Onion Debian Services Are Now Available

"I just set up a lot of Onion Services for many of Debian's static websites," announced Debian sys-admin Peter "weasel" Palfrader on Friday. "You can find the entire list of services on onion.debian.org. More might come in the future." Longtime Slashdot reader alfino writes: Yay for privacy. We don't care about where you come from, and now you don't even have to tell anyone that you're using Debian. The archive at ftp.debian.org is already in the list. Support for more redundant Debian archive access is expected to come When It's Ready.

"Yay for privacy"?

that's great, but they STILL do not obfuscate email addresses on debian's bugtracker, and they've taken some heat over the years for it. i've had more than one email account flooded with spam so bad they've had to be abandoned because of that, and eventually just said 'fuck it' and i don't even bother anymore, it is just not worth it.

Re: "Yay for privacy"?

[TuballoyThunder]

With this one, simple trick I eliminated 80% of my spam. Spammers hate this trick! Read it now before they take it down.

Re: "Yay for privacy"?

[Antique+Geekmeister]

Were you deliberately writing like a spammer to make fun?

If not, the basic Postfix configuration documentation you link to can be effectively in profoundly reducing spam, but the "remaining 20%" is still enough to flood most moderate mail servers.

I am amused that Symantec is claiming that spam has fallen below 50% of all current email. What they're counting as spam has apparently been pre-filtered on the _outbound_ side, by ISP's blocking port 25 outbound and forcing their clients to use authentication to mail proxy servers on port 587. It's been quite fascinating to watch as botnets are being forced to steal access to computers local credentials, and access the better run managed and better monitored mail proxies with individual stolen credentials.

Re: "Yay for privacy"?

[TuballoyThunder]

Yep, I was trying to mimic the spam/ad writing style.

The last 20% is not trivial to eliminate and often (always in many cases) overwhelms legitimate mail. I have spent the last few weeks retraining spamassassin to gain a few more percentage points. I think I will enable autolearn and dovecot-antispam to help keep the Bayesian database current.

Re:"Yay for privacy"?

Boo fucking hoo.

Create an email address for the bug tracker, you lazy dipshit. If you're capable enough to administer an OS more complicated than a preinstalled Windows 10 Home edition, you're capable enough to take a few moments out of your life to do that. After that, you can whitelist to your heart's content.

I don't get it.

Usually, I get the Onion's satire but this time it alludes me.

I think the next time they should go after BSD or Windows.

In the meantime, I read some funny shit about the election.

Re:I don't get it.

onion router aka tor.

Re:I don't get it.

[JustOK]

Is that what's making that whooosh sound? Should turn it off before the onion makes someone cry, and put it back on your belt.

Re:I don't get it.

Could you please hold the onions? It gives me gas. Thx

Re:I don't get it.

Ahh, the Onion. I sometimes pine for the days when it was still funny, before it was bought out by Irsael fanatic and top Killary backer Haim Saban. Now, it's something completely different and headed down the road to obscurity.

onion.systemd next?

Wait it, onion.systemd next.

Re:onion.systemd next?

[lucm]

No need for it, systemd is already obfuscated by design. It even replaces error messages with dots to make sure nobody can use them maliciously (or non-maliciously).

Re:onion.systemd next?

And now it kills background tasks in *secret*, with no logging whatsoever!!!! How fun!!!!

        https://lists.fedoraproject.or...

Lennart Pottering has already indicated he's not interested in enabling logging for this, nor especially in setting up a "warning" setting for KillUserProcess so that you can audit for what systemd *would* kill if you activated the feature. It's all or nothing, baby! Every nohup, screen, tux, shared NX session, rsync, or Petabyte spanning fsck session that gets its remote SSH connection interrupted, all at risk for mid-process interruption!!! Best advertising I've seen to throw out systemd and switch a a BSD UNIX I've seen in at least 30 minutes!

Re:onion.systemd next?

[lucm]

That guy is undoing decades of good open source work, and nobody is doing a thing about it. He's Windowsing linux.

Re:onion.systemd next?

[flyingfsck]

Slackware is delightfully Poetering free.

"We don't care about where you come from"

"...because the thing that needs to know that sort of thing sits right on your computer. It's got PID number one, too."

