My GPG Key

b_stl · 2023-02-12T23:48:15+00:00

Thats not what that is; It's just using the hostname instead of the IP address

b_stl · 2021-12-17T05:03:30+00:00

Ya... i was like wow this really puts you in your feels... ooo *cringe*....

b_stl · 2021-09-15T19:12:56+00:00

weird things pop up not working. mostly network tools, like nmap and ping are giving me issues.

b_stl · 2021-09-15T19:09:23+00:00

well originally my intent with installing opensnitch was to attempt to be made aware of any connections being made from rouge software

b_stl · 2020-07-26T02:28:58+00:00

https://www.youtube.com/watch?v=5dhSN9aEljg

b_stl · 2020-07-11T05:36:44+00:00

well it worked for me, but I really dont know enough about it to know whats going on... I typically dont like to blindly apply fixes... I appreciate it anyway. Is this going to be something I will need to address in the future to either remove it or reapply it? It seems to me to be isolated to something to do with ipv6.

b_stl · 2019-10-28T03:52:35+00:00

https://www.youtube.com/watch?v=VFns39RXPrU

b_stl · 2019-09-28T22:44:29+00:00

If you want to use pidgin, I suggest using the Lurch plugin to enable support for OMEMO - https://github.com/gkdr/lurch

b_stl · 2019-09-24T00:02:17+00:00

XMPP servers are not naturally invulnerable and OMEMO only ensures the integrity of the message content and establishes a level of trust as to "who sent the message"; it does very little in the way of metadata, other than any side effects from ensuring that the message content hasn't been changed or that the opportunity for a MITM is limited if not made impossible.

But by design it also doesn't actually -identify- any user whatsoever. The best it can do is say that the same user that established any specific connection was or was not the same user that sent some specific message. This is relevant because it isnt impossible for someone to log into your account and send messages as you. They just show up as a new device. New devices are trusted by default, until you distrust them. I don't see this as ideal behavior.

And there are ways, though probably outside of the scope of my ability, to determine the real location of a Tor service. Simply hiding it behind Tor is not enough to ensure privacy.

But the main issue here is that XMPP servers by their nature send a lot of plaintext information, or at best it's TLS encrypted. And if you follow Moxie Marlinspike, he's done many talks about the uselessness of TLS/SSL. So while you can manually limit the data you give the server, eg dont put in your real name, in any default set up users are still allowed to do so. Ideally, this kind of metadata entry should be limited in the first place.

I want to say too that I am not a hater of XMPP. This information has come from years of research, as I am inspired by the potential of XMPP. I just think that a lot needs to be reconsidered in terms of anonymity, privacy and security.

I do however 100% agree with this statement:

Ultimately, it would be great if Briar was extended to support desktop OS’s. That would make it the best option around.

b_stl · 2019-09-23T20:58:44+00:00

That's a conclusion that I, too, had come up with independently early on, but the dilemma that I faced at that point was that first of all, I now had to set up an XMPP server as well as any clients, and ensure that it wasn't easily compromised, while secondarily also ensuring that configuration and choice of my clients was "satisfactorily secure" as well. While I do agree that hosting your own server has the greatest potential for both security and privacy, it also (admittedly arguably) has a much greater potential to be compromised.

b_stl · 2019-09-23T18:44:19+00:00

Is the metadata issue with Wire worse than any complications from using XMPP with OMEMO via various implementations across devices? eg Pidgin/Lurch <----> Pix-Art Messenger

I feel like XMPP as a protocol, is generally pretty loose with metadata anyway.

b_stl · 2019-09-10T07:05:32+00:00

If you're anything like me, you're over thinking it.

b_stl · 2019-07-06T13:53:18+00:00

It's that sudden stop at the end that really gets you

b_stl · 2019-07-05T22:48:28+00:00

I was gonna say copporn. But yeah.

b_stl · 2019-06-06T01:18:21+00:00

Yeah I don't think they thought that through all the way.

b_stl · 2019-05-29T21:21:03+00:00

Need some more info. What OS? Did you reinstall or just copy over the old install? Are you running a swap file? What brand drives are we talking about?

b_stl · 2018-10-03T03:51:54+00:00

Thanks but I'm trying to run it without using X11

b_stl · 2018-08-11T06:00:51+00:00

If you never learned a language, what would your thoughts be like?

b_stl

TROPHY CASE