who are the service operators here?
I'm currently working on both chef cookbooks and dockerfiles for a bunch of old services I used to run in the good old days (pre 2000) of cypherpunks. Boring stuff like qmail, tinydns, pgp keyserver. But I'm dying to know what fancy new services people are operating these days. Any distributed chat ops? Blob/file storage? Remailers? Bitcoin pools? In another vein, what ops do you think a self-sufficient punk ought to be running? I'm thinking I absolutely need: - Tor endpoint - vpn endpoint (openvpn?) - smtp/imap sever (what's modern?{ - file/blob server (tahoe-lafs, camlistore?) - jabber server (ejabberd?) (Yes, my homepage is showing a ruby script. No, I don't have time to fix it in situ. Thus setting up my own servers) -- ~j
<SNIP>
In another vein, what ops do you think a self-sufficient punk ought to be running? I'm thinking I absolutely need: - Tor endpoint <SNIP>
A word of caution: I have run both a high throughput remailer, and a low-bandwidth (3mb) TOR exit node, both in the early through mid aughts. If you are serious, you need to get you legal house in order, as you will be spending a fair bit of your time with the feebies. Make sure you have an attorney who reallyunderstands what you are doing, and make sure s/he's got a hefty retainer ($5,000.00 seemed to be about right). Also, and most importantly, make sure this legal beagle is willing to both give you their direct cellphone/pager #, but that they are willing to actually drop everything and go get your ass out of the pokey at 03:00! And yes, 03:00-06:00 really is the favorite "raid time" for a certain testosterone addled federal police agency. Don't get me wrong, I'm not saying don't do it: I think *everyone* should, at least for a years or so, for a variety of technical, political, and other reasons. But you *cannot* go in unprepared! //Alif -- Those who make peaceful change impossible, make violent revolution inevitable. An American Spring is coming: one way or another.
On Wed, Oct 09, 2013 at 03:58:26PM -0500, J.A. Terranson wrote:
Don't get me wrong, I'm not saying don't do it: I think *everyone* should, at least for a years or so, for a variety of technical, political, and other reasons. But you *cannot* go in unprepared!
I think we need more hidden services to make the darknet more attractive, less exits. The open Internet has been dead for a while, time to accept it. Running a non-exit relay from home is still worthwhile, since it raises the bar for physical access, and also increases the traffic background. Decentral search is pretty important, we could really use lots of YaCy nodes as hidden services -- indexing not just the hidden web, of course. I wish there was a library of different privacy-based appliances in virtual formats (.ovf) which are kept up to date for easy deployment (even though running it on bare iron would be preferable). That would seem to be a lot of work, though, and run into trust issues.
Joseph's question is really important not even for me, as for person, who just want to try to run multi-purpose "home server". I think it is good idea for some bigger Documentation and HowTo project, too. Eugen's idea to have .ovf packages for different purposes is relevant too. Both ideas still need to be answered, and seems to me even propagated, so let me add one more question: Is there some Propaganda/Documentation Project/HowTo Wiki for this purpose? One of interesting .ovf I have found is *Liberté Linux*: http://dee.su/liberte [seems to be kind of out-dated] One of interesting "multi purpose, out of the box, home server" seems to be this: *arkOS: Building the anti-cloud (on a Raspberry Pi) - open source, Raspberry Pi - Development - Techworld* http://www.techworld.com.au/article/528273/arkos_building_anti-cloud_raspber... Both projects seems to be worth to add human power to and more propaganda. *Tails* https://tails.boum.org/ seems to be paranoid enough to not to support .ovf, or em'I wrong? BTW all of mentioned projects are good hint, what is trend on side of services but list of services and tools is still more than welcome. Btw2: On this wiki, I'm tiring to complete list of user side apps for different platforms, so it could be helpful too: https://brmlab.cz/project/crypto-anonymity_knowbase Regards, ~ Over Dne 11.10.2013 13:42, Eugen Leitl napsal(a):
On Wed, Oct 09, 2013 at 03:58:26PM -0500, J.A. Terranson wrote:
Don't get me wrong, I'm not saying don't do it: I think *everyone* should, at least for a years or so, for a variety of technical, political, and other reasons. But you *cannot* go in unprepared! I think we need more hidden services to make the darknet more attractive, less exits. The open Internet has been dead for a while, time to accept it.
Running a non-exit relay from home is still worthwhile, since it raises the bar for physical access, and also increases the traffic background.
Decentral search is pretty important, we could really use lots of YaCy nodes as hidden services -- indexing not just the hidden web, of course.
I wish there was a library of different privacy-based appliances in virtual formats (.ovf) which are kept up to date for easy deployment (even though running it on bare iron would be preferable). That would seem to be a lot of work, though, and run into trust issues.
