PDA

View Full Version : How the Elite Bastards will control the Wild Wild Web.



Paul
21st September 2016, 15:27
I just finished listening to a Jesuit Priest and a technical geek who has a good working relation with the FBI discuss, with their full support, how Google (surely a CIA ally) and the little known corporations that control Internet security and domain name services (these map URL's to numeric IP addresses), will be locking down the Wild Wild Web, so that only "approved" websites will be trusted by ordinary users.

I anticipate that ProjectAvalon.net, and many other a site, will be branded as a "security risk", within a few years. If we convert the forum from HTTP to HTTPS (encrypting our traffic), then we could avoid the "security risk" label, at the risk of remaining available on the web "at the pleasure" of the security certificate issuing agencies.

(By the way, neither Ilie nor I yet know of a practical way, within our abilities and budget, to convert Avalon to HTTPS.)

===

You too can listen to this discussion. It is this week's Security Now podcast, between Steve Gibson (of http://grc.com) and Fr. Robert Ballecer, SJ (that's Father Robert Ballecer, Society of Jesus). Ballecer is filling in for the usual host, Leo Laporte, on this week's Security Now podcast, while Leo is on vacation. Steve Gibson openly acknowledges that he has had a good working relationship with the FBI, in a story he tells, starting at 21:34 (https://youtu.be/xabTAL5cgCM?t=21m34s).

For an example of what concerns me, starting at 56:22 (https://youtu.be/xabTAL5cgCM?t=56m22s), you can hear Steve Gibson explain and defend how Google is using it's dominating position in browser's, with its Chrome browser, to increasingly shame and marginalize sites (such as ProjectAvalon) that still use unencrypted HTTP.
xabTAL5cgCM
Here's a nine page pdf document, Steve Gibson's "Show Notes", providing in some detail the same content: Security Now 578 Show Notes (pdf) (https://www.grc.com/sn/SN-578-Notes.pdf).

So ... it seems that we're damned if we do (convert to HTTPS, requiring a "license", security certificate), and damned if we don't (labeled as a security risk.)

This looks to be shaking out like licensing and regulation in so many other arenas. I can still drive a car without insurance or a license plate ... on my private property, but not on public roads. I can still administer medical care to myself or those close to me without any medical licenses, but not to the general public. I can still offer myself or others close to me legal advice, but not to the general public. I can still broadcast radio signals without an FCC license, but only if they are sufficiently weak that no one more than a short distance away can receive them. I can still carry a firearm, in some places, but only if I get the proper license, and not if I have a felony criminal record or mental insanity diagnosis in the past.

They don't need to take ProjectAvalon.net down. They just need to make the general population shun us, and control whether or not we can get the license (security certificates, from agencies they ultimately control) that would be required to avoid Google's "Red Scarlett Letter A (https://en.wikipedia.org/wiki/The_Scarlet_Letter)" mark of being an untrusted, insecure, website.

Once again, centrally controlled organizations are using "security" concerns to crank up their control over once free and open activity, over a multiple year period.

uzn
21st September 2016, 15:43
It´s already happening. Got a new Laptop and the first time I surfed ProjectAvalon from it the Screen turned red and it informed me that this site is unsafe. Than I had two Options either not go there or go there on my own risk. That will scare of some People that surf to Avalon for the first time.

Paul
21st September 2016, 15:48
It´s already happening. Got a new Laptop and the first time I surfed ProjectAvalon from it the Screen turned red and it informed me that this site is unsafe. Than I had two Options either not go there or go there on my own risk. That will scare of some People that surf to Avalon for the first time.

Yes, there's one or two "anti-virus" tools on Windows that have been causing such reports, for sometime now.

peterpam
21st September 2016, 15:53
Of course all this licensing will generate revenue for governments to waste. If you are licensed how much easier will that be to find some reason to tax these licensed businesses? It's the same old business model, take control and make them pay till it bleeds, oh so similar to organized crime.

uzn
21st September 2016, 15:57
You are right Paul, I am using McAfee, that became an asset of Intel not long ago. And McAfee puts out a red Screen with a warning.

Gurudatt
21st September 2016, 16:25
Opera seems to have come up with a VPN/Proxy. People should stop using Google products as they are the main source of malware infections through their plugins.

Citizen No2
21st September 2016, 16:57
There are reports that the Russians' have put up a fire-wall to block all access to porn sites unless you have a paid porn account, and hence, your details. Not too much of a stretch to see what other types of sites this could be applied to.

We know it's coming.

Internet 2.0


Regards.

EWO
21st September 2016, 17:38
(By the way, neither Ilie nor I yet know of a practical way, within our abilities and budget, to convert Avalon to HTTPS.)

Why cant you add the certificate? Who is the IT technical person that manages the forum.
You can get cheap $10 certificates from Comodo that doesnt require complicated company validations, just simple email validation.
https://www.namecheap.com/security/ssl-certificates/comodo.aspx


Im assuming this forum runs on some sort of linux apache server.
Adding HTTPS requires editing the web config and adding a connector for https port 443 and path to certificate file and key.
This is a vbulletin forum, im sure you can google lots of solutions for adding https

http://www.vbulletin.com/forum/forum/vbulletin-4/vbulletin-4-questions-problems-and-troubleshooting/398089-how-can-i-activate-ssl-in-vbulletin

Paul
21st September 2016, 22:19
Why cant you add the certificate? Who is the IT technical person that manages the forum.
You can get cheap $10 certificates from Comodo that doesnt require complicated company validations, just simple email validation.
https://www.namecheap.com/security/ssl-certificates/comodo.aspx
It's not the cost of the certificate that is the problem. One can get perfectly fine certs from https://letsencrypt.org/ for free.

Where we run into more difficulties involves issues with our content and web server software.

For example, we'd have to handle, somehow, mixed http/https content. Member's posts have many embedded images, videos, pdfs, etc specified with insecure http links. Modern web browsers might be configured to complain about or block such insecure http content if they are asked to load such within the context of a secure https page.

Ilie and I are the technical people who manage the form :).

Paul
21st September 2016, 22:36
What's needed is federated, de-centralized, control of the Web :).

Given the global span of the Web, that might seem like a practical impossibility.

But notice that the Web is easily divided by its top level domains, such as .com, .net, .org, .info, and .gov. Imagine that the security rules were decided separately for each such top level domain.

Some would be "wild and wooly" (perhaps .xxx or .sex), and some would be more strictly administered. Institutions that care about their reputation and that deal with sensitive information, such as banking, financial, medical, ... would find it necessary to pass muster for the more strict rules of a "respected" top level domain, such as ".com". Top level domains such as .info or .net (as in ProjectAvalon.net) could be a bit more lax than those for .com, where the banks and such resided.

Browsers could alert you to "traveling on the dark side" when you were visiting a website under a less safe top level domain, but such would be a reasonable and informed choice by the user.

The idea that the necessary solution is for "us" (a single over-arching powerful entity, actually) to impose uniform all encompassing constraints is a convenient cover story of the elite fascist bastards.

Justplain
21st September 2016, 23:40
Though I'm no internet techie, couldnt a browser and search engine be found, or created, that would ignore the bogus security/control conventions adopted by the fbi/cia/nsa? It would become a very popular net surfing mechanism.

Paul
22nd September 2016, 00:23
Though I'm no internet techie, couldnt a browser and search engine be found, or created, that would ignore the bogus security/control conventions adopted by the fbi/cia/nsa? It would become a very popular net surfing mechanism.

Yes - I have a dozen web browsers on my systems, which I use for checking things out now and then. Most of them don't pay much attention to such issues ... they get and display what they can, as best they can.

However most people use, and will always use, one of the few dominant browsers. Presently those are Chrome, Firefox, Safari, IE, Opera and Edge. If the Project Avalon forum doesn't work well with them, that's a problem. These major browsers can be expected, sooner or later, in my estimation, to be increasingly fussy about the security of web pages, including whether they are entirely https encrypted.

shaberon
22nd September 2016, 00:50
That would thwart a lot of new traffic.

I don't use any of their "apps", although I do use the search engine. If it shows a security risk, you can query the issue and it will give its best guess and you simply decide if you want to proceed. Automation of practically blocking plain ol' http and the like, yes, you wind up with more "guided tour". Most of the (American) websites are repellent to me by design, but as long as they get traffic, they will continue to breed...bad news for the low budget indies, you have to grow in the shade.

Antagenet
22nd September 2016, 06:57
It's possible that new blockchain social media sites and apps will create safe uncensored places for us to meet so that the regular
internet will become old technology. Looks up https://www.synereo.com/ https://steemit.com/created/ https://www.yours.network/
as examples of people trying to create a whole new internet.