I for one welcome our new advertising-integrating overlords.

Re:Ew no.

[gilgongo]

TOR is no secure in the least anymore, why would you still use that garbage.

Yeah totally - and that Bruce Schnider just joined their board of directors too! What does HE know about SECURITY?? What a joke.

https://yro.slashdot.org/story...

Schneier joined to help right the sinking ship

I believe he joined the board to help guide Tor towards becoming a more secure project. If you read his blog you'll find he's documented serious deficiencies in Tor that allow three letter agencies to exploit it.

Re:Ew no.

If you mean the Schneider from One Day at a Time, his first name was Dwayne, not Bruce.

And yes, he was a badass at security. Still hold's the Guinness record for quickest time changing out a Kwikset.

Oh noes

[JustAnotherOldGuy]

"...now you don't even have to tell anyone that you're using Debian."

Oh the shame, what would my neighbors say if they knew I was using Debian? They'd probably stop picketing the child molester's house down the street and come after me with torches and pitchforks.

Re:Oh noes

If your life is such an open book, then you won't mind if I set some cameras up throughout your house and stream it for the world to see.

Just because somebody isn't doing something "wrong" it doesn't mean that anybody else anywhere has any need of right to know anything about them.

Re:Oh noes

I thought the whole point of running Debian was to let everyone know how much better it is than the other operating systems.

Yay for systemd

[sce7mjm]

"Yay for privacy. We don't care about where you come from, and now you don't even have to tell anyone that you're using Debian"

but systemd reports back to those who Do care!
So everyones a winner baby!

Ducking.....

Re:Ew no.

Bruce Schneier's work on security is well known,, and respected, by much of the computer world. I was actually discussing a presentation Bruce did at Harvard years ago on how Kerberos works with one of the authors of Kerberos at a picnic yesterday, who affirmed the quality of Bruce's presentations.

Load on Tor

Won't this put heavy load on the Tor network? People using this will almost surely be downloading binary packages, and that means that every time there's a new package update in the repos, the Tor network will take a massive hit as thousands of computers automatically pull the new packages.

When I run apt-get dist-upgrade right now, I get...just 22MiB to download. Yesterday it was 70MiB or so. Multiply that by thousands of users, daily, and this could severely limit the effectiveness of Tor for people who want to use it for /important/ reasons.
 

Re:Load on Tor

Probably not. There are a lot of Tor servers around, tens of thousands if I'm not mistaken. A lot of them seem to be hosted on a VPS server sort of thing, so they're not exactly starved on bandwidth. A decade ago when I last tried Tor it was terribly laggy and slow but these days it's pretty fast. Two seconds for a (simple) page load kind of fast. (I wouldn't run torrents over it though.)

Besides, more people using Tor (for legal purposes) is always good noise for the NSA. Enough noise and hopefully they can't track people at all.

How to download TOR

How to download TOR without everyone knowing that you downloaded it? Crap.

Re:Ew no.

But he uses Windows.

Um...

Why?

DEBIAN HAS FBI - USE DIFFERENT DISTRO OR TAILS

As I have stated many many times on Slashdot for months, no shit Debian will be on TOR. You can find 2 things very easily on TOR right now:
1) Debian full distro
2) Tails (latest) distro

Why? Both compromised.

Use any TOR that you don't know what you are doing and you can be snooped. Great lengths have been taken to get the Ed Snowden versions of Tails off of the web. The latest Tails that is not backdoored is Tails 1.4.1 They took down the entirety of kat.cr for the sake of that one LIVE DVD.

There is a torrent file and sigs here.
https://www.sendspace.com/file/w35ddl

This is the only torrent around for the last of the safe Tails Linux distro. On kat.cr it was posted years ago by TNTVILLAGE forums and it is multi-language. It matches the sha and sig of the original Tails 1.4.1 downloaded from tails.boum.org

1.4.1 is what Ed Snowden used. Obviously Ed Snowden created a US government spy panic and they have absolutely infiltrated boum.org. No version after is safe, do not listen to the bullshit about security patches.

