Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
∞ take a peek at our legendary cryptostorm_is twitter feed if you're into that kind of thing ∞
Ξ we're rolling out voodoo network security across cryptostorm - big things happening, indeed! Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit GitHub Ξ

TrackerSmacker: philosophical considerations

A core mission of cryptostorm is ensuring consistent, reliable network security with minimal fuss & drama. From DNS-based services like our DeepDNS in-browser native .onion/.i2p site access, through grounbreaking research on IP6 leakblocking, & to firewall-based structures to enable "fail-closed" security, this is where we discuss & develop cryptostorm-style leakblock tech.
User avatar

Topic Author
cryptostorm_admin
ForumHelper
Posts: 74
Joined: Tue Jan 01, 2013 5:43 pm
Contact:

TrackerSmacker: philosophical considerations

Postby cryptostorm_admin » Fri Mar 18, 2016 10:32 am

I've taken the liberty of opening this parallel thread, in order to split off more philosophically-driven discussions of TrackerSmacker from the technical/bugfix side of things. Because, well, the main thread is almost as active as the least-active old boring threads on XDE Forums - yikes! :-)

Anyhow, when someone has time, hopefully we'll do a split/merge of existing posts from there, into here. For now, at least there's a dedicated home for such deep critique.

Also, here's a link to some of TealC's well-reasoned push-back on TrackerSmacker, in our main twitter thread. It's worth a look, eh?
cryptostorm_admin - a mostly-shared, admin team forum account (sort of a person, but also shared)
PLEASE DON'T SEND PRIVATE MESSAGES to this account, as we can't guarantee quick replies!
--> feel free to use any of our other contact channels, or post in the support forum
cryptostorm: structurally anonymous, token-based, unlimited ☂ bandwidth, opensource, darknet data security for everyone!
keybase.io validatorsonename.io validatorsPGP key @ MITnetwork statuscryptostorm github
support team bitmessage address: BM-NBjJaLNBwWiwZeQF5BMLYqarawbgycwJ
support team email: support@cryptostorm.is
live chat support: #cryptostorm

User avatar

parityboy
Site Admin
Posts: 1105
Joined: Wed Feb 05, 2014 3:47 am

Re: TrackerSmacker: philosophical considerations

Postby parityboy » Wed Mar 23, 2016 5:37 am

I suppose the real crux of the question is: how far is too far?

Network users are quite happy for CS staff to face off against LEOs and intelligence agencies in order to protect their identities and browsing habits, but are suddenly up in arms at a mechanism that could quite literally save their hides from the latest crypto-ransomware (or worse), which is now starting to be deployed through ad-networks.

Don't get me wrong, I see the other side of the argument as well. "We do this to keep you safe" is a line trotted out far often by malicious state actors whose every intention is to do the opposite. By definition, "a free and open Internet" is exactly that - driven by open specifications, (ideally) open source code and free of unnecessary meddling and interference.

So let me ask this: if - instead of refusing to resolve ad-network FQDNs in the first place - the CS team resolved those FQDNs and then implemented an exit-side anti-virus scanner which would quarantine any malware coming from those domains, would you cry about that as well? Would you rather that malware make its way safely onto your (more than likely Windows) O.S. install?

I certainly didn't hear anyone screaming when the CS team rolled out WebRTC protection. Why not? Surely you didn't want your network traffic blocked, did you?

So, I ask again: how far is too far?

Bear in mind (as was pointed out in the main thread), 99% of CS users are a) NOT power users and b) will most likely be Windows users. So that's 1) not tech-savvy and 2) highly vulnerable: a poor combination. Also consider that there will also be an increasing number of Android (including smart TVs) and iOS devices using the CryptoStorm network. Those devices are just as vulnerable as any Windows install, if not more so.

Also bear in mind that these ad-networks are a pretty good platform for CINs, at least to my way of thinking. It's a pointless exercise having cryptographically-validated OpenVPN and HTTPS sessions if you're only going to transport zero-day malware along them anyway.

Maybe Cryptostorm users don't realise how important this network is, what it can support and what it means for the future. Maybe Cryptostorm users don't realise what they are getting access to for $6/month. There's a level of vision and technical skill here that I have not seen present in the offerings of other VPN providers.

I guess what I'm saying here is this: rather than blindly raging that your traffic is being interfered with, take the time to evaluate what exactly is being done, and why.

So one more time: how far is too far?


wpaschukat
Posts: 15
Joined: Sun Mar 22, 2015 3:25 am

Re: TrackerSmacker: philosophical considerations

Postby wpaschukat » Wed Mar 23, 2016 9:30 pm

parityboy wrote:I suppose the real crux of the question is: how far is too far?

..are suddenly up in arms..


Hi parityboy,

I'm sorry if I came across as being 'up in arms'. As said, I appreciate the ethics and the works put into cs. But you do agree that a civil discussion is not only ok, but useful and healthy? We all should refrain from rhetorics that sound like "either you're with us or against us" but keep it civil and polite :)

Tada.