-- “Borders I have never seen one. But I have heard they exist in the minds of some people.” ― Thor Heyerdahl www...................http://overdrive.a-nihil.net twitter...............https://twitter.com/#!/idoru23 GoogleTalk/Jabber.....tpetru@gmail.com blog..................http://d8ofh8.blogspot.com last.fm...............http://www.last.fm/user/overdrive23 GnuPG public key......http://overdrive.a-nihil.net/overdrive.txt GnuPG key FingerPrint.072C C0AD 88EF F681 5E52 5329 8483 4860 6E19 949D
On Fri, Oct 11, 2013 at 05:31:31PM +0200, Tomas Overdrive Petru wrote:
*Tails* https://tails.boum.org/ seems to be paranoid enough to not to support .ovf, or em'I wrong?
Their official position IIRC is that they discourage VM use, so they might not want to offer a virtual appliance. While they're technically correct, there's value in virtual network plumbing, so you can build up separated compartments, and routers which force everything through Tor. It would reduce the threshold of entry, even though there are ways of detecting that you're running in a hypervisor jail, and break out of it.
I'm using Tails inside virtual boxes only, because there is almost zero possibility of local data theft or local attack in my case, much more problematic is "Open Internet". So I think they are too much paranoid for my purpose and could be good idea to try to discuss it with them. Even I like design of Liberte Linux more [smaller, faster, same amount of tools, encrypted filestystem usable even under Windows...]. But we seems to be little bit OT, better to return back to question: what server application to run these days for self-suficient-anarcho-cPUNK-box. I think people from FreedomBox thread & Tor thread should be able to answer us best. Btw I see FreedomBox as unusable overkill, but it is just my IMHO. Too much crypto* == no usability for everyday purposes [which is basically exactly, why I'm reading this mailing list and doing wiki]. We must count with users as my mother is. She is able to encrypt/sign e-mail with Enigmail and use OTR and TrueCrypt... that is good example, where all of this should lead on user level. e.g. Pidgin + OTR plugin, Thunderbird + Enigmail, Ubuntu -- good user experience, not really much ponts, where even my Mother "can do it completely wrong" ... it is Facebook century, even most stupid or non-techie from primary school are on netz. Nobody cares about mailing lists and bbses anymore. Time to do it completely transparent [really gr8 job Enigmail !!!] --> Tails is killing itself because crypto* overkill even on web now [even I understand it could be good to have complex, it should not be default... propaganda and education should not kill usability, even it IS fu*ng important] Smart aPUNK study and is able to configure server, but does not understand elliptic curves on math level. Still MUCH better to understand concepts and be able to run it relatively fast and secure, than undrstand math and not 2 be able to do revolution, eh? have an ice day, ~ Over Dne 11.10.2013 17:53, Eugen Leitl napsal(a):
On Fri, Oct 11, 2013 at 05:31:31PM +0200, Tomas Overdrive Petru wrote:
*Tails* https://tails.boum.org/ seems to be paranoid enough to not to support .ovf, or em'I wrong? Their official position IIRC is that they discourage VM use, so they might not want to offer a virtual appliance.
While they're technically correct, there's value in virtual network plumbing, so you can build up separated compartments, and routers which force everything through Tor.
It would reduce the threshold of entry, even though there are ways of detecting that you're running in a hypervisor jail, and break out of it.
-- “Borders I have never seen one. But I have heard they exist in the minds of some people.” ― Thor Heyerdahl www...................http://overdrive.a-nihil.net CellPhone.............00420-721-007-507 twitter...............https://twitter.com/#!/idoru23 GoogleTalk/Jabber.....tpetru@gmail.com blog..................http://d8ofh8.blogspot.com last.fm...............http://www.last.fm/user/overdrive23 GnuPG public key......http://overdrive.a-nihil.net/overdrive.txt GnuPG key FingerPrint.072C C0AD 88EF F681 5E52 5329 8483 4860 6E19 949D
On Fri, Oct 11, 2013 at 01:42:13PM +0200, Eugen Leitl wrote:
I think we need more hidden services to make the darknet more attractive, less exits. The open Internet has been dead for a while, time to accept it.
Running a non-exit relay from home is still worthwhile, since it raises the bar for physical access, and also increases the traffic background.
Decentral search is pretty important, we could really use lots of YaCy nodes as hidden services -- indexing not just the hidden web, of course.
Hmmm, I hadn't heard of YaCy before, thanks for the mention!
I wish there was a library of different privacy-based appliances in virtual formats (.ovf) which are kept up to date for easy deployment (even though running it on bare iron would be preferable). That would seem to be a lot of work, though, and run into trust issues.
