Help others bypass censorship with Tor – Be a snowflake!

Help others circumvent censorship – Be a snowflake!

Oppressive countries like China or Iran are always trying to find new ways to block their people from seeing the uncensored reality over the internet. Tor is one way to resist against this oppression and therefore those governments try to block it as well.

This is where pluggable transports come into play as alternative ways to enter the Tor network that are harder to block. There is an always ongoing race between the censors to block ways to access Tor and the free internet and the Tor Project to develop new ways to evade those blocks.
The Tor Project is currently developing a new pluggable transport called Snowflake that requires your help!
You can install the Snowflake Extension for Firefox or Chromium and turn your browser into a Snowflake that allows others to use your internet connection to access Tor!

The extension uses a fancy technology called WebRTC usually used for voice or video calls to allow people under censorship to route their traffic disguised as calls over your browser into the Tor network.

It needs to be installed in a regular browser that can directly access the internet, not into Tor Browser, and you need a decent, uncensored internet connection yourself to help. You do not need to be afraid of the internet activity of other people being associated to you, because your Snowflake will only act as an entry point to the Tor network that will than anonymize the traffic.

The official project page with more information can be found here: regular site/onion site version.

Snowflake as a pluggable transport to evade censorship is currently still under development and only available in Tor Browser Alpha versions. The snowflake extension is only for people who have uncensored access to the internet themselves and want to help others that don't, if your connection to Tor is being censored this guide I wrote some time a go might help you.

👍︎ 111
📰︎ r/TOR
💬︎
📅︎ Mar 13
🚨︎ report
I'm developing a decentralized private network, and I want your help [Onionr AMA]

I want to share with r/privacy my project I've been working on the past few years.

It is called Onionr. My goal is to make an anonymous network and platform for webpages, mailing, microblogging, document sharing and so on via modular parts. Since this is a general subreddit I won’t go too deeply into technical design or reasoning here except when asked.

Please understand that I've been working mostly on my own for free and my project is experimental and in alpha

I have several pre-included plugins accessible via a web UI, including mail, a textboard, and static site viewing, however Onionr is not intended for clearnet browsing. You can see slightly outdated screenshots on the README

The long term vision is an anonymous platform for free expression, communication and commerce for both desktop and mobile.

Onionr is a combination of features, routing methods, and design decisions that in my opinion are suitable for a true cypherpunk. It is most similar to Briar. The core component is a simple message serialization system which can be transported in any order, everything else is just logic on top of that.

I want to maximize anonymity on this platform, so this means there are trade-offs on scalability and speed. To maximize the anonymity set, the basic routing mode sends all messages to all peers via a gossip-like protocol, which are stored for a maximum of 30 days if they are not recalculated. For when you need larger amounts of data or lower latency, I have implemented a system to establish ephemeral onion connections to a peer, which expire when the connection is closed. This prevents DDoS of onion services (when only those with an approved key can access) and helps with up-time correlation attacks.

It is transport-agnostic meaning it works even without Internet, as it can work over LAN using multicast or even via sneakernet where objects (messages, sites) can be exported to files. In the last ~36 hours these were the only functioning transports as Tor was being DoS’d, taking down all v3 .onions

I have made it quite difficult to discover the identity of both publishers and consumers of content. This is because on top of the broadcast-like routing, all internet-facing nodes operate behind Tor (i2p support planned). Even if statistical analysis points to a particular .onion having created messages, there is plausible deniability due to the fact the messages could have come from anywh

... keep reading on reddit ➡

👍︎ 68
📰︎ r/privacy
💬︎
👤︎ u/beardog108
📅︎ Jan 11
🚨︎ report
I'm excited to announce my latest project: Web hosting with multi-network publishing. Publish direct to the clearnet, I2P and TOR networks.

I hope this is okay. Some of you may remember my post about RAMBLE, the reddit-like site that bridges multiple anonymity networks (Tor, I2P, Lokinet, and Yggdrasil to be specific!). I've been working on another project off and on since before that. RAMBLE was more or less a proof-of-concept of much larger idea that I had...

All I want to do is to grow anonymity networks by pushing regular, everyday content to them. I believe content is king, and content is what will encourage your normal, everyday type of people to start to use these networks. Ideally, this will encourage them to start thinking about their digital privacy as well. I want to do this while respecting the privacy of content publishers, too.

My background is in the webhosting industry, and myself and two longtime and trusted peers decided to work on a unique project together.

In short, we're simply a small hosting startup dedicated to protecting the privacy of our customers with a very non-invasive registration process, a website, customer portal, and hosting panel accessible from the network of your choice. (Currently clearnet, Tor and I2P), We also support several channels of communication, from the standard helpdesk (which you can access as a .onion!) to you using our public key to contact us at our encrypted email.

Our Terms of Service, Privacy Policy and Acceptable Usage Policy are available to review from the footer on our website. We believe you will find these very fair and reasonable. There you will also find our public keys and our warrant canary. Because we are just now beginning to launch, there is no transparency report available yet, but we plan on publishing quarterly transparency reports to highlight how many complaints we received, what we did with them (forward to end user, sent to /dev/null , or what actions we took) and to inform of any requests made from law enforcement. Remember, “We can’t share what we do not know.”, it’s sort of our unofficial motto.

Furthermore, we encourage the use of crypto for payments (Monero preferred, Bitcoin and Oxen currently accepted as well. Others will be added as requested!) to protect the privacy of you, the customer, as well as protect us, the service supplier from fraudulent chargebacks. We are currently in talks with a Gift Card processor that will allow us to accept a comically large amount of Gift Cards as payments as well, which is just another privacy/anonymous method of payment. In true libertarian fashion, we’re also open t

... keep reading on reddit ➡

👍︎ 69
📰︎ r/onions
💬︎
📅︎ Jan 19
🚨︎ report
Tor outage: How a major attack felled the onion network

Why did the Tor Network fail?

And so it was in January 2021, when the project’s validator nodes were knocked offline by a DDoS attack. As a result, they could not come to a consensus about the state of the network, hidden services became unreachable, and for some, the Tor browser gave an error message at startup.

There are nine privileged Tor directory servers, plus one “consensus” server. You can find them listed on this page, and your Tor Browser or client will ping them at startups. These servers are distributed around the world and run as independently as possible, to make it difficult for anyone to take them over.

Every hour these directory servers vote on the state of the network, keeping each other informed about which node fulfills which function, which nodes behave poorly, or even which nodes have been deemed malicious and need to be kicked off the network.

The individuals running these directory nodes are constantly surveilling their own anti-surveillance network in search of bad actors and performance issues. A prominent case arose in mid-2020 when a group was found to have run almost a quarter of all exit nodes.

The votes, one of which you can find here, are transmitted unencrypted, but signed using a PGP key. When too many of these voting nodes are offline, or as in the January 2020 case, unable to respond due to a novel DDoS attack, a Tor client is unable to retrieve this consensus, and either has to fallback to an older state of the network and risk routing errors and malicious actors, or not engage at all.

What is the purpose of attacking Tor?

It is yet unclear which group is responsible for the attack, though it seems unlikely that error or a bug is to blame. Pulling off such a feat could be a simple show of strength for a hacking group, aimed at building a reputation and highlighting weaknesses in otherwise cherished software.

It could however also be a targeted attack aimed at some groups or individuals inside of the Tor Network, for instance to trick them into switching from hidden onion sites to connections to the clearnet.

Only a day later, for instance, the operators of the world’s largest darknet market were arrested by German police.

👍︎ 24
📰︎ r/VPN_help
💬︎
👤︎ u/Drew41305
📅︎ Feb 11
🚨︎ report
Monero security GUIDE - Maintaining Privacy and Security while handling with MONERO

This is a Little tutorial/Guide on how to Maintain Privacy and Security while handling MONERO

Operating Systems

- Tails OS with maximum security (https://tails.boum.org)- Qubes OS in a VM in a hardend Linux enviroment (https://www.qubes-os.org/)

Computer Security

- VeraCrypt Full disk encryption (Only as safe as your Password) https://www.veracrypt.fr/- Tails or Tor as a Proxy (Start Tor browser and configure 127.0.0.1:9050 as Proxy in your Network settings)- Check any devices/usbs plugged and only store your wallet keys in a Live os- TURN OFF YOUR COMPUTER WHILE NOT USING IT!

Virtual Private Networks

- Delete all VPNs they are useless for Security/Anonymity (For thespecific Threat model I talk about VPNs are usefull for country/websiteblocking)

Monero Wallets

I will not cover ANY web/mobile/ wallets cause these are unsafe as youneed to trust a Third-Party storing your Private Keys and Ip´s/KYCinformation. I also wont cover Hardware wallets in this thread.

- Official Monero GUI wallet (https://getmonero.org/)- Featherwallet (Featherwallet.org) (Beta)

How to install these wallets on Tails here is a guide: http://www.xmrguide42y34onq.onion/tails

Remote/Local Full Nodes and how to use them

There are many ways to connect to the monero Blockchain over Nodes,Remote nodes are the most used once cause its convinient to only need toconnect to a other persons server which already downloaded the wholeblockchain so there is no need to download it yourself.

Remote nodes are seriously dangerous cause you need to trust a Third-Party for handling your Transactions.Only use them while transfering "Clean" funds and only use Hidden Service Remote nodes! (List of remote Nodes)

Now there are 2 more options,First one is to host a remote node yourself so its completely in yourown hands.There are projects like PiNode XMR which allow you to do thatpretty easy with a cheap 50$ Rasperry Pi 4 (https://github.com/monero-ecosystem/PiNode-XMR)

The other option is to download the whole Blockchain(Curerntly 68GB)yourself and import it into your Wallet(Works on both Feather and MoneroGUI) a nice tutorial on how to do that on Tails ([https://www.reddit.com/r/Monero/comments/h8pbc2/guide_setting_up_a_monero_full_node_on_tails/](https://www.redd

... keep reading on reddit ➡

👍︎ 90
📰︎ r/Monero
💬︎
👤︎ u/Unkn8wn69
📅︎ Jan 19
🚨︎ report
How the "dark web" was created (hint, it involves the United states government)

In the 1990s, the lack of security on the internet and its ability to be used for tracking and surveillance was becoming clear, and in 1995, David Goldschlag, Mike Reed, and Paul Syverson at the U.S. Naval Research Lab (NRL) asked themselves if there was a way to create internet connections that don't reveal who is talking to whom, even to someone monitoring the network. Their answer was to create and deploy the first research designs and prototypes of onion routing.

The Onion Router Project also known as "Tor" wasn’t started with the aim of creating a hidden corner of the world wide web. The actual aim of Tor was to allow secret agents and dissidents friendly to America in other countries to communicate with each other without the risk of their conversations, origins and destinations being intercepted and tracked. However, people and criminals soon realized it could be used to obscure any online communications and actions.

The goal of onion routing was to have a way to use the internet with as much privacy as possible, and the idea was to route traffic through multiple servers and encrypt it each step of the way

The Tor Project was made available to the public in 2004 but the idea of “onion routing” began in the mid-1990s. Tor gained popularity in the mid-2000s, but it remained difficult for less-tech savvy people to use. To make the dark web more accessible the Tor Browser was developed in 2008.

With Tor Browser having made Tor more accessible to everyday internet users and activists, Tor was an instrumental tool during the Arab Spring beginning in late 2010. It not only protected people's identity online but also allowed them to access critical resources, social media, and websites which were blocked.