User avatar

parityboy
Site Admin
Posts: 1105
Joined: Wed Feb 05, 2014 3:47 am

Re: TrackerSmacker: philosophical considerations

Postby parityboy » Thu Mar 24, 2016 6:02 am

@wpaschukat

I agree 100%, and if I sounded like "my way or the highway", that wasn't intended. :)

This is precisely the kind of topic that can easily polarize opinions. :) What is surprising though is that this thread still isn't particularly active. I would have expected more people to be venting. :D

User avatar

sysfu
Posts: 52
Joined: Mon Nov 24, 2014 10:22 am

Re: TrackerSmacker: philosophical considerations

Postby sysfu » Thu Mar 24, 2016 6:44 am

I'm not going to get too worked up about it as long as there in as option for power users to opt-out of the filtering via a checkbox on the connection widget options, or perhaps a special password in the password field for cross platform support.

Would be re-assuring if the cryptostorm team will commit to making that knob available.


username is too long

Re: TrackerSmacker: philosophical considerations

Postby username is too long » Thu Mar 24, 2016 2:30 pm

'Packet agnosticism', deeply knowledgeable admins, and a whiff of anti-establishment is why I choose to funnel all my household traffic through this service. I'm just not sure where all this fits into that first one. Now I know not all users are me (with my low-to-mediocre linux skills, and desire to struggle with how it all works), and just want to mash their stubby fingers on an 'I'm ok now' button and get on with things...but is giving them that the best way to keep them 'safe'? Is this the same people who just click yes to get warnings out of the way, and think nothing of giving apps everything? They may need it, like the one I married to...but..is it not a little close to the concept of 'security theatre' that you yourselves have railed against, in that context? Now, I know when balanced against the 'harm' that the shit being blocked is causing makes all this a bit...wanky. And fuck advertising, Bill Hicks had it spot on. But...give a man a fish and he eats only 1 day, teach him about /hosts and...erm, y'know. In my ideal world it's all education and empowerment (and smiling and skipping), not protection. Molly coddling your children does not prepare them for the real world, does it?

By the way. I don't know if I'm right.

User avatar

sysfu
Posts: 52
Joined: Mon Nov 24, 2014 10:22 am

Re: TrackerSmacker: philosophical considerations

Postby sysfu » Fri Mar 25, 2016 4:37 am

A little required reading directly related to this topic...

Software Defaults as De Facto Regulation: The Case of Wireless APs ," Rajiv Shah and Christian Sandvig, TPRC'07, September 2005,

Our results show that default settings play a powerful role in how people use technology. People are hesitant to change the manufacturer's default settings and defer to them. While this argument is well known to scholars in this area, this study found empirical evidence to quantify this effect using multiple measures from two very different sources of data (one of them very large). In our empirical study, we found that most people do not change default settings.

User avatar

hashtable
Posts: 40
Joined: Sat Mar 26, 2016 4:27 pm

Re: TrackerSmacker: philosophical considerations

Postby hashtable » Sat Mar 26, 2016 5:16 pm

I don't see any downside to this. It's the right thing to do - if someone wants access to ads or whatever shit is being blocked they just use turn cryptostorm off or use a different service. I think it's good to have this protection on by default and I don't know why anyone would want this turned off?


mart-e
Posts: 18
Joined: Thu Jul 02, 2015 5:07 pm

Re: TrackerSmacker: philosophical considerations

Postby mart-e » Mon Mar 28, 2016 12:00 pm

hashtable wrote:I don't know why anyone would want this turned off?


The main reason would be because the site I am visiting is broken. When I end up on a broken page, I now get the habit to, one by one, disable µBlock, ghostery, greasemonky, httpseverywhere,... (and last resort: blame Flash) supposing one is blocking an essential part of the crappy side I am trying to load.
Not sure I want to add CS in the list of stuffthatmaybreakawebsite.

User avatar

hashtable
Posts: 40
Joined: Sat Mar 26, 2016 4:27 pm

Re: TrackerSmacker: philosophical considerations

Postby hashtable » Tue Mar 29, 2016 12:24 am

that makes sense


turbz
Posts: 13
Joined: Sat Jun 06, 2015 5:16 pm

Re: TrackerSmacker: philosophical considerations

Postby turbz » Wed Jul 13, 2016 2:11 pm

Came here to cry and whine about the blocking, received enlightenment instead.

Though is it just me or is SourceForge on the blacklist, I can't seem to be able to access their site :/

It could be nice to land on an error page telling me Cryptostorm blocked the site if it does, so that I know how to proceed instead of landing on some generic error page which gives me no clues why something doesn't work and I need to go through all kinds of diagnostics.

User avatar

parityboy
Site Admin
Posts: 1105
Joined: Wed Feb 05, 2014 3:47 am

Re: TrackerSmacker: philosophical considerations

Postby parityboy » Sun Jul 31, 2016 7:43 pm

@turbz

SF loads fine for me, this is while also running Ghostery. NoScript and uBlock Origin in the browser. Which exit were you using?


Return to “DeepDNS.net - cryptostorm's no-compromise DNS resolver framework”

Who is online

Users browsing this forum: No registered users and 1 guest

cron

Login