Home Explore Help
Sign In
csh
/
y.st.
forked from y.st./y.st.
Watch 1
Star 0
Fork 0
Files
Branch: master
Branches Tags
y.st.
/
source
/
pages
/
en
/
weblog
/
2016
/
03-March
/
05.xhtml

05.xhtml 7.4 KB
Permalink History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * <https://y.st./>
    4. 

  4.  * Copyright © 2016 Alex Yst <mailto:copyright@y.st>
    5. 

  5.  * 
    6. 

  6.  * This program is free software: you can redistribute it and/or modify
    7. 

  7.  * it under the terms of the GNU General Public License as published by
    8. 

  8.  * the Free Software Foundation, either version 3 of the License, or
    9. 

  9.  * (at your option) any later version.
    10. 

  10.  * 
    11. 

  11.  * This program is distributed in the hope that it will be useful,
    12. 

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    13. 

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    14. 

  14.  * GNU General Public License for more details.
    15. 

  15.  * 
    16. 

  16.  * You should have received a copy of the GNU General Public License
    17. 

  17.  * along with this program. If not, see <https://www.gnu.org./licenses/>.
    18. 

  18. **/
    19. 

  19. 

  20. $xhtml = array(
    21. 

  21. 	'title' => 'Relay service',
    22. 

  22. 	'body' => <<<END
    23. 

  23. <p>
    24. 

  24. 	I did not sleep well last night.
    25. 

  25. 	I woke up at about four and couldn&apos;t get back to sleep.
    26. 

  26. </p>
    27. 

  27. <p>
    28. 

  28. 	I began my <a href="http://sbuk7aqcxkoyipwv.onion/">onion-to-clearnet</a> forwarding service today to aid in bypassing $a[Tor] blocks.
    29. 

  29. 	I obviously can&apos;t use it myself, as my own $a[IP] address acts as the exit, but perhaps someone can make use of it.
    30. 

  30. 	Unfortunately, I set up the website for the server over $a[HTTP] instead of $a[HTTPS].
    31. 

  31. 	I much prefer $a[HTTPS], but a lot of onionlanders don&apos;t.
    32. 

  32. 	This service is for them, not me, and encryption is already supplied by $a[Tor], so I&apos;ll do it their way.
    33. 

  33. 	I&apos;ve also decided to use the high ports, not the low ports, for forwarding.
    34. 

  34. 	Many of the low ports have specific services that they are assumed to run.
    35. 

  35. 	If I end up needing one of those ports after I&apos;ve already assigned it for forwarding, it will be too late.
    36. 

  36. 	As such, I&apos;ve decided to use the ports in the 49152-65535 range, as they are currently defined as ports that will not be assigned any specific service.
    37. 

  37. 	If the $a[IANA] decides to change this, some network changes will be to be expected, so there won&apos;t be any issues with me reclaiming ports; it wasn&apos;t my fault, I took reasonable precautions.
    38. 

  38. 	<a href="https://opalrwf4mzmlfmag.onion/">Wowaname</a> suggested allowing other people to share their $a[IP] addresses in the same way, using my onion to forward to random volunteer machines in a round-robin-type way.
    39. 

  39. 	I&apos;m not sure who would volunteer, but it seems like it would be easy to set up on their end.
    40. 

  40. 	The simplest way would probably be to set up port forwarding in their home router configuration.
    41. 

  41. 	They wouldn&apos;t even need to install $a[Tor], though of course I recommend installing and using $a[Tor] to everyone.
    42. 

  42. 	I thought about adding freenode to my forwarding configuration, but due to the fact that I don&apos;t want to play &quot;favorites&quot; with $a[Tor]-haters, I didn&apos;t want to add any specific services until they were requested.
    43. 

  43. 	<a href="https://ronsor.net/">Ronsor</a> quickly suggested <a href="ircs://sbuk7aqcxkoyipwv.onion:49152/">freenode</a> (once people were actually awake), so that resolved that issue.
    44. 

  44. </p>
    45. 

  45. <p>
    46. 

  46. 	While discussing ways to get multiple $a[IP] addresses to be usable for relay service, wowaname and I were discussing on <a href="ircs://kitsune6uv4dtdve.onion:6697/%23Volatile">#Volatile</a> how nice round robin support for onion addresses.
    47. 

  47. 	One hidden service node can relay to multiple servers, but multiple hidden service nodes cannot use the same onion address like can be done in $a[DNS].
    48. 

  48. 	Cathugger knew of an article about <a href="https://www.benthamsgaze.org/2015/11/17/scaling-tor-hidden-services/">horizontal scalability of hidden services</a>.
    49. 