Lifebringer
22nd September 2016, 10:16
Do you think like "John in Patmos" that those spying for the alphabet, will also be awakened and also in position to help or hold back what they think the agencies paranoia wants?(Snowden):Angel: "To just spy on everybody and everything, for supposed control.":cash::blackwidow:

good point
23rd September 2016, 03:36
It's possible that new blockchain social media sites and apps will create safe uncensored places for us to meet so that the regular
internet will become old technology. Looks up https://www.synereo.com/ https://steemit.com/created/ https://www.yours.network/
as examples of people trying to create a whole new internet.

I've been pushing the idea of new internets at college for years now. The whole new internet will have to distance its self from the mainstream . . .. Even going back to using older hardware, making its simplicity more ubiquitous. Shun the establishment mass production. It's a very threatening idea to the establishment. Say, build it then they will come. The danger is that big business won't allow competition at the grass roots. Users risking their privacy and the safety of their device by connecting to a service they pay for, instead of own. Can they make the technology cheaper? It will be easier to address the costs that hosting a website than the developers need to keep up with technology. Of course, the material constraint and the educated man power to build the servers, protect them and inform the people. Whether or not everyday access to these sites addresses is open with or without a certificate should be largely up to the web master and the client software. At what point does using the internet become discretionary activity? Can you put a price on freedom? Can you make it materialistic? I don't think going around condemning invalid web certificates and banning access is any more constructive than violence used by radical terrorists. To expand on that point, I want to make this clear: NTIA like Steve Gibson told us, privatizing the networks remains a lot of work. The shifting controls of the internet need to remain a world wide web. :lever: If the global internet structure authorizes certificates of encrypted protocol, they can destroy p2p! :boom: Bad DNS from ISP, you name it! It's consumer fraud. How many domestic arrests for using a computer to commit a crime by simply establishing a home connection that can't be spied up on by big brother? I'm not a web admin but I grew up with Windows all my life.

TargeT
23rd September 2016, 19:02
What's needed is federated, de-centralized, control of the Web :).

Given the global span of the Web, that might seem like a practical impossibility.
.


Simple solution, very practical:


Change Is Coming: How the Blockchain Will Transform the Domain Name Business
https://cointelegraph.com/images/725_Ly9jb2ludGVsZWdyYXBoLmNvbS9zdG9yYWdlL3VwbG9hZH Mvdmlldy9hNmNmMWM0MTAxZGI1MDQwNjM4YWIyNmU3Nzk5ZGY2 Ni5wbmc=.jpg
Put the word "blockchain" together with the acronym "DNS" and what do you get? Just like that 1980s commercial in which chocolate collides with peanut butter, you get a result that's really quite remarkable — blockchain-based domain names. This new hybrid could change the way the system works in important ways.he term "blockchain" refers to the underlying technology that powers Bitcoin, a distributed data store that achieves a state of consensus. Every node on the network will agree about the historical facts, with minimal reliance on trusting central authorities.

The Domain Name System (DNS) is used every time you interact with resources on the Internet. This system allows us to turn easy-to-remember names such as "CoinTelegraph.com" into useful IP addresses such as "141.101.125.184". Your computer needs the latter, but you can more easily remember the former. DNS provides this mapping function between names and addresses, much as a phone directory lets us look up a person's phone number, given their name.
Hey, You Got Blockchain on My DNS

The current DNS is a distributed network that lets machines easily find IP addresses. The DNS is operated according to rules established by the Internet Corporation for Assigned Names and Numbers (ICANN), the organization that approves new top-level domains (TLDs), such as .com. It awards the contracts to registry operators, such as Uniregistry, who operate the TLDs, and accredits registrars, like GoDaddy, who sell the rights to use domain names.

The current system is hierarchical in nature, both technically and politically. Technically, this system's root servers (think central database) represent a high-value attack vector, and a single point of failure that could by itself take down large chunks of the Internet with a single incident, as threatened by Anonymous in 2012.

Politically, the decision-making power is concentrated within the governing body making the rules of operation and letting the contracts. This represents a source of significant risk in terms of potential for corruption, and is susceptible to coercion by those entities with great power.

There is plenty to say about the benefits to consumers that next-generation Domain Name Systems will provide, and plenty more to be said about the impacts on individual privacy, Internet security, domain name thefts and seizures, and on basic human rights issues, such as freedom of speech. However, I'd like to focus today on the impact these systems are likely to have on the domain industry.
Registries Operate the DNS

Registry operators run or oversee the operation of root servers. They are the authoritative source of information about where to go to resolve all domain names for a given TLD. Think of this as a large, central database for domain name information. They are obviously constrained by their contractual obligations to ICANN. They are also constrained by the legal frameworks under which they operate.

Registry operators establish guidelines by which they will conduct the launching of new TLDs. National governments and large corporations apply considerable pressure to put mechanisms in place to protect their own interests.

In order to prosper within the system, registry operators currently need to satisfy these most powerful stakeholders. Before general registrations are allowed, registries administer sunrise periods, where those with registered service marks and intellectual property concerns can have a chance to secure the names they want.

Similarly, governments want to collect accurate contact information for registrants. This makes it possible to take action against registrants, which can be useful in many contexts, but can also be easily abused by governments determined to stifle dissent or control the flow of information within their borders.
https://cointelegraph.com/storage/uploads/view/4e307ce9d088db0317dbe74f02b83d59.jpg
The Blockchain Offers New Flexibility

Registry operators are going to find increased flexibility and more varied opportunities when they begin to launch new blockchain-based TLDs. The result will be the ability to tailor a TLD to specific market niches more effectively. They will be able to "bake the rules into the code" and customize a TLD for specific use cases, even if powerful constituencies may be strongly opposed.

A registry operator may, for example, decide in the case of one TLD to make all contact information optional, making it possible to have domain names that cannot easily be seized by governments or stolen by thieves. Alternately, they could decide to enforce stringent contact-info requirements, which would allow strong claims to be made about the website operators in that TLD. Registries will be empowered to draft the rules of operation according to the needs of the market being served, as opposed to doing what it takes to get approval to launch.

Variable pricing schemes become much more viable, too, as pricing can become a function of a carefully crafted algorithm that reflects the registry's priorities. If they are concerned about the rate at which two- and three-letter strings are registered, they can simply tweak the pricing algorithm to reflect those values. Perhaps the registry wants to use a sliding-price model for most domain names in a TLD, where the registration cost is reduced each day until a target is reached, as Emercoin did. Or perhaps for those two- and three-letter domain names, they want to utilize an auction-style pricing model, as Bitshares does. Such priorities are easy to implement via blockchains, and require no approval from anyone.The Blockchain Could Reduce Operating Costs

Currently, decisions about launch parameters must be approved by ICANN and be implemented by written, enforceable policies. In the future, these parameters could and will be written not as clauses in legal contracts, but in code! The result will be the elimination of ambiguity, less legal wrangling, and more flexibility for the registries.

Registry operators face the prospect of significantly lower-cost structures as well. Marginally profitable operations, or even those operating at a slight loss, may look viable if migrated to a blockchain. With no compliance costs and the elimination of expensive interaction with ICANN, the cost to operate a TLD ought to be reduced significantly.

Paired with variable pricing and auction models, registry operators will have greater control over costs and more pricing options than ever before. This should translate into more varied offerings for consumers and more room for innovation from those who operate TLDs.
Isn't DNS Dead Yet?

Governments could launch TLDs with the specific intention of using them for voting and fairly distributing benefits. Human rights organizations could launch them to promote free speech online, or encourage whistleblowers. Innovative companies could identify market opportunities and launch TLDs specifically crafted for a particular niche.

Perhaps the most important change will be the ability of small operators, or even individuals, to launch TLDs for whatever purpose they want. It could be that services involved with coordinating networks of smart, connected devices will launch limited-access TLDs in order to control upgrades, enable hardware leasing, or any number of other purposes that are hard to predict today.

Despite the claims from many that a perfect storm of factors is making domain names obsolete, the indicators suggest otherwise. The naysayers cite the prominence of mobile apps, and the convenience of things like Facebook pages, Etsy stores and more. But after basically stagnating since the late 1990s, the Domain Name System is about to undergo big changes. Stick around, DNS is not done.
https://cointelegraph.com/news/change-is-coming-how-the-blockchain-will-transform-the-domain-name-business



Though I'm no internet techie, couldnt a browser and search engine be found, or created, that would ignore the bogus security/control conventions adopted by the fbi/cia/nsa? It would become a very popular net surfing mechanism.

