<beneroth>
possibly, you don't want a too huge ban list in IPtables. though I don't know how IP blocking on AS level works, thats probably lower level...dunno
<beneroth>
bbl
<Regenaxer>
oh, yeah ;)
<Regenaxer>
afp
clacke_movim has left #picolisp [#picolisp]
ubLIX has joined #picolisp
<Regenaxer>
Cool, Strato access is working again
orivej has quit [Ping timeout: 248 seconds]
orivej has joined #picolisp
miskatonic has quit [Quit: ERC (IRC client for Emacs 24.5.1)]
alexshendi has joined #picolisp
alexshendi has quit [Remote host closed the connection]
alexshendi has joined #picolisp
orivej has quit [Ping timeout: 258 seconds]
<Regenaxer>
Trying DeltaChat ... really cool
<beneroth>
hey Regenaxer
<Regenaxer>
Good evening beneroth
<beneroth>
Good evening :)
<beneroth>
hm.. well DeltaChat is technically just an email client, no?
<beneroth>
with all the disadvantages of current email
<beneroth>
it creates a hidden service (or multiple) per chat client within TOR
<beneroth>
per contact
<beneroth>
not client
<Regenaxer>
Sounds good
<beneroth>
should also work on mobile etc...
<beneroth>
only problem is maybe a bit overhead
<Regenaxer>
ok
<Regenaxer>
But even with tor a secret service with enough resources can track source -> dest
<Regenaxer>
So I dont feel too bad with Delta
<beneroth>
that is also true about delta
<Regenaxer>
right
<Regenaxer>
even easier
<beneroth>
delta is a lot worse in that regard
<Regenaxer>
Thats what I meant, you cant escape anyway
<Regenaxer>
I want at least something better than WhatsApp
<beneroth>
T, though observing whole network traffic is a pretty high barrier
<Regenaxer>
so almost anything
<Regenaxer>
T
<Regenaxer>
But Briar was not accepted by my kids and friends
<Regenaxer>
Delta is easier
<beneroth>
China (both legally and technically) and Russia (legally) are outlawing/banning TOR
<beneroth>
not hacking it much
<Regenaxer>
:(
<beneroth>
yeah. I think I read about other IMAP-based messengers recently. good comfort. and email works pretty reliable
<beneroth>
I mean that speaks for the security of TOR ;-)
<Regenaxer>
yes
<beneroth>
look we here still use IRC :P
<Regenaxer>
I run a tor node on 7fach.de
<Regenaxer>
haha
<beneroth>
relay though, yes?
<beneroth>
since how many years?
<Regenaxer>
yes
<Regenaxer>
I ran it many years now, with a gap between
<Regenaxer>
took too much bandwidth on my old erver
<Regenaxer>
server
<Regenaxer>
now it is fine
<beneroth>
exit nodes are a pretty big risks even here. not so much for not getting out of trouble, but for legal forces not knowing enough about it / not caring, so you might get a SWAT team and all computers confiscated for months or years.
<Regenaxer>
yes, didn't dare an exit node
<beneroth>
cannot do it as small IT company.
<Regenaxer>
You can limit the bandwidth
<beneroth>
the bandwith is not the issue.
<Regenaxer>
customers?
<beneroth>
something nasty being tracked back to your IP is it.
<Regenaxer>
hmm
<beneroth>
so you get a police raid because they believe you are a child porn webhoster / consumer or a terrorist or whatever
<Regenaxer>
T
<beneroth>
I mean there was such an incident (which was completely constructed, so basically to make people afraid of running anon/security hosting) in germany recently
<beneroth>
not tor. some secure anon email offering hosted there. and some blog in usa using an email address from that server, and that blog having leaked/hacked material on it.
<beneroth>
like...website with a @gmail.com address in the impressum with leaked/hacked stuff on it leading to raid at google mail offices... absolutely silly
<Regenaxer>
I did not know Autocrypt
<beneroth>
ah
<beneroth>
that dortmund story also raided Zwiebelfreunde.. TOR support group basically
<beneroth>
"Dabei ging es der zuständigen Generalstaatsanwaltschaft zufolge um einen anonym betrieben Blog, auf dem zu Gewalt gegen den AfD-Bundesparteitag aufgerufen wurde. Als Kontaktmöglichkeit ist dort lediglich eine beim US-Anbieter RiseUp gehostete E-Mail-Adresse angegeben.
<beneroth>
Weil die Zwiebelfreunde für diesen Dienst Spenden sammeln"
<beneroth>
ah
<beneroth>
I looked at AutoCrypt some time ago
<Regenaxer>
Alles Terroristen!!
<beneroth>
Aye! nothing to hide!
<beneroth>
the achilles heel of AutoCrypt is, that it easily falls victim to MitM attack
<beneroth>
its opportunistic security
<Regenaxer>
I see
<beneroth>
"can be detected by the user with a manual verification" yeah nobody is doing that
<beneroth>
and also not implemented "A verification mechanism is not part of version 1.0 of Autocrypt, but is planned for future work."
<Regenaxer>
yep, the hash prints
<beneroth>
I thought about implementing it in my email services for customers, but with such weaknesses, I see no advantage really
<beneroth>
too unreliable to being worth the effort. as it anyway only comes into effect if an email contacts email-server is also supporting it...
