How long it would take to read the terms of service agreements of popular online services
https://www.visualcapitalist.com/terms-of-service-visualizing-the-length-of-internet-agreements
#terms #service #agreement
https://www.visualcapitalist.com/terms-of-service-visualizing-the-length-of-internet-agreements
#terms #service #agreement
Visual Capitalist
Visualizing the Length of the Fine Print, for 14 Popular Apps
We visualize the length of service agreements from popular apps, by counting the words and calculating how long it would take to read them.
Forwarded from BlackBox (Security) Archiv
You are not anonymous on Tor - Last February, my Tor onion service came under a huge Tor-based distributed denial-of-service (DDoS) attack
I spent days analyzing the attack, developing mitigation options, and defending my server. (The Tor service that I run for the Internet Archive was down for a few hours, but I managed to keep it up and running through most of the attack.)
While trying to find creative ways to keep the service up, I consulted a group of friends who are very active in the network incident response field. Some of these are the people who warn the world about new network attacks. Others are very experienced at tracking down denial-of-service attacks and their associated command-and-control (C&C) servers. I asked them if they could help me find the source of the attack. "Sure," they replied. They just needed my IP address.
I read off the address: "152 dot" and they repeated back "152 dot". "19 dot" "19 dot" and then they told me the rest of the network address. (I was stunned.) Tor is supposed to be anonymous. You're not supposed to know the IP address of a hidden service. But they knew. They had been watching the Tor-based DDoS. They had a list of the hidden service addresses that were being targeted by the attack. They just didn't know that this specific address was mine.
As it turns out, this is an open secret among the internet service community: You are not anonymous on Tor !!
π‘ Threat Modeling
There are plenty of documents that cover how Tor triple-encrypts packets, selects a route using a guard, relay, and exit, and randomizes paths to mix up the network traffic. However, few documents cover the threat model. Who can see your traffic?
π ππΌ https://www.hackerfactor.com/blog/index.php?/archives/896-Tor-0day-Finding-IP-Addresses.html
#tor #onion #service #zeroday #DDoS #attacks #anonymous #poc #thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
I spent days analyzing the attack, developing mitigation options, and defending my server. (The Tor service that I run for the Internet Archive was down for a few hours, but I managed to keep it up and running through most of the attack.)
While trying to find creative ways to keep the service up, I consulted a group of friends who are very active in the network incident response field. Some of these are the people who warn the world about new network attacks. Others are very experienced at tracking down denial-of-service attacks and their associated command-and-control (C&C) servers. I asked them if they could help me find the source of the attack. "Sure," they replied. They just needed my IP address.
I read off the address: "152 dot" and they repeated back "152 dot". "19 dot" "19 dot" and then they told me the rest of the network address. (I was stunned.) Tor is supposed to be anonymous. You're not supposed to know the IP address of a hidden service. But they knew. They had been watching the Tor-based DDoS. They had a list of the hidden service addresses that were being targeted by the attack. They just didn't know that this specific address was mine.
As it turns out, this is an open secret among the internet service community: You are not anonymous on Tor !!
π‘ Threat Modeling
There are plenty of documents that cover how Tor triple-encrypts packets, selects a route using a guard, relay, and exit, and randomizes paths to mix up the network traffic. However, few documents cover the threat model. Who can see your traffic?
π ππΌ https://www.hackerfactor.com/blog/index.php?/archives/896-Tor-0day-Finding-IP-Addresses.html
#tor #onion #service #zeroday #DDoS #attacks #anonymous #poc #thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Forwarded from BlackBox (Security) Archiv
You are not anonymous on Tor
π ππΌ https://t.me/BlackBox_Archiv/1252
#tor #onion #service #zeroday #DDoS #attacks #anonymous #poc #thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
π ππΌ https://t.me/BlackBox_Archiv/1252
#tor #onion #service #zeroday #DDoS #attacks #anonymous #poc #thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Forwarded from BlackBox (Security) Archiv
mailbox.org came after the Snowden revelations: a talk with Peer Heinlein
We spoke with Peer Heinlein of the crypto email service mailbox.org. But there is much more at stake. They're expanding their business model.
We recently spoke with Peer Heinlein, founder of the crypto e-mail service mailbox.org. But itβs about much more than mail: the company is expanding its business model.
A detailed conversation with the CEO of mailbox.org
We enjoyed an extended conversation with Peer Heinlein, the founder and managing director of the e-mail provider mailbox.org. But not only that: Heinlein also runs JPBerlin, a provider for socially and politically engaged people, in addition to Heinlein Hosting, another consulting firm and his own Linux academy. You can read the german version here.
There is a lot of competition among crypto-mail providers, with Posteoβs offices literally just around the corner. Another, Tutanota is based in Hanover, to name just the two best-known German competitors, and there are many more abroad.
But there is more: Heinlein, the law graduate, who used to work as a journalist over the years has grown into the role of an entrepreneur, and he also lobbies on his own behalf. His topics include the increasing hunger of the German authorities for access to online services that manage their customersβ data. A recent example is the ongoing revision of the German Telecommunications Act (TKG). If the EU gets its way, all providers would have to integrate official backdoors for the authorities. IT security or digital seclusion would no longer be possible.
https://tarnkappe.info/mailbox-org-came-after-the-snowden-revelations-a-talk-with-peer-heinlein/
#interview #mailboxorg #crypto #mail #service
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@NoGoolag
We spoke with Peer Heinlein of the crypto email service mailbox.org. But there is much more at stake. They're expanding their business model.
We recently spoke with Peer Heinlein, founder of the crypto e-mail service mailbox.org. But itβs about much more than mail: the company is expanding its business model.
A detailed conversation with the CEO of mailbox.org
We enjoyed an extended conversation with Peer Heinlein, the founder and managing director of the e-mail provider mailbox.org. But not only that: Heinlein also runs JPBerlin, a provider for socially and politically engaged people, in addition to Heinlein Hosting, another consulting firm and his own Linux academy. You can read the german version here.
There is a lot of competition among crypto-mail providers, with Posteoβs offices literally just around the corner. Another, Tutanota is based in Hanover, to name just the two best-known German competitors, and there are many more abroad.
But there is more: Heinlein, the law graduate, who used to work as a journalist over the years has grown into the role of an entrepreneur, and he also lobbies on his own behalf. His topics include the increasing hunger of the German authorities for access to online services that manage their customersβ data. A recent example is the ongoing revision of the German Telecommunications Act (TKG). If the EU gets its way, all providers would have to integrate official backdoors for the authorities. IT security or digital seclusion would no longer be possible.
https://tarnkappe.info/mailbox-org-came-after-the-snowden-revelations-a-talk-with-peer-heinlein/
#interview #mailboxorg #crypto #mail #service
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@NoGoolag
Tarnkappe.info
mailbox.org came after the Snowden revelations: a talk with Peer Heinlein
We spoke with Peer Heinlein of the crypto email service mailbox.org. But there is much more at stake. They're expanding their business model.