image_2021-03-11_19-49-12.png
383.8 KB
freedomcells.org isn't blocked in China! I wonder how we can invite more people from PRC.
Another late night of researching & writing. I've almost finished with this article but I am not satisfied with the solution section. I'd like more time to test the solutions myself and relay the instructions back to y'all. I'll postpone Pt. II of this article until tomorrow then.
Cheers :)
Cheers :)
Wanting to get some feedback on article format, what type of article are you most likely to READ & SHARE?
Anonymous Poll
54%
Shorter section of article under 300 words
16%
Headlines / short teasers with pictures
30%
Long-form articles spanning multiple long messages with links
Are We On The Brink Of An Internet Apocalypse: Part 2
@neo_network
πβοΈπ€―
What originally was a two part article has turned into a three part article. I've taken feedback from readers and decided to break these articles up into more manageable chunks, i.e: daily posts that are actually digestible.
Another change I'd like to make, is rather than just providing information around the subject of research, I'd also like to provide step by step walk-throughs that can be used to protect yourself. So although content will take longer to get out, it'll be more valuable to us.
The solution part of this series will be in part 3 - so stay tuned. :)
In the first part of this series, we explore how western powers conduct domain seizures to protect the world from dastardly counterfeiters. Ironically enough, the leading counterfeiters reside in the People's Republic of China, which maintains one of the largest & most sophisticated censorship networks in the world.
We lovingly refer to this system as the Great Firewall of China. It was born of the Golden Shield project in 1996, only a few years after the internet was introduced to China. The intention for this firewall was to allow China to benefit from internet commerce while still maintaining the integrity of the state, disallowing any information that might harm the PRC constitution or promote social disorder. After 24 years, the wall stretched to surround everyone who uses the internet in China, which is a few hairs away from one billion people, or one-fifth of everyone using the internet today.
It has been challenging to understand how the firewall treats each individual request, mainly because of the arsenal of strategies the firewall uses, but researchers have uncovered a good amount of information on how it works.
Just like an actual wall, all communication in and out of mainland China is directed through traffic exchange points and then analyzed by the nodes of the great firewall. In this analysis phase, the firewall performs passive & active analysis.
Back when most web traffic was unencrypted, it was easy for the firewall to read the HTTP request header hosts and methods, for instance:
Host: www.youtube.com
GET /
Using a massive dictionary of keywords that listed banned sites, domains and keywords the firewall could tell when someone broke the rules. As HTTPS grew in popularity, this became harder. Yet, because a Server Name Indication (SNI) field is always sent first to declare a destination host for the TLS handshake, it could still be used to drop connections.
The advent of ESNI & ECH (Encrypted Client Hello) in an extension to the latest version of the TLS standard allows this first message to be encrypted so that the handshake process cannot be understood by anyone in between. The requesting computer must first retrieve the server's public key (either through DNS or by other means), and then can generate a one-time key to start the encryption process.
This has been damaging enough to the firewall that China straight up started rejecting ESNI traffic outright in late July of 2020 as an update to the Great Firewall.
Using the headers in unencrypted traffic, and the SNI fields in pre 1.3 traffic to identify threats, the firewall can actively break connections in a few ways. There's the TCP reset attack, where the firewall forges messages back to either party telling them to stop the connection. So although the firewall cannot stop the first packets from getting through, it can terminate the connection by injecting packets immediately after.
There's also BGP (Border Gateway Protocol) tampering, which allows large groups the size of internet service providers (Autonomous Systems) to misroute requests to a specific IP addresses. The firewall can direct outgoing traffic to blacklisted locations to βnowhereβ, null-routing or hijacking the requests. This requires a freshly updated list of blocked IP addresses and has the danger of blocking other sites that happen to share similar addresses.
@neo_network
πβοΈπ€―
What originally was a two part article has turned into a three part article. I've taken feedback from readers and decided to break these articles up into more manageable chunks, i.e: daily posts that are actually digestible.
Another change I'd like to make, is rather than just providing information around the subject of research, I'd also like to provide step by step walk-throughs that can be used to protect yourself. So although content will take longer to get out, it'll be more valuable to us.
The solution part of this series will be in part 3 - so stay tuned. :)
In the first part of this series, we explore how western powers conduct domain seizures to protect the world from dastardly counterfeiters. Ironically enough, the leading counterfeiters reside in the People's Republic of China, which maintains one of the largest & most sophisticated censorship networks in the world.
