|
Rex-Goliath posted:this looks cool but why don't they like openVPN? e: hackbunny posted:
|
# ? Mar 29, 2017 04:50 |
|
|
# ? May 17, 2024 01:24 |
|
afaik algo was released as a reaction to streisand https://github.com/jlund/streisand which includes openvpn and every other vpn or vpn-like
|
# ? Mar 29, 2017 04:52 |
|
Rex-Goliath posted:this looks cool but why don't they like openVPN? https://github.com/trailofbits/algo/blob/master/docs/FAQ.md#5-why-arent-you-using-openvpn
|
# ? Mar 29, 2017 04:53 |
|
PCjr sidecar posted:afaik algo was released as a reaction to streisand https://github.com/jlund/streisand which includes openvpn and every other vpn or vpn-like this is an insane amount of surface area to secure
|
# ? Mar 29, 2017 04:54 |
|
Rufus Ping posted:https://github.com/trailofbits/algo/blob/master/docs/FAQ.md#5-why-arent-you-using-openvpn fair enough. cool now i have a project for this weekend
|
# ? Mar 29, 2017 05:01 |
|
Rufus Ping posted:https://github.com/trailofbits/algo/blob/master/docs/FAQ.md#5-why-arent-you-using-openvpn quote:7. Where did the name "Algo" come from? also there's a $500 bounty to port algo to bsd, with possible rewards for "partial solutions" anthonypants fucked around with this message at 05:04 on Mar 29, 2017 |
# ? Mar 29, 2017 05:01 |
|
Rufus Ping posted:a cent per thousand java methods https://facebook.com/notes/facebook-engineering/under-the-hood-dalvik-patch-for-facebook-for-android/10151345597798920/ i've seen that article before but holy poo poo this last paragraph quote:The great speed improvements in that release would not have been possible without this crazy hack. And needless to say, without Android’s open platform, we wouldn’t have had the opportunity to ship our best version of the app. There’s a lot of opportunity for building on Android, and we’re excited to keep bringing the Facebook experience to more people and devices. "and to summarize these last 20 paragraphs help I haven't seen my family in weeks android is a perfectly fine development platform yes it is!"
|
# ? Mar 29, 2017 05:06 |
|
BattleMaster posted:283 problems but isp data harvesting ain't one actually according to the study you still have 51 problems with isp data harvesting
|
# ? Mar 29, 2017 07:07 |
|
anthonypants posted:https://twitter.com/cczona/status/846859875854487553 the second sentence on that article sure got mangled. "out of all of them" and then it doesn't say what percent have malware going by https://arstechnica.com/security/2017/01/majority-of-android-vpns-cant-be-trusted-to-make-users-more-secure/ it's a bit over a third but a full 84% screwed up with IPv6 and 66% screwed up with DNS at least a handful seem to be competent.
|
# ? Mar 29, 2017 07:37 |
|
Kerning Chameleon posted:Only because LastPass is specifically being targeted by the white hats. Once they get tired of all the smug comments and decide to turn the razor on Keepass, all bet will be off, I'd say.
|
# ? Mar 29, 2017 14:49 |
|
hmm, that's certainly some poop to touch
|
# ? Mar 29, 2017 15:00 |
|
im the sentence "JavaScript is a powerful programming language that can easily be used maliciously"
|
# ? Mar 29, 2017 15:09 |
|
Cold on a Cob posted:Some people, when confronted with an isp data harvesting problem, think "I know, I'll use a vpn." Now they have 283 problems. if you're feeling spied on, I feel bad for you son I got 283 problems but a vpn ain't one
|
# ? Mar 29, 2017 15:45 |
|
Uncle at Nintendo posted:Thanks. I did have a weird thing where I somehow had two Amazon accounts on the same email address. They just had two different passwords
|
# ? Mar 29, 2017 16:29 |
|
Are ios vpns just as bad or is it limited to android? I have tunnelbear that I use when I have to connect to an open network. Tell me that I'm wasting my money.
|
# ? Mar 29, 2017 16:35 |
|
i didnt read the last 2 pages so i did that and my question was answered thank you
Share Bear fucked around with this message at 16:41 on Mar 29, 2017 |
# ? Mar 29, 2017 16:35 |
|
well that's a new one
|
# ? Mar 29, 2017 16:35 |
|
anthonypants posted:probably because they use ipsec and openvpn doesn't, i think there's a few other reasons people have pointed out thats a reason not to use openvpn, but are there any reasons to use openvpn over the windows native vpn?
|
# ? Mar 29, 2017 16:35 |
|
Shaggar posted:thats a reason not to use openvpn, but are there any reasons to use openvpn over the windows native vpn? it can be disguised to look like SSL traffic and you can set it up so it listens on port 443 and if you don't send it the special headers it just forwards the request to an actual HTTP server so it actually *seems* like a regular ol' HTTPS server, idk it's got some neat little quirks and has worked in certain weird edge cases where other VPN's haven't but it's kinda ugly and weird, it's like the VLC of VPN's
|
# ? Mar 29, 2017 16:42 |
|
Man, switching from lastpass is going to be a pain in the rear end. Think I'm going to do 1password now they they support more than apple devices.
|
# ? Mar 29, 2017 16:51 |
|
ipsec is an overly complex protocol with wayyyyy to many different modes and moving parts. You need to know what you're doing when setting it up. OpenVPN is a lot simpler to configure and has far less potential for making mistakes.
|
# ? Mar 29, 2017 16:52 |
|
i run openvpn behind a http proxy at home, and it works behind literally any firewall ever as long as it passes http or even through a http proxy (which I've had to use once before at a location), and that owns. traffic just looks like legit http traffic with a random payload in beyond the headers i don't use gameos on my work laptop though, so openvpn support is included and works pretty well at work i have strongswan ikev2 running, and apple seems to have finally fixed their bullshit implementation so i'll keep it for now.
