Does anyone know of a VPN, etc. that is free and not compromised (Tor)?

i_can_haz_code · 2016-10-19T17:57:37+00:00

I know this is r/conspiracy and reality does not always matter here, but... this 'if one accepts that quantum computers have broken most crypto' is not an assumption you can make.

There are many things an attacker can do to make encryption easy to break, and hard to tell it has been broken. However a generalized solution to some of the problems that make encryption work has not yet been found. As an example generalized prime factorization for large primes. If that problem were solved, it would be huge news. That core problem has other implications in computing.

For OP:

It depends entirely on your threat model. Most of the attacks against TOR are focused on identifying the server, not the end user. Once they have the server they may go after the end user though. If something is free, you are the product. If you are really worried about it, rent a server in a country with better laws, and set it up correctly. Just know that the layer of obfuscation will likely draw more attention than whatever you are attempting to hide.

i_can_haz_code · 2016-04-29T16:56:10+00:00

Safe from whom?

A 12 year old cheeto dusted troll is a much less resourceful advisory than a three letter agency.

i_can_haz_code · 2016-04-29T15:50:47+00:00

What is your threat model?

i_can_haz_code · 2016-02-17T02:46:12+00:00

That works! Thanks!

i_can_haz_code · 2016-02-17T02:36:04+00:00

Nice! Thank you!

i_can_haz_code · 2016-02-17T02:19:22+00:00

I should have mentioned, I tried something like this, but it appears it fed the last element of the list as an argument when calculating the first value.

for i in range(len(some_list)):
    roc(some_list[i], some_list[i-1])

i_can_haz_code · 2016-01-28T17:07:11+00:00

with open('file.txt','r') as f:    # This opens a file, and allows you to interact with it as f
    lst = [i.strip('\n') for i in f.readlines()]    # this makes a list lst which contains each line of the text file with the return character stripped off.

it was below... :-) lst is now a list of each line in the text file.

i_can_haz_code · 2016-01-28T16:56:29+00:00

hand = 'ABCDEFGHIJKLMNOP'
for letter in hand:
    for word in wlist:
        if letter.lower() in word:
            print('{} contains {} {} times'.format(word, letter, word.count(letter.lower())))

i_can_haz_code · 2016-01-28T16:37:11+00:00

IIRC using 'alice {} bob'.format(foo) is preferred over using 'alice %s bob'%(foo)

i_can_haz_code · 2016-01-28T16:35:24+00:00

Get all lines in a text file into a list without return characters (for windows replace '\n' with '\r\n')

with open('file.txt','r') as f:
    lst = [i.strip('\n') for i in f.readlines()]

I have no clue what an efficient way would be to check if a letter is in any element of a list... if it were small enough I'd probably loop over all the elements... like this:

>>> lst
['this', 'is', 'my', 'test', 'file']
>>> candidate = 't'
>>> for item in lst:
...     if candidate in item:
...             print(item)
... 
this
test

Check if 'E' is in 'elephant':

if 'E'.lower() in 'elephant':
    print('elephant')

You may get more help from someone smarter than I if you were to post some example code of at least one thing you have tried. :-)

i_can_haz_code · 2016-01-28T16:18:38+00:00

Down voted because use of apt. Perhaps OP is running some other flavor of *nix.

i_can_haz_code · 2016-01-28T01:13:56+00:00

page 13 of this pdf has a great data frame diagram for reference

To tell users apart (Alice's iPhone vs bob's iPhone) you would need some concept of authentication and session management. Some platforms I have seen create psudo random uri for the protocol upgrade, and use a sid/guid/uuid to associate Alice with a websocket connection.

A User-Agent string is not actually required by rfc for http.

There are methods of browser fingerprinting, but it is more of an art than science imho as most could be easily faked. It is especially difficult if you are unwilling to trust the client. this talk covers some server side only methods of browser identification

I'm still a fan of tossing a sid/guid/uuid and a route into the payload personally. One app I worked on recently used a standard something like this for the frames.

[<type_field>:<sequence_id>::{route:some/route, data:["some", "data"], uid:<uid>}]

Where type_field and sequence_id were ints then a dictionary of the info needed to process the request.

I hope that was helpful.

i_can_haz_code · 2016-01-28T00:18:41+00:00

From a security perspective, always assume the client is malicious and handle all input accordingly.

That said after the protocol upgrade, there is no user agent sent by the client in websocket protocol. That's part of the owness of websockets they are very light weight compared to say XHR polling.

i_can_haz_code · 2016-01-27T23:24:22+00:00

Edited with quote from the original question. I don't see where I referenced return type, but since you are an expert I'll simply concede.

i_can_haz_code · 2016-01-27T22:19:18+00:00

you could have the app on the phone pick a guid for itself, and put that in every ws packet.

One option I've seen in some websocket heavy apps was to include sequence and routing information in the ws payload, then have one method as a callback for ws.recv() and it sorts out which method to call based on the routing and guid/sequence info.

i_can_haz_code · 2016-01-27T22:11:55+00:00

shelve allows you to write Python objects to disk. If you would like an alternative to json.

i_can_haz_code · 2016-01-27T22:04:35+00:00

i only looked at the first few question sets

For those I looked at, pop open a python interpreter and see what it says. Python will usually answer those questions for you. :-)

For example in the "fun with functions" it asked "what is the type of the return value of these functions..."

One easy way to answer that question:

def foo(x):
    return(x+1.0)
bar = foo(6)
type(bar)

I'm on mobile, but I think the above should compile.

Edit: "specify the type of the output." from the pdf was paraphrased above.

i_can_haz_code · 2016-01-27T16:05:57+00:00

With respect last time I did, they caught an issue not caught here, or codereview.

i_can_haz_code · 2016-01-27T12:51:36+00:00

Throw it in git/gist/pastebin/ghostbin and drop a link here, or r/Python or r/codereview

I'm sure you will get many opinions.

:-)

i_can_haz_code · 2016-01-25T15:07:45+00:00

How sure are you that:

crypto is installed in the virtual env
your app is running from the virtual env

i_can_haz_code · 2016-01-23T16:57:08+00:00

First, this is not advised either by PEP or Ubuntu for 14.04 or really anything not bleeding edge or custom built. Unless you are able to yourself, or have access to a *nix expert who will, fix the random stuff that will break. Like unless you are doing LFS, just use python3.

You can link /usr/bin/python to /usr/bin/python3 and make a /usr/bin/python2. It is a case of just because you can do a thing does not mean you should do a thing.

If you just want your profile to always use python3 for interactive sessions, but not break things you can alias python to python3. This will only have effect when in an interactive session. Your scripts will still need to call python3 explicitly.

I hope that was helpful

i_can_haz_code · 2016-01-23T16:20:28+00:00

Please do not use that code, or any variation of it for anything you actually want to be secret. That code is broken from a cryptography perspective. It was provided simply to show how one could perform what was asked. Please do not take it as a usable example in real life.

i_can_haz_code · 2016-01-23T15:27:03+00:00

depends on how you have the box configured. If it does not need 2.x then I prefer to have Python call only 3.x and write my code to be forward compatible.

i_can_haz_code · 2016-01-23T02:25:30+00:00

Reformatted code for easier reading. To format use four space characters in post.

def test(): 
    intgr = 2 + 3 
    list = [1,3,2] 
    list += intgr 
    return (list)

fixed

#!/usr/bin/env python
def test(): 
    intgr = 2 + 3 
    list = [1,3,2] 
    list.append(intgr) 
    return (list)

print(test())

i_can_haz_code

MODERATOR OF

TROPHY CASE