The need for tools safeguarding against mass surveillance became a mainstream concern thanks to the Snowden revelations in 2013. Not only was Tor instrumental to Snowden's whistleblowing, but content of the documents also upheld assurances that, at that time, Tor could not be cracked.

People's awareness of tracking, surveillance, and censorship may have increased, but so has the prevalence of these hindrances to internet freedom. Today, the network has thousands of relays run by volunteers and millions of users worldwide. And it is this diversity that keeps Tor users safe.

Tldr: Tor was created by the navy to have a network

... keep reading on reddit ➡

👍︎ 30
💬︎
📅︎ Dec 21 2020
🚨︎ report
Why do some .onion website have "DDoS protecction"?

https://svn-archive.torproject.org/svn/projects/design-paper/tor-design.html

> Rendezvous points are a building block for location-hidden services (also known as responder anonymity) in the Tor network. Location-hidden services allow Bob to offer a TCP service, such as a webserver, without revealing his IP address. This type of anonymity protects against distributed DoS attacks: attackers are forced to attack the onion routing network because they do not know Bob's IP address.

This makes the server immune to attacks some attacks that use UDP flood (tor is only tcp), icmp flood and tcp flood since you don't have an IP address to send it, also .onions doesn't forward all ports (usually only 80 is open)

Obviously, some attacks like slowloris can still affect the .onion service because it floods the http server with requests that never ends

👍︎ 3
📰︎ r/onions
💬︎
👤︎ u/iTzDrK_
📅︎ Jan 18
🚨︎ report
Hi, I'm a Cybersec Enthusiast. If you're a Journalist / Activist / Citizen with privacy concerns, here's a Privacy 101 for you

Hi, I recently went through Indian news and media. I was concerned regarding the privacy violations that are happening in India as well as the recent case in UP. I express my heartily condolences to the families and prayers for them.

Getting to the topic, here's a Privacy 101 for you if you're a Journalist / Activist / Citizen of India who doesn't want her/his private chats on live TV.

Privacy Violations and How to Evade:

1. WhatsApp Chats: Regardless of claims, WhatsApp is end-to-end encrypted and it cannot be Intercepted and decrypted without the encryption key from the user's device. The encryption key is stored in the app data folder which is only accessible to the app itself and the root user and a few other methods due to android's app sandboxing. The privacy flaw lies in the Google drive backups and the owning company Facebook. Facebook is known to violate user privacy and it's not once. The WhatsApp chat databases (msgstore) are uploaded unencrypted into Google drive. Google drive has a special feature for storing app data in a hidden folder in the drive (App Data Storage), anyone with Google credentials or a login session from Google services can access all your chat backups and read it without a key.

[?] How to Prevent: Disable Google Drive Backups. The local backups are always available from Internal Storage /WhatsApp folder. The backups are encrypted so you can just copy it over to a safe location (a hardrive / pendrive / cold storage). You can also use any of the below cloud storage apps and configure automatic sync for the folder.

2. Call and Message Tapping: This is usually the telecom company handing over their logs to the government on orders. Your telecom company may also monitor your internet activity by monitoring your dns queries or using DPI (Deep Packet Inspection).

[?] How to Prevent: Use a different number. Ask a trusted friend to get you a Sim card, and use it for account verifications and then don't keep it. You can also purchase temporary numbers online. Just change your number altogether, or use online privacy focused messaging and calling services. Do not visit HTTP websites as they'd be plain text. Use a tunneling tool like TOR with Encrypted DNS. If you dislike TOR for it's slow network, use a trusted VPN like ProtonVPN.

3. Using a VPN make me undetectable: NO. A VPN only tunnels your internet through their servers, preventing you from DPI and interception threats in your network (Lan, Wan,

... keep reading on reddit ➡

👍︎ 132
📰︎ r/india
💬︎
📅︎ Oct 04 2020
🚨︎ report
New Tor/IPv4/IPv6 Lightning routing node

Hi everyone,

I just launched a new Lightning Network (routing) node. I will open many channels in the coming weeks. Would be awesome to get some inbound!Some stats:

  • 1 Gbit/s Networking
  • High Uptime
  • Tor, IPv4 and IPv6 available
  • Daily rebalance

​

Tor:
02b[email protected]wstxzgbzof5ecpnkacm6b4ljgr5nx5xwucxc2rw53t5cqygv5c23mqad.onion:9735

IPv4:
02b[email protected]51.178.82.201:9735

IPv6:
02b[email protected][2001:41d0:404:200::5082]:9735 

The node is linked to the no-profit "Bitcoin Sicurezza Privacy" project, whose purpose is to:

  • Increase the adoption of bitcoin by Italian merchants thanks to a free, open-source, secure and private hosted payment processor (BTCPay Server).
  • Publish a free and in-depth series of videos on Bitcoin and Lightning Network Security and Privacy issues.
  • Contribute to the Tor network through a guard/middle relay.
  • Support users on Bitcoin issues through the Telegram group.

(You can support the project via the crowdfund page (PayJoin enabled)

Follow me on Twitter: https://twitter.com/RiccardoMasutti

To contact me (in case you have problems with your node/channel eg. if it goes offline):
[email protected] | PGP: 9E183EAD5CCF7D0D88E5BC47CA0E200FAE9F2AA0

👍︎ 9
💬︎
📅︎ Jun 19 2020
🚨︎ report
Under a bad law signed by Donald Trump, if the ISP you use is in the US, it legally can collect and sell your browsing history and data without your consent. You can prevent that by using Tor Browser. Today, millions of law-abiding people are using Tor Browser to protect their privacy.

Some people already know this, but millions of other Internet users might not know they have the right to use Tor to protect their online privacy. Millions use the Tor Browser to connect to their favorite websites (e.g., YouTube, Wikipedia, Yahoo, Reddit, etc.)

2,685,244 Tor users (on 29 July 2019) had direct connections to the Tor network from the US and the other 205 countries in the world, plus some Tor users were connecting from Antarctica.

Tor Project - Tor Browser - download. See: Tor Browser Manual—Downloading...Tor Support Portal...Tor FAQ.

Tor Project - use Tor Browser on Android - download.

Tor Project - Are you an iOS user? We encourage you to try Onion Browser. See: Tor at the Heart: Onion Browser (and more iOS Tor).

Electronic Frontier Foundation (EFF): Using Tor Browser on Windows, on macOS, and on Linux.

See: r/TOR and its sidebar.


Users of Tor include daughters, sons, sisters, brothers, mothers, fathers, grandparents, children, teens, adults, senior citizens, students, teachers, employees, business owners, and more. Anyone can use Tor, which includes the Tor network of 6,429 Tor relay servers (on 30 July 2019) in 85 countries on six continents.

Tor is [not illegal in the US](https://metrics.torproject.org/userst

... keep reading on reddit ➡

👍︎ 231
📰︎ r/privacy
💬︎
👤︎ u/Molire
📅︎ Jul 31 2019
🚨︎ report
Not all alt-coins are scams (I hope)

#What is this post about?

Bitcoin brought to light the power of cryptocurrency and blockchain technology. I wanted to share some other projects to show the world that blockchain technology is a viable solution to real world problems. I had a look into some of the projects that are disrupting industries like advertising, communication, energy, finance, gambling, video games, privacy, and social media - here’s what I found:

#Advertising

Personal data is gathered and sold to third parties, but the money never makes it to the user whose data has generated the value for the company using it.

BAT is a product of Firefox co-founder Brendan Eich, raising over $20million in less than a minute during the ICO craze of 2017. BAT is a feature of the Brave browser, enabling users to be rewarded in $BAT for their attention. As of March 2020, Brave has amassed an impressive 4 million daily active users.

DAD, short for Decentralized Advertising, is making advertising data more transparent without infringing on users’ privacy. DAD uses the Lightning Network to facilitate high frequency microtransactions.

#Communication

Edward Snowden (among others) revealed the extent of surveillance technology collecting civilian communication data and expressed the need for a safe, secure and surveillance free method for individuals and businesses to communicate over the internet.

Status is an Ethereum based encrypted messaging app, web3 browser and $ETH/$SNT wallet. Status was one of the most funded ICOs in 2017 and have achieved +10k downloads on Android phones. Recently, Status upgraded their communication protocol to allow 10x more users, however this only raised their limit to 10k simultaneous users.

The Orchid network is an incentivized bandwidth proxying protocol for a decentralized VPN that allows users to buy bandwidth from a global pool of service providers using $OXT.

#Privacy

With the shift away from physical cash and the move towards online payments, user privacy is at risk. Digitalization often means more surveillance, privacy is more important than ever.

With Monero you can spend safely, knowing that others cannot see your balances or track your transaction activity - by default. Using a combination of ring sig

... keep reading on reddit ➡

👍︎ 11
💬︎
📅︎ Apr 24 2020
🚨︎ report
Groestlcoin June 2020 Release Notes!

Groestlcoin June 2020 Release

As 2020 continues to unravel with people worried about their health, livelihoods, jobs and general way of life, one thing at least can remain constant - Groestlcoin's release schedule. We at the core Groestlcoin team really hope everyone is doing well and coping with what 2020 is throwing at us all. For anything to change in this world, major and seemingly dramatic change and chaos unfortunately needs to first ensue but rest assured everyone will come out of 2020 much stronger people! The Groestlcoin team have been working on a vast amount of new technology during these uncertain periods which we would like to share with you today.

Groestlcoin Core 19.1

The full list of changes in Groestlcoin Core 19.1 are too long to list here so we won't bore those who do not want to see every slight change here. For that, please go to https://github.com/Groestlcoin/groestlcoin/blob/2.19.1/doc/release-notes/release-notes-2.19.1.md. Instead we will list a general list of changes here. We recommend upgrading to this version if you are running a full node yourself.

  • New User Documentation
  • New and updated RPCs
  • New Settings Implemented and other settings updated
  • GUI Changes
  • RPC and configuration options removed or deprecated
  • P2P improvements
  • Various low-level changes

How to Upgrade?

Windows

If you are running an older version, shut it down. Wait until it has completely shut down (which might take a few minutes for older versions), then run the installer.

OSX

If you are running an older version, shut it down. Wait until it has completely shut down (which might take a few minutes for older versions), run the dmg and drag Groestlcoin Core to Applications. Users running macOS Catalina need to "right-click" and then choose "Open" to open the Groestlcoin Core .dmg.

Downloads

Download the Windows Installer (64 bit) here: https://github.com/Groestlcoin/groestlcoin/releases/download/v2.19.1/groestlcoin-2.19.1-win64-setup-unsigned.exe

Download the Windows binaries (64 bit) here: https://github.com/Groestlcoin/groestlcoin/releases/download/v2.19.1/groestlcoin-2.19.1-win64.zip

Download the OSX Installer here: https://github.com/Groestlcoin/groestlcoin/releases/download/v2.19.1/groestlcoin-2.19.1-osx-unsigned.dmg

Download the OSX binaries here: https://github.com/Groestlcoin/groestlcoin/releases/download/v

... keep reading on reddit ➡

👍︎ 10
💬︎
📅︎ Jun 22 2020
🚨︎ report
⚡ Lightning Network Megathread ⚡

^Last ^updated ^2018-01-29

This post is a collaboration with the Bitcoin community to create a one-stop source for Lightning Network information.