Here it is in action:
https://blockstack.org/

Paul
23rd September 2016, 20:33
What's needed is federated, de-centralized, control of the Web :).

Given the global span of the Web, that might seem like a practical impossibility.
.


Simple solution, very practical:


Change Is Coming: How the Blockchain Will Transform the Domain Name Business
I'm skeptical :).

Replacing our current centralized DNS servers with blockchain DNS servers sounds nice, but I suspect doesn't solve the primary problems I was concerned with, when I started this thread.

My primary concerns were the interlocking vice grip of (1) shifting most users over to normally only interacting with HTTPS encrypted websites (Google is leading the way here, with Chrome's increasing bias against HTTP sites), and (2) central control of the SSL certificates required for acceptance by these browsers.

Neither of these concerns focused on the DNS problems.

I will grant however that DNS problems, such as the ease with which nation-state actors can substantially limit access to "forbidden" websites by knocking them out of the DNS servers, which are also centrally administered, have actually been a more serious problem in recent years.

However, use of blockchain technology, to replace centrally administered DNS servers with a distributed database, is not a fix, in my estimation. Blockchain technology could remove a current vulnerability of our DNS services, the few critical central services, from attack from those with limited means. However, since distributed blockchain databases can be dominated by one major player (think a "New World Order World Government" here) with overwhelming compute power, and since distributed blockchain technology depends critically on some sophisticated, fairly young, software, which can be covertly backdoored by nation-states (or a world-state), this doesn't protect us from the Elite Bastards ... only from sundry little bastards.

TargeT
24th September 2016, 00:43
Replacing our current centralized DNS servers with blockchain DNS servers sounds nice

well, the blockchain would be distributed on many computers not just servers. "users" host the blockchain, not anything centralized.



Neither of these concerns focused on the DNS problems.


Yeah, I just think DNS is way more important.. haha I do agree, the certificate issue has been a concern ever since we found that STUXNET had "valid certificates"



I will grant however that DNS problems, such as the ease with which nation-state actors can substantially limit access to "forbidden" websites by knocking them out of the DNS servers, which are also centrally administered, have actually been a more serious problem in recent years.

DNS is the bottleneck of control, we HAVE to shatter it.. certificates (so far) are a minor annoyance at worst (you still can go to "Bad cert" sites).




However, use of blockchain technology, to replace centrally administered DNS servers with a distributed database, is not a fix, in my estimation. Blockchain technology could remove a current vulnerability of our DNS services, the few critical central services, from attack from those with limited means. However, since distributed blockchain databases can be dominated by one major player (think a "New World Order World Government" here) with overwhelming compute power, and since distributed blockchain technology depends critically on some sophisticated, fairly young, software, which can be covertly backdoored by nation-states (or a world-state), this doesn't protect us from the Elite Bastards ... only from sundry little bastards.

I don't agree with almost all of your assertions here

Firstly: DNS is super vulnerable to a ton of attacks in its current form; it's one of the biggest things we look for in my arena (http://www.networkworld.com/article/2886283/security0/top-10-dns-attacks-likely-to-infiltrate-your-network.html#slide2). It's commonly paired with other attacks also, it's a cornerstone of "hacking" at this point.

the distributed database would stop almost ALL attacks in their current forms and prevent governments from "shutting down" domains or sites based on their whim.


Bitcoin can't even be dominated by a single group with out notice, the community is very aware and wary of any dominant group controlling too much of the blockchain & appropriate changes are already being implemented.

This is a sqeeky new toy.. but once the minor bugs are worked out I think we have the solution to hierarchy control & it's based in voulentarism.

Paul
24th September 2016, 03:05
well, the blockchain would be distributed on many computers not just servers. "users" host the blockchain, not anything centralized.
Yes, blockchain tech runs on PC and user hardware as well as on server hardware. I was using the word "server" to refer to the software ... a blockchain service software process (aka "server") runs on a variety of hardware, large and smallish.


Yeah, I just think DNS is way more important
Yes, so far the DNS issue has been way more important.

In this thread, I put forth the concern that, once most users are weaned from "insecure" HTTP, then the ability to control DNS certs will become more of an issue.



DNS is the bottleneck of control, we HAVE to shatter it.. certificates (so far) are a minor annoyance at worst (you still can go to "Bad cert" sites).
"so far" -- yes :).




However, use of blockchain technology, to replace centrally administered DNS servers with a distributed database, is not a fix, in my estimation. Blockchain technology could remove a current vulnerability of our DNS services, the few critical central services, from attack from those with limited means. However, since distributed blockchain databases can be dominated by one major player (think a "New World Order World Government" here) with overwhelming compute power, and since distributed blockchain technology depends critically on some sophisticated, fairly young, software, which can be covertly backdoored by nation-states (or a world-state), this doesn't protect us from the Elite Bastards ... only from sundry little bastards.


I don't agree with almost all of your assertions here
Yes - I didn't expect much agreement, with anyone, on my skeptical opinion of blockchain technology. I'm a blockchain heretic ... not many of us right now :).


Firstly: DNS is super vulnerable to a ton of attacks in its current form
Agreed.

DNS vulnerabilities can be worked around -- I run my own DNS services, and cache and save all lookup results, going back years, so I could still get to any site that had the same IP as before, even if all the public DNS services I use (I have 9 of them listed in my /etc/resolv.conf at present, not counting my own DNS servers) became non-cooperative. However that's not for the faint of heart or less than ambitious geek.


the distributed database would stop almost ALL attacks in their current forms and prevent governments from "shutting down" domains or sites based on their whim.
The current attacks - yes - a blockchain DNS would thwart them big time.

But the current attacks are like terrorist events - more dangerous to humanity because of the tyranny they justify than because of the attacks themselves.

For example the worst "terrorist attack" on record so far, the infamous 9/11, killed some 3000, but has justified the killing of upwards of a million in the subsequent wars, justified the Fascist takeover of the US government, and justified the destruction of perhaps a half-dozen nation-state governments.

Similary, current DNS (and cert and "insecure" http) attacks and vulnerabilities are serving as the justification for more sophisticated solutions. The Elite Bastards won't quit until they have us using systems that only they can hack.


Bitcoin can't even be dominated by a single group with out notice, the community is very aware and wary of any dominant group controlling too much of the blockchain & appropriate changes are already being implemented.

This is a sqeeky new toy.. but once the minor bugs are worked out I think we have the solution to hierarchy control & it's based in voulentarism.
Like the Web itself, and like the Airwaves used by radio and TV before, the Elite Bastards will never stop, and continue to have some success in, trying to achieve control. Blockchains will be found to be, in my expectation, more "nuanced" in their strengths and weaknesses than is currently realized.

Paul
24th September 2016, 13:53
DNS vulnerabilities can be worked around -- I run my own DNS services, and cache and save all lookup results, going back years, so I could still get to any site that had the same IP as before, even if all the public DNS services I use (I have 9 of them listed in my /etc/resolv.conf at present, not counting my own DNS servers) became non-cooperative. However that's not for the faint of heart or less than ambitious geek.
Jim Stone pointed out something on his site (http://82.221.129.208/basepagef6.html) that I should have noticed before. He wrote:


FACT: A vast majority of TOP LEVEL DOMAIN web sites on the internet DO NOT HAVE THEIR OWN IP ADDRESSES. The ONLY way to them is via the DNS servers which ICANN will take control of. The DNS servers have all the routing information needed to get to web sites that do not have their own IP adresses. Many people who run their own web sites are clueless about this, they just see the IP address in their Cpanel and figure it will work if they try using it. They are wrong. If they ever copied and pasted that IP address and tried to hit their web site with it, it would produce NOTHING because 50 other web sites are also using it and the server would not know which one you wanted to get to without the routing information provided by the DNS server.

What he's pointing out is that often multiple websites are behind the same IP address, and that a front end to these several websites receives all Web requests to any of them, and figures out which website to send the request to, by looking at the URL to see which website is named in it.

Here's an example. If you look for the IP address behind the projectavalonstatus.net website that I run, you will see that it's at IP 69.164.204.136. However if you then enter http://69.164.204.136/ in your web browser's address bar (or if you just click on that last link I just entered here), you will not get to the ProjectAvalonStatus.net website. Instead you will see this terse and useless web page:

Welcome to pauljackson.us!

That's because there are several websites, all at IP address 69.164.204.136, not just ProjectAvalonStatus.net. For example, ThePythonicCow.us (http://thepythoniccow.us) and AvalonLibrary.net (http://AvalonLibrary.net) are also there, and the front end to my several web servers cannot tell which website you want unless you name it, not just it's shared IP address, in the URL address you provide.