We lovingly refer to this system as the Great Firewall of China. It was born of the Golden Shield project in 1996, only a few years after the internet was introduced to China. The intention for this firewall was to allow China to benefit from internet commerce while still maintaining the integrity of the state, disallowing any information that might harm the PRC constitution or promote social disorder. After 24 years, the wall stretched to surround everyone who uses the internet in China, which is a few hairs away from one billion people, or one-fifth of everyone using the internet today.
It has been challenging to understand how the firewall treats each individual request, mainly because of the arsenal of strategies the firewall uses, but researchers have uncovered a good amount of information on how it works.
Just like an actual wall, all communication in and out of mainland China is directed through traffic exchange points and then analyzed by the nodes of the great firewall. In this analysis phase, the firewall performs passive & active analysis.
Back when most web traffic was unencrypted, it was easy for the firewall to read the HTTP request header hosts and methods, for instance:
Host: www.youtube.com
GET /
Using a massive dictionary of keywords that listed banned sites, domains and keywords the firewall could tell when someone broke the rules. As HTTPS grew in popularity, this became harder. Yet, because a Server Name Indication (SNI) field is always sent first to declare a destination host for the TLS handshake, it could still be used to drop connections.
The advent of ESNI & ECH (Encrypted Client Hello) in an extension to the latest version of the TLS standard allows this first message to be encrypted so that the handshake process cannot be understood by anyone in between. The requesting computer must first retrieve the server's public key (either through DNS or by other means), and then can generate a one-time key to start the encryption process.
This has been damaging enough to the firewall that China straight up started rejecting ESNI traffic outright in late July of 2020 as an update to the Great Firewall.
Using the headers in unencrypted traffic, and the SNI fields in pre 1.3 traffic to identify threats, the firewall can actively break connections in a few ways. There's the TCP reset attack, where the firewall forges messages back to either party telling them to stop the connection. So although the firewall cannot stop the first packets from getting through, it can terminate the connection by injecting packets immediately after.
There's also BGP (Border Gateway Protocol) tampering, which allows large groups the size of internet service providers (Autonomous Systems) to misroute requests to a specific IP addresses. The firewall can direct outgoing traffic to blacklisted locations to βnowhereβ, null-routing or hijacking the requests. This requires a freshly updated list of blocked IP addresses and has the danger of blocking other sites that happen to share similar addresses.
One of the oldest and common attacks is DNS injection. DNS injection forges replies back to the requestors of blacklisted sites. This can even effect caches & routing outside of the country. As of October 2020, the GFW blocks close to a million domains and 3000 known keywords. You can actually check if a site is blocked in China using tools like GreatFire Analyzer.
In the third part of this article, we'll go step by step through how you can protect yourself from both Western & Eastern censorship methods.
Read more: @neo_network
Discuss at: @neo_network_chat
In the third part of this article, we'll go step by step through how you can protect yourself from both Western & Eastern censorship methods.
Read more: @neo_network
Discuss at: @neo_network_chat
Protonmail Interview
βοΈβοΈβοΈ
@neo_network
Y'all may remember the ProtonMail article on @theconsciousresistance that made some waves. ProtonMail reached out to correct the record and we tried to setup a livestream to hear their side of the story.
They aren't willing to take live interviews, but they have written up a response for us. Derrick Broze & I will go over this response and discuss further on a video segment Friday 3/19 next week.
This is my first live interview (with many more planned) and I'll be live streaming on the @neo_network as well!
I have many more announcements in store for you. See you on the next-hop.
Read more: @neo_network
Discuss at: @neo_network_chat
βοΈβοΈβοΈ
@neo_network
Y'all may remember the ProtonMail article on @theconsciousresistance that made some waves. ProtonMail reached out to correct the record and we tried to setup a livestream to hear their side of the story.
They aren't willing to take live interviews, but they have written up a response for us. Derrick Broze & I will go over this response and discuss further on a video segment Friday 3/19 next week.
This is my first live interview (with many more planned) and I'll be live streaming on the @neo_network as well!
I have many more announcements in store for you. See you on the next-hop.
Read more: @neo_network
Discuss at: @neo_network_chat
Forwarded from The Free Thought Project
Most people still think taxation is the basis of civilized society. Nothing could be further from the truth. Taxation funds all the undesirable aspects of society which is why it has to be extracted with violence or threat of violence.