There are still questions in the FAQ that are unanswered, if you know the answer and can provide a source please do so!


⚡What is the Lightning Network? ⚡


Explanations:

Image Explanations:

Specifications / White Papers

... keep reading on reddit ➡

👍︎ 1k
📰︎ r/Bitcoin
💬︎
👤︎ u/codedaway
📅︎ Jan 12 2018
🚨︎ report
User Guide, FAQ and 10 Commandments

Dear Wasabikas,

Thank you all for taking the time to consider your privacy, and welcome to the community. This post is a guide for using Wasabi and should be read before reaching out for help. Currently Wasabi Support accepts questions in the following languages: English, Spanish (español), French (français), Russian (Русский), Italian (italiano) and Hungarian (magyar).

Our support team now has a dedicated PGP key set:

PGP Fingerprint: 30FE 98B2 6219 2F35 72BB 9C6D F8FC B536 5407 1408

You may choose to ask for help more discretely through DM, or perhaps you have sensitive information that you may need to share. We recommend encrypting data against the support key, however you may choose to encrypt messages against any of the following keys you trust (you may also encrypt against several keys).

After you have looked through the commandments, please check out our FAQ written by 6102bitcoin, and our community built documentation:
https://github.com/zkSNACKs/WalletWasabi/blob/master/WalletWasabi.Documentation/FAQ.md
https://docs.wasabiwallet.io/

The Ten Commandments

1 - Wasabi is for defense only

2 - Verify the integrity of your software

Wasabi Wallet is an open-source project with many contributors. When downloading the wallet, you may chose to go to the official site or to the official GitHub to build from source. Wasabi is available at our official site:

https://wasabiwallet.io/ (Clear-net)

http://wasabiukrxmkdgve5kynjztuovbg43uxcbcxn6y2okcrsg7gb6jdmbad.onion

Please check signatures after completing downloads, the concern here is that you may accidentally fall for a phishing attempt and be on a malicious site downloading a malicious piece of software.

Alternatively, you may also build the code from source here, instructions are available here:

https://github.com/zkSNACKs/WalletWasabi

3 - Keep your mnemonic words and password safely stored (BOTH!)

When creating a new wallet - write down your mnemonic seed AND password and store those safely. Wasabi is a fully non-custodial wallet, which means that should always be in possession of your keys, and this means safely storing a backup in case your computer is lost or the wallet crashes. Often times when things go wro

... keep reading on reddit ➡

👍︎ 19
💬︎
📅︎ Jul 01 2019
🚨︎ report
PiNode-XMR (Single board computer Plug and Play Full Monero Node) Free image download and updated to v2.12.19. **Lots of new features**

https://preview.redd.it/f81i3qsnr6941.jpg?width=740&format=pjpg&auto=webp&s=da729d5a37c1be43832d7cf2ccdce6ccc4c4d637

Main project page with manual and screenshots https://github.com/shermand100/pinode-xmr

Download PiNode-XMR_v2.12.19_m0.15.0.1.img -Hosted on Google drive - 6.45GB

SHA256 Hash: 0EE90EEC65F430DC89FB3236474AA576BA0AFFFF4005B044FFE40D4A47B148F0

Hardware: Raspberry Pi 3/4 including B and + models

New Features:

  • Onion Monero Blockchain Explorer by /u/mWo12 included.
  • Auto loading menu for Monero updates, and script that auto detects, formats and mounts attached USB drives. Labels drive for simple detection by future versions of PiNode-XMR so the blockchain is maintained between versions.
  • Public node - RPC_payments ready. Receive payment* for running a node (more info here) Pending monero/pull/6260 ( context of issue monero/issues/3083 )

All features:

  • 4 Node modes (click to start)
    • Private Node
    • tor bridging Node - routes your transactions through the tor network
    • Public Node - Using new RPC payment feature* - soon
    • Private Node - with mining (For education/experiment only)
  • Simple control with Web-UI
    • View Monero node and hardware status
    • Control bandwidth, connection limits and RPC port
    • Transaction pool and summary viewer
    • View connected peer info
    • Monerod log file view page
  • Easy setup menu for config of passwords, USB storage, Update and optional dynamic DNS.
  • All the benefits of running on a Pi, silent/fanless, low power (approx 15w) for 24/7 node, low cost.
  • Headless (No need for extra monitor,keyboard,etc) and connect via Ethernet or WiFi**

Background:

I've been making nodes for other coins for a few years to learn about some crypto basics. It got a bit of interest for I have a site https://PiNode.co.uk but recently far more advanced projects have come on the scene (such as RaspiBlitz for Bitcoin) which was so far superior there was no sense pursuing it . However there are benefits for Monero users running their own node and we didn't have that quality of plug and play node. So I've been giving

... keep reading on reddit ➡

👍︎ 39
📰︎ r/Monero
💬︎
📅︎ Jan 06 2020
🚨︎ report
Stakenet - XSN

Marketcap - $9M

Key Features - Lightning Network, Cross-Chain capabilities, Cold Staking, Masternodes, DEX, Privacy, dApps, Hardware

Stakenet are building an interchain economy that will link all the various blockchains together. They have already released their Cold Staking tech TPoS which is the best in the industry. They are leaders in development on Lightning Network and have made many advancements to the tech that even Lightning Labs have been unable to do. Their interchain mesh will support the entirety of ETH and EOS networks and all of their tokens.

Their Lightning Swap tech is game changing for the industry and will help with adoption. The tech will allow you to pay any retailer that accepts crypto with any other asset. So if a shop accepts BTC you can pay them with anything and a Lightning Swap will convert the asset into BTC for the retailer.

This gives a huge usecase for any assets Stakenet support as now they can be spent in stores, also withdraw to fiat at BTC ATM machines. To take that a step further throw stable coins into the mix and you can get say $10 worth of goods at a shop, pay them in any asset you want and the retailer will get $10 worth of USDT/USDC or any other stable coin they want. This solves the volatility issue as retail for crypto and can again help with wider adoption.

They are utilising their Masternode network and putting them to use to run services like the Lightning DEX which is also built on the Lightning Swap tech. This DEX is entirely hosted on the Masternode network and all trading fees it earns are paid back to the Masternodes running it. All services running on the network that collect fees will be paid back to the Masternodes as additional income on top of block rewards.

The Masternodes are multifunctional and can:

− Host and run XSN Dex.

− Host all needed blockchain explorers to ensure true decentralization.

− Host all blockchains needed to keep XSN Dex decentralized and light.

− Handle Lightning Swaps and Tokenized Swaps between different blockchains.

− Be used as watchtowers to host and monitor Lightning Channels.

− Use their collateral to provide Lightning Network liquidity.

− Authorize and secure the transfer of tokenized coins between different blockchains.

− Facilitate instant and private on-chain transactions.

− Provide onion routing and ensure secure exit points for the network.

− Host dApps for Stakenet and other blockchains.

− Be used for the decentralized democrac

... keep reading on reddit ➡

👍︎ 15
💬︎
👤︎ u/marckolind
📅︎ Jul 10 2019
🚨︎ report
Now that CISA has passed, here are some tips to protect your Privacy, Anonymity, and Security (x-post from /r/YouShouldKnow)

[PSA--Long post ahead. tl;dr for the first half of this: You might be getting spied on. Skip to the numbered part and I'll teach you how to protect yourself. I will not explain in detail how these things work in this post, because I want anyone, regardless of their tech prowess, to find these suggestions accessible. It is also because I am by no means an expert in this area, and do not wish to spread misinformation. Luckily, the information is readily available all over the net, if you would like to know more.]

> (UPDATE 12/20/2015: I just want to point out that I am aware that a few of my suggestions have been disputed in the comments. I am OKAY with that. In fact, I encourage it. A few people seem to be getting heated, and there is just no reason for that. I am just some dude on the internet looking to help out. These are all just suggestions that work for me. I am sharing with you what I know. None of these tips will cause you any harm, I promise, though an alternative might suit your purposes better. Please, I implore you to take what I say with a grain of salt and do your own research. Feel free to tell me I'm wrong in the comments, but please be kind to one another. I will make updates and corrections as needed, so please check back now and again.)

I promise, I am not as crazy and paranoid as this post is about to make me seem. This is just an important issue to me as a techy/geek. This is important for you as well, I swear, so grab your tinfoil hats and come to Crazy Town with me for a moment.

Basically, CISA has been signed into law. For those that don't know what this means, many corporations and the Department of Homeland Security now have greater access to your online activity and can do with it what they will. There are scary implications of this that I could ramble about; but, honestly, they will probably never happen to you or I. But it's the principle of the thing that concerns me.

There are three important things that everyone should have a right to as a "citizen of the internet": Privacy, Anonymity, and Security. CISA is a blatant invasion of the first two, particularly Privacy. You do not have to be doing anything illegal to warrant a need to private access to the interne

... keep reading on reddit ➡

👍︎ 30k
📰︎ r/technology
💬︎
📅︎ Dec 20 2015
🚨︎ report
Six Random Encounters Whilst Horse Riding

Six Random Encounters Whilst Horse Riding

>One

A pack of dire foxes burst out of the undergrowth and spook the horses which gallop off wildly at top speed away from the foxes.

DM Notes

The foxes are just messing with the horses and getting their own back for their smaller brethren being hunted on horseback for centuries. They will not pursue or attack the horses but the horses don’t know that. How you resolve the fortunes of the mounted characters on a wildly galloping horse we leave to you!

>Two

A heavily armoured figure, riding a griffon, flies past brandishing a large warhammer and shouting to the heavens ‘Call yourself an all-knowing, all-wise God? If you’d wanted the ritual stopped, you should have told me when I was there yesterday.’ He then spurs on his mount to greater speeds and disappears up into the cloud line.

DM Notes

Should the characters find a way to speak with him then his only response is to shout back and say ‘Gods – they have no sense of timing!’

>Three

A male figure wearing all worn black leather, wearing a mask and with a tri-cornered hat rides out of the bushes directly in front of the party. A loaded crossbow is held loosely in his hands. His body language speaks of confident menace until he seems to take stock of the party’s composition properly at which point, he looks startled and slightly embarrassed – lowering the crossbow to his side and smiling sheepishly as his horse neighs loudly.

DM Notes

  • Should the party pause, deliberately do nothing or ignore him, the figure leans forward and speaks quietly (although the characters closest to him can overhear him) to the horse ‘I know Bessie, I know. I was distracted and only saw the first two.’. He then attempts to back his horse into the bushes. (Which is harder than it sounds.)
  • Should the party attack or directly threaten him he will drop the crossbow and put his hands up claiming the whole thing was a misunderstanding and he thought they were friends of his he was going to give a fright to.
  • Should the party search him they discoverer a range of items that clearly don’t belong to him including personal letters, multiple wallets and assorted nick-nacks. He is, in fact, a local highwayman but frankly not very good and out of his league going up against the party!

>Four

A young female half-orc, riding bare-backed, gallops up to the party and challenges them to a riding contest. She will wager her servitude as a general ser

... keep reading on reddit ➡

👍︎ 9
📰︎ r/DnD
💬︎
📅︎ Jun 05 2020
🚨︎ report
MoneroMixer: A simple tool to help you anonymously transact or mix XMR, BTC, LTC, ETH and 100+ other coins via non-KYC exchanges on Tails OS and Whonix

How to anonymously transact or mix 100+ coins with MoneroMixer

What’s up good people of /r/onions, I’m here to share with you all a program I wrote this summer called MoneroMixer that I hope will help some of you use Monero’s superior privacy protocol to anonymously send, receive and/or mix your crypocurriencies over tor.

