Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
∞ take a peek at our legendary cryptostorm_is twitter feed if you're into that kind of thing ∞
Ξ we're rolling out voodoo network security across cryptostorm - big things happening, indeed! Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit GitHub Ξ

Search found 66 matches

by cryptostorm_admin
Tue Mar 29, 2016 9:54 am
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: voodoo pathway performance-tuning
Replies: 4
Views: 5932

winMTR

winMTR results for the same voodoo network pathway, same client:

Screenshot (80).png
by cryptostorm_admin
Tue Mar 29, 2016 9:44 am
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: voodoo pathway performance-tuning
Replies: 4
Views: 5932

voodoo pathway performance-tuning

As we expect to be doing some iterative performance-tuning of voodoo "pathways" (what we're calling routes, ie supernode/exitnode combinations), this thread is being opened to share performance results, network analytics from client-side perspective, and so on. For example, here's some net...
by cryptostorm_admin
Sat Mar 26, 2016 7:23 am
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: BeyondVPN: voodoo, multi-layered security - throughout cryptostorm
Replies: 16
Views: 24333

BeyondVPN: voodoo, multi-layered security - throughout cryptostorm

As has been recently announced , the Feature Formerly Known As Voodoo (and likely to be known as that for a while to come... because it's fun to say voodoo ) is in process of being integrated into and deployed throughout the entire cryptostorm network. This has been made possible in great measure as...
by cryptostorm_admin
Fri Mar 18, 2016 10:32 am
Forum: DeepDNS.net - cryptostorm's no-compromise DNS resolver framework
Topic: TrackerSmacker: philosophical considerations
Replies: 11
Views: 11920

TrackerSmacker: philosophical considerations

I've taken the liberty of opening this parallel thread, in order to split off more philosophically-driven discussions of TrackerSmacker from the technical/bugfix side of things. Because, well, the main thread is almost as active as the least-active old boring threads on XDE Forums - yikes! :-) Anyho...
by cryptostorm_admin
Mon Mar 14, 2016 10:01 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Good times w/ DMCA monkeys & katstorm.faith (et al.)
Replies: 8
Views: 264455

Re: the katstorm.party TLD version of our KAT proxy

After a bit of back-and-forth, it looks like the katstorm.party TLD - which we enabled last year, early on, as a core director to our KAT proxy itself - has been removed from registrar jail by Alpnames . That's good stuff. We're still talking with them about the "use" to which we put that ...
by cryptostorm_admin
Fri Oct 02, 2015 6:40 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Good times w/ DMCA monkeys & katstorm.faith (et al.)
Replies: 8
Views: 264455

Dear KickAssTorrents admins...

Hello good people of kat.cr... We write to you, here, because we're not sure what email address works or who makes up the admin team - so it's efficient to post the text here and hope we can direct your attention to it for a moment. A week or three back, it seems pretty clear that you started blocki...
by cryptostorm_admin
Thu Jul 30, 2015 7:25 pm
Forum: general chat, suggestions, industry news
Topic: Please three character search terms on the forum
Replies: 4
Views: 7195

search fix in testing - feedback requested

This three-character thing is somewhat hard-coded into the parameters of the database backend, but we've done a bit of fiddling to enable alternative search functionality which - in theory - will work around this annoying limitation on search. That three-character limit is annoying and not something...
by cryptostorm_admin
Tue Mar 24, 2015 11:05 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: hardware replacement (hard drive) in process: turing.cryptostorm.net
Replies: 2
Views: 8293

Turing physical forensics

We've been seeing transient instability in Turing since late last week. Process drops, heavy congestion at softIRQ. Our first concern is to ensure there's not an OS compromise despite our grsec-hardened node kernels . To support that, all nodes redundantly archive encrypted copies of kernel error lo...
by cryptostorm_admin
Sat Feb 14, 2015 11:11 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: HOWTO: confirm authenticity of cryptostorm.is & cryptostorm.org SSL certs
Replies: 0
Views: 9554