Good ideas don't require force.
#TaxationIsTheft
#TheFreeThoughtProject
Good ideas don't require force.
#TaxationIsTheft
#TheFreeThoughtProject
Forwarded from BlackBox (Security) Archiv
Mass Extraction: The Widespread Power of U.S. Law Enforcement to Search Mobile Phones
Every day, law enforcement agencies across the country search thousands of cellphones, typically incident to arrest. To search phones, law enforcement agencies use mobile device forensic tools (MDFTs), a powerful technology that allows police to extract a full copy of data from a cellphone β all emails, texts, photos, location, app data, and more β which can then be programmatically searched. As one expert puts it, with the amount of sensitive information stored on smartphones today, the tools provide a βwindow into the soul.β
This report documents the widespread adoption of MDFTs by law enforcement in the United States. Based on 110 public records requests to state and local law enforcement agencies across the country, our research documents more than 2,000 agencies that have purchased these tools, in all 50 states and the District of Columbia. We found that state and local law enforcement agencies have performed hundreds of thousands of cellphone extractions since 2015, often without a warrant. To our knowledge, this is the first time that such records have been widely disclosed.
Every American is at risk of having their phone forensically searched by law enforcement.
https://www.upturn.org/reports/2020/mass-extraction/
π‘ Read as well:
https://www.eff.org/deeplinks/2021/03/fbi-should-stop-attacking-encryption-and-tell-congress-about-all-encrypted-phones
#usa #fbi #lawenforcement #massextraction #MDFT #mobilephones #cellphones #encryption #decryption #study #thinkabout
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@NoGoolag
Every day, law enforcement agencies across the country search thousands of cellphones, typically incident to arrest. To search phones, law enforcement agencies use mobile device forensic tools (MDFTs), a powerful technology that allows police to extract a full copy of data from a cellphone β all emails, texts, photos, location, app data, and more β which can then be programmatically searched. As one expert puts it, with the amount of sensitive information stored on smartphones today, the tools provide a βwindow into the soul.β
This report documents the widespread adoption of MDFTs by law enforcement in the United States. Based on 110 public records requests to state and local law enforcement agencies across the country, our research documents more than 2,000 agencies that have purchased these tools, in all 50 states and the District of Columbia. We found that state and local law enforcement agencies have performed hundreds of thousands of cellphone extractions since 2015, often without a warrant. To our knowledge, this is the first time that such records have been widely disclosed.
Every American is at risk of having their phone forensically searched by law enforcement.
https://www.upturn.org/reports/2020/mass-extraction/
π‘ Read as well:
https://www.eff.org/deeplinks/2021/03/fbi-should-stop-attacking-encryption-and-tell-congress-about-all-encrypted-phones
#usa #fbi #lawenforcement #massextraction #MDFT #mobilephones #cellphones #encryption #decryption #study #thinkabout
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@NoGoolag
Upturn
Mass Extraction | Upturn
This report is the most comprehensive examination of U.S. law enforcementβs use of mobile device forensic tools.
We almost lost management of the .org top level domain to a venture capitalist firm (Ethos Capital) last year. Imagine what that could potentially mean to non-profit sites zoned within, raising yearly prices for the .org domain
We're not out of the woods yet, it just goes to show that the Internet Society is open to external influences through funding. They control the .org contract till 2029, and ICANN is unlikely to strip the rights from them.
What censorship resistant domains can we go to next?
https://www.eff.org/deeplinks/2020/04/victory-icann-rejects-org-sale-private-equity-firm-ethos-capital
We're not out of the woods yet, it just goes to show that the Internet Society is open to external influences through funding. They control the .org contract till 2029, and ICANN is unlikely to strip the rights from them.
What censorship resistant domains can we go to next?
https://www.eff.org/deeplinks/2020/04/victory-icann-rejects-org-sale-private-equity-firm-ethos-capital
Electronic Frontier Foundation
Victory! ICANN Rejects .ORG Sale to Private Equity Firm Ethos Capital
In a stunning victory for nonprofits and NGOs around the world working in the public interest, ICANN today roundly rejected Ethos Capitalβs plan to transform the .ORG domain registry into a heavily
Update on the ProtonMail interview with @theconsciousresistance - it will now take place Monday, 3/23 at 6 PM and it'll be live-streamed :)
More details & links to come.
More details & links to come.