<beneroth>
I believe only a complete overhaul of the email standards can make email secure. so Dark Mail Alliance.
<Regenaxer>
The mail-server does not care about it
<beneroth>
stuff like AutoCrypt might be better than nothing...but so is proper TLS between the email servers...
<beneroth>
well T, the email client does, but still
<beneroth>
I think there is also an AutoCrypt variant where you have it on the email server.
<Regenaxer>
ok
<beneroth>
its worse than on the client (real e2e), but more practical in many settings.
<Regenaxer>
I dont mind about the overhead here
<Regenaxer>
messengers have always
<beneroth>
but why do it, when it can be easily MitMed.. it's just overhead for when one is not under targeted attack..and then email servers using TLS is about a similar level of protection...well a bit less, but not much in practice.
<beneroth>
I mean also overhead with maintenance etc.. for humans
<Regenaxer>
I think not so easily MitM
<Regenaxer>
if you start the connection in life
<Regenaxer>
interactive
<beneroth>
sender server or target server can just pretend to not support AutoCrypt (anymore)
<Regenaxer>
communicating via other channels
<beneroth>
well yeah..but you don't do that, as that goes against the comfort feature Autocrypt relies on :)
<beneroth>
well, then do real PGP
<beneroth>
(which has the metadata problem again)
<Regenaxer>
key infrastructure is tedious
<Regenaxer>
nobody does
<beneroth>
T
<Regenaxer>
I want to get off of WhatsApp, and there is no better way
<Regenaxer>
acceptance
<beneroth>
ok, tell me when you managed to it that way
<Regenaxer>
lets see
<Regenaxer>
still difficult
<Regenaxer>
family chat :)
<Regenaxer>
also in business mail is easier accepted than WhatsApp
<beneroth>
I also want to get off WhatsApp. technology is not the issue, network effect is. I even have customers I mainly communicate with using WhatsApp, more comfort than email for them :(
<beneroth>
b2b yes. b2c whatsapp is nice / cannot get rid of once used.
<Regenaxer>
comfort yes
<Regenaxer>
but contacts are spied out
<Regenaxer>
Delta keeps your contacts locally
<beneroth>
point
<beneroth>
not nsa secure, but at least safe from facebook datakraken
<Regenaxer>
exactly
<beneroth>
some time ago I read a good article, which had as a main point: hey, you promised us, and still promise, targeted ads for all the data we feed you. BUT not even that works!
<beneroth>
so just stop it!
<beneroth>
if it would work, than maybe your argument had some merit, but no, we get everywhere a lot of ads, even personalized by email from vendor companies, who should know better by existing data.
<Regenaxer>
and it is all ovevalued
<Regenaxer>
over
<beneroth>
or stuff like shopping online for a product = getting ads for same category of products for weeks ...that is just stupid, as when you bought the product, you dont want or need more!
<beneroth>
T
<beneroth>
zero sum game
<beneroth>
with costs
<Regenaxer>
right
<Regenaxer>
a spiral
<beneroth>
best feature of internet services being financed on it is the undeniable well-working social cross-financing aspect (people financing with internet services when buying IRL products for people who don't and can't buy products and would not be able to pay for the internet service)
<beneroth>
but it comes with a huge cost overhead, feeding all this marketing and office administrator jobs in the loop
<beneroth>
and having some of the smartest people on earth working on "how to get someone to click on something" instead of letting them work on scientific development / technology / medicine...
<beneroth>
damn high hidden overhead costs...
<Regenaxer>
yeah, huge waste
<Regenaxer>
like all in this growth-based system
<beneroth>
aye
<beneroth>
well most (all?) of this incredible well scaling "unicorn" business models are nothing else than social-psychological MitM attack, getting a monopoly (network effect) on a social interaction as the middleman
<beneroth>
then you can charge for value/work mainly done by other people, you charge for connecting them, and you got somehow a monopoly on this connection-making. because people got trained into lazy.
<Regenaxer>
Nature is a huge waste too
<Regenaxer>
in some regards
<beneroth>
ad industry companies like google and facebook are this connector between marketing departments and web real estate (content, websites, apps where ads can be placed)
<beneroth>
facebook is just insourcing the whole content part too, though its all created by its users...
<beneroth>
T
<Regenaxer>
:)
<Regenaxer>
I go to sleep
<Regenaxer>
We cant change the world
<beneroth>
there is the other view that waste is good, as waste is a symptom of surplus production, which is a symptom of an efficient production. though that view kinda collapses when resources are limited (be it input resources or space for externalisation of costs like pollution)
<beneroth>
we can't, though we might sometimes be in the position to tip it over!
<Regenaxer>
true
<beneroth>
being able to detect those opportunities are important :)
<beneroth>
if you get such opportunities, and if you can make use of it, than you can tip the world over, and so you change it.
<Regenaxer>
I'm always optimistic
<beneroth>
hey you released picolisp :)
<beneroth>
and pilDB :)
<Regenaxer>
oha
<beneroth>
you surely changed my world :)
<Regenaxer>
haha, no
<beneroth>
if someone manages to build a good system with it which in turn makes some medical researcher more efficient, then you played a part in healing cancer :)
<beneroth>
IT can only support other people in being more efficient, we don't produce much ourselves... well maybe algorithms and some logics...but yeah...