cryptostorm's community forum

I have a similar problem on all pay nodes with my Aleph token. All pay nodes tell me "Auth rejected". Sometimes I can connect for a couple of minutes until it drops with Auth rejected. CryptoStorm is (apart from the free node) unusable for me right now. Because Twitter is banned with cryptofree I ca...

I never watched Star Wars but this cracks me up: https://www.youtube.com/watch?v=lg_FoEy8T_A ___and even more___ https://www.youtube.com/watch?v=84YXPw4htnQ Hello everyone, it's good ol' uncle DesuStrike and I've got a little "present" for everyone who wants things to be a tad more secure than the ...

It's situations like these when I'm sad that I'm not gay because I fucking love you Taelc! (wtf am I talking?! :D) I knew the router was not up to the task but this looks like it could handle connections up to 50MBit/s (at least according to my own experiments with different hardware). Stupid idea h...

Hey df!
Thanks for fixing this real quick as always!

This analysis is so badass! Nice work!

The other kind of torrent "tracker"... ;) I'm sorry I kinda developed into a jack in the box of unpleasant surprises: popping out of nowhere rubbing salt into hidden wounds. Anyways: Love you guys! Always will be. Wish I had more time to hang around here. Please see the attached picture about a prob...

Cash in snail would be nice but I don't trust it to reach our friends at cs when send around half of the world. Also I don't know how safe it is for our friends to regularly go to the same post box to collect money. If I was Uncle Sam I would lay low near the box and hit as soon as somebody opens th...

I see no thread about the new forum design... or maybe I'm just blinded by the bright baby blue background. :lol: Please move this post into the right thread if there is one and I just missed it. I really like the new design as it fits the main page. It is (like always) unusual regarding the colour ...

Congrats from me as well! Better late than never, eh? ;P Let me give some of that praise right back at you. Yes I know and I'll never forget. Others might consider this a little thing but for me it also was a "faith in humanity restored"-moment. Or maybe now I just know who I can trust and where I c...

I'm probably wrong, but I think these lines will allow leaks: iptables -A INPUT -s 192.168.1.0/24 -j ACCEPT -m comment --comment "allow all local traffic" iptables -A OUTPUT -d 192.168.1.0/24 -j ACCEPT -m comment --comment "allow all local traffic" Shouldn't this be mitigated by enforcing a set of ...

I just updated the list, replaced the old mishigami IP 167.88.9.27 with the new 198.204.245.2 one, and added the new singapore IP Thanks for keeping this list recent. Work got hold of me again and I appreciate all the help the community helpers and/or admins can provide in keeping these howtos up2d...

Client isolation is a very important topic also for "Guest" WIFI access points, if you run one. But it is indeed strange that OpenVPN allowed such a thing even with the feature disabled. O.o Thanks to OkayKappa for being such an observant member of the community and reporting his finding! :clap: + T...

I probably know whats wrong:
In the plaintext password file you need to put the token in the first line and some random characters in the second line. The token alone isn't enough!

For example:

Code: Select all

*YOUR HASHED TOKEN*
sgwer43t34tgerter

Merkle-Damgard wrote:DesuStrike, can you please update the list to include St. Petersburg too?

Thanks

Thanks for reminding me to update.

Done!

New exit nodes become a somewhat double edged sword to me. I'm happy about every new node but since Turing it's also coupled with a sad and tragic story of individuals from the past. Nonetheless I welcome this new direction for naming exit nodes. While most of the cryptostorm community use this proj...

We had a great discussion about Sealand and it's history on IRC some time ago. Sealand has a history fit for a blockbuster movie but in the end the "King" of Sealand is loyal to the british crown and thus there is no advantage whatsoever to build an exit node on Sealand. In the end I thing Cuba woul...

The guest System pretty much makes polls useless. Faking is always possible with multiaccs but right now it's a piece of cake.

Oh boy what a great start for a service that basically provides me with a browser I enter all kinds of sensitive information to. And I mean this for both: The guys that got their database stolen and the guy that now runs the other service. I kept away from this because I shudder from the simple fact...

its lead from the Soviet Union rather than the European Union This part actually made me go and look how they call Belarus in German because I don't know this name: Weißrussland (White Russia) I actually know this country by it's German name and afaik it's widely known to be "the last dictatorship ...

https://www.youtube.com/watch?v=OVMuwa-HRCQ

I'm torn between Russia and Poland.

Damn RAS, falls on its ass in the same way that FireGloves did... it cannot properly mask timezone and screen resolution... :( AFAIK Secret Agent was able to do that but it was very lacking in all other regards RAS is covering very well. Also with Javascript active you always can read out the syste...

I remember this from my windows days. I don't know why but creating virtual network adapters in windows sooner or later will result in this situation. (Tested on WinXP and Win7) Especially when you use different software that each create their own virtual adapter or software that regularly removes a...

The forum now supports embedding of video links from (allegedly) every video site. Let's put that bold statement to a test (and keep the video spam all in one place) and post some videos that might be entertaining or interesting to other people. Please no 18+ content! :mrgreen: Obligatory 31C3 Vide...