Is anyone interested in hearing the ProtonMail interview on a Telegram live voice chat?
https://telegram.org/blog/voice-chats-on-steroids
https://telegram.org/blog/voice-chats-on-steroids
Telegram
Voice Chats 2.0: Channels, Millions of Listeners, Recorded Chats, Admin Tools
Voice Chats first appeared in December, adding a new dimension of live talk to Telegram groups. Starting today, they become available in channels too β and there are no more limits on the number of participants. This update also brings recordable voice chatsβ¦
ProtonMail, Encrypted Email, and Trust
@neo_network
@theconsciousresistance
πβοΈπ
6 PM CST @ https://theconsciousresistance.com/live/
Join me today at the Conscious Resistance Live! I'll be interviewed by Derrick Broze, we'll be discussing the article I wrote previously on ProtonMail and the official response to it.
Not only will we explore the technical and legal email environment, but we'll also look at other secure solutions that can be relied on.
See you on the next-hop.
@neo_network
@theconsciousresistance
πβοΈπ
6 PM CST @ https://theconsciousresistance.com/live/
Join me today at the Conscious Resistance Live! I'll be interviewed by Derrick Broze, we'll be discussing the article I wrote previously on ProtonMail and the official response to it.
Not only will we explore the technical and legal email environment, but we'll also look at other secure solutions that can be relied on.
See you on the next-hop.
The Conscious Resistance Network
The Conscious Resistance Network Live Broadcasts - The Conscious Resistance Network
Forwarded from Derrick Broze's Daily News
"It is important to point out that these news outlets are all under the USA Today Network and the articles are all written by the same two people, Marco della Cava and Mike Stucka. While it is certainly not surprising for a news network to push similar stories to its various outlets, the way this is done is not at all transparent.
Not one of these news outlets is named USA Today. Outside of the small text which says they are apart of the USA Today Network, they all appear entirely independent and have vastly different names like the Tallahassee Democrat or Greenville News, The Elmwood City Ledger, and The Chronicle Express.
When multiple news outlets, who put on the appearance of independence, all run the exact same piece which essentially calls for gun control by fear mongering over mass shootings, this is not a free press. This is a controlled press who is apparently being given narratives to push out to their readers based on some entityβs centralized vision."
https://thefreethoughtproject.com/mainstream-media-exposed-coordinating-identical-mass-shooting-narratives-for-different-states/
Not one of these news outlets is named USA Today. Outside of the small text which says they are apart of the USA Today Network, they all appear entirely independent and have vastly different names like the Tallahassee Democrat or Greenville News, The Elmwood City Ledger, and The Chronicle Express.
When multiple news outlets, who put on the appearance of independence, all run the exact same piece which essentially calls for gun control by fear mongering over mass shootings, this is not a free press. This is a controlled press who is apparently being given narratives to push out to their readers based on some entityβs centralized vision."
https://thefreethoughtproject.com/mainstream-media-exposed-coordinating-identical-mass-shooting-narratives-for-different-states/
The Free Thought Project
Mainstream Media Exposed Coordinating Identical Mass Shooting Narratives for Different States
Dozens of mainstream outlets across the country are running an identical narrative on a "rise in mass shootings" which is being used to push gun control.
Forwarded from The People's Reset Activation
We are stoked to start sharing the speakers for The Greater Reset Activation 2 and D3! So excited... stay tuned!
This media is not supported in your browser
VIEW IN TELEGRAM
Would you wear special reflective glasses to avoid detection from infrared facial recognition cameras?
With the rise of facial recognition, temperature scanning, and 3D imaging being used in public places and even becoming popular at private businesses, this could provide a little defense.
https://www.reflectacles.com/
With the rise of facial recognition, temperature scanning, and 3D imaging being used in public places and even becoming popular at private businesses, this could provide a little defense.
https://www.reflectacles.com/
If only I had one of these drones to keep an eye on those pesky mail drones.
Forwarded from Defense Distributed
This media is not supported in your browser
VIEW IN TELEGRAM
Today, we would like to introduce you to the next dimension of 3D-printed freedom - drones.
The Weaponized Terrifying Freedom 9000 (aka WTF-9000), is a completely autonomous, nimble and easy to manufacture weapons system. With parts such as motors and microcontrollers being easily available in the RC section of your local toystore, the WTF-9000 is here to make weaponized drones available to the masses. Payloads for the WTF-9000 are limited only by the builder's imagination and choice of parts.
