Hacker News: bauruine

New comment by bauruine in "4Chan mocks £520k fine for UK online safety breaches"

bauruine — Thu, 19 Mar 2026 19:55:29 +0000

The Internet: Where the men are men, the women are men and the children are FBI agents.

New comment by bauruine in "SSH has no Host header"

bauruine — Wed, 18 Mar 2026 07:50:04 +0000

True but a server that wants to "deanonymize" you can just reject each key till he has all the default keys and the ones you added to your ssh agent.

You can try it yourself [0] returns all the keys you send and even shows you your github username if one of the keys is used there.

[0] ssh whoami.filippo.io

New comment by bauruine in "SSH has no Host header"

bauruine — Wed, 18 Mar 2026 06:13:38 +0000

ssh by default sends all your public keys to a server. Yes you can limit some keys to specific hosts but it's very easy to dox yourself.

New comment by bauruine in "Zero-day CSS: CVE-2026-2441 exists in the wild"

bauruine — Thu, 19 Feb 2026 10:06:34 +0000

The NSA surely has ordered a backdoor.

>In December 2013, a Reuters news article alleged that in 2004, before NIST standardized Dual_EC_DRBG, NSA paid RSA Security $10 million in a secret deal to use Dual_EC_DRBG as the default in the RSA BSAFE cryptography library https://en.wikipedia.org/wiki/Dual_EC_DRBG

Call for more Tor snowflake proxies

bauruine — Thu, 05 Feb 2026 17:46:43 +0000

Article URL: https://forum.torproject.org/t/tor-relays-call-for-more-snowflake-proxies/21192

Comments URL: https://news.ycombinator.com/item?id=46902331

Points: 2

# Comments: 0

New comment by bauruine in "Reimplementing Tor from Scratch for a Single-Hop Proxy"

bauruine — Wed, 04 Feb 2026 07:32:26 +0000

He uses the keys of his non-exit relay to directly connect from his workstation to an exit relay pretending to be the relay on his VPS. But yeah he could just use the VPS for wireguard which would be way easier.

I'm in Europe so I don't get less than 20Mbit/s on any circuit but I asume he could have got the same speed by just selecting a few local, fast nodes as bridge.

New comment by bauruine in "Allowlisting some Bash commands is often the same as allowlisting all"

bauruine — Thu, 29 Jan 2026 05:04:35 +0000

I had the same few years ago. When I pointed out that I can get full root with most of the whitelisted commands they answered "We know. It's not about security but to prevent lusers from accidentally rm -rf /* the server. Feel free to spawn a root shell. You obviously know what you do"

New comment by bauruine in "Experts warn of growing parrot crisis in Canada [video]"

bauruine — Sat, 17 Jan 2026 07:44:33 +0000

Releasing it is just murder by neglect so people don't feel bad about themself that they actually killed their pet just because "they can't care" for it anymore aka they don't want to deal with the minor inconvenience of caring for a pet anymore. Or worse they become a pest that wipes out whole local ecosystems.

New comment by bauruine in "Experts warn of growing parrot crisis in Canada [video]"

bauruine — Sat, 17 Jan 2026 07:13:50 +0000

You never release exotic pets to the wild. Isn't that common knowledge by now? If you can no longer care for an animal bring it to the vet to get it euthanized.

New comment by bauruine in "A closer look at a BGP anomaly in Venezuela"

bauruine — Thu, 08 Jan 2026 18:11:32 +0000

You don't have to be cloudflare for this kind of analysis you can do it yourself without even needing an ASN using RIPE RIS.

https://www.ripe.net/analyse/internet-measurements/routing-i...

New comment by bauruine in "Show HN: SMTP Tunnel – A SOCKS5 proxy disguised as email traffic to bypass DPI"

bauruine — Thu, 08 Jan 2026 16:13:41 +0000

I doubt it's that much but with the same logic you could also ban HN, SSH and basically any protocol thats not https "with no one noticing" because 99.9+% doesnt use it.

New comment by bauruine in "Show HN: SMTP Tunnel – A SOCKS5 proxy disguised as email traffic to bypass DPI"

bauruine — Wed, 07 Jan 2026 16:26:00 +0000

Sure but from your link

>The PBL detects end-user IP address ranges which should not be attempting to directly deliver unauthenticated SMTP email to any Internet mail server. All the email originated by an IP listed in PBL is expected to be submitted - using authentication - to a SMTP server which delivers it to destination

Means in practice port 25 (unauthenticated) and port 587 (authenticated)

New comment by bauruine in "Show HN: SMTP Tunnel – A SOCKS5 proxy disguised as email traffic to bypass DPI"

bauruine — Wed, 07 Jan 2026 06:08:25 +0000

Tor has a transport using exactly that.

https://blog.torproject.org/introducing-webtunnel-evading-ce...

New comment by bauruine in "Show HN: SMTP Tunnel – A SOCKS5 proxy disguised as email traffic to bypass DPI"

bauruine — Wed, 07 Jan 2026 06:05:37 +0000

SMTP isn't filtered it's port 25 that is. And from a short look at the readme it looks like it's using the transmission port 587 which shouldn't be filtered.

New comment by bauruine in "Privacy doesn't mean anything anymore, anonymity does"

bauruine — Sat, 20 Dec 2025 08:46:03 +0000

Blending in with the crowd doesn't work. If you use Chrome on Windows you're part of a very large group and "don't stick out". But it's also very easy to fingerprint so you're also part of the "theturtletalks" group with the size of one.

New comment by bauruine in "Helldivers 2 devs slash install size from 154GB to 23GB"

bauruine — Wed, 03 Dec 2025 16:46:01 +0000

More details here https://as32590.net/steamcache/

New comment by bauruine in "Meta replaces WhatsApp for Windows with web wrapper"

bauruine — Thu, 13 Nov 2025 06:05:55 +0000

You mean like Matrix or XMPP? They just aren't as ubiquitous as email unfortunately.

New comment by bauruine in "Spinning Up an Onion Mirror Is Stupid Easy"

bauruine — Thu, 30 Oct 2025 13:53:23 +0000

Yes it does but you can use Tor with other browsers too so it can make sense if you want to support them.

New comment by bauruine in "Spinning Up an Onion Mirror Is Stupid Easy"

bauruine — Thu, 30 Oct 2025 12:10:43 +0000

It's only 185.220.100 [0] and 185.220.101 [1] that contain all those relays. Some of the bigger German families work together as "Stiftung Erneuerbare Freiheit" that's why you see a big cluster there. But Tor never uses relays in the same /16 for a circuit so it's not really an issue.

[0] https://metrics.torproject.org/rs.html#search/185.220.100 [1] https://metrics.torproject.org/rs.html#search/185.220.101

New comment by bauruine in "Spinning Up an Onion Mirror Is Stupid Easy"

bauruine — Thu, 30 Oct 2025 11:48:55 +0000

Tor does this sort of although not like you think. It's used as a bridge transport.

>https://blog.torproject.org/introducing-webtunnel-evading-ce...

>WebTunnel is a censorship-resistant pluggable transport designed to mimic encrypted web traffic (HTTPS) inspired by HTTPT. It works by wrapping the payload connection into a WebSocket-like HTTPS connection, appearing to network observers as an ordinary HTTPS (WebSocket) connection. So, for an onlooker without the knowledge of the hidden path, it just looks like a regular HTTP connection to a webpage server giving the impression that the user is simply browsing the web.