1. 3

    I use Keepass for both work (very sensitive for others) and private (very sensitive for me), where the kdbx file is stored in a Cryptomator vault that gets synced through a private NextCloud instance that is only exposed over my own p2p vpn. All of these components are open source (which is a requirement for me), cross platform (linux, bsd, windows) and are quite consistent (which I find important). Of course, Keepass is a bit more work to setup and less fancy GUI wise than say LastPass, but it suits me fine. It has autofill anyway, so I rarely have to copy paste the passwords myself.

    The only thing I find a bit annoying is decrypting the vault every day, but I don’t feel syncing kdbx files over the internet is secure enough. How do others here feel about this? I always believe in layers of security (encrypted database + encrypted vault + tls + vpn + strong certificates and passphrases, everything under my own control) but there are also people that use Keepass only with Dropbox and only rely on the strenth of the kdbx file itself. Any thoughts? :)

    1. 8

      Is that blog satire? The author links in his second paragraph to articles he wrote praising DRM and dismissing all criticism[1], to articles claiming that repairability or the ability to replace firmware is unnecessary, as you can always throw a device away and buy a new one[2], and he’s arguing that modifying the way a website is displayed in your own browser – e.g. by restricting the JS, or modifying it – violates the site owners’ rights, and is wrong[3].

      I absolutely can’t tell.

      [1] http://www.technologicallyadvancedhuman.uk/why_eme_is_great.html

      If someone wants to sell a movie but they don’t want it pirated or modified without their permission, that’s fair-enough. It’s their content and it took them a lot of effort to make it. I don’t see why you would think you have the right to take someone elses work and do what you want with it without permission.

      [2] http://www.technologicallyadvancedhuman.uk/the_freedom_to_destroy.html

      The type of freedom we need over these practically immutable hardware components is what I call “The Freedom to Destroy”. This means that we can throw it away and replace it with something else if we need to. So if it malfunctions, whether due to a bad microcode or a dead transistor, we can simply destroy it.

      [3] http://www.naughtycomputer.uk/a_response_to_the_javascript_trap.html

      Also consider if it’s polite to run your modified JavaScript on someone else’s website. Imagine if you maintain and distribute a modified JavaScript to use with e.g. eBay. And imagine it malfunctions causing a DDOS on eBay or people to have their financial details stolen. Who’s fault is it?

      1. 4

        I read the DRM and firmware blogs, and was like “he can’t be serious”. I just closed the tab and went to check here if people understood the blogs haha. I guess not looking at your reply.

        In addition it’s also written rather simplistic/shallow. But the thought of satire didn’t cross my mind, but you might be right! Also because of the banner.

        1. 3

          The weird part is, the author’s posts have been previously tagged as satire on lobste.rs, or marked as April Fools joke, and he’s protested that they’re not. All of his websites have similar content as well.

          I’m super confused.

        2. 2

          So I think these positions are a bit different than what you summarised on those blog posts (and I agree w/ the finer points)

          • “EME is great” post:

            • The writer doesn’t like piracy
            • => DRM helps prevent that
            • existing DRM schemes, however, are messy and rely on stuff like Flash
            • EME allows for a “minimal” amount of obfuscation in order to prevent privacy. A solution that is cleaner than others, while preventing privacy
            • basically, if DRM is non-negotiable, EME is a good implementation of such
          • “Freedom to destroy” post:

            • IME lead to comments as CPU as a service
            • but even non-IME CPUs are basically a service (magic circuits, impossible to grasp)
            • Linux is built off of a lot of small software, where each component can be easily replaced (you can rewrite cd and put it into your own version)
            • “Freedom to destroy” = “Freedom to remove a part and put in a new part”. Basically you can replace things with “nicer” things that meet your objectives
            • CPUs aren’t really this yet (gotta replace whole motherboards) but… maybe one day
          • “Javascript Trap” post:

            • Javascript is running on you computer, but not easy to modify
            • Javascript’s “user” is the server runner, as they can modify it easily
            • (aside: running modified JS on someone else’s site could cause problems. For example a site extension could add way too many API calls bringing the site down. It’s not super nice to the site runner)
            • Free software helps to fight stuff like Google Maps, where we don’t have a real copy of the software (because JS isn’t usable in a real sense as a piece of free software)

          If this is satire, they unintentionally fell into real points. Don’t agree with everything, but this stuff has some basis in reality.

          1. 1

            The problem is that half of their points are completely irrational.

            For example, his EME post’s arguments rely on “I don’t see why you would think you have the right to take someone elses work and do what you want with it without permission.”, which assumes that the fair use doctrine isn’t a thing. If you assume the fair use doctrine exists, then EME removes a right that you otherwise would’ve had.

