[ art / civ / cult / cyb / diy / drg / feels / layer / lit / λ / q / r / sci / sec / tech / w / zzz ] archive provided by lainchan.jp

lainchan archive - /r/ - 152



File: 1492095614995.png (49.91 KB, 300x110, i2p+tor.png)

No.152

Is the future on dark nets (intra-nets under the Internet)? Day after day the design of websites of Internet became more insecure, bloat and invasive in the technical side and political/law side don't see the problems of surveillance in a long run.
While looks pretty complex to fix this on the political side, in technical side looks more promising with refine from some old projects like I2P and Tor.
Well, what is your opinion, lainon?

  No.153

We need a new internet altogether
I'm in favor of internet/outernet through radio signals

  No.156

>>153
Why is OUT in contrast to INTER?

  No.157

>>153
This don't make sense. Long radio signals don't work well to transport large files and if want transport only text we can use a new Morse code and encrypted signals.

>We need a new internet altogether

Also, are talking about infrastructure or just the protocols?

  No.158

If the West follows Russia and China in having greater control over the Internet, it might be possible. I don't think each country is going to have a "national internet", but there are attempts by different governments (notably the UK) that limit privacy and freedom. So it is possible that dark net is going to rise in importance in future.

  No.163

Should I install linux for information security? Now I use windows 7.

  No.189

>>156
*outer

>>157
New infrastructure and new protocols if that infrastructure requires them.
that is why I'm behind radio signals, we can't cover the world with cables, here in latin america we have very thin connection because everything come and leaves in just 3 cables.
Also look up High Speed Multi Media, HSMM, people already has made radio meshnets but commercial radio and local law are making its adoption impossible.

  No.200

>>189
It's not inter- as in internal network, it's as in inter-networked. What does it mean for something to be outer-networked?

  No.202

File: 1492121857496.png (23.36 KB, 200x150, 1415451252568.jpg)

>>200
I dunno man
Lets change outernet to externet in this conversation

  No.203

>>152
I think that the current protocols and how the internet is used in general is insecure. At most levels on what is considered the "clearnet", various layers can be compromised: IP addresses not being under your full control, nor DNS records, and especially not email addresses which

  No.220

The protocols are insecure and so is the whole deal. There is a need for an anonimity friendly protocol.

  No.234

>>220
Which protocols? Why are they insecure?

  No.261

>>163
Far out man, even windows 10 as strong as windows 7 with blocks in place, the advantage of linux is you know whats running an when.

Thats its strength.

  No.306

Kovri seems interesting. Its a c++ version of i2p being maintained by the monero people (monero is the anon crypto coin)
https://github.com/monero-project/kovri

  No.311

I2P has a much more interesting architecture than Tor, however, Java cannot be trusted as the official binaries are by Oracle, a capitalist corporation in the US. That means the official binaries nearly certainly have backdoors.
As for OpenJDK, sure, but how many people have that installed? I don't have any Java installed at all, and many people simply have Oracle's binaries.
I wonder why the I2P and Freenet people continue to use Java when it's known that US companies can't be trusted. Oracle wasn't on any PRISM slides, but it's really in a similar position.
On the topic of trusting compilers, while Clang and GCC aren't made by corporations, both of those are written in C++, meaning, one needs a C++ compiler to compile them. Suspicious: why wouldn't a compiler for Unix be written in C?
That said, I miss using I2P and Tor, haven't used them much lately. I used to participate in some hidden service webforums, but the one I was using most was taken down when a government found some guy who was giving out free hidden service hosting and stopped him.
>>153
What do you want to replace TCP/IP with? Is something wrong with TCP/IP?
>>163
Windows is not secure since it is not open source or audited.
>>306
https://privacysolutions.no/
I remember this project was also started to try making a different i2p router.

  No.333

>>311
>Suspicious: why wouldn't a compiler for Unix be written in C?

What does the fact that it runs on *nix have to do with anything? GHC, the Go compiler and rustc all run on Linux. Should they be written in C too?

  No.336

>>333
Because C is a cornerstone of Unix, and a Unix's C compiler is expected to be the one compiler you can trust to compile or bootstrap other things with.

  No.347

OP here.

>>163
Maybe. First, give us your threat scenario and the motive you need to use windows.

>>158
I see in a different way. Try to create a "Great Firewall" is a pretty complicated step. The first step for control of web is create/control a "gated community" like the Facebook and his clones. Then control WEB friendly major services, google and clones to finally create a great firewall to just do the "extra work".

>>189
I'm from America Latin too, but in SA we have a lot of scenarios. Radio Signal maybe be cheaper but bandwidth will be pretty slow. Also, sadly the smartphones were the first computers of most Latin Americans and I don't like see the Internet become a group of apps.

>>203
I agree, but I think the correct word is obsolete instead insecure. The problems the organization instead change the protocols prefer to fix the same with silver tape (best ex: HTTP and HTTPS).

>>220
Well, we have a start with Tor, Tox, I2p and others.

