Encrypt all the things!

Posted on
of 106
  • https://nyti.ms/31Jsbax

    “A quantum machine, the result of more than a century’s worth of research into a type of physics called quantum mechanics, operates in a completely different manner from regular computers. It relies on the mind-bending ways some objects act at the subatomic level or when exposed to extreme cold, like the metal chilled to nearly 460 degrees below zero inside Google’s machine.

    One day, researchers believe, these devices could power advances in artificial intelligence or easily overwhelm the encryption that protects computers vital to national security. Because of that, the governments of the United States and China consider quantum computing a national security priority.”

  • Just in case anyone thought NordVPN hadn't fucked up enough

    User passwords exposed...

    If one hasn't ditched them by now,maybe it's time...

  • Oh poo. Yep I'm leaving.

  • Sounds like it's most likely the result of a credential stuffing attack. The only accounts revealed (so far) had very weak passwords.

  • I mean, yeah, that's literally the title of the article but well deduced. :P

  • Yeah, I only mentioned it because @ChainBreaker's post seemed to imply there'd been another breach. Which there hasn't been, afaik.

  • PIA app on iPad has stopped auto connecting. It’s up to date and I have ticked vpn kill switch but I have to manually connect each time.

  • Its not just NordVPN that has been compromised.

    Don't forget that by using a VPN service you are just outsourcing your risks down the line to somebody else, who will likely fuck up at some point.

  • Just came here to rant about NordVPN. Their software has gone from humming quietly in the background to getting on my nerves with never ending pop ups and freezes several times daily.
    What's the other story about them?

  • What's the other story about them?

    Which one? The older one is more important: https://arstechnica.com/information-tech­nology/2019/10/hackers-steal-secret-cryp­to-keys-for-nordvpn-heres-what-we-know-s­o-far/

    The more recent one less so, it can be summarised as:-

    Some people who use NordVPN use the same usernames/passwords as they do on other sites (where their credentials had been leaked).

    Someone tested various credentials from other leaks, found the ones that worked on NordVPN and then released that list as a supposed leak of NordVPN's users.

  • NordVPN's advertising budget doesn't seem to be shrinking.

    I think ExpressVPN originally wanted to sponsor Tom Scott's video, until he rewrote the advert to be honest...

  • Finally got enough BAT through Brave to make a forum donation. Don't spend it all at once!

  • I've been following this thread for a while but need a bit of a recap or pointing to the right posts. I'm planning to beef up my home network, virgin hub 3 is flakey, so I'm looking at a new router and running the hub as modem. I run pia on most things so figured it's a good opportunity to get a VPN router and run pia there, I'm also interested in pihole but know next to nothing on this. I want something reasonably easy to setup and manage but don't mind a bit of messing about. Ideally though a solution that doesn't impact the non techy family members too much. So I guess firstly would be router recommendations, £150 max but cheaper the better. Is pia still a good vpn choice? Thanks!

  • Can't help on the router but Linus did a very straightforward video on setting up a pihole.


    With a text guide here: https://linustechtips.com/main/topic/109­4810-pi-hole-setup-tutorial/

  • Sometimes websites don't allow acces when an adblocker is active, do they also do so when you're on a network with a PiHole?

  • My understanding of how they work, and I expect someone will come along to correct this is that you'll get access as the website doesn't know you're not receiving the ads. The pihole acts a bit like a DNS filter and sends a fake address to the ad server so the ad doesn't even get downloaded (a blackhole for ads if you will), however the request for the ad still occurs.

    This is different to how an adblocker works which would download all the ads locally but just not display them. I think a lot of websites that won't load as a result of running an adblocker use javascript to identify it. Websites that have a 'please donate' type thing where an ad would have been have probably coded this to always load under the ad that would be shown.

  • The issue I find (not using pihole but using a custom hosts file which I believe it's effectively the same thing) is that sometimes a vital element of a site is broken because it's blocked or certain things (Facebook messenger for instance) don't run because they're blocked but it's not particularly obvious.

    I'd be wary about having everything going through pihole unless everybody using the internet is aware of it and how to resolve the issues it may cause.

  • The problem awaiting pihole is that it can still be detected, it's just a matter of time until it is popular enough that people will start to block pihole users as they currently block ad-blocker users.

    At the moment the number of pihole users is small enough not to be a target for the anti-adblocker code/tricks.

  • I'd be wary about having everything going through pihole unless everybody using the internet is aware of it and how to resolve the issues it may cause.

    Do you want those people on your network? No, didn't think so. :)

  • The kind of people that run piholes are the kind of people that will get around pihole detection.


  • I'd be wary about having everything going through pihole unless everybody using the internet is aware of it and how to resolve the issues it may cause.

    Maybe I'm missing something on my noob setup, but when a device connects I have to set it up with a static IP and enter the Pi-hole's DNS. So in my head a user can always just go back to the default settings.

    Is this incorrect?

    @fettled_nuts - I used this guide:
    ...and bought my pi zero w from here:
    ...and this cheap but excellent little case:

    I'm a very basic user and found it all pretty easy. First install of the pi-hole software failed. So I rebooted and tried again, which worked. I'm just using all the simple default settings as I haven't had the headspace to do more, and it sped pages up. I added the OLED display, which makes it a longer project, but again not hard. (I bought the display from aliexpress for about £3)

  • Not what I would expect. I would expect the PiHole to be acting as a local DNS. Every request to a hostname on the network will go through it. There shouldn't have to be any manual intervention when it's running otherwise you're only blocking your own device's ads and not that weird mate that wants to use your wifi.

  • OK.

    Towards the end of the Linus video upthread he talks about setting your router IP settings - which I guess is what I should have done.

    ...I also wanted to leave a route out in case it fucked up, to mitigate any wrath from my OH for fucking up the internet.

    But TBH my laptop isn't connecting to the internet and I haven't bothered looking into how to ssh from a PC and no friends visit although my MIL is a bit weird. Maybe I'll try and do it over xmas.

  • ...I also wanted to leave a route out in case it fucked up, to mitigate any wrath from my OH for fucking up the internet.

    Can you try setting it up on a different router? If you muck it up just plug the old one back in. ISP routers are mostly useless to most people when they change contracts so can be picked up for next to nowt.

  • Post a reply
    • Bold
    • Italics
    • Link
    • Image
    • List
    • Quote
    • code
    • Preview

Encrypt all the things!

Posted by Avatar for Velocio @Velocio