  49. 	With the techniques the author suggests, it is possible to get up to sixty separate machines at separate locations to receive requests meant for a single onion address.
    50. 

  50. 	These sixty machines are all registered with the $a[Tor] network without any changes to the underlying infrastructure.
    51. 

  51. 	The only things changed are on the machines that hold the private onion key.
    52. 

  52. 	It sounds a bit difficult to deploy and custom code is needed, but it might get people thinking about the need to share onion addresses between machines like this.
    53. 

  53. 	It might lead to changes in how $a[Tor] fundamentally handles hidden services.
    54. 

  54. 	Even if it doesn&apos;t lead to changes, it provides an option for large services that really need more room to grow on the $a[Tor] network.
    55. 

  55. </p>
    56. 

  56. <p>
    57. 

  57. 	When the local community college said that they would send me a gift card, I assumed that it was a use-anywhere prepaid type of gift card.
    58. 

  58. 	That was a naïve assumption on my part.
    59. 

  59. 	The card arrived in the mail today and it&apos;s a gift card for their in-house book store.
    60. 

  60. 	As the card dosen&apos;t have much on it and I don&apos;t know if I&apos;ll be attending this school, it&apos;s little more than an amusing novelty item.
    61. 

  61. 	Still, it got me to submit my feedback for their orientation.
    62. 

  62. 	I was going to do that anyway, but this helped make sure I did it in a timely manner.
    63. 

  63. </p>
    64. 

  64. <p>
    65. 

  65. 	Our mother, Cyrus, Vanessa, and I volunteered at a spaghetti-serving fund raiser today.
    66. 

  66. 	We told them that we were there to help, then waited a couple hours for them to be ready for help.
    67. 

  67. 	We were pretty much just wasting time unable to do anything, so we asked if they even needed us.
    68. 

  68. 	They told us that they didn&apos;t even want our help.
    69. 

  69. 	Why didn&apos;t they just tell us that from the beginning? While I was waiting, I thought about the fact that my <a href="/en/domains/accessed574tizbu.onion.xhtml">accessed574tizbu</a> onion would have been a cool address for my forwarding service because it helps people access malicious servers, but I&apos;m going to continue using my <a href="/en/domains/sbuk7aqcxkoyipwv.onion.xhtml">sbuk7aqcxkoyipwv</a> onion.
    70. 

  70. </p>
    71. 

  71. <p>
    72. 

  72. 	It seems that Ronsor will be away for three weeks.
    73. 

  73. </p>
    74. 

  74. <p>
    75. 

  75. 	Wowaname decided that she wanted her $a[Tor]-to-IRC2P onion to be &quot;listed&quot; on my forwarding service.
    76. 

  76. 	It seemed pretty strange to me.
    77. 

  77. 	I&apos;m not sure she understood that it was a forwarding service, not a listing of forwarding services.
    78. 

  78. 	However, it seemed like it could be of benefit to $a[Tor] users, as it does provide access to a service not normally reachable over $a[Tor], so I went with it.
    79. 

  79. 	However, I didn&apos;t want it to look like my forwarding service was not up to forwarding to other darknets and that this burden had to fall to others.
    80. 

  80. 	To fix this, I set up $a[I2P] on my server and forwarded one of my onion ports to <a href="irc://sbuk7aqcxkoyipwv.onion:49153/">IRC2P</a> as well.
    81. 

  81. 	If I chance upon any other services similar to mine, I&apos;ll add them to my list and forward to their destinations in parallel.
    82. 

  82. 	A little redundancy doesn&apos;t hurt.
    83. 

  83. 	While the onion-to-clearnet ports are nice for getting access to places without giving into their ridiculous anti-privacy agendas, the onion-to-other-darnet ports are nice for convenience.
    84. 

  84. </p>
    85. 

  85. <p>
    86. 

  86. 	As I was installing <a href="apt:i2p">$a[I2P]</a> on my server, I decided to install it <a href="https://geti2p.net/en/download/debian#debian">from a package</a>, unlike on my client machine.
    87. 

  87. 	Installation went fine, but I found that $a[I2P]&apos;s package, being from a non-Debian party, is not set up to start itself as a system service.
    88. 

  88. 	You still need to run <code>i2prouter start</code> to start it each time you start the system, unless you script something to take care of that.
    89. 

  89. 	$a[I2P]&apos;s strange (in my opinion) setup of binding ports to services made it ridiculously easy to forward between darknets.
    90. 

  90. 	It also didn&apos;t hurt that one of the default port bindings was pointed directly to the service that I needed in this case.
    91. 

  91. </p>
    92. 

  92. END
    93. 

  93. );
    94. 

  94.