HOWTO: confirm authenticity of cryptostorm.is & cryptostorm.org SSL certs

{direct link: cryptostorm.org/sslcerts } Here are the currently-installed SSL certificates (public exponent) for our two main production websites, cryptostorm.org & cryptostorm.is. We will also add certificate materials for secondary domains such as torstorm.org, as well as keep this post updat...
by cryptostorm_admin
Thu Feb 05, 2015 8:01 pm
Forum: independent cryptostorm token resellers, & tokens 101
Topic: 3 aleph tokens for sale {two sold & transferred | one remails}
Replies: 17
Views: 20131

hashed token excision

This transaction brought up a number of interesting questions, and rather than hitting them in bits and pieces here, we've provided a more substantive reply in a formal policy thread recently posted. We can't "revoke" tokens as we don't have tokens once distributed... but we can excise has...
by cryptostorm_admin
Thu Feb 05, 2015 7:55 pm
Forum: independent cryptostorm token resellers, & tokens 101
Topic: stormcoins: cstorm facilitation of token resales, token hash excisions, & token refreshes
Replies: 6
Views: 12440

stormcoins: cstorm facilitation of token resales, token hash excisions, & token refreshes

{direct link: cryptostorm.org/stormcoins} As cryptostorm's membership base has grown, and the open-ended, decentralised components that together constitute cryptostorm have each seen smart and creative people begin thinking about and making use of them in new and often unexpected ways, novel circum...
by cryptostorm_admin
Fri Jan 23, 2015 10:59 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Portuguese cluster - teething pains [RESOLVED]
Replies: 49
Views: 47050

new Lisbon box entering production pool...

HAF entries for the newly-provisioned tagus (Lisbon) are propagating now; the node should be production-available within several hours of this post. We'll make an official announcement when that takes place. Meanwhile, if the resolver pools begin to show those Lisbon-based IPs here and there, this i...
by cryptostorm_admin
Thu Jan 22, 2015 6:57 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: contacting cryptostorm: per-channel coordinates, useful details, obscure warnings, rambling observations, etc.
Replies: 3
Views: 18372

PGP key ID 0xE9C7C942 ~ support@cryptostorm.is

Currently-propagated, non-revoked PGP public key used by support@cryptostorm.is for general communications: fingerprint : 4D87 F984 A222 8392 57FE 36A5 BBDB 991A E9C7 C942 cryptographic primitive : RSA, 4096 bits version info : GNUpG v.1 key ID : 0xE9C7C942 full public key publication - alternative ...
by cryptostorm_admin
Sun Jan 18, 2015 1:34 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Portuguese cluster - teething pains [RESOLVED]
Replies: 49
Views: 47050

new_tagus (anchor node)

Still awaiting final IP punchdowns... we've reminded the DC to get this done timely, which normally would've happened several days ago. Most likely, we just hit bad timing over the weekend.

tagusstatus.png


Cheers,

cs_admin
by cryptostorm_admin
Sat Jan 17, 2015 6:32 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: US-central exitnode cluster | anchor node = mishigami.cryptostorm.net | updates & "crazy shit"
Replies: 4
Views: 8030

{archive}

{archival version of the original post in this thread, now edited to bring current ~admin} We are currently in process of making some changes and upgrades to the network-side server resources that support our Eastern United States exitnode cluster. Our cluster is anchored by a machine in Virginia, ...
by cryptostorm_admin
Wed Jan 14, 2015 4:25 pm
Forum: general chat, suggestions, industry news
Topic: notification on topic reply
Replies: 8
Views: 8883

dildargee1

Yeah, right! Either you are a badly prepared scammer, a snob, or your company doesn't get even the most basic security measures right. I wouldn't do business with your company even if it was the last one left on this planet. For the record, this is apparently a spambot - or at least a human who has...
by cryptostorm_admin
Tue Dec 16, 2014 9:49 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Icelandic power outage: 15 Dec 2014
Replies: 4
Views: 7548