What does MoneroMixer do?

  • Simplifies the process of creating a Monero wallet on Tails and setting it up to work over tor.
  • Allows you to deposit or withdraw XMR, BTC, LTC, ETH and 100+ other coins to or from your wallet via non-KYC exchanges without using Javascript.
  • Objectively compares exchange rates between non-KYC exchanges to make sure that you always get the most bang for your buck.

How does MoneroMixer protect your privacy?

  • Monero: The inherent fungibility and immaculate cryptography of Monero allows your coins to become truly untraceable once you exchange them for XMR through a non-KYC exchange.
  • Non-KYC exchanges: Godex.io, MorphToken and XMR.to all do not have "know your customer" (KYC) policies, meaning that you are able to exchange without giving any personal information whatsoever.
  • Torsocks: Forces all network connections used by your Monero wallet and the Python script that facilitates the exchanges to be routed only through the tor network . This prevents IP and DNS leaks so your real IP address is never associated with your wallet or any exchange orders you create.
  • NO JavaScript: Preventing you from being vulnerable to the many known JavaScript security vulnerabilities such as XSS, CSRF, clickjacking etc.
  • NO Browser: Preventing you from being vulnerable to potentially undiscovered security vulnerabilities in the Tor Browser such as the recent Sandbox Escape.
  • Encryption and shredding: All sensitive data used or created by MoneroMixer is stored in AES 256-bit encrypted files that are only decrypted when read, then immediately re-encrypted. All files that are no longer needed are immediately shredded (Deleted so they cannot be recovered).

How do you send, receive, or mix my coins anonymously?

Setup MoneroMixer:

  1. Download here: https://github.com/FungibilityMatters/MoneroMixer
  2. Press 1 to setup automatically or 2 to configure your settings manually.
  3. Create a Monero wallet by simply entering a name and password.

Deposit:

  1. Select coins and enter an estimated deposit amount to
... keep reading on reddit ➡

👍︎ 96
📰︎ r/onions
💬︎
📅︎ Aug 20 2019
🚨︎ report
Is onion routing appropriate for Lightning Network?

The privacy guarantees of Lightning transactions are highly questionable. Onion routing on Lightning Network provides far less privacy assurance than it does on Tor, and the ability for intermediaries to control routing decisions opens the potential for them to deanonymize senders or receivers. In particular, [BOLT #4: Onion Routing] (https://github.com/lightningnetwork/lightning-rfc/blob/master/04-onion-routing.md) makes the following claims regarding the privacy it affords routed transactions.

  • Intermediate hops cannot know about the other hops in a route other than their immediate predecessor and successor.
  • Intermediate hops cannot know their position in the route.
  • Intermediate hops cannot know if their predecessor is the originator or their successor the receiver of the transaction.

There exists conditions under which an intermediary hop most certainly can know these facts. These conditions are met in some of the most commonly cited use cases for Lightning Network. It may also be possible for an well funded adversary to manipulate the availability of channels on intermediary systems to influence or control route selection.

The failure is primarily in the mix-net features of routing. Although Lightning allows source routing, route options are restricted by the decisions of intermediaries. This is different than the intended use case for onion routing, where hops can be selected arbitrarily. The difference in topology can be seen by comparing the Tor white paper to the Lightning BOLT documentation.

Every node on Tor is connected (or has the potential to directly connect) with every other node:

> The Tor network is an overlay network; each onion router (OR) runs as a normal user-level process without any special privileges. Each onion router maintains a TLS [17] connection to every other onion router.

> Tor: The Second-Generation Onion Router - 4 The Tor Design (page 4)

On Lightning Network nodes must share a channel in order to route directly between them:

> In the following example, it's assumed that a sending node (origin node), n_0, wants to route a packet to a receiving node (final node), n_r. First, the sender computes a route {n_0, n_1, ..., n_{r-1}, n_r}, where n_0is the sender itself and n_r is the final recipient. The nodes n_i and n_{i+1} MUST be peers in the overlay network route.

> [BOLT #4: Onion Routing - Packet C

... keep reading on reddit ➡

👍︎ 30
📰︎ r/Bitcoin
💬︎
📅︎ Jan 20 2018
🚨︎ report
What alternatives to TOR are under development?

As much as we all love TOR, you gotta admit it's kind of crappy. It's slow, you can't use it for video (much of the web is video), and it's subject to correlation attacks.

I recently heard about Riffle and HORNET. I'm wondering if there are any other projects like this.

TOR does seem ready to be disrupted.

PS: I guess I should link to the things I talked about:

  • HORNET: High-speed Onion Routing at the Network Layer: https://arxiv.org/pdf/1507.05724v1.pdf

  • Riffle: https://news.mit.edu/2016/stay-anonymous-online-0711

  • I guess Orchid Protocol belongs here too: https://orchid.com/

👍︎ 17
💬︎
📅︎ Jul 28 2018
🚨︎ report
WE NEED TO ACT NOW by aggressively implementing strategies to frustrate the efforts of the NSA, GCHQ, FSB, etc to turn the world into a bunch of Orwellian spy states. Please add your ideas to this post.

some of the priorities might include:

  • making strong encryption and endpoint security automagical so that it will be adopted by the masses, making it waaay too computationally expensive for the government to get the plaintext of everything!
  • deploying decoy materials including users, systems, bots and botnets, and maybe even buzzwords embedded in software packages in such a way that they could be extracted as metadata of the user of that software. We already know many of the things that are targeted. VPNs, TOR, encrypted connections, PGP encrypted emails, anything mentioning islam, whatever buzzwords ... if used properly and randomly enough, such techniques could swamp the fucking shit out of the NSA/GCHQ/FSB/etc. It's not like they've caught ANY terrorists anyhow, so let's spam the fascist bastards!! We should also DDOS the shit out of them with FOIA requests until they are forced to respond.
  • counterspying to determine capability and make the public aware. we need to covertly infiltrate spy agencies and tech companies to find and leak information about the capabilities of mass surveillance technologies.
  • improving privacy tools. development and deployment of robust, open-source, independently audited hardware, verifiable firmware, and software for end-to-end encryption (do we need something easier to use and more effective than PGP?), peer-to-peer email (e.g., darkmail / DIME), onion routing / anon browsing (TOR), etc. We need to devise more sustainable and transparent funding and security audit strategies, and devise techniques to persuade the so-called free markets to adopt our good ideas and technologies without being corrupted by asshole lawyers and government lobbyists and illegal threats.
  • circumvention of centralized technology. mainly, development of distributed technologies and protocols to circumvent server-level spying and censorship. peer-to-peer protocols may be way more secure, but they need to be developed. The entire framework of the internet needs to be rethought, replanned, redone right, with the risks such as NSA spying and Chinese commie censorship in mind.
  • DIY security hardening. we need guides for everyone to be able to install custom open source packages to fix the phone-home bullshit on most new computers. (e.g., https://fix-macosx.com/ is a decent start). There should also be a list of recommended settings and explanations for why they are good. This is most necessary since most peopl
... keep reading on reddit ➡

👍︎ 186
📰︎ r/privacy
💬︎
📅︎ Mar 18 2015
🚨︎ report
The Evolution and Natural Selection of Exchanges Points to 5 Key Features - Decentralization, Privacy, Interface, Governance, Liquidity - Resistance DEX

Decentralization - Increases Security and Accessibility + Throughput (dependent on model)

Privacy - Promotes Autonomy against Central Forces, Freedom, and Liberty in market participation

Interface - Usability from UI/UX Standpoint

Governance - Security, Market Fairness, Community and Platform Evolution

Liquidity - Volume. None of the above will help without liquidity

>Though these are just a number of characteristics that i find critical for exchanges to evolve as we're coming to an age of tighter regulation and the increasing risks apparent in centralized exchanges. This is a purely opinionated piece which i'd like to pair with the recent article released by Resistance on it's Overview.

The Resistance Decentralized Exchange

ResDEX uses the Resistance privacy coin as an intermediary in private trades and implements many additional technologies, including Tor support, instant swaps, an extremely user-friendly graphical interface, and more.

https://preview.redd.it/vkkz3tq1hig21.png?width=1000&format=png&auto=webp&s=7a96256638a895a2db79c9ac7cca03f46594bcff

Liquidity Solved

ResDEX has dedicated market makers who ensure liquidity stays high on the exchange and users can perform trades quickly at competitive prices (Huobi & XRP). Anyone can become a market maker on ResDEX and provide liquidity to the market. As an added bonus, makers don’t pay fees on ResDEX. The ResDEX exchange fee (0.15%) is paid by the taker and used to support the platform, fund market making, and donate to privacy projects voted for by the community.

https://i.redd.it/cksyv4qchig21.gif

Add Privacy Features to Any Coin

As an added feature, users can add privacy to almost any cryptocurrency, including Bitcoin, even if that currency doesn’t support private transactions natively. By harnessing the power of the Resistance privacy-oriented blockchain, ResDEX will automatically trade the coin of your choice to RES and send RES in place of the original currency, thereby adding privacy to the trade.

Users can also utilize the same trading mechanism to add privacy to a non-private cryptocurrency by automatically trading to RES and then trading back to the original cryptocurrency.

https://i.redd.it/7b1n4h5zhig21.gif

Utilizing ZK Snarks

Bitcoin is not fungible because it does not provide users with sufficient privacy and anonymity. The transaction history of every Bitcoin is publicly available for anyone to scrutinize. Centralized exch

... keep reading on reddit ➡

👍︎ 18
💬︎
📅︎ Feb 14 2019
🚨︎ report
Thoughs on an Anonbox like Raspberry Pi setup

TLDR: How to route all traffic (packet level) through Tor without requiring proxy config?

I'd like to create a Raspberry Pi to sit between my cable modem and my WiFi. My thoughts are to buy a bunch of USB NICs and WIFI adapters to create to following four networks (wired and WiFi)

  • Net00 - Clearnet - straight connection through to the world.
  • Net01 - Tor - ALL traffic routed through Tor (no proxy config req).
  • Net10 - VPN - ALL traffic routed through VPN.
  • Net11 - VPN+Tor - ALL traffic routed through Tor running on top of a VPN (no proxy config req).

I figure I'd need 4 USB NICs and 3 USB WiFi adapters. Thought the layout would look something like:

  • NICa - Embedded NIC, upstream connected to cable modem.
  • NICb - Connected to the Net00 switch, all packets forwarded to NICa.
  • NICc - Connected to the Net01 switch, all packets routed through Tor (magic)?
  • NICd - Connected to the Net10 switch, all packets routed through VPN.
  • NICe - Connected to the Net11 switch, all packets routed through a Tor instance running on VPN (magic)?

Similar type setup with 4 Wifi NICs. Setting up hostapd and the like seem pretty straight forward, and I think I could figure out how to bind the VPN to specific NICs. What I'm unclear on is how to route all traffic through Tor. Things might be simpler if I just do this with multiple Rasberry Pis or do some VPN kung-fu, though networking (obviously) is not my strong suit.

In the end I would imagine that I have 4 switches labeled Net00-Net11 and four SSIDs labeld Net00-Net11. If I wanted to increase / decrease the security of any of my devices, I'd just connect to a different SSID or switch.

