Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)M

MigratingtoLemmy

@ MigratingtoLemmy @lemmy.world

Posts
76
Comments
1603
Joined
2 yr. ago

  • Cloud storage/backup

    Jump

  • That's exactly what I do

  • What is the hardest video game(s) in your opinion, why, and what other games are you comparing against to make this conclusion?

    Jump

  • Dark souls, Bloodborne

  • Tor says it’s "still safe" amid reports of police deanonymizing users

    Jump

  • That is indeed a disadvantage of PGP. Unfortunately, it is the most portable method of encryption text at rest at the moment. The moment somebody manages to figure out a way to use the Diffie-Hellman algorithm in a portable manner, I'm sure a lot of people will consider that a viable alternative. Till then, learn about disk encryption to keep your keys safe

  • Tor says it’s "still safe" amid reports of police deanonymizing users

    Jump

  • I2p states on there website that it has potentially serious weaknesses.

    The only relevant pages I found are I2P's threat model and the comparison between I2P and TOR:

    Please cite your sources so everyone can understand the reasoning for your claims of I2P being weaker than TOR.

    Oh, and A LOT of the attacks mentioned in the page on threat models is/was possible on TOR. The I2P project follows TOR carefully and implements some of their features/mitigations too.

    If we're talking specifically about brute-force DDOS, BOTH TOR and I2P faced these issues. The good thing about I2P is that it is more decentralized than TOR which can sometimes make it easier to mitigate.

    Your points about I2P's directory (not sure what you mean by DNS here) can be lumped together with your complaints about usability. This DOES NOT make TOR inherently more private, secure and anonymous than I2P, it just means that somebody on Windows can download the TBB and start browsing (in albeit a not-very-secure way). Unless you missed the news, I2P now has a slick Windows installer so people don't have to fiddle too much with it.

    You're going to have to give me evidence for me to believe that using I2P makes a substantial dent in your available bandwidth. Yes you're a router in the network but it doesn't mean that you're passing through traffic at GB/s speeds.

    i2p is somehow a replacement for Tor

    I never said that. Again, I'm not comparing I2P and TOR based on their usability (which has changed in the recent years), I'm comparing them in terms of anonymity on the wider internet when browsing using either protocol. Both TOR and I2P are great projects, the problem is that TOR is significantly more centralized.

    However, if you are in a critical situation use Tor not i2p as today it is the best for bypassing censorship while still trying to stay safe.

    Cite your sources for this. This is mere conjecture unless you have proof of metadata leakage on I2P but not on TOR/actual people getting caught using I2P but being safe on TOR. I'm sure the I2P Devs would be very interested too. If you're in restrictive regimes like Iran and China where TOR/I2P traffic is flagged - use a bridge or a VPN disguised as HTTPS traffic and hope for the best (it's a perpetual cat and mouse game).

    Again, please cite your sources when making claims about technical shortcomings of I2P

  • Tor says it’s "still safe" amid reports of police deanonymizing users

    Jump

  • Shared key???? PGP works on a public-private key-pair, and unless you're giving out your private key, it's not shared with anyone. This is blatant misinformation

  • Tor says it’s "still safe" amid reports of police deanonymizing users

    Jump

  • And using these apps is not always an option. I like simplex, but sometimes email is one of the only options. PGP can be used agnostic of the technology used for transmission, and that's exactly what we need to keep more people private instead of forcing them into a few select applications. If Diffie-Helman can't be used in a transport-agnostic fashion then I do not see much progress in this direction.

  • Tor says it’s "still safe" amid reports of police deanonymizing users

    Jump

  • OpenVPN -> I2P.

    I2P has been around for 20 years, it is plenty battle-tested. I do not see why you're wanting to put down I2P in favor of TOR, I still do not see how I2P is in anyway inferior in its privacy (and for the most part, anonymity) features compared to TOR. The OpenVPN addition solves your need for something akin to snowflake/TOR bridges. It is not what I2P was meant for but there's a way if you want to use it.

    If your complaint is about I2P needing some configuration and time to use properly; that's a trade-off the end-user needs to decide. This doesn't have any effect on its features regarding anonymity in the I2P network. Please give me technical reasons why you think TOR can preserve your anonymity better on the TOR network than I2P can do so on its network (I have arguments in favor of I2P that I would like TOR to implement but I don't think they can)

  • What's a handy terminal command you use often?

    Jump

  • I've been using vi (just the basics) for ~4 years, I don't think I could be arsed to pick up the keybindings the other way around lol. I've heard very good things about Helix, of course

  • Tor says it’s "still safe" amid reports of police deanonymizing users

    Jump

  • This is a good read. I think it's a good solution if it can be implemented properly. Are there applications you know of that allow you to personally (manually) encrypt text and communicate with another person like GPG does?

  • Tor says it’s "still safe" amid reports of police deanonymizing users

    Jump

  • Use OpenVPN configured to look like HTTPS if you really need it. I2P is meant to be its own network, not a gateway to the clearnet. I still do not see how it has less measures in place for privacy and anonymity.

  • What's a handy terminal command you use often?

    Jump

  • Helix?

  • Tor says it’s "still safe" amid reports of police deanonymizing users

    Jump

  • TOR is obvious too to someone snooping on your network, unless you're using bridges (and that's hit or miss). If you don't want someone to know you're using I2P, use OpenVPN and mask your traffic as HTTPS.