Icelandic power outage: 15 Dec 2014

This afternoon, we had a multi-hour outage in our Icelandic datacentre, Datacell . Everything is back up & running fine currently. Because Iceland has very limited subsea cable connectivity, and because there's really only two serious datacentres on the island (one of which we strongly prefer, i...
by cryptostorm_admin
Tue Dec 09, 2014 1:32 pm
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: torstorm cipher suite selection
Replies: 28
Views: 43528

Re: torstorm cipher suite selection

Also wanted to point out how important the smileys are in cipher cascades, as we all know:

cryptosmileys.jpg
by cryptostorm_admin
Sun Dec 07, 2014 10:31 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Portuguese cluster - teething pains [RESOLVED]
Replies: 49
Views: 47050

HAF debugging - Lisbon

@cs_admin UPDATE 2 OK, maybe not. That IP (89.26.243.109) seems to be down as well. :P For me it resolves to 89.26.243.108 In this specific situation, 108 should be solely related to Windows instances, and 109 to linux/other; if resolvers are giving different mappings, please let us know and I'll b...
by cryptostorm_admin
Sat Dec 06, 2014 3:36 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Portuguese cluster - teething pains [RESOLVED]
Replies: 49
Views: 47050

Lisbon (Portugal) cluster & tagus node

After several months of frustrating difficulties for both our team and for members, we have good news on our Lisbon (Portugal) cluster. The datacentre in which we host in Portugal has at long last admitted the existence of a severe network connectivity problem upstream from the machine room. This we...
by cryptostorm_admin
Sun Nov 30, 2014 6:54 am
Forum: member support & tech assistance
Topic: Can't register on board
Replies: 5
Views: 3255

manual activation

Apologies for the snag - we're looking into what happened, but meanwhile I've manually activated your account.

Thank you,

cryptostorm_admin
by cryptostorm_admin
Fri Nov 28, 2014 1:27 am
Forum: cryptofree: no-cost cryptostorm network access
Topic: cryptofree conf's - alpha 1.4 for linux
Replies: 20
Views: 26403

Re: cryptofree conf's - alpha 1.4 for linux

Speedtest.net: Ping 98ms | DL 1.92Mbs | UL 10.49Mbs Thanks for posting the results. It is always interesting to see how these present in the wild. During in-house testing of cryptofree, we found enormous variance between what speedtest.net (and other automated, web-based tools) report, and what wge...
by cryptostorm_admin
Mon Nov 24, 2014 1:56 pm
Forum: DeepDNS.net - cryptostorm's no-compromise DNS resolver framework
Topic: cryptostorm running DNS resolvers in-house? Discussion...
Replies: 13
Views: 15055

thread bump & move

As there's now tangible movement on this question, and news to report, we've moved this thread over the community discussion subforum and will post updates here as we move forward.

Thank you,

cryptostorm_admin
by cryptostorm_admin
Sat Nov 22, 2014 10:28 am
Forum: DeepDNS.net - cryptostorm's no-compromise DNS resolver framework
Topic: [Feature Request] Cryptostorm Dynamic DNS Services
Replies: 13
Views: 11684

thread splt

We split off this thread, spawning a separate thread with a slightly broader remit than this, which really is focused on in-house DNS resolution. Since that's a viable topic still under active discussion here, the split feels appropriate.

Thank you,

~ cryptostorm_admin
by cryptostorm_admin
Tue Nov 18, 2014 6:32 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: cryptostorm's Windows widget - version 2.0 'Narwhal' {DEPRECATED}
Replies: 13
Views: 18395

Tap driver mysteriously missing post-install

We have received two reports (one from in-house testing) of a situation where the widget is installed and despite successful install, once connection is attempted there is no Tap driver present on the system. In the replicated example we have produced in-house, we can confirm that there is no Tap dr...
by cryptostorm_admin
Wed Nov 05, 2014 9:10 am
Forum: cryptofree: no-cost cryptostorm network access
Topic: cryptofree conf's - alpha 1.4 for linux
Replies: 20
Views: 26403

raw text

Here's the fulltext of the conf, to make public review more efficient:

<EDIT>
Don't use any configs posted on the forum, they're rarely ever updated here.
Always use https://github.com/cryptostorm/cryptost ... tion_files
</EDIT>
by cryptostorm_admin
Mon Nov 03, 2014 11:35 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: forum upgrade to 3.1.1
Replies: 1
Views: 4687

forum upgrade to 3.1.1

This Saturday evening, the admin team decided to go ahead and upgrade the backend software of the forum (phpBB) to the newly-released version 3.1.1. This is always a balance, and there's pros and cons to any fairly major upgrade of this sort. Pros : 1. Often improved security from bugfixes and code ...
by cryptostorm_admin
Sun Nov 02, 2014 11:26 am
Forum: general chat, suggestions, industry news
Topic: 1.4 config files: bugtracking, feedback, discussion, questions, etc.
Replies: 25
Views: 20190

draft 1.4: dynamic balancer, Mac/OSX

Here is a draft 1.4 version of the Mac/OSC config file for the dynamic loadbalancer pool. It is currently undergoing final in-house testing, and as such if members are interested in a test-drive we're certainly appreciative of any feedback pro or con. There are not major changes to this config as co...
by cryptostorm_admin
Wed Oct 29, 2014 4:57 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Portuguese cluster - teething pains [RESOLVED]
Replies: 49
Views: 47050

Re: Portuguese cluster - teething pains [status update]

I found it to be a bit on the slow side.... As we've worked the hardware gremlin out of this machine - and worked to pull in a redundant box in the cluster - we've not yet fully perf-tuned it to production specs. Actually, I did get it up to spec a while back... but during a debug phase we rm'd the...
by cryptostorm_admin
Thu Oct 23, 2014 8:55 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Portuguese cluster - teething pains [RESOLVED]
Replies: 49
Views: 47050

cluster striping

Could I asked for a update on the node and also this: https://cryptostorm.org/viewtopic.php?f=38&t=6323#p10097 Reply posted wrt Silverlight , and the update on the Portuguese cluster is basically as follows: we disagree on the ontology of the issue that Brisa had in the past; this disagreement ...
by cryptostorm_admin
Thu Oct 23, 2014 8:47 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Silverlight/Netflix performance on cryptostorm
Replies: 10
Views: 11303

Silverlight TCP-based MBR metrics

Tealc, this Silverlight issue has come up in the past, albeit under different circumstances. It's unlikely to be cipher-related, but it's premature to say for sure until we get some objective metrics. The best way for us to knock this issue out is to be able to replicate it from machines where we ca...
by cryptostorm_admin
Thu Oct 23, 2014 3:08 am
Forum: #cleanVPN ∴ encouraging transparency & clean code in network privacy service
Topic: frootvpn.com - publishing "private" client keys
Replies: 3
Views: 17523

frootvpn.com - publishing "private" client keys

This is taken from the frootvpn OpenVPN configuration file , client-side: <key> -----BEGIN PRIVATE KEY----- MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDftRDk9EbrSEH2 gAuSeBUiQXHECZ/KflM1tWRo4DMwNsXuMM5WnqPln38svypE9a5BKGO8ZEsM5LAf Oik5yPYcLGilslYsbowcRsnnrhOkPp2AJDrZzcJCXjdQsCDpapErCzyon58T6V...
by cryptostorm_admin
Wed Oct 22, 2014 12:24 am
Forum: cryptofree: no-cost cryptostorm network access
Topic: cryptofree.me: pre-launch brainstorming & roadmap | CLOSED
Replies: 33
Views: 46914

selective versus totalistic encapsulation

On a philosophical basis, we always cover all packets and all network traffic - to do anything less is the beginning of a slippery slide down the road of DPI and selective routing. For, to make any effort towards segregating certain network usage activities from others, one must do some sort of anal...
by cryptostorm_admin
Mon Oct 20, 2014 4:51 am
Forum: member support & tech assistance
Topic: Trouble Connecting To Portugal
Replies: 14
Views: 7968

Re: Trouble Connecting To Portugal

parityboy wrote:Looks like Brisa is down again. Connection is timing out.