Finally, I realize this is a rather silly project, but I do these things to increase my knowledge set in various fields realizing the that practicality of the contraption may not be optimal.

References

... keep reading on reddit ➡

👍︎ 7
📰︎ r/TOR
💬︎
👤︎ u/brianddk
📅︎ Oct 28 2018
🚨︎ report
BAT Community Weekly Update: 07/06/2018 to 07/13/2018 — Brave makes Top 10 list in the Play Store in 21 countries, launches new website homepage, Brave v1.0 coming this fall + Crypto-out option for Brave wallet

Welcome to this week's BAT Community Weekly Update! Big thanks to u/murphD for this great contributions!

Brave Passes 3 Million Monthly Active Users and Makes Top 10 List in the Play Store in 21 Countries

Brave now has over 3 million monthly active users (over 3.1 million as of July 1st) and is currently growing at a pace to pass the 5 million mark before the end of 2018.

Brave has also reached the Top 10 category in “free communication apps” for its Android browser in the Google Play Store in the United States as well 20 countries across Europe, Asia, and the Americas. This includes #8 in the U.S., #7 in Canada, #8 in France, #4 in Portugal, #6 in Spain, #5 in Ireland, as well as #3 in Indonesia, #7 in Singapore, #10 in South Korea, and #5 in Argentina.

Last week we issued BAT grants to Brave users as part of our monthly $500,000 BAT giveaway, so be sure to claim yours to then support your favorite sites, YouTube channels, and Twitch streamers. Check out more here:

https://brave.com/brave-passes-3-million-monthly-active-users/

Brave launches new website homepage!

Check out Brave’s new homepage!

https://brave.com/

Brave mousepads now available on the store!

The mousepad you’ve always wanted… now available in our web store!

https://www.reddit.com/r/BATProject/comments/8y1cfc/brave_mousepads_now_available_on_the_store/

Brendan Eich helps kick off FullStack London on July 11th 2018

The very first speaker of 3-day long conference, Brendan kicked off FullStack London with his keynote on July 11th!

FullStack 2018 conference returns to London in its fifth edition during July. Hosted at the Business Design Centre for the first time ever, FullStack has grown bigger and better and we look forward to another set of intensive 3 days of learning and sharing! FullStack is now the go-to JavaScript, Node, Angular and IoT conference in London.

https://www.reddit.com/r/BATProject/comments/8yg2ui/brendan_eich_helps_kick_off_fullstack_london_on/

**“Crossing the Crypto Chasm” panel d

... keep reading on reddit ➡

👍︎ 37
📰︎ r/BATProject
💬︎
📅︎ Jul 13 2018
🚨︎ report
Topic 2: Encrypt All The Things

First things first, haha. :-p

https://i.imgur.com/Yo6kmo2.jpg

Alright. So, when Edward Snowden revealed the existence of illegal mass surveillance programs across the globe, we sure did hear a big stink about it from everyone, didn't we? Even our legislators hopped on the bandwagon. We were finally unified. It looked like people were finally beginning to wake up, and that something might actually change.

Look at us now, though. It is three and a half years later, and these programs have most definitely not stopped. In fact, the invasion of privacy has only accelerated. Anywhere the programs had been revealed as illegal, they have simply been legalized. The US Supreme Court gave the green light to allow authorities to hack remote computers with Rule 41. (no, I'm not talking about Rule 41 of the Internet...) Great Britain just passed the Investigatory Powers Bill, giving it extreme spying powers. And Germany is preparing to axe citizens' rights to know what data is being collected about them (link).

The message is pretty glaringly obvious by now: the government has been spying on you for years, and they have NO intention of ever stopping. Ever.


You Are Not Defenseless

Fortunately, even though your government orders ISPs to give them access to the live stream of everyone's internet activities, you don't have to just lie down and take it. As of yet, free speech still seems to cover your right to use encryption. And at least in the United States, you cannot be compelled to give up your encryption keys, on account of that being a violation of the Fifth Amendment.

So, at least as of late 2016, the current best solution to the problem of mass government surveillance is to use encryption absolutely everywhere. Your computer, your phone, your DVD backups, your external hard drive, and most especially your internet connection. I'm sure that's not even an exhaustive list, but I think it covers most of it, and you probably get the picture.


Computer Storage

I believe the best current option for full disk drive encryption is Veracrypt. Veracrypt is a continuation of the Truecrypt project

... keep reading on reddit ➡

👍︎ 98
📰︎ r/ShadowWar
💬︎
📅︎ Nov 29 2016
🚨︎ report
Tor over VPN, VPN over Tor, or Tor standalone?

It's a widely debated topic as to whether it's appropriate or even safe to tunnel your connection before using Tor. I've made this to give people what I hope to be a better understanding of these processes. This is what the Tor project has to say on the matter https://trac.torproject.org/projects/tor/wiki/doc/TorPlusVPN. This is what Whonix says on the matter https://www.whonix.org/wiki/Tunnels/Connecting_to_a_VPN_before_Tor.

Tor standalone: So your first method is obviously using Tor browser by itself. This can be fine, if someone tries to convince you that tunneling your connection first is necessary, that's a lie. Tor uses anywhere between 3 to 6 keys (whether .com or .onion) to encrypt your transmissions. In addition to this, it implements onion routing (similar to perfect forward secrecy) to prevent each node in your circuit from getting a full, detailed picture of your path. So for instance node 1 can only decrypt the 1st key, it sees the data request is still encrypted and sends it on to node 2 for further decryption, and so on until your transmission is fully decrypted. This provides a very high level of protection in and of itself. If you're just using Tor for general browsing you're probably okay. Your ISP will see you use Tor, but they can't tell what you're doing over Tor. Colluding nodes could be used to deanonyminize you. For instance if your guard and exit are controlled by the same adversary they could find out who you are. I don't really know how many times this method has been used to exploit and reveal Tor users, my guess is relatively low though. Most Tor users get exposed by either bad OPSEC on the user's behalf, or Firefox browser exploits like the Javascript exploit. Never give out personal information over Tor and only use scripts when absolutely necessary. Connect to onion sites whenever possible, no exit node and end-to-end encrypted.

Tor over VPN: This is a method that entails connecting to your VPN app first, then executing the Tor browser. This can be a good setup, albeit a few drawbacks. Without the VPN the Tor guard (or bridge) is connecting to your ISP's assigned IP address. When using the VPN the Tor guard connects to the VPN's IP instead of your ISP's. This essentially prevents your real network from ever connecting to Tor directly. In the off chance of colluding nodes you're much safer, especially if your VPN is not logging your connection, activity, or timestamp (all VPNs log bandwidth). Your ISP will also not see you

... keep reading on reddit ➡

👍︎ 3
📰︎ r/TOR
💬︎
👤︎ u/Kelceee45
📅︎ Apr 22 2018
🚨︎ report
Using a dedicated TOR router with a Mac desktop will not work if you use Safari as your browser.

TL;DR if you build a dedicated TOR access point/router and you attempt to use said AP/router as your method of connecting to TOR while Safari as your browser you will not be able to access .onion sites.

Yes, I can almost see the raised eyebrows on this one, either because this is something so well known or if you think I'm making some dumb technical mistake on my part. Hear me out.

A friend of mine inquired about how difficult it would be to build a TOR router. I have a stack or Raspberry Pi boards doing nothing at the moment including a Raspberry Pi model 3. Instructions for how to turn a Raspberry Pi 3 into a TOR router are on GitHub and the process is so streamlined the only difficulty someone would have with this kind of project would be, perhaps, missing an extra HDMI cable or a USB-A wired keyboard.

Boom, bing, bam.. the access point router is built in short order (the GitHub instructions that left one import piece of information out - after running the sudo raspsi-config command you have to set a country code for the wifi or the wifi will not start at boot so make sure you set the country code to match your country (or some other country if you want to use channels above those allowed in your own).

After building the router/AP I connected through the AP and was able to access the clear websites with no issues. I could go to http://ipchicken.com and see that, yes, I was accessing that website from an IP address that was not my own home gateway thus proving that TOR routing was working.

But when I tried to access a .onion link, in this case the Facebook onion link I would get an error about not being connected to the Internet - basically I failed to connect to a .onion site even though I knew I was connected through TOR because of the bouncing of my external gateway verify by ipchicken as well as other methods including fetching a dummy file using curl from a publicly accessible server I keep around for these kinds of things and going over my iptables rules with a time-tooth comb and I verified DNS could resolve .onion links, etc, etc. Oh, I should note the router/AP was running Raspbian Stretch Lite so there was no desktop or X Windows installed so I couldn't test connectivity to .onion sites from the loopback (testing via loopback did not occur to me at the time).

Packet captures with tcpdump and wireshark d

... keep reading on reddit ➡

👍︎ 14
📰︎ r/TOR
💬︎
👤︎ u/b4xt3r
📅︎ Oct 27 2018
🚨︎ report
Unlimited Guide to Torrents in the UK

The United Kingdom is a global economic leader and one of the safest places in the world to live, but it's also known becoming known as a big brother state with government oversight in almost all facets of daily life. The United Kingdom has been increasingly active when it comes to internet censorship and has enlisted the help of the top 4 internet providers (BT, Sky, Virgin, and TalkTalk) to filter 'objectionable' websites and actually block access to various websites that governmental organizations find unacceptable.

Types of websites blocked by the 'Great Firewall of Britain' include: file-sharing, censorship circumvention tools, gambling, alcohol, tobacco, and more.

There have been numerous reports of accidental 'over-blocking' of completely legitimate websites, including the homepages of major musical artists.

One of the most blocked site-types are those sights related to file-sharing and bittorrent, especially torrent tracker sites, including: Kickass Torrents, The PirateBay, Demonoid, Couchtuner, ISOHunt, and dozens more, all of which are actively blocked in the UK. Even Torrent Freak which is a blog dedicated to torrent related news and never links to pirated content has been blocked by several ISPs. Which is why we wrote our own guide on how to unblock torrent sites in the UK.

Here at the Bittorrent VPN Guide**,** we believe that the internet should be free and open, and users should be able to choose for themselves which websites they do or do not access. That's why we built this guide, to show you how to quickly and easily circumvent website blocking in the UK and easily access torrent sites from the UK, including the PirateBay and Kickass Torrents. We also recommend you checkout our Guide to Totally anonymous Torrents**.**

HOW SITES ARE BLOCKED AND 'TRACKED'

With the United Kingdom's 4 largest internet providers voluntarily participating in filtering objectionable websites in the UK, 90% of internet users in the UK are having their web access filtered.

Websites deemed inappropriate are blocked at a IP and domain-name level, making them virtually impossible to access from the UK without specifi

... keep reading on reddit ➡

👍︎ 3
💬︎
📅︎ Apr 18 2019
🚨︎ report
Forkdrop.io Weekly Digest 2018-07-19

https://forkdrop.io and follow us on Twitter https://twitter.com/forkdrop

The news is quite sparse right now - there is very little worth mentioning this week, so we are going to ease off the weekly updates and try for possibly bi-weekly or as-needed updates.

