Tento web používá soubory cookie. Dalším používáním webu s tímto souhlasíte.
jméno
heslo
přihlásit
zaregistrujte se
zapomněli jste heslo?
Anonymita na internetu :: TOR - FREENET - FREEPROXY - ...
LITTLEBOY

[https://keybase.io/images/blog/series_a/pgp_xkcd.png]

Temata


  • novinky ze sveta #security #privacy obecne, nejen #tor #pgp ale taky app pro telefony, sifrovani disku [#truecrypt, #luks/#dm], bezpecne #backupy
  • ocenovany jsou navody a howto pro ruzne novacky, pokud mate, dejte vedet, dame i na home
  • aktualni admin: Overdrive, takze pokud neco, klidne piste do posty
  • PROSBA: pokud linkujete, vzdy napiste co to vlastne linkujete, ne, ze by jeden neveril neznamemu linku, ale je to tak prehlednejsi

  • Spratelene kluby: [ PGP, SSL & Co. ] -- [ Technoparanoia (Facebook, Google latitude a další) + NSA + účinné postupy při obraně soukromí ] -- [ Cyber.Punk: cyberpunk is not dead! cyberpunk is NOW! : SubHuman, PostHuman, TransHuman, InHuman ]
    Know & Howto: [ Pretty Good Privacy - Wikipedia ]
    Máte k tomu co říct? Vložte se do diskuze.
    LIBORO --- 23:30:33 9.6.2014
    jakou nahradu za truecrypt byste doporucili?
    ZAPPO --- 21:02:28 9.6.2014
    OVERDRIVE: Tam je hlavní rozdíl, z hlediska vyšetřování, jestli uděláš jednorázovou velkou ránu nebo jedeš opakovaný akce - ty umožňujou vysledovat vzorec a výrazně zvyšujou šanci na tvoji identifikaci. Takže si nemyslím, že to prohráli jen na skillu (byť souhlas, že se státníma možnostma se těžko konkuruje), ale i na tomhle faktoru
    OVERDRIVE --- 17:06:08 9.6.2014
    “It’s extremely hard to … interact with people closely and have to hide yourself,” says Gabriella Coleman, a McGill University anthropologist who is one of the leading experts on Anonymous and whose book Hacker, Hoaxer, Whistleblower, Spy: The Story of Anonymous publishes later this year.

    Is Anonymous Dead, or Just Preparing to Rise Again? | Threat Level | WIRED
    http://www.wired.com/2014/06/anonymous-sabu

    tohle je pro me zasadni konstatovani, samozrejma ta holka ma pravdu. mmchodem cet jsem nejake drafty te knizky a docela dost rozkryvacek a vysetrovacek anonymous a krom toho, ze to fakt byla banda idealistickejch decek, coz jako konecne budou hackeri na rustovem hormonu a s geek mind vzdycky... kazdopadne to vysetrovani bylo dost sofistikovane a zaroven je problem, ze proste hackeri na to nemeli, proti profikum, ktery se da zaplatit o nekolik vrstev vejs nebo niz na sitove i analyticke bazi... podle me je tahani velych hracu s hromadou penez proste nedatelne, jako kradez milionu .... hodne ti muze projit, ale nakonec te sestreli, protoze pokud nehrajes na urovni "nevysetruje se" proste neprecislis penize a lepsi znalosti profiku za prachy...
    dobry ale bylo, jak se tech deti celej it svet bal, aspon podle medii...
    OVERDRIVE --- 15:14:35 9.6.2014
    Blog | Access
    https://www.accessnow.org/...2014/06/04/the-impact-of-forced-data-localisation-on-fundamental-rights

    tohle je zajimave, nejak jsem nezaznamenal nejake tlaceni na to, ze data musi zustat v zemi, kde funguje ten, kdo s nimi naklada, zas je to VELMI sirkone, a hrozne nesmyslne, protoze k tomu neni zadny technicky duvod, ba naopak, ale kazdopadne je to VELMI neprijemne a to nejen pro ty, kdo prechovavaji destkou pornografii v Africe.
    Tyhle legalni sracky se dost vazne meni v sracky... kdyz si predstavim, ze delam ve firme, ktera dela nadstavbu nad contentem po celem svete a zakaznik se semnou odmitne bavit, protoze ja zpracovavam data, ktera ale on nebude moct mit u sebe, kvuli tomu, ze ja jsem z jakesi pochybne CR.... to je banda idiotu ti pravnici, to snad neni mozny
    OVERDRIVE --- 15:09:44 9.6.2014
    Google in quandary over how to uphold EU privacy ruling| Reuters
    http://www.reuters.com/article/2014/05/30/us-google-eu-quandary-idUSKBN0EA1ZT20140530

    presne co jsem cekal, ze proste neexistuje rozumna pravni norma a bezna praxe pro to, aby se nekdo moh nechat odnekud vymazat.
    to co rozhod EU soud je proste prilis siroka blbost, ktera prenasi zodpovednost soudu na google nebo kohokoliv postizeneho. jak je mozny rozhodnout, jestli ten jedinec ma na vymaz pravo a jestli je nejaka hloubka vymazu uz dost a co se stane, pokud se to nekdo pokusi obejit...
    to je typicky blbe navrzena situace ustici v DDOS utok na vsech moznych rovinach.