If you are trying to access a website by IP address, because the publicly available DNS servers refuse to or are unable to provide the correct IP address, one might actually have to run one's own DNS server(s) in order to translate the website name to it's IP, so that (1) the website name can be sent along to the server, for it to figure out which website at that IP address to pass the request to, and (2) the website name (URL) can be translated to the correct IP address.

The http://projectavalon.net website does not have this issue. It's the only website at its IP, so you can successfully get to it using the URL http://198.143.158.131/ (at least until such time as our Avalon forum IP address changes for whatever reason.)

(As I said above, this is not for the faint of heart or less than ambitious geek. <grin>)

Or, as Jim Stone wrote later in the same post of his that I linked and quoted above:

BOTTOM LINE: Don't be lazy, thinking "some hacker or programmer is going to save it all" because that won't be the case. "Hackers and programmers" will probably be able to keep the DEDICATED IP part of the web visible for themselves, but when it goes dark for anyone who is not like them, practically all web sites that get blocked are going to die eventually because traffic is life, and they won't be able to survive with only the 3 percent or so of the population that can figure it out and still get to them. And if a web site does not have dedicated IP, even hacker Joe will have no way in.

===

I have now talked myself into half agreeing with TargeT's concerns over DNS, that he posted above.

Yes - DNS blocking has been (we agreed on that already) and will continue to be a serious means of blocking "undesirable" websites, as will the increasing increasing bias against "insecure" unencrypted HTTP websites and the central administration of SSL certs required to operate an encrypted HTTPS website.

So now I am of the opinion that the centralized management of both DNS maps and SSL certs will each provide choke points for the central control of the Web.

(But I remain more skeptical of whether block chain technology can provide a real solution here.)

Paul
24th September 2016, 15:56
(But I remain more skeptical of whether block chain technology can provide a real solution here.)
Arthur C. Clarke famously said (http://www.quotationspage.com/quote/776.html) that "Any sufficiently advanced technology is indistinguishable from magic."

I would suggest a corollary to that: "Any sufficiently advanced technology, in the hands of the elite bastards, risks being indistinguishable from the bars of a prison cell."

... for example, Intel CPU's, Windows, cell phones, Google, Facebook, the Internet, bank lending, computer controlled autos, the Internet of Things, ... and block chains :).

TargeT
24th September 2016, 16:32
DNS vulnerabilities can be worked around -- I run my own DNS services, and cache and save all lookup results, going back years, so I could still get to any site that had the same IP as before, even if all the public DNS services I use (I have 9 of them listed in my /etc/resolv.conf at present, not counting my own DNS servers) became non-cooperative. However that's not for the faint of heart or less than ambitious geek.
Jim Stone pointed out something on his site (http://82.221.129.208/basepagef6.html) that I should have noticed before. He wrote:


FACT: A vast majority of TOP LEVEL DOMAIN web sites on the internet DO NOT HAVE THEIR OWN IP ADDRESSES. The ONLY way to them is via the DNS servers which ICANN will take control of. The DNS servers have all the routing information needed to get to web sites that do not have their own IP adresses. Many people who run their own web sites are clueless about this, they just see the IP address in their Cpanel and figure it will work if they try using it. They are wrong. If they ever copied and pasted that IP address and tried to hit their web site with it, it would produce NOTHING because 50 other web sites are also using it and the server would not know which one you wanted to get to without the routing information provided by the DNS server.

What he's pointing out is that often multiple websites are behind the same IP address, and that a front end to these several websites receives all Web requests to any of them, and figures out which website to send the request to, by looking at the URL to see which website is named in it.


or he could be pointing out that a lot of big websites use a "pool" of IP's not just 1 (in fact most do it this way, to handle traffic load; Amazon, for example, has over 4 million public IP addresses alone).

However, "the only way to get to them is via DNS" isn't really true... even if there is just 1 IP address there will be a consistent repeatable way to get to a website (covered by this RFC (https://www.ietf.org/rfc/rfc2616.txt) ) via sockets or header information (IE, stuff you CAN find out and CAN access with out DNS).

Now, to shift you back to your SSL worries:

Every SSL cert must have it's own IP address tied to it (http://stackoverflow.com/questions/15783990/what-exactly-does-every-ssl-certificate-requires-a-dedicated-ip-mean) and while we are still on IPv4 IP addresses they are a seriously limited resource.... forcing mandatory SSL *(somehow, not sure how)* could create a scarcity situation which is the play ground of TPTB.

Paul
24th September 2016, 16:46
Every SSL cert must have it's own IP address tied to it (http://stackoverflow.com/questions/15783990/what-exactly-does-every-ssl-certificate-requires-a-dedicated-ip-mean) and while we are still on IPv4 IP addresses they are a seriously limited resource.... forcing mandatory SSL *(somehow, not sure how)* could create a scarcity situation which is the play ground of TPTB.
No longer true, I believe.

One can now bind SSL certificates to the website name (base URL), rather than to it's IP, allowing multiple websites to share one IP, with each website having it's own SSL cert.

See for example: Using Multiple SSL Certificates in Apache with One IP Address (https://www.digicert.com/ssl-support/apache-multiple-ssl-certificates-using-sni.htm).

Paul
24th September 2016, 17:05
FACT: A vast majority of TOP LEVEL DOMAIN web sites on the internet DO NOT HAVE THEIR OWN IP ADDRESSES. The ONLY way to them is via the DNS servers which ICANN will take control of. The DNS servers have all the routing information needed to get to web sites that do not have their own IP adresses. Many people who run their own web sites are clueless about this, they just see the IP address in their Cpanel and figure it will work if they try using it. They are wrong. If they ever copied and pasted that IP address and tried to hit their web site with it, it would produce NOTHING because 50 other web sites are also using it and the server would not know which one you wanted to get to without the routing information provided by the DNS server.

What he's pointing out is that often multiple websites are behind the same IP address, and that a front end to these several websites receives all Web requests to any of them, and figures out which website to send the request to, by looking at the URL to see which website is named in it.


or he could be pointing out that a lot of big websites use a "pool" of IP's not just 1 (in fact most do it this way, to handle traffic load; Amazon, for example, has over 4 million public IP addresses alone).
Jim Stone spells out how to see the problem - by copying a numeric IP for some website to the URL bar, and noticing you can't get it, because there are other websites at the same IP, and the server doesn't know, just from the numeric IP, which one of those website you're trying to connect to.

I gave a specific example of this, involving my own websites, several of which share a single, static IP.

So, I'm pretty sure that's what he was pointing out, and I agree with him that that's a problem. Only the small percentage of us willing and able to our own DNS servers might be able to workaround this problem.

I agree with your observation that the big sites using multiple IP's and other complex routing on major backbone servers to direct user's traffic to whichever of their servers is "closest" to that user is a separate issue, that so far as I can see, presents a different variety of challenges to our freedom.

Paul
26th September 2016, 17:45
Here's an example of how putting an explicit IP in your web browser's URL address bar doesn't always work. In this case, cloudfare, a content provider network that acts as a major data distribution and caching frontend for many websites, required the name of the website that I wanted in order to know how to route my request.

One of the economic websites that I frequently visit, http://neweconomicperspectives.org/, is having problems. I was getting "404: Not Found" errors on their main page. So I looked up their IP address in my DNS logs and found it to be 104.18.38.4. In this case, I could have queried the usual public DNS servers as well, since they still report that IP correctly. The problem with neweconomicperspectives.org has something to do with their web server, not with the public DNS records.

But in any case, I happened to try going to http://104.18.38.4/, and I was rewarded with this screen:

=======================

http://thepythoniccow.us/Cloudfare_Rejects_Direct_IP_Access.png
=======================

The moral of this story: simply knowing a website's IP doesn't necessarily mean you can access that website by putting it's numeric IP in your browser's URL address bar.

TargeT
26th September 2016, 21:59
Here's an example of how putting an explicit IP in your web browser's URL address bar doesn't always work. In this case, cloudfare, a content provider network that acts as a major data distribution and caching frontend for many websites, required the name of the website that I wanted in order to know how to route my request.

One of the economic websites that I frequently visit, http://neweconomicperspectives.org/, is having problems. I was getting "404: Not Found" errors on their main page. So I looked up their IP address in my DNS logs and found it to be 104.18.38.4. In this case, I could have queried the usual public DNS servers as well, since they still report that IP correctly. The problem with neweconomicperspectives.org has something to do with their web server, not with the public DNS records.

