home tags events about login

networkstring rss

Builds anti-surveillance and anti-censorship infrastructure at https://brasshorncommunications.uk and https://ablative.hosting using OpenBSD routers (AS28715, AS209220, AS215833) and servers.

GPG: 0x2AA6E6BC2184073C1779

Cwtch.im: 3jurvwejuzikduyuztczpmhsofoiojlhknbq5nepq3lviu5bfxzxtcqd

https://networksaremadeofstring.com

Presented at EurBSDCon, HOPE, UKNOF and others.

networkstring honked back 17 Jan 2025 19:15 +0000
in reply to: https://mastodon.neilzone.co.uk/users/neil/statuses/113845186888920525

@neil Not really sure.

On one hand there are websites dedicated to displaying the regex'd URLs that have been submitted by users. A visitor would be presented with a whole bunch of images that have been hotlinked from elsewhere.

Then there are websites where everything is done clientside via JS so a visitor would need to know of / construct a regex yourself but your browser does all the work.

Then there's e.g. if you wrote this code on your desktop and loaded it locally;

<!DOCTYPE HTML>
<head></head>
<body>
<img src="https://networksaremadeofstring.com/ico.jpg"/>
</body>

networkstring bonked 17 Jan 2025 18:16 +0000
original: dangoodin@infosec.exchange

privacy is another good reason for paying with cash. What's the point of using encrypted comms or ad blockers or taking other privacy-preserving measures and then buying everything with a payment card? Payment cards allow data brokers to track every purchase you make, every business you visit and when. When you split a check with someone else, it lets them know who your friends and coworkers are. The amount of privacy lost using payment cards is astounding.

networkstring honked 17 Jan 2025 08:00 +0000

New from Brass Horn Communications; https://over18.uk - the worlds first Privacy Focused Age Verification system that relies on the passage of time.

No need for AI inspected selfies, no uploading passport scans or bills, no phrenology. Just plain simple time and patience.

  • Register
  • Wait 18 years
  • Verified!


What makes it privacy focused?

Site operators download a list of hashed account IDs on a regular basis and perform the matching locally on their server - no communication with the over18.uk servers is needed. No HTTP referrers, no API keys, no signing in, nothing.

We'll never know what websites you visited, what websites checked your account ID, hell, we won't even know what websites use the service.

So... 18 year old bearer tokens?

Yes, we've learnt nothing about the problems with JWTs

What if you lose your bearer token?

Signup for a new one and wait 18 years again!

What's stopping someone sharing their bearer token?

People do that? We'll put something in the T&Cs

networkstring honked back 14 Jan 2025 11:48 +0000
in reply to: https://mastodon.neilzone.co.uk/users/neil/statuses/113826215690052381

@neil well back in the day you'd have "tweeted" a link to your blog post for folks who didn't have your RSS feed.

It's not too different now.

AIUI what 'should' happen is that all of these various 'objects' (https://www.w3.org/TR/activitypub/#obj) are represented in your ActivityPub software of choice.

So you could opt to 'toot' a microblog, or write a 'long form article' or advertise a thing for sale, or publish a photo, or a video, or a video short etc etc.