OVF is a dead end AFAICS. It's not perfect, but the combination of Chef/Puppet (to specify + install + configure the software stack) plus Vagrant (to specify + install + configure the base VM) seems like a more fruitful path forward. There are some missing pieces; for example, it's regrettably common in current Cookbooks and Vagrantfiles to download unsigned-and-unhashed code from the network and trust it. But that's fixable with more hashing and content addressed storage. -andy
On 12/10/13 03:35, Andy Isaacson wrote:
On Fri, Oct 11, 2013 at 01:42:13PM +0200, Eugen Leitl wrote:
I think we need more hidden services to make the darknet more attractive, less exits. The open Internet has been dead for a while, time to accept it.
Running a non-exit relay from home is still worthwhile, since it raises the bar for physical access, and also increases the traffic background.
Decentral search is pretty important, we could really use lots of YaCy nodes as hidden services -- indexing not just the hidden web, of course. Hmmm, I hadn't heard of YaCy before, thanks for the mention!
I wish there was a library of different privacy-based appliances in virtual formats (.ovf) which are kept up to date for easy deployment (even though running it on bare iron would be preferable). That would seem to be a lot of work, though, and run into trust issues. OVF is a dead end AFAICS.
It's not perfect, but the combination of Chef/Puppet (to specify + install + configure the software stack) plus Vagrant (to specify + install + configure the base VM) seems like a more fruitful path forward. There are some missing pieces; for example, it's regrettably common in current Cookbooks and Vagrantfiles to download unsigned-and-unhashed code from the network and trust it. But that's fixable with more hashing and content addressed storage.
-andy coreOS also has potential still has some bugs but looks promising.
On Fri, Oct 11, 2013 at 7:42 AM, Eugen Leitl <eugen@leitl.org> wrote:
I think we need more hidden services to make the darknet more attractive, less exits. The open Internet has been dead for a while, time to accept it.
If you are referring to Tor, there are at least 700 such services that you could find rather easily right now. That's ~75% more since two months.
On Sat, Oct 12, 2013 at 04:54:30AM -0400, grarpamp wrote:
On Fri, Oct 11, 2013 at 7:42 AM, Eugen Leitl <eugen@leitl.org> wrote:
I think we need more hidden services to make the darknet more attractive, less exits. The open Internet has been dead for a while, time to accept it.
If you are referring to Tor, there are at least 700 such services that you could find rather easily right now. That's ~75% more since two months.
Certainly nice growth, but realistically won't be sustained post-Snowden. Most-used services on the Internet is search, and there's just one useful search engine in onionland: 3g2upl4pq6kufc4m.onion and it's not operated by multiple, independent, noncommercial parties.
I have started BRMLAB Prague Hackerspace project related to this mailing-list thread and opened wiki : https://www.brmlab.cz/project/cpunk_box It is not public writable [will follow probably], but usable as propaganda/information page. So if this thread survive and will lead to something interesting, it will be linked there, same as everything we will find altogether with people from HS and so on. Regards, ~ Over On 10/08/2013 06:55 AM, Joseph Holsten wrote:
I'm currently working on both chef cookbooks and dockerfiles for a bunch of old services I used to run in the good old days (pre 2000) of cypherpunks. Boring stuff like qmail, tinydns, pgp keyserver. But I'm dying to know what fancy new services people are operating these days. Any distributed chat ops? Blob/file storage? Remailers? Bitcoin pools?
In another vein, what ops do you think a self-sufficient punk ought to be running? I'm thinking I absolutely need: - Tor endpoint - vpn endpoint (openvpn?) - smtp/imap sever (what's modern?{ - file/blob server (tahoe-lafs, camlistore?) - jabber server (ejabberd?)
(Yes, my homepage is showing a ruby script. No, I don't have time to fix it in situ. Thus setting up my own servers) -- ~j
-- “Borders I have never seen one. But I have heard they exist in the minds of some people.” ― Thor Heyerdahl www...................http://overdrive.a-nihil.net twitter...............https://twitter.com/#!/idoru23 GoogleTalk/Jabber.....tpetru@gmail.com blog..................http://d8ofh8.blogspot.com last.fm...............http://www.last.fm/user/overdrive23 GnuPG public key......http://overdrive.a-nihil.net/overdrive.txt GnuPG key FingerPrint.072C C0AD 88EF F681 5E52 5329 8483 4860 6E19 949D
participants (8)
-
Andy Isaacson
-
Eugen Leitl
-
grarpamp
-
J.A. Terranson
-
Joseph Holsten
-
Tomas Overdrive Petru
-
Tomas Overdrive Spider Petru
-
xlene