This video features a WTF-9000 prototype in field testing at an undisclosed location. We are incredibly excited about this innovative and liberating piece of technology, and will bring more updates on April 1st, 2022. Thank you.
The Weaponized Terrifying Freedom 9000 (aka WTF-9000), is a completely autonomous, nimble and easy to manufacture weapons system. With parts such as motors and microcontrollers being easily available in the RC section of your local toystore, the WTF-9000 is here to make weaponized drones available to the masses. Payloads for the WTF-9000 are limited only by the builder's imagination and choice of parts.
This video features a WTF-9000 prototype in field testing at an undisclosed location. We are incredibly excited about this innovative and liberating piece of technology, and will bring more updates on April 1st, 2022. Thank you.
Forwarded from BlackBox (Security) Archiv
apple_google.pdf
1.4 MB
Mobile Handset Privacy: Measuring The Data iOS and Android Send to Apple And Google
We find that even when minimally configured and the handset is idle both iOS and Google Android share data with Apple/Google on average every 4.5 mins.
βΌοΈ The phone IMEI, hardware serial number, SIM serial number and IMSI, handsetphone number etc are shared with Apple and Google. Both iOS and Google Android transmit telemetry, despite the user explicitly opting out of this.
π‘ When a SIM is inserted both iOS and Google Android send details to Apple/Google. iOS sends the MAC addresses of nearby devices, e.g. other handsets and the home gateway, to Apple together with their GPS location. Currently there are few, if any, realistic options for preventing this data sharing.
https://www.scss.tcd.ie/doug.leith/apple_google.pdf
#apple #google #study #telemetry #data #mobilephones #pdf
π‘ @nogoolag @blackbox_archiv
We find that even when minimally configured and the handset is idle both iOS and Google Android share data with Apple/Google on average every 4.5 mins.
βΌοΈ The phone IMEI, hardware serial number, SIM serial number and IMSI, handsetphone number etc are shared with Apple and Google. Both iOS and Google Android transmit telemetry, despite the user explicitly opting out of this.
π‘ When a SIM is inserted both iOS and Google Android send details to Apple/Google. iOS sends the MAC addresses of nearby devices, e.g. other handsets and the home gateway, to Apple together with their GPS location. Currently there are few, if any, realistic options for preventing this data sharing.
https://www.scss.tcd.ie/doug.leith/apple_google.pdf
#apple #google #study #telemetry #data #mobilephones #pdf
π‘ @nogoolag @blackbox_archiv
Our friends at @TheConsciousResistance just put out a mini documentary on the story of Cheran. I just finished watching and the accounts and stories were moving.
It bubbled some questions to the surface that I think are worth discussing:
- The community of Cheran had strong ties to their indigenous culture, this helped them find shared strength. In our modern heterogeneous nations, how can we regain our culture?
- The logging in Cheran was what sent the community over the edge. What does it take for a community in today's times to revolt? Do we lack shared values?
- The community of Cheran cut off phone, internet, and TV. Are freedom and technology mutually exclusive? The community task force does use radios. What other decentralized technologies could you see being successful in an independent community?
https://theconsciousresistance.com/ni-un-paso-atras-the-story-of-cheran-mexico/
It bubbled some questions to the surface that I think are worth discussing:
- The community of Cheran had strong ties to their indigenous culture, this helped them find shared strength. In our modern heterogeneous nations, how can we regain our culture?
- The logging in Cheran was what sent the community over the edge. What does it take for a community in today's times to revolt? Do we lack shared values?
- The community of Cheran cut off phone, internet, and TV. Are freedom and technology mutually exclusive? The community task force does use radios. What other decentralized technologies could you see being successful in an independent community?
https://theconsciousresistance.com/ni-un-paso-atras-the-story-of-cheran-mexico/
Forwarded from The People's Reset Activation
Friends, the Decentralized, Distributed, and Disruptive Tech Summit (D3) is one week away!
At the summit we will break down the First Decentralized Evolution (1de) and what we can do to accelerate it!
Will you be joining us!?!
More details here - http://d3techsummit.com
Above are just a few of the dynamic speakers we will be hearing from.
Educate - Activate - Liberate
At the summit we will break down the First Decentralized Evolution (1de) and what we can do to accelerate it!
Will you be joining us!?!
More details here - http://d3techsummit.com
Above are just a few of the dynamic speakers we will be hearing from.
Educate - Activate - Liberate