On it; more details in the Portuguese cluster 'teething pains' thread, for those curious.

Thank you,

~ cryptostorm_admin
by cryptostorm_admin
Mon Oct 20, 2014 4:46 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Portuguese cluster - teething pains [RESOLVED]
Replies: 49
Views: 47050

Re: Portuguese cluster - teething pains [status update]

The ops team has been working this all day, with not much to show for it yet in terms of tangible results unfortunately. A second machine in the DC is currently being provisioned, for redundancy, and this hardware is being replaced with an entirely new machine. That process started Friday, but the w...
by cryptostorm_admin
Mon Oct 13, 2014 3:38 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Portuguese cluster - teething pains [RESOLVED]
Replies: 49
Views: 47050

Portuguese cluster - teething pains [RESOLVED]

note : folks seeking the most current client configuration files need not wade through this entire discussion thread! The current versions are always posted in a separate, dedicated thread , and will be continuously updated there. Continue reading this thread if you're curious about the details of ...
by cryptostorm_admin
Sat Oct 11, 2014 1:58 am
Forum: general chat, suggestions, industry news
Topic: Weird incoming connections (Fenrir)
Replies: 14
Views: 12176

Re: Weird incoming connections (Fenrir)

Ok, our support folks flagged this for me to take a look at. I've also asked DF to see if he has any feedback also. My very-fast quick review leads me to believe it's part of the standard background noise of scans one sees out in the unfiltered internet nowadays. Some of those scans will target stat...
by cryptostorm_admin
Sat Oct 04, 2014 1:12 am
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: Torsploit - NSA tools behind attack | CONFIRMED
Replies: 10
Views: 29426

pitcher/catcher IP FOIA to NSA: classified

Last year, there was quite a bit of back and forth regarding two IP addresses associated with the Torsploit attack on Tor hidden services. A summary of that discussion can be found here . Since then, the folks at Baneki Privacy Labs did an FOIA request on the National Security Agency specifically re...
by cryptostorm_admin
Wed Aug 20, 2014 4:47 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: OpenSSL update, network-wide, to version 1.0.1i
Replies: 1
Views: 4992

OpenSSL update, network-wide, to version 1.0.1i

We wanted to let the member community know that on August 8th we completed upgrading all of the nodes across the cryptostorm network to OpenSSL version 1.0.1i. Version "i" was released to full public distribution on the sixth, and it patches up a handful of newly-identified bugs, hiccups, ...
by cryptostorm_admin
Sat Aug 16, 2014 10:49 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Forum Outage - Aug 16/2014
Replies: 2
Views: 5457

Forum Outage - Aug 16/2014

This was due to a staffer who was in charge of watching for domain expiration dates. That staffer is no longer with the company, and we wish him well in all his future endeavors.*






*Ok, just kidding about the ex-staffer angle. :)
by cryptostorm_admin
Thu Jul 24, 2014 6:27 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Montreal cluster - background & discussion
Replies: 16
Views: 14590

Montreal cluster - background & discussion

note : folks seeking the most current client configuration files need not wade through this entire discussion thread! The current versions are always posted in a separate, dedicated thread , and will be continuously updated there. Continue reading this thread if you're curious about the details of ...
by cryptostorm_admin
Mon Feb 24, 2014 2:09 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: final shutdown of Cryptocloud/Cryptocloud VPN
Replies: 1
Views: 7693

cryptocloud.nu announcement

As mentioned earlier, it appears a formal public statement has been issued directly by the other party involved in this. It's been posted here, and a screenshot is made available for ease of access in the event there's problems with that page staying live:

cryptocloud_nu.png
by cryptostorm_admin
Fri Feb 21, 2014 3:44 pm
Forum: guides, HOWTOs & tutorials
Topic: HOWTO: Linux connections to cryptostorm
Replies: 46
Views: 46918