            The freedom to destroy post also applies to other hardware, not just CPUs, and assumes that users manually repairing devices isn’t a thing. I’ve just replaced some parts of one of my monitors, and had to modify the firmware afterwards. The freedom to destroy post assumes no user is ever going to modify or repair such devices. The same issue applies to flashing the firmware of routers. Even the EU considered the right of people to flash the firmware of devices they buy as so essential that they required that no router manufacturer may prevent users from flashing custom firmware.

            Regarding the Javascript Trap, his argument would declare Ad Blockers as problematic – every browser extension you use to modify a site, be it Reddit Enhancement Suite or uBlock Origin, modifies the JS of the original page, or runs its own. This even came to court in Germany, where the courts ruled that it’s an essential right of a user to run ad blockers and that whoever runs the browser is the user and can modify the document requested in whatever way they wish to display it.

            In general, each of the post has some points – but only under assumptions that require removing many legal rights that users have.

            1. 2

              Poe’s law applies here at some level.

              1. 2

                Or the turing test. If it’s indistinguishable from satire/trolling…

          1. 2

            We use OpenStack for all our internal virtual machines (which are quite a lot). I think it’s quite (too?) complex to setup, but the ease of use after the initial setup is really good. There are a lot of OpenStack-compatible images available and it also isn’t difficult to make them yourself for some BSD’s of lesser used Linux distro’s. I really like the automatic SSH-key deployment, IP address configuration (we use public IPv4 and IPv6) and ACL/firewall in the gui. I know some more organizations that use OpenStack, but most (like us) aren’t very public about it. We actually added more/new nodes to it recently :). Hope this helps!

            1. 12

              No VPN provider is going to go to jail over the illicit use of its services by its users. It’s quite possible that prior to the FBI knocking on their door, they didn’t keep logs. I’d imagine the following scenario:

              1. FBI investigates, sees the suspicious traffic coming from PureVPN
              2. FBI gets a warrant/subpoena for PureVPN
              3. FBI knocks on PureVPN’s door with a warrant/subpoena
              4. PureVPN says “can’t fulfill that right now. We don’t keep logs.”
              5. FBI responds “You’ll keep logs starting today.”
              6. PureVPN complies, eventually providing the logs FBI needs of future accesses of the suspect

              This is exactly why people should use Tor before connecting to a VPN and not the other way around. Tor hides you before you connect to an entity that can be coerced to hand over identifying information to law enforcement. But, hey, I could be completely wrong.

              1. 3

                This is a little tangential but I have to ask…

                What do you gain by going home → Tor → VPN → internet instead of going home → Tor → internet? In the latter you have one place (home) which all your connections pass through where a wiretapper could correlate them and glean information about what you are doing from the timing information about how many packets you send when. In the former, you have two (home, VPN). This seems like a net-loss of privacy?

                1. 3

                  There’s only two reasons I’d use a VPN for while behind Tor: to gain UDP support, which Tor lacks; or to ensure that my traffic appears to originate from a certain geographic area.

                  1. 1

                    The VPN (before TOR) can hide TOR traffic.

                    If I remember correctly, in one case of a false bomb threat a suspect was pinned because they were the only ones on the whole school using TOR. That is, the metadata of using TOR can turn you into a suspect, as it’s not a popular service and TOR usage is scarce.

                    I’m curious about the other way around. How can you connect to a VPN after connecting to TOR? Routing all your traffic throuth TOR using a SOCKS proxy?

                    So if I’m not mistaken, a full setup (with drawbacks of course) could be:

                    home -> vpn (hides tor usage) -> tor -> vpn (allows UDP and hides exit node IP)

                  2. 2

                    Some sites don’t allow traffic from Tor exit nodes - routing through the VPN works around that. It also avoids the constant Cloudflare CAPTCHAs. And as @lattera said, UDP support. Some Freenet users use an anonymous VPN, via tor, to hide their IP and Freenet is UDP only.

                  3. 2

                    A VPN with more foresight could instead use a warrant canary to let its users know whether the FBI may be keeping logs.

                    1. 6

                      We looked in to this for our privacy focused VPN service for the higher education and research sector in the Netherlands. Unfortunately, the legal status of warrant canaries is unclear at best. When a intelligence agency (most have quite far-reaching powers) with jurisdiction and a legal ground compells you to cooperate, not updating the canary probably is a violation of the subpoena and/or gag order because there is no real legal difference between saying “We got a gag order!” and not saying something because you had a gag order.

                      Of course you can calculate the risk and potential consequences when deciding whether a warrant canary would be a good idea or not. Maybe the use of a warrant canary is worth much more to you/your organization than the potential risks of not complying with gag orders.