This image was posted in the comments of that torrent page as well.
http://i.imgur.com/QLGyQYf.jpg

You can boot it bare metal on a CD or USB or do exactly the same in VirtualBox or other VM manager. The Guest Additions of VirtualBox prior to 4.2 are safe. After that, remote desktop is available even when disabled. So there you go folks.

Also set your time to inaccurate by as many hours as possible. Time logging is the default tracking mechanisms for all US spy agencies.

With Tails it is more hassle because of root issues but still doable.. but... do this too:
In your torrc add the following two lines:
StrictNodes 1
ExcludeNodes {us}

You will have to tinker with the clock and maybe even reboot with Tails to get it to stick... but with {us} excluded, you block using all US nodes.

Re:DEBIAN HAS FBI - USE DIFFERENT DISTRO OR TAILS

1.4.1 is what Ed Snowden used. Obviously Ed Snowden created a US government spy panic and they have absolutely infiltrated boum.org. No version after is safe, do not listen to the bullshit about security patches.

a) Mr Snowden did his revelations in May 2013
b) Tails 1.4 was released mid-2015.

Does he have a time machine or something?

Re:DEBIAN HAS FBI - USE DIFFERENT DISTRO OR TAILS

1.4.1 is what Ed Snowden used. Obviously Ed Snowden created a US government spy panic and they have absolutely infiltrated boum.org. No version after is safe, do not listen to the bullshit about security patches.

a) Mr Snowden did his revelations in May 2013
b) Tails 1.4 was released mid-2015.

Does he have a time machine or something?

Snowden used uncompromised Tails, 1.4.1 is the last uncompromised Tails. He used it because a live DVD is the safest way in his situation. He was an employee. He had eyes on him and shared machines. Otherwise he could have just used any TOR or Vidalia client on any of several distros.

Tails linux is only one way to access TOR.

Note the dates on the comments of this story for instance.
https://www.techdirt.com/articles/20140124/10564825981/nsa-interception-action-tor-developers-computer-gets-mysteriously-re-routed-to-virginia.shtml

https://tails.boum.org/news/version_1.5/index.en.html
There are multiple problems here that persist even now. Also, now boume.org is infiltrated and pushing the new versions somewhat like a honeypot distro.

* Test suite
- Test that the Tor Browser cannot access LAN resources.
- Test that the Unsafe Browser can access the LAN.
- Installer: test new behavior when trying to upgrade an empty device, and
when attempting to upgrade a non-Tails FAT partition on GPT; also, take
into account that all unsupported upgrade scenarios now trigger
the same behavior.
- Request a new Tor circuit and re-run the Seahorse and GnuPG CLI tests
on failure. (Closes: #9518, #9709)
- run_test_suite: remove control chars from log file even when cucumber
exits with non-zero. (Closes: #9376)
- Add compatibility with cucumber 2.0 and Debian Stretch. (Closes: #9667)
- Use custom exception when 'execute_successfully' fails.
- Retry looking up whois info on transient failure. (Closes: #9668)
- Retry wget on transient failure. (Closes: #9715)
- Test that Tor Browser cannot access files in /tmp.
- Allow running the test suite without ntp installed. There are other means
to have an accurate host system clock, e.g. systemd-timesyncd and tlsdate.
(Closes: #9651)
- Bump timeout in the Totem feature.
- Grep memory dump using the --text option. This is necessary with recent
versions of grep, such as the one in current Debian sid, otherwise it
will count only one occurrence of the pattern we're looking for.
(Closes: #9759)
- Include execute_successfully's error in the exception, instead
of writing it to stdout via puts. (Closes: #9795)
- Test that udev-watchdog is actually monitoring the correct device.
(Closes: #5560)
- IUK: workaround weird Archive::Tar behaviour on current sid.
- Test the SocksPort:s given in torrc in the Unsafe Browser.
This way we don't get any sneaky errors in case we change them and

Re:DEBIAN HAS FBI - USE DIFFERENT DISTRO OR TAILS

1.4.1 is what Ed Snowden used

I am OP so let me clear this up. Typing fast I should have said...

1.4.1 is STILL what Ed Snowden used.

After that your traffic and timestamps are visible.

Re:Trump 2016

[TheCarp]

I dream of the day that she can share a prison yard with Bush, Cheney, Yoo, and Rumsfeld