HOWTO: Linux connections to cryptostorm

{this post is under active editing and is a "work in progress" ~ feel free to post suggested edits or additions or specific sentences/paragraphs to include, in follow-on posts & we'll import them up into this connection guide ~admin} This is a newly-created connection guide {direct li...
by cryptostorm_admin
Thu Jan 30, 2014 9:09 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Montreal exitnode cluster hardware maintenance
Replies: 0
Views: 4600

Montreal exitnode cluster hardware maintenance

After extensive investigation and performance-testing iterations, our tech ops team has identified a NIC (network interface card) on one of our Montreal exitnode servers ("Bruno") that is versioned with a driver known to result in transient, erratic, but substantive packet loss episodes wh...
by cryptostorm_admin
Tue Jan 28, 2014 11:59 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: CAPTCHAs for guest posting & registration | CLOSED
Replies: 7
Views: 8369

NuCAPTCHA activated

It is my understanding that the NuCAPTCHA install has been stabilised during our recent custom recompile of Apache & associated packages. If this is not the case, I trust someone will post a note here so that I can debug further. In the meantime, I'm going to mark this issue "CLOSED" -...
by cryptostorm_admin
Sun Sep 08, 2013 4:13 pm
Forum: general chat, suggestions, industry news
Topic: The Ken Thompson Hack: turtles of trust, all the way down...
Replies: 2
Views: 10586

The Ken Thompson Hack: turtles of trust, all the way down...

The Ken Thompson Hack In 1984 KenThompson? was presented with the ACM TuringAward. Ken's acceptance speech Reflections On Trusting Trust (http://cm.bell-labs.com/who/ken/trust.html) describes a hack (in every sense), the most subversive ever perpetrated, nothing less than the root password of all e...
by cryptostorm_admin
Tue Aug 13, 2013 8:02 pm
Forum: general chat, suggestions, industry news
Topic: Google Analytics on cryptostorm sites: discussion (mostly closed...ish)
Replies: 14
Views: 9915

Analytics .js

0x783EA - We've had a pretty heated staff discussion going on regarding Analytics, their .js, the relevance of it, and the best way to open the discussion to our customers & the larger community. There's a really wide variance on our team, all the way from "Google Analytics is evil malware ...
by cryptostorm_admin
Fri Aug 09, 2013 12:58 pm
Forum: privacy seppuku: data, tasks, brainstorming
Topic: cryptostorm - potentially same fate as lavabit?
Replies: 3
Views: 12357

seppuku

In the wake of Lavabit closure, what kind of guarantee, we as potential customers of cryptostorm, would have that cryptostorm would not shut down for similar reasons as Lavabit? Lavabit owner: "I would _strongly_ recommend against anyone trusting their private data to a company with physical t...
by cryptostorm_admin
Wed Aug 07, 2013 6:47 pm
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: #Torsploit takedown: analysis, reverse engineering, forensic
Replies: 76
Views: 134219

IP attribution update

note : we've published this essay, despite the fact that it still awaits the inclusion of quite a few more linked resources, and several rounds of proofing/text cleanup; bear with us, we'll get 'er done, but in the meantime this is we hope useful and timely information for folks who are...
by cryptostorm_admin
Tue Aug 06, 2013 8:10 am
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: #Torsploit takedown: analysis, reverse engineering, forensic
Replies: 76
Views: 134219

Re: #Torsploit takedown: analysis, reverse engineering, fore

The comments in @packetknife's Ars article are, as usual, interesting and challenging and occasionally loopy but always informative. Worth the time to take a look , if you've got a few minutes to spare. Remember: Ars was where Snowden found his moral footing, build his mental toolkit, and became ful...
by cryptostorm_admin
Tue Aug 06, 2013 6:25 am
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: #Torsploit takedown: analysis, reverse engineering, forensic
Replies: 76
Views: 134219