    You're going to have to explain better about "I2P not masking your traffic" and especially about "someone identifying you" - timing attacks are possible in both cases and the I2P Devs have mitigations against it. Please provide sources which define how I2P is weaker and more susceptible to TOR against network forensics

  • Tor says it’s "still safe" amid reports of police deanonymizing users

    Jump

  • Please mention the "advanced features" it lacks compared to TOR. I have read the FAQ

  • Tor says it’s "still safe" amid reports of police deanonymizing users

    Jump

  • I don't think I understand what you're implying. Are you arguing that PGP implements less secure operations because it doesn't have perfect forward secrecy? As far as I know there's not much out there in terms of encryption schemes for data at rest which includes PFS. Even AGE didn't have it last time I checked. If you know about something that does provide PFS for data at rest, let me know

  • Tor says it’s "still safe" amid reports of police deanonymizing users

    Jump

  • PGP is the protocol, GPG is the implementation. People tend to use GPG because it is FOSS.

  • Linus Torvalds muses about maintainer gray hairs and the next 'King of Linux'

    Jump

  • I would like for these people to never retire but we must all accept change as they come from father time

  • Tor says it’s "still safe" amid reports of police deanonymizing users

    Jump

  • Possiblylinux127 seemed like he had founds faults in PGP's encryption which got me interested

  • Tor says it’s "still safe" amid reports of police deanonymizing users

    Jump

  • Confirmed the troll.

    From the FAQ:

    Before you use I2P, use Basic Computer Hygiene Always! Apply your OS vendor provided software updates in a prompt manner. Be aware of the state of your firewall and anti-virus status if you use one. Always get your software from authentic sources.

    It may be dangerous to use I2P in what the project calls "Strict Countries"

    Most I2P peers are not in those strict countries and the ones that are, are placed in "Hidden Mode" where they interact with the rest of the network in more limited ways, so that they are less visible to network observers.

    Unlike Tor, "exit nodes" - or "outproxies" as they are referred to on the I2P network - are not an inherent part of the network. Only volunteers who specifically set up and run separate applications will relay traffic to the regular Internet. There are very, very few of these.

    There is an outproxy guide available on our forums, if you would like to learn more about running an outproxy.

    If you are hosting something sensitive, then your services will go down at the same time that your router goes down. Someone who observes your downtime and correlates it to real-world events could probably de-anonymize you with enough effort.

    I2P has defenses available against this like multihoming or Tahoe-LAFS

    I2P does not encrypt the Internet, neither does Tor - for example, through Transport Layer Security (TLS). I2P and Tor both aim to transport your traffic as-is securely and anonymously over the corresponding network, to its destination.

    In addition, you may be vulnerable to collusion between the outproxy operator and operators of other I2P services, if you use the same tunnels ("shared clients").

    In theory, if you're accessing the clearnet, then it is no better or worse than TOR. It is a little better if you're stay in I2P land.

    Don't listen to me or him. If you're reading this, go to the FAQ (https://geti2p.net/en/faq) and make your own decisions.

  • Tor says it’s "still safe" amid reports of police deanonymizing users

    Jump

  • Really? Care to explain?

  • Selfhosted @lemmy.world
    MigratingtoLemmy @lemmy.world

    Let's talk about free/FOSS routing platforms for the homelab

  • Selfhosted @lemmy.world
    MigratingtoLemmy @lemmy.world

    Anybody here running AD on-prem in your homelab?

  • Selfhosted @lemmy.world
    MigratingtoLemmy @lemmy.world

    What are the most paranoid network/OS security measures you've implemented in your homelab?

  • Privacy @lemmy.ml
    MigratingtoLemmy @lemmy.world

    What is the community's opinion on Session and Session Automated Software?

  • Selfhosted @lemmy.world
    MigratingtoLemmy @lemmy.world

    Encrypted fileshares in the local network?

  • Privacy @lemmy.ml
    MigratingtoLemmy @lemmy.world

    The recent problem of maintaining privacy on the Internet (includes Networking)

  • Selfhosted @lemmy.world
    MigratingtoLemmy @lemmy.world

    Do the Lenovo P500/P510 support TFX PSUs?

  • Selfhosted @lemmy.world
    MigratingtoLemmy @lemmy.world

    Follow-up question to mounting encrypted drives

  • Linux @lemmy.ml
    MigratingtoLemmy @lemmy.world

    How many of you run a Linux phone (Pine64, Librem etc) as your daily driver?

  • Selfhosted @lemmy.world
    MigratingtoLemmy @lemmy.world

    What do you use to manage secrets in your network?

  • Selfhosted @lemmy.world
    MigratingtoLemmy @lemmy.world

    Are PrimeBuy and Insight.com trusted for server parts (and any ATX PSUs with the fan at the back)?

  • Selfhosted @lemmy.world
    MigratingtoLemmy @lemmy.world

    Do you run a private CA? Could you tell me about your certificate setup if you do?

  • Privacy @lemmy.ml
    MigratingtoLemmy @lemmy.world

    Any automated method to check for basic OPSEC mistakes whilst posting content online?

  • Selfhosted @lemmy.world
    MigratingtoLemmy @lemmy.world

    Does anybody here use Terraform with SolusVM?

  • Selfhosted @lemmy.world
    MigratingtoLemmy @lemmy.world

    Review of LessPass?

  • Privacy @lemmy.ml
    MigratingtoLemmy @lemmy.world

    My idea of maintaining E2EE between people in the age of the UK's and EU's anti-privacy laws

  • Selfhosted @lemmy.world
    MigratingtoLemmy @lemmy.world

    Questions on backing up to S3 Glacier Deep Archive.

  • Selfhosted @lemmy.world
    MigratingtoLemmy @lemmy.world

    Security considerations of WiFi vs Zigbee for self-hosted IoT

  • Selfhosted @lemmy.world
    MigratingtoLemmy @lemmy.world

    Wait, the ZimaCube has a private GPT implementation?

  • Selfhosted @lemmy.world
    MigratingtoLemmy @lemmy.world

    Question on SSL traffic between podman containers and clients (should I run k3s?)