We are back online. Now we just need a little bandwidth to be allocated (soon).
https://metrics.torproject.org/rs.html#details/E02F4D32C584C384E10E58C72CB3D4F79F62CE5D

Be wary about copying and pasting commands from webpages.
https://www.bleepingcomputer.com/news/security/dont-copy-paste-commands-from-webpages-you-can-get-hacked/

if you paste this you deserve it lol

Looks like the exit relay has now been designated as a V2Dir. :^)

If you use something like apt-transport-tor, try and fully onionize your sources.list. Doing this makes it much harder for adversaries to try and keep your machine from getting important updates because it means they will have to stop you from connecting to the entire tor network. Notice my connection to the Tor Project repo was reset by my circuit's exit.

Do Svidaniya, Igor, and Thank You for Nginx
Article, Comments

Just set up a second Tor Exit Relay at 83.97.20.84 - relay fingerprint is B63665C357F10C9CFAC4489C443C2651C5609EF0. Should be up on the TorProject website under https://metrics.torproject.org/rs.html#details/B63665C357F10C9CFAC4489C443C2651C5609EF0 in a day or two.

Should probably be pushing ~20TB of traffic per month now.. 😃

Accurate time is incredibly important for cryptography. Things like certificates and pki all rely on having an accurate clock. NTP was never designed with security in mind, and a network-level adversary can manipulate normal plaintext NTP traffic in ways that would allow them to make your clock jump forward or backwards. Preventing this means your system needs a reliable source of time. NTS (Network Time Security) adds a layer of authenticated encryption to normal NTP which helps to mitigate the tampering part of this problem. Afaik, only Chrony and NTPsec provide NTS-secured NTP. I recommend Chrony because it is pretty straightforward to configure and reliable.

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_basic_system_settings/assembly_overview-of-network-time-security-in-chrony_configuring-basic-system-settings

/ Linux kernel: Heap buffer overflow in fs_context.c since version 5.1

- https://www.openwall.com/lists/oss-security/2022/01/18/7
- CVE-2022-0185 (demo) - https://github.com/Crusaders-of-Rust/CVE-2022-0185

/ GitHub Actions flaw that allowed code to be approved without review is addressed with new feature rollout

- https://portswigger.net/daily-swig/github-actions-flaw-that-allowed-code-to-be-approved-without-review-is-addressed-with-new-feature-rollout

The EU Wants Its Own DNS Resolver that Can Block ‘Unlawful’ Traffic

The EU is planning to develop its own government-run DNS resolver. The project dubbed DNS4EU is meant to offer a counterweight to the popular resolvers that are mostly based in the U.S. Aside from offering privacy and security to users, the DNS solution will also be able to block "illegal" websites, including pirate sites.

https://torrentfreak.com/the-eu-wants-its-own-dns-resolver-that-can-block-unlawful-traffic-220119/

#eu #dns
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

I don't see how this will accomplish anything when DNS resolvers like DnsCrypt-Proxy exist. At best, it would be a farce.

Encrypt your DNS. If you don't already, use Android's "Private DNS" feature under your network settings. If you're on Linux, use DnsCrypt-Proxy. If you use Chrome or FireFox, set up your browser to use DNSoverHTTPS.

Cope.
https://blog.mollywhite.net/abuse-and-harassment-on-the-blockchain/