Peer review

In discussions with Kevin Poulsen ( Wired's highly-respected author, for those unfamiliar with his work, which includes the excellent Kingpin ), he has asked whether there might be alternative interpretations of the underlying IP date, presented above, might not instead be that the address is part o...
by cryptostorm_admin
Tue Aug 06, 2013 12:16 am
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: #Torsploit takedown: analysis, reverse engineering, forensic
Replies: 76
Views: 134219

Saying what goes without saying :-)

Lots of new folks visiting, and some may not have read our historical coverage of Tor and the good work of the Tor folks , so we wanted to make a short note here. <ahem> without further ado.. We have, as a team and as individuals, genuine and longstanding respect for the Tor Project's people and the...
by cryptostorm_admin
Mon Aug 05, 2013 10:51 pm
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: #Torsploit takedown: analysis, reverse engineering, forensic
Replies: 76
Views: 134219

procedural note re posting

procedural note : it is not necessary to register an account here in order to post replies (or start threads, or do most anything, really) here in the forum - just hit the "reply" button, pass the (too-easy currently) CAPTCHA, and you're good to go. 'Guest' posting like that does require ...
by cryptostorm_admin
Mon Aug 05, 2013 7:59 pm
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: #Torsploit takedown: analysis, reverse engineering, forensic
Replies: 76
Views: 134219

Re: #Torsploit takedown: analysis, reverse engineering, fore

Thank you for spending the time to pull these resources together. Just to be sure I understand the analysis... the operating assumption here is that all of this *only* happens if NoScipt was set to enable scripts AND you were running a windows machine, right? There wasn't an exploit to disable nosc...
by cryptostorm_admin
Mon Aug 05, 2013 6:34 pm
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: #Torsploit takedown: analysis, reverse engineering, forensic
Replies: 76
Views: 134219

There we go

Well, the story gets more interesting... This morning, we read that information from the NSA's illegal surveillance databases has been routinely finding its way into DEA drug cases , with an entire government "training programme" in existence to mask the source of the information from defe...
by cryptostorm_admin
Sun Aug 04, 2013 9:16 pm
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: Academic papers on possible Tor vulns & de-cloaks
Replies: 9
Views: 18743

Trawling for Tor Hidden Services: Detection & Deanonymizatio

Trawling for Tor Hidden Services: Detection, Measurement, Deanonymization 2013 IEEE Symposium on Security and Privacy Alex Biryukov, Ivan Pustogarov, Ralf-Philipp Weinmann {alex.biryukov,ivan.pustogarov,ralf-philipp.weinmann}@uni.lu University of Luxembourg Abstract Tor is the most popular voluntee...
by cryptostorm_admin
Sun Aug 04, 2013 9:08 pm
Forum: cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity
Topic: Academic papers on possible Tor vulns & de-cloaks
Replies: 9
Views: 18743

Identifying Proxy Nodes in a Tor Anonymization Circuit (pdf)

Identifying Proxy Nodes in a Tor Anonymization Circuit Sambuddho Chakravarty Columbia University, NY sc2516@cs.columbia.edu Angelos Stavrou George Mason University, VA astavrou@gmu.edu Angelos D. Keromytis Columbia University, NY angelos@cs.columbia.edu Abstract We present a novel, practical, and e...
by cryptostorm_admin
Fri Aug 02, 2013 12:15 pm
Forum: general chat, suggestions, industry news
Topic: Just one person of integrity & courage needed: just one...
Replies: 1
Views: 8548

Just one person of integrity & courage needed: just one...

This comment has been posted, on behalf of the Cryptocloud team, in response to Bruce Schneier's excellent summation of the NSA scandals thus far . It reads (or will read, if it ever escapes moderation jail) as follows, verbatim: One federal prosecutor - an Assistant U.S. Attorney - doing her job c...
by cryptostorm_admin
Mon Jul 22, 2013 9:42 am
Forum: #cleanVPN ∴ encouraging transparency & clean code in network privacy service
Topic: The SnitchMyAss/HideMyAss customer betrayal fiasco thread
Replies: 6
Views: 17763