But in any case, I happened to try going to http://104.18.38.4/, and I was rewarded with this screen:

=======================

The moral of this story: simply knowing a website's IP doesn't necessarily mean you can access that website by putting it's numeric IP in your browser's URL address bar.


it takes more than just an IP address and a port number these days.. there's TCP header info and usualy a socket involved as well (http://unix.stackexchange.com/questions/75011/how-does-the-server-find-out-what-client-port-to-send-to).

I wasn't meaning to imply it was "cut and paste" easy, and no; I have no sympathy for the users that expect it to be easy and "just work". If your going to use a bit of technology and it's important to you, you need to be aware of how it functions.... we have set the bar far too low in society and are shocked at the outcome... it's time to raise the bar again.

Paul
27th September 2016, 08:16
it takes more than just an IP address and a port number these days.. there's TCP header info and usualy a socket involved as well.
Well, there's pretty much always a socket involved. Sockets are the essential communications channel over which all these TCP/UDP/... packets are sent. They implement the session layer connectivity, in the OSI model (https://en.wikipedia.org/wiki/OSI_model)


I wasn't meaning to imply it was "cut and paste" easy,
My previous post was just intended to share with readers of this thread another example of how this stuff works (or in this case, doesn't work.) I was not thinking that you implied this stuff was easy. I was giving an example to others of how it isn't so easy.

and no; I have no sympathy for the users that expect it to be easy and "just work". If your going to use a bit of technology and it's important to you, you need to be aware of how it functions.... we have set the bar far too low in society and are shocked at the outcome... it's time to raise the bar again.
I'm more pessimistic as to whether the bar will be raised, rather than sink further, for many.

Paul
9th October 2016, 21:57
My primary concerns were the interlocking vice grip of (1) shifting most users over to normally only interacting with HTTPS encrypted websites (Google is leading the way here, with Chrome's increasing bias against HTTP sites), and (2) central control of the SSL certificates required for acceptance by these browsers.
That didn't take long.

Dropbox, Microsoft OneDrive and Google Drive are being blocked in Turkey. User's see SSL errors instead. This follows the leak of a set of private emails allegedly belonging to Minister Albayrak It seems that Turkey doesn't want file sharing services that might host such leaked documents available within Turkey. Apparently Turkey is using control over SSL certificates, required to access the "secure" HTTPS used by these file sharing services.

See further https://turkeyblocks.org/2016/10/08/google-drive-dropbox-blocked-in-turkey/, which was in turn reported at https://yro.slashdot.org/story/16/10/09/1822238/dropbox-google-drive-github-and-microsoft-onedrive-cloud-services-blocked-in-turkey

TargeT
9th October 2016, 23:04
I think the SSL cert errors were indicative of a MITM (man in the middle) attack, not blocking websites; turkey was probably re-directing traffic through their servers before passing it to Dropbox. You can still get around an SSL error still... this was most likely just another DNS redirect. Unless turkey runs a "state web filter" like N korea.. I don't know their methodologies exact.y

Paul
10th October 2016, 17:36
And here's another example of how access to important Internet domains (such as the ".com" domain and now the ".pharmacy" domain),
major online advertising channels (see this Google AdWords policy (https://support.google.com/adwordspolicy/answer/176031?hl=en)),
Internet payment services, and
SSL Security Certificates for encrypted https connectionsis increasingly being used to favor elite interests over rascally upstart rebel interests.

Jeremy Malcolm posted on The Electronic Freedom Foundation (EFF) site the article How Big Pharma's Shadow Regulation Censors the Internet (https://www.eff.org/deeplinks/2016/09/how-big-pharmas-shadow-regulation-censors-internet).

He wrote, in part:

=========


Americans pay by far the highest prices in the world for most prescription drugs, and of course big pharma would like to keep it that way.

...The latest extension of this Shadow Regulation regime is through the new top-level domain .pharmacy (https://www.safe.pharmacy/), which was granted by ICANN (https://gtldresult.icann.org/applicationstatus/applicationdetails/1518) to the NABP last year notwithstanding a petition with almost 25,000 signatures (http://www.rxrights.org/24349-signature-petition-impact/) from users opposed to the move. Websites registered in that domain space must comply with the same restrictive policies that qualify pharmacies for approval for the LegitScript or VIPPS registers.

This is perhaps not such a tragedy while there are other top-level domains in which pharmaceutical websites can be registered. But the NABP would like to see that changed too (https://www.icann.org/en/system/files/correspondence/catizone-to-grogan-30jul15-en.pdf) [PDF]. ICANN itself disclaims responsibility (https://www.icann.org/news/blog/clarifying-icann-s-role-online-pharmacies) for policing the content of pharmaceutical websites, and rightly so. But the NABP is demanding ICANN force domain registries and registrars to require that any pharmaceutical website produce a license to dispense medicine to any jurisdiction that it ships to. This would not only shut non-U.S. pharmacies out of the .pharmacy domain, but effectively wipe them off the Internet altogether.

Where are the voices of healthcare consumers and Internet users in all of this? Their voices are not being heard, because the mechanisms of Shadow Regulation that have been put in place by powerful government and private industry forces have deliberately shut them out. The unsurprising result is that the measures put in place by this closed and captured process are too broad, favoring the private interests of big pharma, limiting access to information and access to safe and affordable medicine.

We agree that fake and substandard medicine sales are a problem that regulatory and law enforcement agencies should address. But they should do so through proper legal channels, or at least through cooperative mechanisms that are inclusive, balanced, and accountable (https://www.eff.org/deeplinks/2016/09/fair-processes-better-outcomes) — which ASOP, CSIP, LegitScript, and .pharmacy are not.

=========

The above article was later republished on Wolf Street (http://wolfstreet.com/2016/10/06/how-big-pharmas-shadow-regulation-censors-the-internet/), where I first found it.

Paul
15th November 2016, 17:24
A pithy summary of the above thread that came to me just now:

The War on CyberHacking, like the War on Drugs, the War on Nukes, the War on Crime, the War on Disease, the War on Poverty, the War on Terror, the Wars on Tyranny, the War on Election Fraud, the War on Banking Fraud, the Wars on Genocide, the Wars on Islam and on Islamophobia, the Wars on Semites and anti-Semites, the Wars on Sexism, Racism, Homophobia, and Misogyny, and so many other such Wars ... is intended to make the world safe for democracy the world's most powerful and their use, abuse, distribution and monopoly control of CyberHacking, Drugs, Nukes, Crime, Disease, Poverty, Terrorism, Tyranny, Election Fraud, Banking Fraud, Genocide, Islam, Islamophobia, Semites, anti-Semites, Sexism, Racism, Homophobia, Misogyny, and other such abuses or leverages of abuse.
For example, it is more difficultt for an ordinary person to detect such spying as described in the Slashdot article Secret Backdoor in Some US Phones Sent Data To China (https://it.slashdot.org/story/16/11/15/1528226/secret-backdoor-in-some-us-phones-sent-data-to-china), if the web traffic from phone applications is encrypted,

Paul
5th December 2016, 21:52
I suspect that the Elite Bastards are not only setting up to bring the Wild Wild Web under control. I suspect that other areas involving computer and communication technology are being setup for great conflict, to be settled with more control.

For example the means for exchanging money is being moved from paper currency and its digital surrogates, to digital currency, centrally controlled from the highest levels of the planet. The means for deciding elections within the US, and the US Electoral College are being setup for massive conflict in the coming month, in the Trump vs Clinton battle. Likely the means of elections in other states and regions will see similar stresses. The means for distributing "news" is being setup for huge conflict, between those blaming the Russians, conspiracy websites, and fake news sites, versus those blaming the main stream media.

The pot is being brought to a boil: the Web, social media, news media, money, elections ... many areas that have been passing through their "Wild Wild West" phase are now being setup for the climatic battles that will justify "sending in the marshalls, to make things safe for humanity."

Paul
2nd April 2017, 23:15
I just now ran into a specific example of one way that the bastards are rapidly gaining immense control over the World Wide Web.

Google managed to completely shutdown all my web and email access to any major "trusted" https only websites, by adding another option to a root security certificate that wasn't recognized by most of my linux software. I could still visit more primitive websites, using "insecure" http. Major websites however are increasingly refusing to allow access via "insecure" http.

Fortunately, I had some old web browsers that only warn, rather than flat out refuse to continue, when presented with an unrecognized root certificate option, which enabled me to see what that option was that was causing the problem. Then I could use my extensive debugging experience to track that certificate back to a file on my PC, and then further back to the software package that installed that file. Then I could use my extensive backups to pull up an older version of that software package and downgrade my PC to use that older version.