Forks: 116 (Bitcoin: 74 Altcoin: 20 Historic: 22) - Exchanges: 91

Updates:

  • Now tracking zbt.one exchange - seems to require a Chinese or otherwise non-North-American mobile number to make a login. Has pairs for Bitcoin Top (BTT), Bitcoin Cash (BCH), Bitcoin Diamond (BCD) and Nash/Super Bitcoin (SBTC). All trade against USDT. We can't determine whether these are open for deposit and what the KYC status for this exchange is.
  • HitBTC added support for deposit and trade of Bitcoin Diamond (BCD)
  • BitcoinX2 (BTCX2) appears to have exit-scammed with the money they took from the presale. The July 1st date was uneventful and the project is silent. Sadly, it seems like a number of people have gotten burned since we have received several emails from people that purchased who are looking for information.
  • The Bitcoin Hot (BTH) twitter account is all of a sudden active again after being almost totally quiet since December. The rest of the material looks pretty much the same though. It is still hard to know what to make of this coin.

Forkdrop Suite status update:

Disappointingly, Blockchain.info's .onion access point has been down for over a week. Nobody has responded to our support ticket and it looks like it isn't a high priority for them. :(

In response, we have patched Forkdrop Suite to allow you to specify an Electrum server to query transaction record history from rather than blockchain.info. You will need to choose a server to connect to, and there are lists available if you search for them, but the results for whether they are still online and quick to respond to queries are mixed. Works fine with this server: https://electrum-server.ninja/, but choose your own server depending on your use case.

You can query this Electrum server from TAILS by giving the options to claim-prep.py: --electrum-server s7clinmo4cazmhul.onion --electrum-port 50001 --electrum-no-ssl (SSL is not needed/wanted/possible over Tor, since the concept is redundant with the onion routing and the .onion url scheme)

If you are running from

... keep reading on reddit ➡

👍︎ 15
💬︎
👤︎ u/forkdrop
📅︎ Jul 19 2018
🚨︎ report
The latest in Substratum: It's literally just TOR

The Substratum Network is an ICO raising funds to build TOR-esque network software that is censorship-resistant and decentralized. Unfortunately for the investors it is a complete scam. They had plenty of warning: the whitepaper had zero technical content, official communication at the beginning was untruthful and designed to mislead and management has only given empty promises about how the software, when finished, will work - the hallmark of any good con job. I know it's hard to keep track of these dime-a-dozen scams and it seems like every day there's a new one with a few thousand followers and a thriving Reddit community. For some background see my previous posts on Substratum here and here and here.

In the past week Substratum devs uploaded this video which is the closest we've ever been to technical documentation on how Substratum works. Most of the time is spent describing the software architecture of the network client but at the end he gets into the network design and he lays it right out: Substratum uses onion routing. It's TOR but not yet written, not yet tested, not reviewed by the best in the field and you have to pay marginal fees to use it.

The founder also dropped a video on the same day mentioning that he'd be on CNBC Africa and that the team was looking to expand marketing efforts in Russia and Asian markets like Korea. The search for more marks who have never heard of TOR continues.

Agent saupher on the bitcointalk forums has his own excellent summary of how the Substratum scam will play out which I quote in full here: >You guys are completely blind if you ever think they are going to release a product, if you follow the twitter you see the main coder keeps "running into issues and delays" more excuses are posted on his feed about why they arent making any progress. When I say its a scam , I mean they do not have a working product whatsoever, they said they had "private focus groups" testing the product, they said there was going to be a beta. Instead we only got cheap videos an

... keep reading on reddit ➡

👍︎ 25
📰︎ r/Buttcoin
💬︎
👤︎ u/lordgilman
📅︎ Feb 19 2018
🚨︎ report
BAT Community Weekly Update: 06/22/2018 - 06/28/2018 — Brave Introduces Private Tabs with Tor for enhanced privacy while browsing, BATProject subreddit reaches 18.2k subscribers, Brave v1.0 testing builds may be on the horizon

Welcome to this week's BAT Community Weekly Update! Big thanks to u/murphD for this spectacular contributions, as always!

Brave Introduces Beta of Private Tabs with Tor for Enhanced Privacy while Browsing | Brave Browser

Today we’re releasing our latest desktop browser Brave 0.23 which features Private Tabs with Tor, a technology for defending against network surveillance. Private Tabs with Tor help protect Brave users from ISPs (Internet Service Providers), guest Wi-Fi providers, and visited sites that may be watching their Internet connection or even tracking and collecting IP addresses, a device’s Internet identifier.

https://brave.com/tor-tabs-beta/

BATProject subreddit has now reached 18.2k subscribers!

A big, warm welcome to all of the new faces around here lately!

https://www.reddit.com/r/BATProject/

BAT/Brave at Creatives: Unblocked event on June 29th (TODAY) at Rise London, featuring Dr. Ben Livshits (Chief Scientist @ Brave)

How is blockchain transforming the music, film and entertainment business to benefit creators? Can micropayments facilitated by cryptocurrencies to save the media? How are advertising and marketing being turned on their heads by new developments in blockchain technology? How are IPRs being impacted by blockchain? Get answers to these questions and more at Creatives: Unblocked

https://unblockedevents.com/events/creatives-unblocked/

How to Verify a YouTube Channel with Brave Payments (verified publisher) by CryptoJennie

Have you ever wondered how long it takes to verify a YouTube channel with Brave Payments? 1 minute and 40 seconds to be exact!

https://www.reddit.com/r/BATProject/comments/8t6jqu/how_to_verify_a_youtube_channel_with_brave/

Fantastic BAT meetup in Indonesia from one of our best regional groups, BAT/Brave Indonesia.

Let's give a special thank you to Viking Karwur and Eljuno (both pictured) who've been committed members of the BAT/Brave community!

https://twitter.com/BAT_Indonesia/status/1009866276628455424

BAT Community Merch Giveaway Winners!

The winners for our BAT Community Merch GIveaways for this week ar

... keep reading on reddit ➡

👍︎ 38
📰︎ r/BATProject
💬︎
📅︎ Jun 29 2018
🚨︎ report
History Lesson for new VIA Viacoin Investors

Viacoin is an open source cryptocurrency project, based on the Bitcoin blockchain. Publicly introduced on the crypto market in mid 2014, Viacoin integrates decentralized asset transaction on the blockchain, reaching speeds that have never seen before on cryptocurrencies. This Scrypt based, Proof of Work coin was created to try contrast Bitcoin’s structural problems, mainly the congested blockchain delays that inhibit microtransaction as this currency transitions from digital money to a gold-like, mean of solid value storage. Bitcoin Core developers Peter Todd and Btc have been working on this currency and ameliorated it until they was able to reach a lightning fast speed of 24 second per block. These incredible speeds are just one of the features that come with the implementation of Lightning Network, and and make Bitcoin slow transactions a thing of the past. To achieve such a dramatic improvement in performance, the developers modified Viacoin so that its OP_RETURN has been extended to 80 bytes, reducing tx and bloat sizes, overcoming multi signature hacks; the integration of ECDSA optimized C library allowed this coin to reach significant speedup for raw signature validation, making it perform up to 5 times better. This will mean easy adoption by merchants and vendors, which won’t have to worry anymore with long times between the payment and its approval. Todd role as Chief Scientist and Advisor has been proven the right choice for this coin, thanks to his focus on Tree Chains, a ground breaking feature that will fix the main problems revolving around Bitcoin, such as scalability issues and the troubles for the Viacoin miners to keep a reputation on the blockchain in a decentralized mining environment. Thanks to Todd’s expertise in sidechains, the future of this crypto currency will see the implementation of an alternative blockchain that is not linear. According to the developer, the chains are too unregulated when it comes to trying to establish a strong connection between the operations happening on one chain and what happens elsewhere. Merged mining, scalability and safety are at risk and tackling these problems is mandatory in order to create a new, disruptive crypto technology. Tree Chains are going to be the basis for a broader use and a series of protocols that are going to allow users and developers to use Viacoin’s blockchain not just to mine and store coins, but just like other new crypto currencies to allow the creation of secure, decentrali

... keep reading on reddit ➡

👍︎ 12
📰︎ r/viacoin
💬︎
👤︎ u/alex61688
📅︎ Oct 23 2017
🚨︎ report
xvultx4llltx7w2d.onion is 18 months online today

TLDR; The site that has been running nice and quietly on TOR for 18 months. We thought today is a good day to make the url public outside of our group of amigos.

PGP: 3DB6 FF02 6EBA 6AFF 63AF 2B6E DCE5 3FA2 EC58 63D8
Bitcoin: 18FNZPvYeWUNLmnS6bQyJSVXYPJ87cssMM
TOR: http://xvultx4llltx7w2d.onion

Vultronix encrypted social network.

Abstract:
Since time began, social interaction has always been private to those within the same vicinity. Today, however, much data is sent encrypted to a third party, gets decrypted on arrival and then stored among mountains of un-encrypted data, stored for financial gain creating giant honeypots. These giant honeypots of un-encrypted data are just too irresistible to those who have the power to request access.

We propose a solution to these centralized honeypots by enforcing client side encryption in such a way that the server has no access to the encrypted content, we believe this can be achieved via a mix of key hashing, PGP, AES and Onion routing.
We acknowledge the current JavaScript anonymity problem and see a future where secure hardware will encrypt/decrypt the data for the user.
We propose the below as a simple POC for inspiration of future development, open for all to copy, enhance and most importantly, to scrutinize.

1. What is the example?
A truly client side TOR based encrypted centralized social network. Allowing users to interact anonymously online without the ability of the host to spy on the user.
Trust with the host is established via signed open source Javascript. Everything is delivered directly from the host via TOR without any use of CDNs.

2. Centralized over decentralized?
The greatest problem available to implementing encryption to the masses is user experience. We developed Vultronix to allow the user to interact with others securely via a familiar feeling platform. More experienced users can download the code and setup their own .onion domain, further removing the risk of a centralized authority.

3. Registration
The user is required to fill in 3 fields. For familiarity we've named them the following - Email address, Password and Words list. The user is not required to enter their actual email but is encouraged to generate a string with a lot of entropy; it is acknowledged that the less experienced user will probably make up an email address, both the password and words field should be as random as possible. The entropy o

... keep reading on reddit ➡

👍︎ 75
📰︎ r/onions
💬︎
👤︎ u/Vultronix
📅︎ Jan 29 2017
🚨︎ report
DEEPONION AND OTHER PRIVACY COINS

How Privacy Coins Work

Bitcoin transactions are semi-anonymous: every transaction on the blockchain is broadcast publicly and visible for all eternity, but the owner of each wallet is unknown. Tying addresses to real-world identities is now relatively easy for the powers-that-be, because everyone has to cash out somewhere, and that usually involves linking bitcoin addresses to bank accounts.

Privacy Tech Algorithms

The three most common privacy algorithms are zk-Snarks, Coinjoin, and RingCT. The latter method is used in monero; Coinjoin features in dash and is also being trialed with bitcoin; and zk-Snarks are used by most of the Z coins including Zcash.

Here’s how they work:

RingCT: Monero’s ring signatures allow the sender to hide their transaction among other outputs. In addition, RingCT makes it possible to hide the amount being sent. Coupled with a stealth receiving address, this makes for an extremely discreet way of sending funds. Transparency is optional with monero, which uses an “opaque” blockchain. Coinjoin: Developed by Gregory Maxwell, Coinjoin deploys a ‘safety in numbers’ approach. When two senders despatch a transaction of an identical amount, this is converted into a joint payment. When this occurs, correlating the transaction inputs and outputs is virtually impossible. There are many variants of Coinjoin including Private Send, which is used by dash, and Coin Shuffle; Cash Shuffle is the version currently being tested with bitcoin cash. zk-Snarks: Zero-Knowledge Succinct Non-Interactive Argument of Knowledge is a technology that allows miners to verify transactions without knowing who sent or received the coins. Using a cryptographic hash, each party can prove that a certain statement is true without revealing the precise details of who sent what and where. Although most commonly associated with the Zerocoin family, zk-Snarks are also being tested with ethereum.

