/tech/ - Tech

Technology.

catalog
Mode: Reply
Name
E-mail
Subject
Message

Max message length: 8192

Files

Max file size: 20.00 MB

Max files: 3

Password

(used to delete files and postings)

Misc

Remember to follow the rules


(5.75 KB 256x256 t56756756.jpeg)
Let's talk VPNs Comrade 01/27/2020 (Mon) 15:36:01 No. 119
I was using riseup.net as a VPN, but, now cloudflair (The upstream provider for the site) is blocking it. Furthermore, it's come to my attention that riseup boofed their canary after the FBI requested server logs. They are glowin the darks, for real, and confirmed. What VPN would you suggest anon? What VPN, if any, do you use. I was thinking of routing all my traffic over tor, but, currently the site still blocks tor traffic. Help me out guys, I feel naked, thanks.
>>119 Tor. The fact there are blatant paedophiles using the service to distribute 🧀 🍕 shows that the state is at least finding it difficult to police
>>119 >it's come to my attention that riseup boofed their canary after the FBI requested server logs Source? When did this happen?
>>121 https://en.wikipedia.org/wiki/Riseup It's true, anon. >In 2011 Riseup was said to be the only one of several subpoenaed groups to resist subpoenas related to 2008 Bash Back protests.[17] >In 2014 the Google I/O conference was disrupted by protests. The protest outside was led by Fletes and Erin McElroy from Riseup.net and the Anti-Eviction Mapping Project.[18] >In 2014, Riseup Network was one of several claimants against GCHQ in international court. Devin Theriot-Orr of Riseup.net said, "People have a fundamental right to communicate with each other free from pervasive government surveillance. The right to communicate, and the ability to choose to do so secretly, is essential to the open exchange of ideas which is a cornerstone of a free society."[19] >In mid-November 2016, an unexplained stealth error appeared in Riseup's warrant canary page, and they did not respond to requests to update the canary, leading some to believe the collective was the target of a gag order.[20] On February 16, 2017, the Riseup collective revealed their failure to update the canary was due to two sealed warrants from the FBI, which made it impossible to legally update their canary. The two sealed warrants concerned a public contact of an International distributed denial-of-service attack extortion ring and an account using ransomware to extort people financially. The decision to release user information has been criticized in the hacker community.[21] The canary has since been updated, but no longer states the absence of gag orders.[22]
>>119 Mullvad, paid in cash and registered from an Internet cafe.
I heard that if you visit website "A" without Tor and then start visiting website "A" with Tor, your identity can be revealed? Therefore you should only use Tor to visit one set of websites and clear web for a different set of websites. Never mix. Is this true?
>>124 Through cookies, fingerprinting, logging into the same accounts... All of that can reveal you. Which is generally why you should use a browser dedicated to TOR (the TOR browser) and use completely different accounts when using it, if any at all.
>>123 I need one compatible with linux, anon.
>>120 Those pedophiles are the state
get N O R D V P N with the promo code "cockandballtorturefanatic69"
>>128 Please god no. Don't remind me of fucking nordvpn
Can anyone recommend a VPN that isn't tor? Thanks
>>130 Ghost vpn is a cheap and good one
>>127 Please provide evidence for this assertion.
>>119 Riseup is not glow in the dark. They stopped updating their canary like they should've, everyone using it should have understood to tread lightly. Once the NDA broke they made a blog post explaining it. It wasn't a broad search for all user data, but rather a search for data from a ransomware seller's email. If your security can be broken by a mail server being seized, your opsec is fucking terrible and you should reevaluate the risks you're taking. If you're being a fucking retard and sending unencrypted clearnet emails with sensitive information no email provider will save you. Protonmail is not a solution either. Learn how to tor + gpg. >>125 Tor is not an acronym. >>130 Before I recommend this, I want to make it clear that vps are only good for a few things: torrenting and hiding your personal traffic from your ISP. Don't use a vpn for illegal things you dummy. Here's how you get a vpn and not expose any personal information of yours except for your ip address. 1. Obtain crypto. If you cannot break the money trail between you and the crypto learn how to opsec. 2. Buy a stolen account from a reputable vpn company. 3. Use vpn. Usually these accounts are cheap as fuck (like a 2 year plan for $5). Vpn companies shouldn't care about what IPs are connecting to the account. Most don't give you a way to check how many connections you have at one given time either. Chance of getting caught is low, unless you're a retard and change the password. Vpn companies are not invulnerable to data leaks. Just recently NordVPN had their member's personal information leak. Emails, usernames, etc. associated with the account. A stolen account user is unaffected. For those that are actually into opsec, this also provides a clean way to get a vpn to tunnel tor traffic through. Utilizing qubes is great in this regard. E.g. sysfirewall - provides clearnet -> syswhonix - provides tor > sys-proxy - provides proxied internet -> targetvm This makes getting to sites that block tor exit nodes easier. It makes it so you don't have to give a vpn your actual ip to get to unrestricted clearnet. Of course, for all intensive purposes, illegal activities most likely should not be conducted this way.