Not for pr0n

The inestimable Pattern_Juggled has added some thoughts on 'Snitch My Ass' and the manner in which they've apparently mastered the shady "VPN review" website game - convincing these affiliate linkfarms to pimp them out as a top "privacy service," despite not only their history of...
by cryptostorm_admin
Sat Jul 13, 2013 6:15 pm
Forum: general chat, suggestions, industry news
Topic: New Techniques Obfuscate, Optimize SQL Injection Attacks
Replies: 0
Views: 3670

New Techniques Obfuscate, Optimize SQL Injection Attacks

New Techniques Obfuscate, Optimize SQL Injection Attacks Black Hat researcher to demonstrate new methods for getting around defenses even more quickly to extract database data through SQLi Ericka Chickowski July 09, 2013 SQL injection attacks already stand as one of the most effective means hackers...
by cryptostorm_admin
Fri Jul 12, 2013 4:21 pm
Forum: general chat, suggestions, industry news
Topic: "Facing Facism," Alberto Cammozzo [research paper]
Replies: 0
Views: 3143

"Facing Facism," Alberto Cammozzo [research paper]

Facing Facism: Unique biometric identifiers and data totalitarianism: socio-technical considerations by Alberto Cammozzo Abstract New technological facts, combined in a social perspective, highlight a possible data totalitarianism based on unique biometric identifiers. This article reviews those te...
by cryptostorm_admin
Fri Jul 12, 2013 1:43 pm
Forum: #cleanVPN ∴ encouraging transparency & clean code in network privacy service
Topic: "VPN review" websites: Good, Bad, & Scammy
Replies: 10
Views: 38090

Re: "VPN review" websites: Good, Bad, & Scammy

As we've recently tweeted , it's nice to see @VPNreviewz honestly disclosing their policy on receiving commissions on VPN services they review. Quoting from their "Disclosure" page , they say that... Disclosure The goal of this website is to provide you with helpful information to assist y...
by cryptostorm_admin
Wed Jul 03, 2013 2:20 pm
Forum: general chat, suggestions, industry news
Topic: New hardware design makes data encryption more secure
Replies: 0
Views: 5127

New hardware design makes data encryption more secure

New hardware design makes data encryption more secure by disguising cloud servers' memory-access patterns Larry Hardesty | PhysOrg Cloud computing—outsourcing computational tasks over the Internet—could give home-computer users unprecedented processing power and let small companies launch sophistic...
by cryptostorm_admin
Thu Jun 20, 2013 3:25 pm
Forum: privacy seppuku: data, tasks, brainstorming
Topic: cryptostorm: our #privacyseppuku pledge... since 2007!
Replies: 2
Views: 18468

cryptostorm: our #privacyseppuku pledge... since 2007!

Cryptocloud's Privacy Policy has said, since 2007, the same thing about being forced to install snitchware on the network: if the cops ever demand that, and if the courts ever actually back them up to the point where there's no further way to fight the demand through the legal system, the company's...
by cryptostorm_admin
Sat Mar 23, 2013 3:21 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: Cryptocloud archives: "jurisdictional jiggery"
Replies: 0
Views: 3281

Cryptocloud archives: "jurisdictional jiggery"

title : Jurisdiction Jiggery For as long as there's been a consumer VPN industry - since 2006, basically - VPN companies have jostled for who can claim to have the coolest jurisdiction. The first example was Relakks setting up in Sweden, and citing the good laws there as a reason to use them (which...
by cryptostorm_admin
Mon Jan 14, 2013 12:51 pm
Forum: #cleanVPN ∴ encouraging transparency & clean code in network privacy service
Topic: PPTP is broken: the oldest "secret" in the industry
Replies: 1
Views: 8692

PPTP is broken: the oldest "secret" in the industry

Thirteen years ago, two security researchers showed that the proprietary PPTP VPN protocol was broken . Badly broken. It's still broken today. Despite that, the first consumer-focussed VPN service - Relakks - launched with PPTP as the only VPN protocol available. Why? Simple - because it's simple. P...

Go to advanced search

Nothing to display.

Login