Isn't there a windows "terminal" method to do a speed test like you can do with wget or curl on *nix systems? Those web based test produce the craziest results on lots of machines.

As tempting as this idea might be there are numerous reasons why they should not or even why it makes not sense at all (at least this moment). I'd be the fist one to rent a server hosted inside grazes cookie jar, protected by pjs furry friends and that runs on manure provided by dfs magical unicorns...

I wish I could be more of help with this matter but due to lack of competence with coding and compiling, I have no other choice to ask you guys for updates, heh :angel: Tell me about it! I always hang around github, looking at interesting projects browsing the code and wishing I could contribute bu...

ps : sorry to be butting in on your locked thread, DS... rather rude thing to do. :-/ No problem pj, that's totally fine! This is a issue that needs to be discussed or better decided on so it can be included in the current forum upgrade process. (More and more things pop up around here and I like t...

The second I know for sure he is a bot and not human...

: hammertime-o.gif (3.27 MiB) Viewed 12731 times

http://youtu.be/otCpCn0l4Wo?t=1m55s

afaik dynamic switches you to a new random node with every reconnect from a lost connection. So if you've got an unstable mobile connection for example, you will regularly switch IPs. smooth on the other hand gives you a random IP on first connection and then "locks you in" for the duration of the s...

Just want to post what I already said in IRC:

This is both moving and impressive. I learned a lot about Turing I didn't know before. I think providing a tool to protect people from those who persecuted Alan Turing is a wonderful way to honor this great man. Better than any statue or memorial plaque.

Little brain training here: Compare Iran a couple of decades ago with Iran today. Now look at the current situation in UK/USA and their plans for the coming years. Realize something?

Bonus Quest: Read up on the US involvement in Iran, the Iranian Revolution and what caused it.

I find science fascinating in general but Astronomy and other "space science" often lets my jar drop. It's really exciting how often they find new objects or occurrences that call widely believed theories into questions. I find this process of regularly scrutinizing your view on this universe really...

Anyone heard of this? BitBox I know someone who actually does this manually to avoid browser identification by Google and such. His host browser never touched a google domain in years. Though it needs plugins for shared clipboard between VM and Host to provide comfortable usage and even with this I...

I guess you are talking about the load balancer option, right? I can only guess here because I don't use the widget and know this stuff only second hand. But to my knowledge the configuration files for the nodes and load balancers are not dynamically updated like the drop down menu but either hardco...

loop wrote:These addresses don't route correctly.
linux-paris.cryptostorm.net
linux-uswest.cryptostorm.nu

Confirmed.
I did a quick check and can reproduce these results.

marzametal wrote:89.26.243.108 ?

This must be the windows IP if I remember correctly though I wouldn't recommend using it at this moment. The nodelist is used by the windows widget and thus represents the teams selection of production ready windows exit nodes.

Well, I am the one who set Fermi up to run the spoofability test because marzametal and I got those crazy results showing several IPs belonging to Google. Even though Fermi could not exactly reproduce our findings his results are strange as well. So I'm starting to think we have several problems her...

Pic says it all. Firefox 34 on Ubuntu.

CanvasBlocker (Also for Firefox for Android) The technique of des canvas-fingerprinting (more informations: http://www.browserleaks.com/canvas ) to identify users can be prevented with this Add-On. Therefore the <canvas>-API which is necessary for the fingerprinting gets blocked. The different bloc...

I agree on the endless comments under guides being confusing and/or intimidating to new users. In fact your post here made me just realized how important clean one post threads are for guides. Our little discussion here already draws away attention from the relevant facts in the first post. Imagine ...

100%[======================================>] 104.857.600 7,89MB/s in 13s 2015-01-07 14:09:26 (7,73 MB/s) - ‘/dev/null’ saved [104857600/104857600] Connected to Cantus (Germany) In fact it went up over 8 MB/s (64Mbit/s) at some point. I wonder... Do you have any kind of QoS (Quality of Service) runn...

I think this is a good place to mention that the last couple of days both Fermi and I experience strange lags when resolving DNS queries with the standard pushed DNS servers. I'll try to find the culprit and will test if it gets better when I remove it. Just another reason for in house DNS resolvers...

Can you try this one and report the results? wget -O /dev/null http://cachefly.cachefly.net/100mb.test Those flash/html5 speed tests are very unreliable and regularly provide completely false information. With apple I wouldn't be surprised if there is some kind of traffic shaping based on ISP in pla...

I run dd-wrt as well. I just bought a aleph token- would greatly apreciate any attention admin here could give to the dd-wrt setup thread, it's a bit of an outdated mess. To be perfectly honest, more than a couple tutorials suffer from the same affliction and we're working to fix that. We've alread...

DNS Spoofability Test: https://www.grc.com/dns/dns.htm Will test it as soon as I added the Servers to my setup but maybe some people will run their own test. EDIT: I forgot to make screenshots but to make a long story short: The DNS servers are indeed very beta at the moment. -> The performance is v...

THANK YOU! I was waiting for this like from the day I switched to cryptostorm. DNS censorship is a lengthly discussed issue in my country but even though we managed to prevent it being broadly deployed so far there already is a (recently leaked) government maintained secret blacklist for "youth pro...