(16.97 KB 480x360 hqdefault(3).jpg)
>>132 Look it up yourself you dumb motherfucker.
>>134 This is /pol/-tier posting. Please post sources for your claims instead.
>>124 It can be revealed but that depends on what you do. If you login to the website with the same user account both with and without Tor then obviously yes. Otherwise not necessarily because Tor Browser does quite a few things to make your fingerprint minimal and generic. Especially if you block javascript ("Safest" security level setting). I recommend reading some articles on fingerprinting and how people can reveal their identity through their own mistakes. You should have a good idea of how all this works. Usually it's a combination of things that gives you away, which is why compartmentalizing is essential.
>>133 >Tor is not an acronym. Yes it is. Tor stands for "The Onion Router."
>>135 Spoonfeeding common public secrets seems harmful. And regarding these sort of dangerous accusations, the sources that are missing are more telling than the ones that are publicized. https://en.m.wikipedia.org/wiki/Westminster_paedophile_dossier Also the whole Epstein debacle. Just search through his address book if you want to visit some of his "associates"
>>137 IIRC "TOR" was an acronym at first then they decided to use it as a name in itself, so they now spell it "Tor". So you're both kinda right.
>>126 Mullvad has an opensource linux client.
I just leave this here https://thatoneprivacysite.org
>>141 >privacy website >can't even maintain its SSL certificate
>>142 >He falled for the CA meme
>>141 I don't think anybody realistically uses that chart for VPNs. I prefer this page instead: https://www.privacytools.io/providers/vpn/
>>119 Bunkerchan isn't safe at all, no tor address, cloudflare shit at maximum security (so you have to fill Google captchas craps). I would bet there isn't even an ssl certificate server side. Just another low effort circlejerk shit hole to hide your autism from normie world. Why don't you go back to reddit to ask about "VPNs", like do you even know what it is or you've just seen some ads on your Facebook account?
>>129 just curious, what's wrong with it?
>>445 this is just a video about SSL and how VPNs work. what does this have to do with Nord?
>>133 Hey, new to web security. Why is protonmail not a solution? because the traffic would still be going through regular ISPs? Would it work if used with a vpn/tor?
>>2115 protonmail is good in that im pretty sure they dont work with US authorities, being Swiss they are outside EU/US jurisdiction and they have no need to comply with the FBI for example. OTOH if you login to an email account using your real ip there is likely a log of it somewhere which is why you should use tor also emails are unencrypted by default which is why you should use GPG
>>2127 CryptoAG were Swiss too and it turns out they were owned by the CIA. Needless to say, they backdoored everything.
>>124 It all depends on how you use it. The problem is that most people don't understand how Tor works so they shoot themselves in the foot. Then anti-Tor propagandists claim that's a flaw in Tor itself. It would be like saying hammers should never be used because some clumsy people hurt themselves.
>>2115 You can use anything over Tor that doesn't block Tor, and even then you can bypass blocks by adding various kinds of proxies to the end of your Tor connection (even web proxies are useful). Protonmail provides its own onion address, meaning your connection to their server never leaves the Tor network. https://protonirockerxow.onion/ Do not trust any email provider though. Compartmentalize and anonymize as much as possible. This means using different email account for each "operation", with each operation being reduced to its bare simplest actions as much as possible. Always connect to email providers with a fresh Tor identity. If you're doing anything illegal or suspicious then encrypt the contents of your messages.
>>126 Im using mullvad right now on Debian
>>119 Surfshark because it's cheap and easy. Better than many, not as good as Mullvad though.
friends how can i set up tor through vpn? I've been using VPN->TOR browser->internet but I want to be able to post images here mainly so how could I get it so that it goes VPN->TOR browser/TOR->VPN->internet?
>>4574 I have used that set up with Whonix, I basically just installed openvpn on the Workstation VM, so that it connects to a VPN through Tor - which is running on the Gateway VM. They have a guide here: https://www.whonix.org/wiki/Tunnels/Connecting_to_Tor_before_a_VPN Ideally you should use Tor+VPN only for a single website per VPN so for that purpose Whonix might work well enough. The drawback is that you're removing an important feature of Tor by adding a VPN at the end: different circuits for different endpoints. This is what Tor project wiki says: >you can't readily do this without using virtual machines. >you're making a bottleneck where all your traffic goes -- the VPN/SSH can build a profile of everything you do, and over time that will probably be really dangerous. https://trac.torproject.org/projects/tor/wiki/doc/TorPlusVPN#You-Tor-VPNSSH
