steven Schear <schear.steve@gmail.com> wrote:
Isn't that why networks like i2p exist?
yes, I was about to mention that i2p does have some of the characteristics that a tor replacement should have. Like
1) all users are also routers. 2) it's not funded by the pentagon. 3) there are no central 'directory authorities' - it's a p2p network.
https://geti2p.net/en/comparison/tor
looks like i2p COULD do traffic padding, but it's not doing it.
"Other potential benefits of I2P but not yet implemented" "create a tunnel that will handle 500 messages / minute, where the endpoint will inject dummy messages if there are insufficient messages"
for what it's worth, I tried i2p in the past a few times and abandoned it after a few days because I didn't find any interesting content in the network. My assumption was that if there was no 'illegal' content, then the system must have some (serious) flaw. On second thought I realize that's not necessarily the case at all.
It seems you can configure tor browser to route over i2p: https://www.reddit.com/r/i2p/comments/di6efs/configure_tor_browser_90a7_to_w... Freenet is another like-minded project. In addition to routing, it can host content: https://freenetproject.org/pages/documentation.html
More important, the content isn't cached as files. Each file, when uploaded, is (encrypted?) broken into (bit interleaved?) blobs and the hash address of a blob determines which randomized Freenet client caches the blob. Unless the "treasure map" of the blob hashes and key are openly published only the uploader and the private parties they share with know of a file's existence and how to reassemble it. Our group at Mojo Nation / Mnet largely followed Freenet's path. On Sat, Oct 19, 2019, 3:21 AM Greg Newby <gbnewby@pglaf.org> wrote:
On Fri, 18 Oct 2019 21:06:09 +0100 Steven Schear <schear.steve@gmail.com> wrote:
Isn't that why networks like i2p exist?
yes, I was about to mention that i2p does have some of the characteristics that a tor replacement should have. Like
1) all users are also routers. 2) it's not funded by the pentagon. 3) there are no central 'directory authorities' - it's a p2p network.
https://geti2p.net/en/comparison/tor
looks like i2p COULD do traffic padding, but it's not doing it.
"Other potential benefits of I2P but not yet implemented" "create a tunnel that will handle 500 messages / minute, where the endpoint will inject dummy messages if there are insufficient messages"
for what it's worth, I tried i2p in the past a few times and abandoned it after a few days because I didn't find any interesting content in the network. My assumption was that if there was no 'illegal' content,
On Fri, Oct 18, 2019 at 06:44:58PM -0300, Punk - Stasi 2.0 wrote: then the system must have some (serious) flaw. On second thought I realize that's not necessarily the case at all.
It seems you can configure tor browser to route over i2p:
https://www.reddit.com/r/i2p/comments/di6efs/configure_tor_browser_90a7_to_w...
Freenet is another like-minded project. In addition to routing, it can host content: https://freenetproject.org/pages/documentation.html
Napster premiered before we did and pissed in the VC punch bowl. But even if we had gotten funded I doubt we'd have been successful. Our technology relied too heavily on high speed connections and the days of wideband to the home were still more than a decade away. Fortunately, one of our talented programmers, Bram Cohen, took (with the blessing of the founder, Jim McCoy) the most practical parts of the ideas and created BitTorrent. Bryce "Zooko" O'Hearn went on to create Tahoe LAFS and more recently ZCash. On Sat, Oct 19, 2019, 9:50 PM Punk - Stasi 2.0 <punks@tfwno.gf> wrote:
On Sat, 19 Oct 2019 09:21:11 +0100 Steven Schear <schear.steve@gmail.com> wrote:
Our group at Mojo Nation / Mnet largely followed Freenet's path.
so what happened to your project?
On Fri, Oct 18, 2019 at 09:06:09PM +0100, Steven Schear wrote:
Isn't that why networks like i2p exist?
There is at least 1 attempt to rewrite I2P, and he is not even interested in the core improvement - chaff fill. Tor is fundamentally compromised, as Juan correctly points out: - TCP, not UDP, as base protocol - no chaff fill - independent "core router" operators, e.g. Jacob Applebaum, have been purged from Tor core group - in a rather brutal public lynching manner (classic CIA psy op) I2P is not government funded, and so "new user/ high speed internet/ low latency" experience, is not enticing to said new users. A fundamental difference from Tor's "core high performance routing nodes" and TCP (connection base mode) compromises (along with chaff fill), are: - mesh network - UDP connectionless base network - chaff fill For any network, your entry nodes are a fundamental privacy problem/ issue. Tor settled on "choose 1, stick with it for a few months or more, since the more you hop, the greater the chance you hit a compromised entry node anyway". A fundamental difference for an alternative needs to be F2F - friend to friend connections. You -must- find meat space humans who join in your freedom/liberty network, if you want the possibility of not being immediately GPA statistically sniffed. I'll have a look see...
I think it's important to put up and run SOMETHING, a network separate from TOR, even if it must initially use pre-existing software that hasn't been completely verified. (yet) There's an enormous difference between a mere promise (it's coming "real soon now", as Jerry Pournelle used to say) and an actual useable system.
A currently-useable system would ignite far more interest, including donations perhaps, than a mere promise, especially if the software was all open-sourced and potentially verifiable, with the knowledge that it would be verified or replaced in the future.
Jim Bell
Yes. Hail to Assassination Politics, it was, is, a step away from pervasive fear, caution and obsequiousness, away from cowardly privacy policies and law enforcement obdience, lawyerly CYA terms and conditions. Further steps beyond AP, WL, TOR, PGP, slew of catchy brands and initials, are underway but not being revealed on Reddit, Chans, Wireds, Searches, News, Indictments, much less on this honey pot. Open source is a trap, shut up. Based on increasing successful hacks from outside the US, EU and allies most work-arounds and innovation are being done by parties not grown old, fat and lazy by excessive fame, conceit, funding, vanity, job security, benefits, profits, collegiality's willful ignorance, hey we invented the internet and computers, all this (once-)amazing stuff, why hell, we're so good and skilled we're supported by the richest government, corporations, donors and NGOs in the world. And backed by threats of WMDs, cruise missiles, swarms of satellites, special forces, spies and informers galore. USA is subject to a new and different culture, by walls inside and outside its borders, as it was founded to be, gloating about its power, still fighting last wars, losing all new ones, some it doesn't have a clue about so befuddled by comfort and imperialistic practices it dare not change, cannot change, doesn't want to change. Trump is a pure example of this but far from alone, more a consequence than a variation -- "The Presidency," (whoever in the slot), Congress, Supreme Court, state and locals -- where braggadocio, piggishness and advertising and entertainment, news and "smart" -- reign.
On 10/16/19, John Young <jya@pipeline.com> wrote:
https://blog.torproject.org/new-version-onionshare-makes-it-easy-anyone-publ... Most promising. If USG and other governments are not involved. Big if.
https://www.torproject.org/about/reports/ It is well known since inception that most of torproject.org principals (and many more people that are not subject to reporting thresholds) are clearly involved in receiving large salaries significantly sourced from USG funds sourced from the theft that is taxation. As to any creation and curation of lists of any potentially promising tools, independant people and groups could analyzing them as to if any have properties that may make them more resistant to various types of exploit than other tools. And if few or none are found that do, developing new tools that might.
participants (9)
-
grarpamp
-
Greg Newby
-
jim bell
-
John Newman
-
John Young
-
Punk
-
Punk - Stasi 2.0
-
Steven Schear
-
Zenaan Harkness