The Main Privacy Players

Zcash: Born out of the Zerocoin protocol, Zcash is basically bitcoin with the option of privacy. There’s a fixed supply of 21 million coins and despite using a public blockchain, Zcash allows for the sender, recipient, and amount being sent all to be concealed. Researchers have published evidence that suggests some Zcash transactions can be de-anonymized, though for everyday usage, Zcash should still provide enough privacy for most people.

Monero: Like Zcash, monero has emerged as a viable cryptocurrency in its own right, even for individuals who

... keep reading on reddit ➡

👍︎ 9
📰︎ r/DeepOnion
💬︎
📅︎ Jan 22 2018
🚨︎ report
Encryption is No Longer an Option - Ways to Restore Your Natural Right to Privacy

Encryption is No Longer an Option

“If the State’s going to move against you, it’s going to move against you. Now, that doesn’t mean you need to be reckless of course. I’m awful careful you guys, and even my degree of care and control ultimately won’t be enough if they get mad enough. There will always be something…I’ve done what I hope is the best any man can do. So…I hope when they finally do get me, it’s obvious that they just made it up. I don’t go out of my way to make it easy.” – Cody Wilson

For all Anarchists our love for freedom unites us and guides us. I recently had a conversation with a mutual friend that Cody and I have in common and he stated something very insightful:

CryptoAnarchy is like the Lord of the Rings. You have to cooperate with people that you don’t know where they are or what they’re up to. That is, you just know that we are all figuring out at the same time on how to take down Sauron.

Anarchy is guided by the natural instinct for self-preservation. You can trust that others are also actively working in keeping us all free.

For us all to move into more synergistic cooperation we need more motivation. Nothing is more motivating than our movement away from an impending harmful evil. The persecution that Cody Wilson has gone through since he started his activism is testament to the evil that awaits the entire world if we do not fight against the impending digital global prison. Just note how easy it was to find Cody. Government indoctrinated brownshirts and surveillance are everywhere.

As Jeff recently said in London, “CryptoAnarchy is about the cryptography.” Cryptocurrency is only possible due to the privacy offered by cryptography. A true cryptocurrency is completely fungible, anonymous, and private. Blockchains without on-chain privacy set by default, are dangerous and offer nothing other than accurate surveillance.

That is, the moment you destroy a coin’s fungibility you corrupt its incentive structure. This is because you would then have two classes of the same coin within a transparent blockchain; these are coins that are “tainted” or “untainted” according to government. This differentiation created by blockchain surveillance leads “tainted” coins to be priced differently from “untainted” coins. Once this happens you destroy the functionality of a currency as a medium of exchange.

Imagine the headache of retailers in having to tell clients that they only accept “untainted” bitcoin

... keep reading on reddit ➡

👍︎ 21
📰︎ r/C_S_T
💬︎
📅︎ Sep 25 2018
🚨︎ report
Help me understand zeronet and a distributed web in general

So, I have a couple questions and thoughts. Zeronet seems like an iteration of the software side of the decentralized net movement (with things like meshnet being on the more 'hardware' side of the decentralized net movement).

So, within the 'software' side. Zeronet is a large set of individual files distributed bittorent style that are individually updatable. IPFS is a single large file 'folder' of files distributed bittorent style that is non-updatable. New files can be added but old files cannot be deleted or changed on IPFS right?

Freenet is probably somewhere in between right? Since at some level it is a massive single distributed file-system that eventually forgets old unused content. Freenet has privacy built in while Zeronet and IPFS have not in-built privacy systems but allow for the use of Tor/I2P for privacy/anonymity if desired.

I understand onion/garlic routing well enough to be satisfied, but I'm not sure that I understand the different systems of file storage and distribution between Zeronet, IPFS, and Freenet. Do my descriptions seem accurate? Why do you prefer zeronet over the other two? What are the advantages and disadvantages of each?

Do Zeronet and IPFS still rely on Trackers like bittorrent does? This seems like a major obstacle to calling these truly decentralized or distributed systems of file-sharing.

Further these are all high-tier level distribution systems that still rely on the centralized network technology and IP addressing of the internet right? The project to decentralize network technology and core IP protocols is separate in projects like MeshNet?

👍︎ 12
📰︎ r/zeronet
💬︎
📅︎ Jul 06 2017
🚨︎ report
Help! Encryption algorithm with many keys

I have a crypto problem and I have not been able to find a standard solution. So (I know, Schneier’s Law) I built something. I’m looking for help to either 1) Find a solution that is already proven or, 2) see if my solution has any potential (i.e. please tear it apart). Apologies for the long post, I’ve tried to keep it short.

Create a set of keys so that when any subset of keys (other than the full set or empty set) is applied to a message, one at a time, the output is a strong cipher. When all the keys have been applied to the message, the original message is recovered. The size of the key set must be variable (but >=2). It should also not be possible to prove a key belongs to a set unless you have every other key in the set.

The 2 security “games” that describes this: 1) an adversary chooses the number of keys in the set (at least 3). The adversary is given all but 2 keys from the set. The adversary then provides a cipher by choosing a message and applying any number of the keys from the subset, including 0. Unobserved by the adversary, one of the two remaining keys is applied to the cipher. We repeat this process with the adversary for another cipher of the same length and the adversary is shown the two ciphers. If they can choose which cipher matches what message at anything above 50% accuracy in feasible time, the algorithm is broken. 2) Two keysets are generated and an adversary is given all but 2 keys from each. They are then shown one of the keys from each set. Again, any ability to correlate key with key-set breaks the algorithm.

I built this to try and solve the problem (pseudo code in the readme, examples in cyclicKey_test.go). It’s not a “from scratch” solution, because I rely heavily on the discrete log problem as a tested source of complexity. But that’s definitely not proof it’s secure.

Some real-world concerns as well: I want to keep the keys reasonably small (<1K), and their size should be independent of the key-set size as well as the message size. The computational complexity of each transformation should be the same. The actual problem is related to onion routing: conspiring routing nodes should not be able to correlate traffic packets so long as there is one honest node between them.

tl;dr: Generate N keys to cycle a message through N transformations, so the last transformation produces the original message. An existing solution would be great, poking holes in my solution would be

... keep reading on reddit ➡

👍︎ 9
📰︎ r/crypto
💬︎
👤︎ u/adamcolton
📅︎ Jan 11 2016
🚨︎ report
The Loopix Anonymity System: A New Potential DSN for Particl?

See original post on the Particl forum: https://particl.community/t/the-loopix-anonymity-system-a-new-potential-dsn-for-particl/181

---

Has anyone heard of the Loopix Anonymity System? I saw Kewde post about it in the Open Development Channel on Discord and have decided to expand a bit on it.

What’s Loopix?

As posted in a BleepingComputer article:

>Loopix is a new anonymity network developed by a group of researchers from University College London (UCL) that comes with all the good parts of previous systems and new additions to improve security.
Both Loopix and Tor are based on the concept of mix networks and are meant to provide a way to send anonymous messages through a complex network.
The way Tor achieves this is through its circuit-based onion routing protocol. On the other hand, Loopix uses a classic message-based architecture combined with Poisson mixing — adding random time delays to each message. The end result is an anonymity network that is very secure but also fixes the main disadvantage of classic message-based architectures, which is high-latency.
As the UCL team points out in their research paper, the Loopix system has a “message latency is on the order of seconds – which is relatively low for a mix-system.”

They do, however, specify that it isn’t really intended to be used the same way Tor is.

>“Loopix is designed as a system for anonymous communication and it’s properties allow it too be used both for high-latency communication applications, like e-mails, and for low-latency communication applications, i.e., instant messaging,” Ania Piotrowska told Bleeping Computer via email, “it is not designed to be used as Tor for web browsing.”
Currently, the Loopix system is still in its infancy, and more research is needed. Nonetheless, researchers say Loopix is resistant to Sybil attacks 1, currently one of Tor’s biggest problems.

Sounds to me that it would make a pretty good DSN 1! Looks more scalable than [SMSG 1](https://kewde.gitbooks.io/pro

... keep reading on reddit ➡

👍︎ 3
📰︎ r/Particl
💬︎
📅︎ Sep 13 2018
🚨︎ report
Where are my hardcore privacy enthusiasts at? What extra steps do you take?

So I've been diving pretty deep into this privacy thing lately and its become really fun. Most people seem to complain when things become less convenient on their devices but I really enjoy hardening my systems. One analogy I heard is that security is like having a door on your house. Whenever you come home from the grocery store and you are carrying a bunch of bags its pretty inconvenient for you to fumble around for your keys and unlock the door right? Well imagine how user friendly it would be to not have a door on your house. To us that sounds ridiculous but essentially that is what people are doing when they neglect to take steps to protect themselves. In that vain, here are some of the lesser discussed doors I have been setting up lately:

PGP encryption- not that hard to get the hang of, just need to put forth a legitimate effort to learn and ask questions when you need help

Tails OS- pretty neat tool for Onion browsing as it routes everything through TOR. More secure than the Tor Browser Bundle

PiHole- This is a project I'm about to start and am particularly excited about. Setting up a Raspberry Pi as a DNS server in order to block Facebook and ad domains:

Facebook Domain Blocklist

Extensive ad-domain Blocklist

uBlock Hardening- Found some pretty extensive block lists in order to make uBlock even more effective than it already is. One particularly good script I found is an Anti-Adblock killer. Ever visited a page and it asks you to disable adblock to view the content? That's not a problem anymore:

Anti-Adblock Killer

Supplemental Filter

Faraday Bag- used when my phone is not in use. Good options are on amazon

I plan on getting the Librem 5 phone when it comes out because a Linux phone just sounds great! I also like the idea of installing LibreBoot but replacing my BIOS seems pretty difficult as of right now.

For the other hardcores out there what have you done?

👍︎ 12
📰︎ r/privacy
💬︎
👤︎ u/Anon3384
📅︎ Jul 04 2018
🚨︎ report
[PSA] How to protect yourself against government surveillance.

FOR ALL ACTIVISTS IN BANGLADESH

note: I previously posted this here under the username FullJury, but I got locked out since I'm an idiot. Please send any questions to me, and I will answer them.

I am writing this basic guide today to help activists secure their online communications. I am a privacy enthusiast, and felt like you guys could use this information.


Please be very careful with what you post online. You have many options to protect your privacy against the government, who may be intercepting or spying on your Internet connection. If you have access to the Internet, you can follow these following options:

There is a free operating system named Tails that runs live off a USB flash drive (minimum 4gb size). Tails uses the TOR (The Onion Router) onion routing software which sends your traffic to many different computers (or "nodes") around the world in order to cover your tracks.

Tails runs off the RAM in your computer, meaning it leaves no trace of its usage on your computer once you shut it off. When used correctly, it can be a very powerful weapon against the government's prying eyes.

Incidentially, I am currently writing this post from my Tails image.

Tails is available at https://tails.boum.org.


However, the government may be able to detect your usage of Tor, so therefore you may need to use so called "bridges" to obfuscate your traffic.