>>4578 Thanks for the advice, anon. I would like it if I could post photos/files on this site while using TOR like I used to be able to.
>>4580 You should complain to mods in /gulag/. It'll probably get even worse before burger elections, with whole Tor network permabanned on /leftypol/ because of one /pol/ spammer.
>>4581 I have complained and they don't respond. Massively fucking gay. On /leftypol/ which I consider to be the main board for this site I'd say most TOR exit nodes are perma-banned and on other boards you can sometimes post but you cannot post images which makes /hobby/ and /GET/ far less fun. banned from /leftypol/. Reason: "spam". This ban will not expire. Your ban id: 5efc792d17d6321c14305723.
>>4618 I read this as if donald trump were saying it. Also, TOR exit nodes work. I have been posting on them for weeks now.
>>4620 >I read this as if donald trump were saying it. You have some serious mental issues if you see donald trump everywhere. This is not vladimir putin speaking either, if that's not obvious. >Also, TOR exit nodes work. I have been posting on them for weeks now. No, anon is right, lots of Tor exit nodes are permabanned on /leftypol/ with a few "wide" bans (applied via CloudFlare's tools?). When you finally find a node that evades all of those bans you still can't upload files. It's only somewhat annoying now, but I'm pretty sure the situation will get a lot worse at the height of burger elections. And will likely stay that way for some time afterwards, until mods come back to their senses. We always go through this again and again whenever a spammer or a schizo makes a visit to /leftypol/. A few months ago you could not post on that board at all. Same thing last year after 8ch died. I would be really surprised if any of the mods regularly use Tor. Complaining about bans does not make me /pol/. Mods understand this, I don't know why tards like you can't.
Sorry for my non native English. Every day more proxy and VPN IP are blocked with this message: >Your IP was recognized as a known spammer I found one working proxy after two hours trying many proxies. Yesterday three proxies I used still worked, now all three give this error. All free ProtonVPN IP give this error too. My country is bad so proxy and VPN are necessary. But, government knows who pays for anything so free list proxies and free VPN are the only safe way. It is not full safe but avoids their radar. This method works for years, I posted on 8chan left wing boards and after post on this site with no problem from authorities. More sites block proxies and VPN every day, now for accessable email only ProtonMail works. What can be done?
>>4635 You can try Tor Browser. These links are official mirrors: https://tor.eff.org/ https://tor.calyxinstitute.org/ https://tor.ccc.de/ When you run the browser, don't connect directly if you're not sure that it's safe. Configure it to use a "bridge". This will hopefully evade any blocks and monitors in your country. If /leftypol/ still says your IP is banned, then change the circuit (Ctrl+Shift+L) and try posting again. You might have to change the circuit a couple of times before it works.
>>4635 >>4636 But this site really needs to figure out a better way to control the schizo-nazis than simply carpet banning tons of proxy IPs and expecting everyone to just post directly from their home network.
>>4618 what if the mods let TOR posters post images on the non /leftypol/ boards because most of the schizos who come here to be annoying and derail things almost exclusively post on the main board so it might be worth trying to give TOR users a bit more freedom here?
>>4635 It's really annoying jumping between servers. I have the paid version of protonvpn so there are still some I can use. They should reduce the max ban length or something.
>>4644 >>4635 They have, its called the block bypass and it will get you past the vast majority of board bans including general spam ones. See this post for instructions >>>/gulag/6773
>>4646 Tor users don't have the freedom to post images out of fear that general trolls will spam CP or illegal content rather than derailers.
>>4648 Not that guy, but it doesn't work with any of the proxies or VPN IP's I tried. Still says "your IP was recognized as a known spammer".
>>4648 >>4892 Just to be clear, I tried probably at least fifty proxies since seeing that post about the block bypass. A couple worked for one day, but then the next day they'd been b&. Now, I can't find a single proxy that works on any of the proxy list sites I know and although that anon mentioned that ProtonVPN doesn't work, I tried with the block bypass and as expected, at least the free IP's don't work (but >>4647 said there are "some" paid ones that still work, which means it's only a matter of time before none will). For a site like this, it's really a shame that Cloudflare is used as the means of "protection". They've made it clear that they're against anonymity. I'm lucky to be from a country where the highest risk I face for posting here is over failure to report communists, so I don't need proxies, but I would prefer to be anonymous (and for me Tor isn't a solution since I post pics a lot, and most Tor nodes are banned anyway). Also, I believe even one person who wants to post not being able to post because of Cloudflare's bullshit is one too many. Seriously, is there no alternative to Cloudflare?