Most people could not have done that.

I have no idea what I would have done, without that expertise and those backups and those dozen vintage web browsers that I keep around. The root certificate security system that is being imposed on the web by Google and accomplices puts massive "web shutdown" capability in the hands of some unknown (to us) manager deep inside Google, reporting to God (or Satan) only knows who.

Just as cities have enabled the elite bastards to better control humanity by herding them into densely populated areas with major critical dependencies on centrally controlled infrastructure for food, water, utilities, transportation, communication, energy, ... (all useful tools for surveilling and controlling the masses), similarly the World Wide Web is being restructured so that most everyone is in "cities", critically dependent on major sites that offer easy surveillance and control to our overlords.

A few free men may still live out in the country (unless a drone strike targets them), but most no longer live that way.

Notice that a major trend in China these last 20 years was moving its farmers into new cities ... just another example of this.

Anyway ... returning from my little imaginary trip to rural China ... the push to make websites "secure" (to depend on encrypted https, rather than plain text http) puts immense power in the hands of very few. In this case, the very few are inside Google, and almost certainly trusted allies of the deep state US intelligence. If you and your 10 million best friends want to use a particular "secure" https website, or in my case above, if a particular individual wants to use any "secure" website, it takes just a few clicks of a mouse and a few keystrokes by the right person, in the right place, to shut that down.

A few old farts who have messed with this stuff for a long time (like ham radio operators in another example of this) will still be able to talk to other such old farts. But 99% of PC users, and 99.99% of mobile users, are at the mercy of their overlords for web access.

norman
2nd April 2017, 23:38
2 or 3 years ago, on a music/recording/tec forum someone said he'd been told that there was a plan to use the BBC as the web gatekeeper in UK. The plan is/was to allow the BBC to finance itself from it so it can get off the TV license fee system. Can you, with your experience throw that into the mix and get a better idea what they might be up to going forward. I'm sure the guy was for real, in as much as he knew.

The only finance scheme I can imagine is that they get to impose penalties on web users for breaking lots of petty rules.

Paul
3rd April 2017, 00:12
2 or 3 years ago, on a music/recording/tec forum someone said he'd been told that there was a plan to use the BBC as the web gatekeeper in UK. The plan is/was to allow the BBC to finance itself from it so it can get off the TV license fee system. Can you, with your experience throw that into the mix and get a better idea what they might be up to going forward. I'm sure the guy was for real, in as much as he knew.

The only finance scheme I can imagine is that they get to impose penalties on web users for breaking lots of petty rules.

Beats me ... I don't know much about the BBC, nor about how it might finance itself, nor about how it might be a web gatekeeper. Sorry :).

Paul
28th April 2017, 14:29
Google has announced the next step in their forced march of the Web to HTTPS, as I just posted here: Firefox and Chrome Now Warning About Insecure Login Pages (Jan 2017) (http://projectavalon.net/forum4/showthread.php?95686-Firefox-and-Chrome-Now-Warning-About-Insecure-Login-Pages--Jan-2017-&p=1149177&viewfull=1#post1149177).

Paul
16th May 2017, 18:45
Important update here (http://projectavalon.net/forum4/showthread.php?96352-Trump-orders-all-protest-of-his-policies-to-be-criminalized-and-press-silenced-says-Veterans-Today&p=1153181&viewfull=1#post1153181)

Paul
15th August 2017, 08:59
We're now seeing this game step a notch.

GoDaddy and Google are taking down the Daily Stormer website, by taking away its domain name. They could do the same to us, or any other website that they choose to target ... removing the mapping of our URL ProjectAvalon.net to our IP address, 198.143.158.131 for several years now, from the Internet's name servers.

See for example:

Google cancels domain registration for Daily Stormer (http://www.businessinsider.com/google-cancels-domain-registration-for-daily-stormer-2017-8)
GoDaddy and Google expel Daily Stormer over victim smear (http://www.bbc.co.uk/news/technology-40922029)
Tech companies in the crosshairs on white supremacy and free speech (https://www.reuters.com/article/us-virginia-protests-godaddy-idUSKCN1AU0CV?il=0)

The conflict, with fatalities, over the weekend in Charlottesville, Virginia, between radical "left" and "right" wing groups, which the police apparently deliberately corralled into the same area, head to head, and then allowed to attack each other, while the police stood back and did nothing, is being blamed for the shutdown of the Daily Stormer website. The same excuse is being used to attack Trump, because his speech to the nation on the conflict made some allowance for there being "two sides" to the conflict, so is thus responsible (in the view of American main stream media) for causing the conflict. As Dave Hodges points in his analysis of this conflict, Soros Dips Into the Nazi Playbook at Charlottesville (http://www.thecommonsenseshow.com/2017/08/14/soros-dips-into-the-nazi-playbook-at-charlottesville/), this conflict, both sides of it, may well have been orchestrated by groups funded by George Soros, in much the same way that Fascist vs Communist conflicts in Berlin were orchestrated by Goebbels, in the late 1920's, helping to give rise to Hitler and justify ruthless attacks on the Communists who were blamed for the initial violence (that Goebbels orchesterated.)

This is how it happens -- conflict, violence and propaganda are used to raise emotions and divisions to a fever pitch, justifying tyrannical takeovers of democratic governments.

The elite bastards behind the US have been doing this, through the agency of the US, to other nations for many decades. Now it's time for the US to be victim to such violent propaganda.

Taking down dissident websites, by controlling their domain name (URL) and/or https (SSL/TLS) security certificate (the original topic of this thread) are one of the tyrannical acts that will be justified, and that was justified this weekend, as the immediate consequence of such violent propaganda.

I mean ... who would be opposed to taking a violent Nazi white supremicist white nationalist racist web site down?

... if that is you trust the main stream media's description, obtained in part from "witness on the scene" former CIA operative Brennan Gilmore, according to this (http://8ch.net/pol/res/10399558.html) report. We are fortunate to have such competent witness testimony, and such honest and thorough news media </sarcasm>

Shannon
15th August 2017, 15:39
Paul, when I heard about the daily stormer thing last night I mentioned to my husband that this move is so obviously part of the plan and I wondered if it violates the first amendment ...

Hervé
15th August 2017, 16:18
See this post (http://projectavalon.net/forum4/showthread.php?94731-Fake-News-and-the-War-on-Freedom-and-Truth&p=1173427&viewfull=1#post1173427) (<---), this one (http://projectavalon.net/forum4/showthread.php?97320-Google--s-First-Draft-Project-Ministry-of-Truth-has-been-set-up-by-Google&p=1173049&viewfull=1#post1173049) (<---) and this other one (http://projectavalon.net/forum4/showthread.php?97320-Google--s-First-Draft-Project-Ministry-of-Truth-has-been-set-up-by-Google&p=1173154&viewfull=1#post1173154) (<---) ...

TargeT
15th August 2017, 19:07
I've changed my mind to more in agreement with Paul's earlier assessment of where certificates are going.

Intel (AMD to follow) (https://software.intel.com/en-us/blogs/2016/02/26/memory-encryption-an-intel-sgx-underpinning-technology) is now encrypting processes in RAM (which makes it impossible for security experts to reverse engineer malware) but to make it safe, they are apparently also requiring every process in ram to have a valid certificate as well.

Now, this is a pretty totalitarian move, giving central control of "what processes can run" to those who control the certificates... but I'm sure it will be worked around, and probably soon.... so in reality another failed attempt, but still concerning.

Paul
15th August 2017, 21:01
Paul, when I heard about the daily stormer thing last night I mentioned to my husband that this move is so obviously part of the plan and I wondered if it violates the first amendment ...

Even in theory, the amendments to the US Constitution apply to the US Federal government, not to private corporations or organizations.

Google can, as Project Avalon can, shut down or refuse business to anyone it wants to (except when government forces mandate otherwise, such as in the infamous cases of Christian bakers having to make wedding cakes for LGBT couples ...).

Of course, Constitutional theory, and current practice, have a weak, if not non-existent, correlation.

¤=[Post Update]=¤


See this post (http://projectavalon.net/forum4/showthread.php?94731-Fake-News-and-the-War-on-Freedom-and-Truth&p=1173427&viewfull=1#post1173427) (<---), this one (http://projectavalon.net/forum4/showthread.php?97320-Google--s-First-Draft-Project-Ministry-of-Truth-has-been-set-up-by-Google&p=1173049&viewfull=1#post1173049) (<---) and this other one (http://projectavalon.net/forum4/showthread.php?97320-Google--s-First-Draft-Project-Ministry-of-Truth-has-been-set-up-by-Google&p=1173154&viewfull=1#post1173154) (<---) ...