    mili zakonodarci a soudci, spatne. co tak treba chvili fungovat na internetech a precist si neco o cloudech, botech, web crawlerech a malvolentnich jedincich ;]
    OVERDRIVE --- 14:51:06 9.6.2014
    sorr za formatovani, je to copy and paste emailu, jsou tam i nejaka zajimava klicova slova imho
    OVERDRIVE --- 14:50:42 9.6.2014
    http://www.nytimes.com/...ction=Fashion%20%26%20Style®ion=FixedCenter&action=click&pgtype=article

    MOUNTAIN VIEW, Calif. — Just down the road from Google’s main campus here, engineers for the company are accelerating what has become the newest arms race in modern technology: They are making it far more difficult — and far more expensive — for the National Security Agency and the intelligence arms of other governments around the world to pierce their systems.
    As fast as it can, Google is sealing up cracks in its systems that Edward J. Snowden revealed the N.S.A. had brilliantly exploited. It is encrypting more data as it moves among its servers and helping customers encode their own emails. Facebook, Microsoft and Yahoo are taking similar steps.
    After years of cooperating with the government, the immediate goal now is to thwart Washington — as well as Beijing and Moscow. The strategy is also intended to preserve business overseas in places like Brazil and Germany that have threatened to entrust data only to local providers.
    Google, for example, is laying its own fiber optic cable under the world’s oceans, a project that began as an effort to cut costs and extend its influence, but now has an added purpose: to assure that the company will have more control over the movement of its customer data.
    But governments are fighting back, harder than ever. The cellphone giant Vodafone reported on Friday that a “small number” of governments around the world have demanded the ability to tap directly into its communication networks, a level of surveillance that elicited outrage from privacy advocates.A year after Mr. Snowden’s revelations, the era of quiet cooperation is over. Telecommunications companies say they are denying requests to volunteer data not covered by existing law. A.T.&T., Verizon and others say that compared with a year ago, they are far more reluctant to cooperate with the United States government in “gray areas” where there is no explicit requirement for a legal warrant.
    Vodafone refused to name the nations on Friday for fear of putting its business and employees at risk there. But in an accounting of the number of legal demands for information that it receives from 14 companies, it noted that some countries did not issue warrants to obtain phone, email or web-searching traffic, because “the relevant agencies and authorities already have permanent access to customer communications via their own direct link.”
    The company also said it had to acquiesce to some governments’ requests for data to comply with national laws. Otherwise, it said, it faced losing its license to operate in certain countries.
    Eric Grosse, Google’s security chief, suggested in an interview that the N.S.A.’s own behavior invited the new arms race.
    “I am willing to help on the purely defensive side of things,” he said, referring to Washington’s efforts to enlist Silicon Valley in cybersecurity efforts. “But signals intercept is totally off the table,” he said, referring to national intelligence gathering.
    “No hard feelings, but my job is to make their job hard,” he added.
    In Washington, officials acknowledge that covert programs are now far harder to execute because American technology companies, fearful of losing international business, are hardening their networks and saying no to requests for the kind of help they once quietly provided.
    Robert S. Litt, the general counsel of the Office of the Director of National Intelligence, which oversees all 17 American spy agencies, said on Wednesday that it was “an unquestionable loss for our nation that companies are losing the willingness to cooperate legally and voluntarily” with American spy agencies.
    “Just as there are technological gaps, there are legal gaps,” he said, speaking at the Wilson Center in Washington, “that leave a lot of gray area” governing what companies could turn over.
    In the past, he said, “we have been very successful” in getting that data. But he acknowledged that for now, those days are over, and he predicted that “sooner or later there will be some intelligence failure and people will wonder why the intelligence agencies were not able to protect the nation.”
    Companies respond that if that happens, it is the government’s own fault and that intelligence agencies, in their quest for broad data collection, have undermined web security for all.
    Many point to an episode in 2012, when Russian security researchers uncovered a state espionage tool, Flame, on Iranian computers. Flame, like the Stuxnet worm, is believed to have been produced at least in part by American intelligence agencies. It was created by exploiting a previously unknown flaw in Microsoft’s operating systems. Companies argue that others could have later taken advantage of this defect.
    Worried that such an episode undercuts confidence in its wares, Microsoft is now fully encrypting all its products, including Hotmail and Outlook.com, by the end of this year with 2,048-bit encryption, a stronger protection that would take a government far longer to crack. The software is protected by encryption both when it is in data centers and when data is being sent over the Internet, said Bradford L. Smith, the company’s general counsel.
    Mr. Smith also said the company was setting up “transparency centers” abroad so that technical experts of foreign governments could come in and inspect Microsoft’s proprietary source code. That will allow foreign governments to check to make sure there are no “back doors” that would permit snooping by United States intelligence agencies. The first such center is being set up in Brussels.
    Microsoft has also pushed back harder in court. In a Seattle case, the government issued a “national security letter” to compel Microsoft to turn over data about a customer, along with a gag order to prevent Microsoft from telling the customer it had been compelled to provide its communications to government officials. Microsoft challenged the gag order as violating the First Amendment. The government backed down.
    Hardware firms like Cisco, which makes routers and switches, have found their products a frequent subject of Mr. Snowden’s disclosures, and theirbusiness has declined steadily in countries like Asia, Brazil and Europe over the last year. The company is still struggling to convince foreign customers that their networks are safe from hackers — and free of “back doors” installed by the N.S.A. The frustration, companies here say, is that it is nearly impossible to prove that their systems are N.S.A.-proof.