Tails lets you use bridges, and if you want to get some, you can go to https://bridges.torproject.org to obtain them. Or, use the ones I obtained here: https://pastebin.com/19gSVW89

Remember, Tor is not completely perfect. Try not to use Tor from your own wifi, and try to use internet cafes/free wifi whenever you can to help cover your tracks. Also, DO NOT LOGIN TO ACCOUNTS YOU ARE ASSOCIATED WITH. THIS WILL COMPLETELY NEGATE THE ANONYMITY OF TOR.

(apologies for the capslock, but it's a very important point.)

Tails is very secure, but you need to be careful with your usage of Tails. Follow all the instructions on the Tails website, especially the part about the verification process of your Tails image.

Your government may attempt to give you a bad copy of Tails to spy on you, so technologies like the "PGP Web of Trust" mentioned on the Tails website can help you verify your image.

To communicate, you can use ProtonMail at https://protonmail.com t

... keep reading on reddit ➡

👍︎ 2
📰︎ r/bangladesh
💬︎
👤︎ u/ApartMoney
📅︎ Aug 05 2018
🚨︎ report
I'm excited to announce my latest project: Web hosting with multi-network publishing. Publish direct to the clearnet, I2P and TOR networks.

I hope this is okay. Some of you may remember my post about RAMBLE, the reddit-like site that bridges multiple anonymity networks (Tor, I2P, Lokinet, and Yggdrasil to be specific!). I've been working on another project off and on since before that. RAMBLE was more or less a proof-of-concept of much larger idea that I had...

All I want to do is to grow anonymity networks by pushing regular, everyday content to them. I believe content is king, and content is what will encourage your normal, everyday type of people to start to use these networks. Ideally, this will encourage them to start thinking about their digital privacy as well. I want to do this while respecting the privacy of content publishers, too.

My background is in the webhosting industry, and myself and two longtime and trusted peers decided to work on a unique project together.

In short, we're simply a small hosting startup dedicated to protecting the privacy of our customers with a very non-invasive registration process, a website, customer portal, and hosting panel accessible from the network of your choice. (Currently clearnet, Tor and I2P), We also support several channels of communication, from the standard helpdesk (which you can access as a .onion!) to you using our public key to contact us at our encrypted email.

Our Terms of Service, Privacy Policy and Acceptable Usage Policy are available to review from the footer on our website. We believe you will find these very fair and reasonable. There you will also find our public keys and our warrant canary. Because we are just now beginning to launch, there is no transparency report available yet, but we plan on publishing quarterly transparency reports to highlight how many complaints we received, what we did with them (forward to end user, sent to /dev/null , or what actions we took) and to inform of any requests made from law enforcement. Remember, “We can’t share what we do not know.”, it’s sort of our unofficial motto.

Furthermore, we encourage the use of crypto for payments (Monero preferred, Bitcoin and Oxen currently accepted as well. Others will be added as requested!) to protect the privacy of you, the customer, as well as protect us, the service supplier from fraudulent chargebacks. We are currently in talks with a Gift Card processor that will allow us to accept a comically large amount of Gift Cards as payments as well, which is just another privacy/anonymous method of payment. In true libertarian fashion, we’re also open t

... keep reading on reddit ➡

👍︎ 21
📰︎ r/i2p
💬︎
📅︎ Jan 19
🚨︎ report
Help others circumvent censorship – Be a snowflake!

Oppressive countries like China or Iran are always trying to find new ways to block their people from seeing the uncensored reality over the internet. Tor is one way to resist against this oppression and therefore those governments try to block it as well.

This is where pluggable transports come into play as alternative ways to enter the Tor network that are harder to block. There is an always ongoing race between the censors to block ways to access Tor and the free internet and the Tor Project to develop new ways to evade those blocks.
The Tor Project is currently developing a new pluggable transport called Snowflake that requires your help!
You can install the Snowflake Extension for Firefox or Chromium and turn your browser into a Snowflake that allows others to use your internet connection to access Tor!

The extension uses a fancy technology called WebRTC usually used for voice or video calls to allow people under censorship to route their traffic disguised as calls over your browser into the Tor network.

It needs to be installed in a regular browser that can directly access the internet, not into Tor Browser, and you need a decent, uncensored internet connection yourself to help. You do not need to be afraid of the internet activity of other people being associated to you, because your Snowflake will only act as an entry point to the Tor network that will than anonymize the traffic.

The official project page with more information can be found here: regular site/onion site version.

Snowflake as a pluggable transport to evade censorship is currently still under development and only available in Tor Browser Alpha versions. The snowflake extension is only for people who have uncensored access to the internet themselves and want to help others that don't, if your connection to Tor is being censored this guide I wrote some time a go might help you.

👍︎ 69
📰︎ r/TOR
💬︎
📅︎ Aug 08 2020
🚨︎ report
Groestlcoin's Electrifying December 2019 Releases & Development Update

Groestlcoin brings the Lightning Network to the masses

https://www.youtube.com/watch?v=lFOvBhlAyJw&feature=share

Groestlcoin has been on an emotional journey spanning 5 and a half years now and since being the first cryptocurrency to successfully activate SegWit, the developers have been hard at work bringing as much choice as possible to the options provided for utilising SegWit. Today brings another chapter to this story as every mainstream implementation of the Lightning Network has been ported to Groestlcoin. Groestlcoin has not been focused on a single implementation but instead has ported Éclair, LND, and C-Lightning to bring the users the greatest choice.

Although extremely promising, the lightning network is still highly experimental so as a result, all channels are currently limited to 0.16 GRS per channel. The limit will be removed in the future once the system is proven stable enough. Additionally, there are also test-net versions of all implementations. Currently, Eclair is currently the most user-friendly so it will likely reach the most adoption among Groestlcoin users with LND and c-lightning being for more advanced users.

We are now announcing the greatest release we have ever done in terms of technological advancements and the sheer quantity of released technologies.

Groestlcoin Eclair

Groestlcoin Eclair is a Scala implementation of the Lightning Network. It can run with or without a GUI and includes a JSON API.

Requirements

  • Requires Groestlcoin 2.17.1 or greater. If you are upgrading an existing wallet, you need to create a new address and send all your funds to that address.
  • Needs a synchronized, segwit-ready, zeromq-enabled, wallet-enabled, non-pruning, tx-indexing Groestlcoin Core node.
  • Will use any GRS it finds in the Groestlcoin Core wallet to fund any channels you choose to open. Éclair will return GRS from closed channels to this wallet.
  • You can configure your Groestlcoin node to use either p2sh-segwit addresses or bech32 addresses since Eclair is compatible with both.

Features

  • Ability to create Lightning Network channels
  • Ability to close Lightning Network Channels
  • Completely manage all channel states, including exceptional ones!
  • Supports both Mainnet and Testnet

Download

[Server Users (Headless application that can be run on servers and desktops and controlled from CLI)](https://github.com/Groestlcoin/eclair/releases/d

... keep reading on reddit ➡

👍︎ 4
💬︎
📅︎ Dec 22 2019
🚨︎ report
Tor browser: The Onion Router, explained

Tor Browser and Tor (Network) explained.

"Tor" is an encrypted proxy network system based on Onion Routing (OR). "Tor" is maintained by a group called the "Tor Project". In contrast to "Tor", the "Tor Browser" is a modified Firefox browser that is hardened for anonymity and uses the Tor network.

1.Imagine a postcard1 containing the complete destination address which includes: name, house number, block, street, city, state, country.

2.Now, imagine another postcard2 containing all these information written with an invisible ink. One information can only be revealed at each level by a specific dye or solution by the postmaster, which allows it to get transmitted to the next level say country-then state-then city and so on. This hides complete information at each level and yet allows the letter to get through without the knowledge of where it has come from at that level and the name of end recipient, thus providing anonymity to it. Postcard1 is the normal browser, while postcard2 is a tor browser which provides anonymity to the users by:

a) encrypting information at each successive level like an onion peel b) routing traffic through random IP addresses of thousands of tor volunteer servers worldwide.

That explains onion and router which corresponds to encryption and IP hopping respectively.

Tor Browser is actually just Firefox with a few “enhancements”, like using a socks proxy to route your traffic to many other servers to anonymize where you are. Also Tor (so they say) doesn't write any data to your hard drive, like pictures, browsing history, or passwords. Other than a few security upgrades Tor Browser looks and acts exactly like Firefox.

Tor browser used with a VPN (Virtual Private Network) can be the ultimate way to explore the web privately without having your ISP (Internet Service Provider) (and government) spying on you and your online data (your internet activity). After all, it’s no one’s business what you do when you surf the web. One of the best ways to secure your data is to use a virtual private network (VPN), which provides greater control of how you're identified online. Simply put, a VPN creates a virtual encrypted "tunnel" between you and a remote server operated by a VPN service. All external internet traffic is routed through this tunnel, so your ISP can't see your data. If the site you're heading to uses HTTPS, your data stays encrypted, too. Best of all, your computer appears to have the IP address of the VPN server, masking your i

... keep reading on reddit ➡

👍︎ 14
📰︎ r/privacy
💬︎
📅︎ Oct 02 2017
🚨︎ report
Tor browser: The Onion Router, explained.

Tor Browser and Tor (Network) explained.

"Tor" is an encrypted proxy network system based on Onion Routing (OR). "Tor" is maintained by a group called the "Tor Project". In contrast to "Tor", the "Tor Browser" is a modified Firefox browser that is hardened for anonymity and uses the Tor network.

1.Imagine a postcard1 containing the complete destination address which includes: name, house number, block, street, city, state, country.

2.Now, imagine another postcard2 containing all these information written with an invisible ink. One information can only be revealed at each level by a specific dye or solution by the postmaster, which allows it to get transmitted to the next level say country-then state-then city and so on. This hides complete information at each level and yet allows the letter to get through without the knowledge of where it has come from at that level and the name of end recipient, thus providing anonymity to it. Postcard1 is the normal browser, while postcard2 is a tor browser which provides anonymity to the users by:

a) encrypting information at each successive level like an onion peel b) routing traffic through random IP addresses of thousands of tor volunteer servers worldwide.

That explains onion and router which corresponds to encryption and IP hopping respectively.

Tor Browser is actually just Firefox with a few “enhancements”, like using a socks proxy to route your traffic to many other servers to anonymize where you are. Also Tor (so they say) doesn't write any data to your hard drive, like pictures, browsing history, or passwords. Other than a few security upgrades Tor Browser looks and acts exactly like Firefox.

Tor browser used with a VPN (Virtual Private Network) can be the ultimate way to explore the web privately without having your ISP (Internet Service Provider) (and government) spying on you and your online data (your internet activity). After all, it’s no one’s business what you do when you surf the web. One of the best ways to secure your data is to use a virtual private network (VPN), which provides greater control of how you're identified online. Simply put, a VPN creates a virtual encrypted "tunnel" between you and a remote server operated by a VPN service. All external internet traffic is routed through this tunnel, so your ISP can't see your data. If the site you're heading to uses HTTPS, your data stays encrypted, too. Best of all, your computer appears to have the IP address of the VPN server, masking your i

... keep reading on reddit ➡

👍︎ 11
📰︎ r/TOR
💬︎
📅︎ Oct 02 2017
🚨︎ report

Please note that this site uses cookies to personalise content and adverts, to provide social media features, and to analyse web traffic. Click here for more information.