Yes, yes, and yes ! :).

Paul
15th August 2017, 21:32
Intel (AMD to follow) (https://software.intel.com/en-us/blogs/2016/02/26/memory-encryption-an-intel-sgx-underpinning-technology) is now encrypting processes in RAM (which makes it impossible for security experts to reverse engineer malware) ...
Yes - a "safe" (security environment) strong enough to keep out us low life hackers, but still no doubt accesible to authorized minions of the elite bastards.

The AMD equivalents to Intel's SGX are SME and SEV. Both Intel's and AMD's approaches are described in this May 2016 LWN.net article by Jonathan Corbet: Two approaches to x86 memory encryption (https://lwn.net/Articles/686808/).

One of the AMD Ryzen marketing people that I've viewed over the last few months (I forget who or when I saw it) made an off the cuff mention of Ryzen being a very "secure" processing environment. I cringed when I heard that, presuming it meant that AMD Ryzen, like recent Intel CPU's, was a "secure" CPU, in some sense that only our intelligence agencies could really appreciate.

Any garden variety hacker, myself, TargeT or the kid next door, could hack software running on earlier generations of x86 architecture chips. Now it will increasingly require keys, cryptography and inside knowledge to do that, for software that takes advantage of these new "security" (meaning, security from unauthorized hackers) features.

Paul
3rd June 2018, 00:50
My primary concerns were the interlocking vice grip of (1) shifting most users over to normally only interacting with HTTPS encrypted websites (Google is leading the way here, with Chrome's increasing bias against HTTP sites), and (2) central control of the SSL certificates required for acceptance by these browsers.

Almost two years later (I can be slow on the uptake), after reading a bit of Jim Stone's (http://jimstone.is) commentary entitled "World's largest internet hub blows the whistle: NSA and other intelligence agencies are capturing EVERYTHING, and they have to cooperate", it dawned on me how incredibly simple it is for the NSA to decrypt HTTPS encrypted Internet traffic.

Any passive observer of HTTPS traffic can decrypt it easily, if it already has the private keys to the SSL certificate used for the encryption.

What are the odds that the NSA can't get most of these private keys, if it wants them, especially given the likely cooperation of Google, who plays some critical roles in browsers, websites and SSL certificates?

Then, thanks to a link that Jim Stone provides in his commentary, notice what is reported in this Press TV article (http://www.presstv.com/Detail/2018/05/31/563459/Germany-spy-agency-internet-hubs-court):

It said the BND, a partner of the US National Security Agency (NSA), has placed so-called Y-piece prisms into its data-carrying fibre optic cables that give it an unfiltered and complete copy of the data flow.
"Y-piece prisms" are devices that can be used to passively observe Internet data passing over fiber optic cables.

P.S. -- Hervé posted this commentary of Jim Stone here: When EVERYTHING Means Exactly That: Everything is RECORDED for Current and Future Searches (http://projectavalon.net/forum4/showthread.php?102938-When-EVERYTHING-Means-Exactly-That-Everything-is-RECORDED-for-Current-and-Future-Searches&p=1227083&viewfull=1#post1227083).

All your bases data are belong to us. (http://knowyourmeme.com/memes/all-your-base-are-belong-to-us)

BMJ
3rd June 2018, 09:44
With PC driven censorship misfiring and backfiring on youtube and social media, censorship 2.0 is about to be introduced that is European Council's Censorship Article 13.


EU Directive SPELLS DISASTER for Internet Freedom

-f17NWEhgwY

Black Pigeon Speaks
Published on Jun 1, 2018
✅ Support BPS via Patreon: https://www.patreon.com/blackpigeon
✅ Tip Jar: via PayPal to: navyhato@gmail.com
✅2nd Channel- Navy Hato: https://www.youtube.com/channel/UCDJs...
✅ Your SUPPORT of this Channel is GREATLY appreciated.

European Cyberimperialism: Defeat the European Council's Censorship Article 13

sg5-xeLrVNM


Styxhexenhammer666
Published on May 31, 2018
Under its auspices, Europeans would not be able to link to news articles without paying a fee: https://edri.org/eu-member-states-agr...

Support my work via donation:

Patreon: https://www.patreon.com/Styxhexenhamm...
Makersupport: https://www.makersupport.com/Styxhexe...

Hervé
3rd June 2018, 22:40
The EU is about to destroy the internet (http://www.investmentwatchblog.com/eu-now-playing-with-open-cards-the-eu-is-about-to-destroy-the-internet/)

IWB (http://www.investmentwatchblog.com/eu-now-playing-with-open-cards-the-eu-is-about-to-destroy-the-internet/)
Thu, 31 May 2018 00:01 UTC


https://www.sott.net/image/s23/470955/large/EU_internet.jpg (https://www.sott.net/image/s23/470955/full/EU_internet.jpg)



The EU parliament will vote on Article 13 in less than a month. Article 13 will get rid of "fair use", will make platform operators reliable for coypright infringements of its users (the only way to not be held accountable is implementing far-reaching censorship filters) and it even will introduce LICENSING FEES just for linking to other websites.

This is a transparent attempt to get rid of alternative information sources. It is an attempt to give power over the internet to a handful of mega corporations and mainstream media. This is the desperate attempt of the failing EU to save their world order by openly authoritarian means. They don't even try to pretend otherwise, anymore.


fvXOfq3AB8s

Here (https://saveyourinternet.eu/) you can contact your MEP and tell them to stop this bull****. But so far, the only opposing voices seem to criticise Article 13 for not being farreaching enough...

Oh, and the otherwise so vocal companies, which fought the net neutrality repeal etc.? No word from reddit and others.

Bill Ryan
3rd June 2018, 23:24
The EU is about to destroy the internet (http://www.investmentwatchblog.com/eu-now-playing-with-open-cards-the-eu-is-about-to-destroy-the-internet/)

IWB (http://www.investmentwatchblog.com/eu-now-playing-with-open-cards-the-eu-is-about-to-destroy-the-internet/)
Thu, 31 May 2018 00:01 UTC

The EU parliament will vote on Article 13 in less than a month. Article 13 will get rid of "fair use", will make platform operators reliable for coypright infringements of its users (the only way to not be held accountable is implementing far-reaching censorship filters) and it even will introduce LICENSING FEES just for linking to other websites.

This is a transparent attempt to get rid of alternative information sources. It is an attempt to give power over the internet to a handful of mega corporations and mainstream media. This is the desperate attempt of the failing EU to save their world order by openly authoritarian means. They don't even try to pretend otherwise, anymore.


fvXOfq3AB8s
:bump: :bump: :bump: :bump: :bump:

Bumping this immediately. If something like this were to go through, the very worst case scenario is that after a while all we could really do here on Avalon is talk about ourselves.

* And yes, forget about the GDPR (see this thread (http://projectavalon.net/forum4/showthread.php?102807-The-GDPR--a-dog-s-breakfast-of-new-EU-data-regulation-----and-Avalon-s-response)). That's tiny in theoretical comparison. We absolutely need to keep a close eye on this.

Valerie Villars
3rd June 2018, 23:32
This is a random thought, but what if they did this in the past in some capacity, and that is why myths and stories became so important.

Talking only about ourselves would be catastrophic.

Hervé
4th June 2018, 01:51
Jim Stone (http://82.221.129.208/.ys9.html)'s got a similar take on the situation:
Massive censorship to happen in Europe (http://82.221.129.208/.ys9.html)

I have been watching what is going on in Europe to allow the governments there to get control of the media, and rid themselves of the "nuisance" caused by ordinary people simply wanting the truth.

It is a menace, that may surpass when Yahoo killed approximately 40 percent of the internet by destroying Geocities.

When Geocities was destroyed, scientific information and real history was expunged from the web, almost entirely. Wikipeida and Yahoo answers are absolute trash by comparison, and now everything scientific is behind a pay wall.

Europe is heading that way now, with EVERYTHING.

I have seen many comments about how "not repealing net neutrality" could have stopped this. That's bogus, because net neutrality was for America only, it had nothing to do with what Europe does. The repeal of net neutrality has nothing to do with what is going on anywhere else in the world.

Here is basically it, in a nut shell:

You cannot run a site like Drudge Report, where you link to other sites, because there will be charges applied to linking.

This also applies to any site that has more than just links, any links will be made illegal, unless you can handle the paperwork and pay fees for making links.