  No.349

>>336
>appeal to authority or tradition

  No.351

>>336
>>349 (Me)
Sorry, I will elaborate a bit.
There are really good arguments against C, one relevant to your concern is that you no longer can know what the output of the compiler will be because so much is done by the optimizer. In this light, the trust you talk about is mitigated.
Then, different unices have different compilers, and often projects and compilers are incompatible with one another (see >>326), so while in principle this may be the case, in practice you really don't have that trust.
Looking back at your post, you were actually talking about gcc and clang being written in C++. I have nothing to argue there, they are essential to the unix environment so yeah, you're right.

  No.355

>>189
>here in latin america we have very thin connection because everything come and leaves in just 3 cables
Why not just put in more cables?

  No.367

>>355
Economic and Geography problems. But in large center we have a "good" Internet.**The model of AT&T and sons still alive around the world**

  No.424

After I finish my degree I'd like to design meshnet software for mobiles. That way any high density area would have a decentralized net available.

  No.437

>>234
>Which protocols? Why are they insecure?

Let's go down on the OSI model:
- Physical Layer: most of the devices run proprietary firmware and have bad security. That's the case of bluetooth, for example
- Data link layer. Your machine should not have a unique identifier (such as MAC address) because a good protocol should not have (or minimal) metadata leak.
- Network layer. IPv4 and IPv6 is not encrypted by default. It should be. Attempts to encrypt it, like IPsec, have been controlled (by NSA) to be weak by itself (source: bruce schneier)
- Transport layer. TCP is bad because it leaks metadata and because of DDoS attacks. UDP is not that bad, though. Although the (dead) SCTP project seems better
- Session layer. PPTP was a joke
- Presentation layer. nothing to talk
- Application layer. Most of then are a joke, especially HTTP and FTP, because of metadata and not encrypted by default (yes, TLS is a joke too).

>>311
>What do you want to replace TCP/IP with?

- Physical Layer: DASH7
- Data link layer: Should not have a UID
- Network layer: check Netsukuku IPv7 approach
- Transport layer: SCTP seems good. UDP is not bad too, if encrypted by default
- Session layer: no need
- Presentation layer: don't seem much problem here
- Application layer: something new, that don't leak any or very little metadata and is encrypted with strong crypto by default

  No.500

>>437
What does something like Cjdns seem like to you?

  No.506

Yet another re-implementation of the i2p router, in an even more sane language:

https://github.com/hkparker/go-i2p/tree/master/lib/common

  No.511

>>500
>cjdns
It's not bad, but:
- It's not an anonymous routing
- Has no concerns about leaking metadata
- Uses IPv6, that had some flaws in it's history (although it's encrypted by default on cjdns, which is good)
- Still relies on cable and not on EM waves such as DASH7
- Do nothing about the application layer, therefore, using the same soykaf we use normally: http

It's not bad, as I said, but I think a new network should be:
- Anonymous and distributed by default (maybe use steganography on the tranmission of the packets)
- Work as a meshnet, using something like DASH7
- Have it's own name resolution system, such as OpenAlias
- Leak very little metadata (the network should not give any UID to users... don't ask me how it would work, it's just an hypothesis)
- Use strong crypto, preference to PQ-crypto
- Have a formal proof and formal verification of the code (check Isabelle/HOL and Coq)
- Capability based, secure by default and simple code
- Have privsep by default

  No.513

>>511
>the network should not give any UID to users
If you're not giving any identification to nodes, the only way to send data anywhere is to broadcast it to the entire network and have each node capable of recognising data meant for it... hardly efficient.

  No.556

File: 1492355825193.png (29.08 KB, 200x199, 1487543662925.jpg)

>>347
I can't find a source on how fast radio internet could be but supposedly it can handle the same traffic and content the current internet does.
I don't think smartphones and internet apps are bad, the bad part is that they're proprietary.

>>355
>mfw

  No.567

>>424
for greatness and freedom
do it

  No.571

I think I2P has to be the future. Tor is centralized by design. I2P is the best of both worlds between Tor and Freenet. Everybody acts as a node, but there are no negative consequences to doing such. Nobody has to store data for each other.

I think IPFS inside of I2P is the future. Almost permanent data on an entirely anonymous web. This needs to be the future if we are ever to be free.

  No.691

>>511
>- Still relies on cable and not on EM waves such as DASH7
>- Do nothing about the application layer, therefore, using the same soykaf we use normally: http
You talked about the OSI model earlier, but apparently you have no idea what its actual purpose is.

>- Leak very little metadata (the network should not give any UID to users... don't ask me how it would work, it's just an hypothesis)

>don't ask me how it would work, it's just an hypothesis
Could you please refrain from speaking further about this subject until you actually have a clue as to how networking works? Doing this would require every packet be broadcast to every node on the network and would be unusable, as each computer trying to connect to the network would need to sort through every packet on the network to find out what packets are meant for them.

>>571
>I think I2P has to be the future. Tor is centralized by design. I2P is the best of both worlds between Tor and Freenet
You do know that I2P, Tor, and Freenet are designed to accomplish different things, don't you?

  No.707

>>556
Can't WiFi itself be considered radio internet?

  No.714

>>691
They are designed to do different things, but only I2Ps model would be able to replace the internet.

  No.1143

any mod here? please move this thread to >>/sec.

  No.1144

Moved to >>>/sec/133.