Did a quick client check on SSL Labs with my Windows 7 VM and IE11.
I won't do any testing with this VM though. I don't trust this OS even half as far as I can throw Satya Nadella. Sry...

Bunkers don't work. Period. You really strike a chord with that statement. I could start giving talks for hours about this but I just want to boil it down in a few sentences without derailing this thread: With all this unlimited funds government dragnet surveillance around and on the other side pro...

@oldnewb: I hope you didn't took our reaction as critique against you. Our reaction is purely directed against those guys... ehrm... "security decisions"... As I said in my first sentence: I'm glad that you (and hopefully others as well) are looking around, inform themselves and if they got any ques...

First I want to thank oldnewb about caring enough for CryptoStorm that he is looking for ways to improve it. Community input and fresh ideas are very important and always welcome. You also involuntarily provided a good example for how dangerous the marketing yap of many "VPN-Services" is. Which lead...

I'm not even remotely close to be an expert like you are but I also grew desperate on this topic when I tried to secure a server. There is just no cipher suite available at the moment that is both 100% acceptable from a security stance but also compatible with all popular browsers and OS. If you wan...

Thanks for archiving those. The more copys we have of this the better!

I don't see a discussion thread so I reply here:

I wonder whats the difference between V1.3 and V1.4.

I use the V1.3 configs for all nodes and aside from the hostnames which I don't use it's identical to the V1.4 configs posted here.

Nice catch!

Because most of my guides/howtos somewhat depend on each other to properly work I decided to make a small reference chart. This chart contains both threads and single posts. I try my best to keep all guides up2date. I hope you enjoy and happy tunneling! UP 2 DATE Linux/RAW IP reference chart LEAKBL...

EDIT: Since this data is out of date and there's no plans to update it, I'm going to go ahead and lock this thread. The most up to date OpenVPN configs (Linux too) are always at https://github.com/cryptostorm/conf/ I hereby invite the community helpers and staff to keep these reference charts and h...

@parityboy

yes, 89.26.243.109 is the IP from Tagus. Brisa is just your legacy label.

compac wrote:Thanks for testing this concept. I'm looking forward to this since pj metioned the idea. Shame you can't make 12 months token tough

Isn't this the exact same post somebody else did in vpnDarks thread about token mixing?!

Oh wow! I have to take a closer look on that one! Sandboxing isn't the holy grail as many exploits used for sandbox breakouts proof but it certainly adds a somewhat useful extra layer of security if done right.

Re: Icelandic power outage: 15 Dec 2014 I second that!

I second that!

Woah! Looks like I dropped a brick here. I was talking about "shady copy cats" because I was simply guessing for the reason of this source dump. I do not follow the cryptostorm twitter account very closely because it's a bit too spammy for my RSS feed(*). I want to emphasize that I as well do not ca...

While I do not mind dumping the source of those new "Pirate Bay"s as it could certainly be useful in future I still wonder why pick oldpiratebay.org. Is there anything special about it other than it's from the same guys that picked up the isohunt name after the original was shut down? If it's about ...

My guess is that the "stealth" config is "stealthy" because it chooses randomly from 4 exit nodes thus changing your visible IP around a bit. It's very far fetched to call such a thing "stealthy" but that never hindered anybody of those money grabbing wannabe VPNs from talking marketing bs all day l...

I can also confirm that 109 is the raw/linux instance. It's against the usual rule that lower numbers are win and higher numbers are raw/linux, but as long as it works... huh?

Can you please elaborate a bit further? Skpye should be working no problem, so we need to debug this together. Thanks

Updated as promised. Enjoy

I so gonna fix thix guide as soon as I got my mod powers back! It's only a hand full changes but I bet it frustrated many people who weren't able to run it because of them.

Dear CryptoStorm community, today I filed my own resignation from my position as a forum helper and now I want to inform the community about it. There are several personal issues I have to take care of which make it impassible for me to properly exercise this role. Some of the shortcomings on this f...

@parityboy: It only happens on cryptostorm. But for me that sounds like an DNS error. On the other hand: If you use the same DNS settings on every exit node it can't be DNS... Update: I got severals answers from support yesterday (Thanks for the short response time!) but I was too tired to boot up t...

Since we don't have an off topic forum I guess using "open debate" is the most fitting subforum for this. This is shameless advertising for a game I am in no way affiliated with. It's pure fanboi "talk". (actually I won't talk at all about the game. Just post pictures and links.) It's kinda unusual ...

Does anybody else have problems with reaching cryptostorm.ch/is when connected to the German exit node?

I have this problem since today.

I gonna inform support but I guess asking other if they experience the same could be useful, too.

I love wikis. I use them all the time, and I actually use a personal one[...] Ok, now you HAVE to tell me how and where you do that! Is it hosted on a internet facing server so you can reach it everywhere you go, or is it locally on your computer? And do you use a special kind of wiki flavour? I us...

huh. Afaik only davDroid is being a dick in not allowing to permanently add self signed certs. Any other ownCloud application, especially those directly from ownCloud do memorize the certs perfectly fine. If they don't do so I would consider checking your cert fingerprints if they change. If yes: Bi...

Search found 287 matches