|
# ? Mar 29, 2017 16:54 |
|
Truga posted:at work i have strongswan ikev2 running, and apple seems to have finally fixed their bullshit implementation so i'll keep it for now. oh don't worry it's still broken in a bunch of fun ways i've found, like DNS and routing
|
# ? Mar 29, 2017 17:06 |
|
akadajet posted:Man, switching from lastpass is going to be a pain in the rear end. Think I'm going to do 1password now they they support more than apple devices. ive been talking about this and the main reaction ive been getting is "why? they're going to fix the holes" but i still feel like i should move to 1password
|
# ? Mar 29, 2017 17:27 |
|
akadajet posted:Are ios vpns just as bad or is it limited to android? what's on the other end, and do you trust them? i like to vpn home from public wifi and i do trust my home network but not necessarily my home upstream, wah wah
|
# ? Mar 29, 2017 17:28 |
|
ate all the Oreos posted:it can be disguised to look like SSL traffic and you can set it up so it listens on port 443 and if you don't send it the special headers it just forwards the request to an actual HTTP server so it actually *seems* like a regular ol' HTTPS server, idk hmm. ive only really done IPSEC tunnels. is that an OpenVPN custom thing or is it SSTP?
|
# ? Mar 29, 2017 17:34 |
|
schranz kafka posted:ive been talking about this and the main reaction ive been getting is "why? they're going to fix the holes" but i still feel like i should move to 1password Tavis has descended from the heavens and fixed all of their stupid problems, but once he's done he will move on and the lastpass team will continue to introduce new fuckups
|
# ? Mar 29, 2017 17:37 |
|
lastpass has had a poo poo security record going back since it was popularised ~2011, including downplaying their servers being compromised (multiple times), these vulnerabilities are not unusual and show a pattern of incompetence
|
# ? Mar 29, 2017 17:48 |
|
yeah, as much as i want to believe people will take a hint when their dicks repeatedly get slammed with the cardoor, lastpass people don't seem to.Shaggar posted:hmm. ive only really done IPSEC tunnels. is that an OpenVPN custom thing or is it SSTP? it's a custom openvpn thing, it encapsulates openvpn inside the http protocol: https://openvpn.net/index.php/open-source/documentation/howto.html#http it's very simple to set up though, if you already have an instance running just add http-proxy settings and put any web server with reverse proxy in front of it. you can then connect as long as a firewall or proxy lets your http traffic pass.
|
# ? Mar 29, 2017 17:55 |
|
Wiggly Wayne DDS posted:lastpass has had a poo poo security record going back since it was popularised ~2011, including downplaying their servers being compromised (multiple times), these vulnerabilities are not unusual and show a pattern of incompetence but this time they'll get it right
|
# ? Mar 29, 2017 17:58 |
|
OSI bean dip posted:but this time they'll get it right
|
# ? Mar 29, 2017 18:01 |
|
Truga posted:i run openvpn behind a http proxy at home, and it works behind literally any firewall ever as long as it passes http or even through a http proxy (which I've had to use once before at a location), and that owns. traffic just looks like legit http traffic with a random payload in beyond the headers tcp over tcp though udp port 53 is almost as good for getting out of restrictive networks ime spankmeister posted:ipsec is an overly complex protocol with wayyyyy to many different modes and moving parts. You need to know what you're doing when setting it up. also i feel slightly uneasy about my vpn software running partly in the kernel, good luck confining that
|
# ? Mar 29, 2017 18:14 |
|
Rufus Ping posted:udp port 53 is almost as good for getting out of restrictive networks ime
|
# ? Mar 29, 2017 18:17 |
|
COACHS SPORT BAR posted:Tavis has descended from the heavens and fixed all of their stupid problems, but once he's done he will move on and the lastpass team will continue to introduce new fuckups Wiggly Wayne DDS posted:lastpass has had a poo poo security record going back since it was popularised ~2011, including downplaying their servers being compromised (multiple times), these vulnerabilities are not unusual and show a pattern of incompetence this is what i had come to believe and now have words for. thank yous guys
|
# ? Mar 29, 2017 18:28 |
|
fwiw i really like 1password so far but i don't like that i'm going to have to pay for it
|
# ? Mar 29, 2017 18:29 |
|
Wiggly Wayne DDS posted:it's better because captive portals forget about dns a lot preferring to redirect 80/443 traffic to tell the user where to put their credit card info they've gotten better recently, all the hotels i've been to for the last few years blocked external DNS i guess i could use that DNS-query-protocol VPN thing but christ i'll just pay the $5
|
# ? Mar 29, 2017 18:55 |
|
schranz kafka posted:fwiw i really like 1password so far but i don't like that i'm going to have to pay for it it's worth it, and sometimes good software is worth paying for or write a script that encrypts and decrypts a text file automatically, if your time is worth less than $40
|
# ? Mar 29, 2017 19:41 |
|
Share Bear posted:or write a script that encrypts and decrypts a text file automatically, if your time is worth less than $40 https://www.passwordstore.org/ what i used before i used keepass. it's just a set of wrappers around gpg and git and works pretty well
|
# ? Mar 29, 2017 19:46 |
|
Wiggly Wayne DDS posted:it's better because captive portals forget about dns a lot preferring to redirect 80/443 traffic to tell the user where to put their credit card info redirecting 443 traffic should work very poorly, unless the user is in a bad way indeed
|
# ? Mar 29, 2017 19:57 |
|
|
# ? May 17, 2024 01:24 |
|
algo looks like a pain in the dick if you are using linode
|
# ? Mar 29, 2017 20:06 |