>>4894 I'm one of the anons who complained above about the Tor bans. For me "block bypass" works 99% of the time. **The scenario is usually like this: - try to post on /leftypol/, get alert saying my IP is banned - click "Extra" in the post form and select "Make sure I have a block bypass" - click "Reply" again, this time a captcha appears (not Google's infinite loop shit) - can now post without any further bans or captchas I'm afraid of saying that though lest some dev or mod considers this a hole and makes torposting impossible again lol.**
>>4900 Would like to echo the same problems. Can't we have a temp ban on tor posting after a raid or something? Or at the very least make tor posting without pics/files always okay. Then make photos a captcha thing? What's the worst that could happen if you allow tor text posting? I mean if frequent posting became an issue put a cooldown on the threads so that they can only get posted to every 10 seconds or something. This gives jannies enough time to see if there is a problem. Making tor posting so annoying is definitely an mistep imo for an obscure leftist chan. I've also thought about this >>4646. No pol-tard wishing to raid is going to know that these boards are less protected. Anyways I think we should all agree here that text-only tor posting should be unhindered.
>>4900 >For me "block bypass" works 99% of the time. Good for you, but what about posting pics? It's also probably only because Cloudflare doesn't have the resources to block all Tor nodes (yet), but they can block all proxies on proxy lists even if there's a delay between them appearing on said lists and them getting blocked as "known spammer" IP's. Obviously most of them haven't been used for spam on this site, but they're blocked on every site that uses Cloudflare. These are the proxy sites I know of, whose proxies are all blocked within a day or two in the rare case where one works at first: https://www.sslproxies.org https://proxy-list.org http://www.proxylisty.com http://www.freeproxylists.net It's good if the block bypass works for Tor, but especially on a site like this it's pretty fucked that anonymity must be compromised at all. 8chan used Cloudflare but didn't implement Cloudflare's spam blocks (except after raids), at least when I still posted there. I just tried as a test to post on 8kun with a proxy and a VPN and it works, too. If a hangout for far-right white supremacist terrorists can do that, why can't a mostly reasonable left-wing site?
>>4904 I totally agree about imageposting, that's something that frustrates me too, although sometimes it still works if you're lucky. I've even been thinking of using Whonix+VPN setup just to bypass that, but it's not worth the trouble. >It's good if the block bypass works for Tor, but especially on a site like this it's pretty fucked that anonymity must be compromised at all. In what way is anonymity any more compromised when using "block bypass"? Mods can see that your posts come from the same exit node, it's all IP-based AFAIK. Nothing stops your from creating a new circuit or restarting your Tor Browser session.
>>4905 >it's not worth the trouble Ideally there wouldn't be any trouble at all in the first place... >In what way is anonymity any more compromised when using "block bypass"? That's not what I was referring to. I meant blocking proxies and VPN's is fucked up since that compromises anonymity. It's not really this site's fault but rather Cloudflare's spam blocking, but I think having Cloudflare's spam blocking on a site like this is pretty fucked up to begin with. I mentioned 8chan and now 8kun not having those, when its users are constantly advocating for violence based on race, gender, etc... so why does a far more reasonable site like this need those kinds of anti-spam measures? If the block bypass worked with all proxies, VPN's and Tor nodes, then that'd be great, but it doesn't. It's good if it usually works with Tor, and for me the consequences would most likely be only a fine in the worst case so I don't need a proxy like I said and which is how I'm posting here right now, but I assume >>4635 for example is referring to more serious consequences. How can the proletariat of the world unite if uniting is made hardest for those who need it the most?
So I've literally just tried over fifty proxies today and none of them worked even after doing the "block bypass" captcha. All still gave the exact same error message: >Your IP was recognized as a known spammer. Cloudflare has really rammed up those anti-proxy "defences", it seems. Good to see people on /gulag/ are complaining about it too, but will that actually accomplish anything?

Delete
Report

no cookies?