You also cannot run a forum or any site with a comment section, because people often copy and paste copyrighted material into them, or link to other sites from them, and you have only an hour to remove it OR ELSE. That's impossible. It cannot be complied with. And it would destroy the venue, even if you could.

This web site could probably be made compliant because I usually explain things well enough in my own words to avoid the need for linking, however, they'd hate it so much they would shut it down anyway, because it is so damn obvious the real reason for the new EU rules is to simply shut people up and get all information under state control that there's little question they'd wipe out sites like this one with a reason stated somewhere in the fine print.
There's no mention at all about how Google is going to be allowed to link, but I solemnly promise, with all my heart, that Google won't be punished for breaking the rules EVER, if they are the type of company that would label Republicans "Nazi", like it did yesterday. OOPS, we're sorry for that little gaffe . . . . NOT!!!

Facebook "should" also be impossible to run, but will survive just fine because people who have had 5 abortions, bang donkeys in the butt and preach the virtues of cutting your nuts off so you can be a girl will be SO LOVED by the establishment there won't be repercussions for those types, no matter how many links they post, especially if they despise Western civilization, and want all white males killed.

Anything will be overlooked for those types, BET ON IT.

Facebook is not targeting conservatives for nothing, I rightfully hate Suckerberg but let's be serious here: If the real goal of the state is to simply crush conservatives and nationalism, and you're going to be destroyed if you don't comply and do the state's bidding, how would you NOT delete all the conservative or nationalist accounts? You would HAVE TO or you'd go the way of the dodo.

Aah yes, Europe - the litmus test. At least there will be the rest of the world (for now). I am going to be watching what actually happens there with great interest.

norman
10th June 2018, 16:51
Article 13 is completely anti intelligent thought.

It goes way beyond a political thing. In the world this would build, no humans would be expected to think for themselves and pass on those thoughts at all.

Morbid
11th June 2018, 00:39
i stumbled upon this blockchain project recently. they seem to target the way we use the internet. really worth a look:

https://www.nkn.org/

can find the whitepaper in docs section.

norman
20th June 2018, 21:13
They've DONE IT !

The EU has passed it:

EU votes to effectively ban memes electronically as Article 13 'copyright filter' passes.

Sing the wrong song of sixpence, pay a fine



https://www.theinquirer.net/inquirer/news/3034494/eu-votes-to-effectively-ban-memes-electronically-as-article-13-passes

Valerie Villars
20th June 2018, 22:32
This is really sobering. Beyond sobering. It's mind blowing. I think I'm on the wrong timeline. When do the book burnings start?

Omni
20th June 2018, 22:38
What does this mean for content creators? Is there a list of the laws?

norman
20th June 2018, 22:39
The entire Oxford English Dictionary might choke it all to death.

I really hope this is the self applied hanging noose that will finish the EU off completely. It would really only need the population to wake up to what they are about to lose, and storm the EU castle, to put an end to the EU once and for all.

Let's make sure that happens.

If it does, this insane move on their part could still turn out to be a very good thing. They've just put a big red bull's eye on their chest.

Valerie Villars
20th June 2018, 22:49
I really like that perspective Norman. Cool.

Paul
1st July 2018, 06:24
Google can, as Project Avalon can, shut down or refuse business to anyone it wants to (except when government forces mandate otherwise, such as in the infamous cases of Christian bakers having to make wedding cakes for LGBT couples ...).
Well, for once, I am pleased to pass on a report of a recent US Supreme Court decision, from the New York Times no less: Supreme Court Sides With Baker Who Turned Away Gay Couple (https://www.nytimes.com/2018/06/04/us/politics/supreme-court-sides-with-baker-who-turned-away-gay-couple.html).

===

In other news, more related to the topic of this thread, Dave Winer (https://en.wikipedia.org/wiki/Dave_Winer), a long time software great, has a been writing on his blog (http://this.how/googleAndHttp/) recently of his concerns with Google's effort to force HTTPS on the Web. Winer's concerns are similar to the one's I've been voicing in this thread. Winer concludes that Google's efforts to scare people to avoid HTTP sites as insecure will harm the Web, chasing people away from many sites (such as this ProjectAvalon.net site, I'd suggest) that don't require a high level of encryption of data between the user's browser and the Website's server.

Winer concluded in this earlier blog post (http://scripting.com/2017/11/01.html#a010645) that one key motive that Google might have for pushing everyone toward HTTPS is to keep out competition for the ads that it serves on Web pages.

Being more practiced as a tin-foil hat wearing conspiracy theory nut case than apparently Winer is, I figure that a key motive for Google's push to deprecate HTTP is to better control the Web, as I have been explaining in this thread, since my first post on this thread, in September of 2016 (http://projectavalon.net/forum4/showthread.php?93499-How-the-Elite-Bastards-will-control-the-Wild-Wild-Web.&p=1100508&viewfull=1#post1100508).

Winer just had the honor of being Slashdotted (https://searchmicroservices.techtarget.com/definition/Slashdot-Effect), when Slashdot linked Winer's blog commentary in a new article: Is Google's Promotion of HTTPS Misguided? (https://tech.slashdot.org/story/18/06/30/028220/is-googles-promotion-of-https-misguided)

Valerie Villars
6th July 2018, 22:06
http://gizmodo.com/europe-decides-not-to-ruin-the-internet-1827359990

On Thursday, members of European Parliament held a vote on the misguided new copyright reforms that posed a threat to memes, online encyclopedias, news organizations, and pretty much everything that’s good online. Incredibly, lawmakers decided not to do the dumb thing and voted down the bill. It’s not over yet, but there’s plenty of reason to celebrate.

In June, the European Union’s legal affairs committee voted to move forward with a vote on the first major overhaul of European copyright law since 2001. The vote on Thursday was widely expected to be the decisive moment on whether the legislation would become the law of the land, but public outcry and a campaign by some of the biggest names in tech appears to have worked in raising awareness about the shortcomings of the bill. In a 318-278 decision, E.U. lawmakers elected to send the legislation back to committee for review, and a new vote is expected in September.

The controversy over the new copyright directive stems from two vague but incredibly consequential pieces of the legislation. The first, Article 11, calls for a “link tax” that would require popular websites to pay news organizations for linking to articles or using snippets of text. The second, Article 13, mandates that the same platforms—estimated to cover the top 20 percent of sites—use a content filtering system to prevent copyrighted works from being uploaded to the web. In both cases, the bill lacked specificity in how websites should implement the requirements, leaving many to expect that they would simply take the most heavy-handed approach to avoid running afoul of the law.

More than anything, the legislation was wrongheaded because it gave no consideration to fair use practices. Earlier this week, Italian, Spanish, Estonian, Latvian, Polish, French, and Portuguese versions of Wikipedia blocked users from accessing pages on their sites in order to raise awareness about the copyright directive and to encourage users to contact their representatives. Wikipedia is a quintessential example of the good that can come from the fair use of links, quotation, and media sharing. Articles 11 and 13 pose a direct threat to the platform’s ability to continue to operate while large tech companies have the resources to absorb the cost of the legislation, were it to become law—demonstrating the ways the bill would actually benefit the tech overlords it was intended to rein in.

While the legislation’s supporters hoped to give news outlets and copyright holders some protection from platforms like Google and Facebook that have managed to gobble up advertising revenues, it posed the risk of giving those corporations even more power. A company like Google already has content filtering systems in place that it’s spent a lot of money to implement, and it could pay the link tax if that became necessary. But as Tim Berners-Lee, inventor of the World Wide Web, and more than 100 other tech pioneers argued last month, smaller platforms would struggle and innovation would be stifled. “The damage that this may do to the free and open Internet as we know it is hard to predict, but in our opinions could be substantial,” they wrote.

The fact is, we’re living in a crucial moment when lawmakers around the world are quickly realizing that big tech must be regulated in some way, and they’re in a hurry to make something happen. But they should be listening to the kind of people that signed the letter of opposition along with Berners-Lee when they’re crafting regulations. It’s hard to overstate how surprising it is to see politicians pull back from the brink of disaster and simply say “let’s reconsider this.” But there’s no guarantee that further consideration will produce a better outcome. This copyright directive took people by surprise, and it didn’t have time to worm its way into the collective consciousness the way that, say, net neutrality has. It’s more important than ever that activists keep this topic in the public conversation.

TargeT
6th July 2018, 22:17
They've DONE IT !

The EU has passed it:


UK isn't much better..... they are following suit in their own way...

Some "Strong" language here, but a very good local take on the situation in the UK.
krpHUxPaToI