Rumor has it that 92.243.12.202 is a nice place.
-
Recent Posts
Recent Comments
Archives
Categories
Blogroll
Eviction of unused computers
Currently, most computers in AIXP that has been given away to random people are very likely not used for anything productive.
People that needs computers for providing VPN solutions to random people, wish to give away shell accounts to random/unknown users for free or wish to route some sort of network traffic through AIXP can be given computers for doing this. Generally, as long as you provide a service to some sort of darknet, you can have a free computer (or virtual machine).
However, a computer that is only used to give one guy a shell account for IRC or whatever will be removed from the network. This will happen one week from now. Copy your files and wipe your hard drives.
Posted in important
Leave a comment
Blackthrow technology – the simple method
Blackthrows (also known as kamikaze boxes, drop boxes or chaosboxen) are computers that no one know who owns them. They just sit somewhere and communicate with random computers at the internet. Because no one knows who owns them, the owners can do pretty much whatever they want with them. If there is networks surveillance in a country, the blackthrow could be used as an anonymizing proxy.
But how does one obtain a computer in such a way that no one knows who owns it?
The first method is the obvious one. One simply enters the corporate building at night and installs it somewhere, and makes sure that it has WLAN access (possibly requires that you crack the WLAN).
The second method is to simply buy one. In Sweden it is possible to buy anonymous credit cards at Seven Eleven and PressbyrÄn. It is then very simple to just go to a VPS-hosting website and order a virtual machine under a false name (using TOR ofc.)
Setting up an OpenVPN server in a virtual machine in Hong Kong or somewhere else is then not too difficult. If you want absolute anonymity you could instead ssh (or telnet?) to it via I2P.
This wiki article at cryptoanarchy.org has more information about how to buy an anonymous VPS.
Posted in Entropy
Leave a comment
Random ideas for anonymity
I was brainstorming for quick and simple solutions for anonymizing customers to the PirateISP, a small start-up company that wish to provide a safe darknet, and anonymize the users when they surf about at the vanilla intertubes.
~~~~~ 8< ~~~~~ 8< ~~~~~
Idea #0: All customers gets addresses via DHCP in a LAN network (10.0.0.0/8). When they connect to anywhere at the ordinary internet, their connection goes through a large NAT-pool. For each outgoing connection, a random IP and port is selected for the user from the pools set of IP addresses. It is an extremely crude and lotech-method to protect the users from the data retention directive, FRA and IPRED, as the ISP probably is not required to keep track of every single connection that users has had in the last 6-24 months. This crude “security feature” relies on that such detailed surveillance of all customers is illegal, and that no information about the customers thus can be stored. All users share the same IPs and collectively uses them together. Of course it also means that the users never has any IP addresses of their own, and that they can not host their own servers.
The solution is extremely simple, and requires only that one configures a NAT pool and routing in some default cisco router. It needs some testing though, for example if all protocols are happy about being forced through a NAT.
What needs to be done? Check if it works well with all the mostly used protocols, and how well it works with the cisco routers. Would the users be happy with this type of setup?
~~~~~ 8< ~~~~~ 8< ~~~~~
Idea #1: OpenVPN-cluster with RADIUS. People can log in at some website at the ISP and get certificates for their OpenVPN tunnel. For windows users, a small C#-program could be programmed to install everything automatically. For linux- and *bsd-people the scripts can be generated automatically at the website and come together with a small tutorial.
When the user registers at the PirateISP website to create their VPN account, a certificate is also created and stored in the RADIUS server. When the user connects to openvpncluster.pirateisp.net (or whatever) the domain resolves to a random OpenVPN server within the cluster. When the OpenVPN server tries to verify the clients certificiate, it communicates with the central RADIUS server. Thus, cryptography is distributed and authentication is centralized. This probably scales well.
I have not explored Idea #1 and have no idea if it would work, but I guess it would. Maybe it is too difficult for the random user though :/?
What needs to be done? Check how well OpenVPN handles RADIUS, check if it is possible to easily integrate RADIUS with a web page (so that users can create accounts easily), build that C#-application so that it does not require any knowledge for the common user to use it, and research if it actually works. This will take a few weeks.
One idea is to have the OpenVPN servers in Iceland, in order to avoid the swedish laws. But, perhaps that idea is just an impossible and far out wish?
~~~~~ 8< ~~~~~ 8< ~~~~~
Idea #2: Combine #0 and #1 so that users that wish to have their own IPs can have them.
~~~~~ 8< ~~~~~ 8< ~~~~~
The OpenVPN solution probably would work good for replicating the Relakks/IPREDATOR business model (except being more secure), while the NAT solution is the simplest one for just anonymizing users that are directly connected to the ISP via cable.
Of course, it might work just as well to simply just refuse to give up any information about the customers when the authorities asks. This type of civil disobedience-solution for security is currently used by PirateISP. If the pirate party enters the parliament, the operators of the ISP will become quite difficult to prosecute because of the constitutional protection for parliamentarians. Pure and simple civil disobedience would then most likely be the best solution.
Posted in PirateISP
Leave a comment
AIXP
Anonymous Internet Exchange Point (AIXP) is a very, very, very small IXP or VPN-provider. The purpose of AIXP is to function as a catalyst for distributed anonymous networks to form, for the purpose of denying authorities access to our personal information, and to help create an infrastructure where culture is absolutely free. AIXP will reach this goal via researching anonymizing VPN solutions as well as provide a free VPN service to those who might need it.
AIXP is a project somewhat related to Telecomix Crypto Munitions Burau, PirateISP and random darknets.
Posted in Entropy
Leave a comment