    In one slide from the disclosures, N.S.A. analysts pointed to a sweet spot inside Google’s data centers, where they could catch traffic in unencrypted form. Next to a quickly drawn smiley face, an N.S.A. analyst, referring to an acronym for a common layer of protection, had noted, “SSL added and removed here!”Most American companies said they never knowingly let the N.S.A. weaken their systems, or install back doors. But Mr. Snowden’s documents showed how the agency found a way.


    Google was already suspicious that its internal traffic could be read, and had started a program to encrypt the links among its internal data centers, “the last chink in our armor,” Mr. Grosse said. But the slide gave the company proof that it was a regular target of the N.S.A. “It was useful to have proof, in terms of accelerating a project already underway,” he said.
    Facebook and Yahoo have also been encrypting traffic among their internal servers. And Facebook, Google and Microsoft have been moving to more strongly encrypt consumer traffic with so-called Perfect Forward Secrecy, specifically devised to make it more labor intensive for the N.S.A. or anyone to read stored encrypted communications.
    One of the biggest indirect consequences from the Snowden revelations, technology executives say, has been the surge in demands from foreign governments that saw what kind of access to user information the N.S.A. received — voluntarily or surreptitiously. Now they want the same.
    At Facebook, Joe Sullivan, the company’s chief security officer, said it had been fending off those demands and heightened expectations.
    Until last year, technology companies were forbidden from acknowledging demands from the United States government under the Foreign Intelligence Surveillance Act. But in January, Google, Facebook, Yahoo and Microsoft brokered a deal with the Obama administration to disclose the number of such orders they receive in increments of 1,000.
    As part of the agreement, the companies agreed to dismiss their lawsuits before the Foreign Intelligence Surveillance Court
    “WE’RE NOT RUNNING AND HIDING,” MR. SULLIVAN SAID. “WE THINK IT SHOULD BE A TRANSPARENT PROCESS SO THAT PEOPLE CAN JUDGE THE APPROPRIATE WAYS TO HANDLE THESE KINDS OF THINGS.”
    The latest move in the war between intelligence agencies and technology companies arrived this week, in the form of a new Google encryption tool. The company released a user-friendly, email encryption method to replace the clunky and often mistake-prone encryption schemes the N.S.A. has readily exploited.
    But the best part of the tool was buried in Google’s code, which included a jab at the N.S.A.’s smiley-face slide. The code included the phrase: “ssl-added-and-removed-here-; - )”
    OVERDRIVE --- 14:50:36 9.6.2014
    ???: dekuju, dobre info
    ??? --- 19:22:06 6.6.2014
    OVERDRIVE: tak pouziva vysledky googlu, vratane nastavenia jazyka, krajiny etc. Bez nastavenia dostanes v podstate vysledky anglickeho googlu
    od rovnakej firmy existuje este metavyhladavac
    Ixquick Search Engine
    https://ixquick.com/
    OVERDRIVE --- 16:43:34 6.6.2014
    dalsi vyhledavac, konkurence DuckDuckGo, a mam dojem, ze treba na Ceskem webu funguje lepe nez DDgg.com

    Startpage Search Engine
    https://startpage.com/eng/

    kdyztak zkuste a reknete co si o nem myslite