cCloud moved to UK address, is still open to NSA via GCHQ..

cCloud moved to the UK, i guess this is because of the Prism system, i run a few sites on Encryption and Censorship to Torrent sites, i will most likley have this link removed but our main site is at zwitterions dot net from there you can find all are sites, now we use Comodo, we love it, we have attacks on a daily time table, mostly from China, our drives are all using elliptic curve encryption, we know they can’t break that, we allow user to bypass censorship, and yes we pay for software, we have paid for Comodo, and will continue to but moving the storage to the UK, will not stop the NSA for access the Data, because the UK is part of the 5 Eyes, “Echelon” So i ask Comodo why not have Storage in a non Five Eyes Country?

I think this is a valid point, and was wondering what others thought about this on this subject?
Regards…
Zwitterion

Well a good question. I’m sure Comodo will do something in this direction soon.
Same here I trust :110:

Listen, if there is one thing the history of evolution the NSA leaks have taught us, it is that life the NSA will not be contained, life the NSA breaks free, it expands to new territories and it crashes through barriers painfully maybe even dangerously but… uh… Well there it is. I’m simply saying that life the NSA… uh… finds a way.

Sorry about the above, just wanted to have some fun and it fits so well. ^-^‘’

;D Well this is NSA motto from now on: the NSA finds a way. :smiley:

Is that from Jurassic Park?

Yes.

Listen Sanya IV Litvyak
“Listen, if there is one thing the history of evolution the NSA leaks have taught us, it is that life the NSA will not be contained”

It has and it is being contained, Google, Apple, Microsoft, all of us in the Torrent community have gone to total at home, Work Storage System, we use Tor over Vpn’s and encrypt at the highest, unbreakable level, i personally have 11.5 terabytes on my home Server, all encrypted with Unbreakable “Elliptic curve cryptography (ECC)” our servers when we are not using them are in locked down mode, and the contents of our drives can not be unencrypted, not in this life at least.
We use, Serpent-Twofish-AES with primary and secondary 768 bit keys PKC5-5 PRF, HMAC-Whirlpool, randomized Tripe key construction.
Our VPN Proxies Use a, Yet to be approved, form of equal encryption. Before you say it “But the Tor Network was brought down!”, well no… “It was done by using a " JavaScript exploit.” The JavaScript code’s payload analyzed by reverse engineering and exploit developer Vlad Tsyrklevich, who reveals that it briefly connects to a server and sends the hostname and MAC address of the victim. "Briefly, this payload connects to 65.222.202.54:80 and sends it an HTTP request that includes the host name (via gethostname()) and the MAC address of the local host (via calling SendARP on gethostbyname()->h_addr_list). After that it cleans up the state and appears to deliberately crash. This was due to a security bug in Firefox 17, and users not using Tor correctly as they should.

As Tor say

“Tor protects your privacy on the internet by hiding the connection
between your Internet address and the services you use. We believe Tor is reasonably secure, but please ensure you read the instructions and configure it properly. If you use Tor Wrongly we can’t help you”

This next point i can not stress enough, Don’t use Tor on WindowZ, WindowZ has more holes in it then Swiss cheese, and Microsoft have helped The NSA understand how its core encryption works. Use Tails 0.22 with Tor! And no i don’t mean load up VMware and run it, make a bootable pen drive with it on it, and boot clean from your second computer.

When The Silk Road and Freedom Hosting were taken down by the FBI, With The NSA’s Help, every one said well it proves the Tor Network was compromised, but as we see it was not. Again it was Users not following Upgrading instructions and sloppy browsing habits, plus a lot of us feel there as a “Sneak and Peak” at Freedom Hosting a Breakin…

In fact it may surprise you to know, we have a list of over an entire class B network of ip address that GCHQ use, and the same with The NSA in there case they can pool from 4 class A networks. And mute point get a tunnel Broker and use ipv6…

This range is almost always used by exploits from the NSA put it in your blocked network section of your Firewall 65.192.0.0 - 65.223.255.255. Just a heads up.

You are right on one point, The NSA have an Open Budget of 10 Billion a year, and who knows what the Black Budget is… So yes they can go directly to IBM or AMD, Intel and get them to make chips that do nothing but try and ■■■■■ encryption. But the same Scientists that they employ are no better then the ones that develop the Mathematical Algorithms used in our encryption, its a catch me if you can game.

Until we can send Entangled Photons thru our fibre to insure our keys have not been tampered with, we will allways never be sure that most of our data is not being grabbed and recorded with sniffers.
But i can tell you this, all they will get from me is bad words, and Torrent info, and i already have lots of dmca notices. Lmao

I have digressed, My Main Point about Comodo using The UK as a Hosting County is still Valid, and i wounder why i have not had a good reason yet? It cant be cost, its much cheaper in Finland, i know we have servers there. If you want to know more about Prism and Tor i have tons of info on my main site at https://■■■■■■■-and-die.com
Please consider a donation to The Pirate Party!

One last mute point, we do use WindowZ Thats why we use Comodo, but the servers that use WindowZ are for users who want to host on WindowZ, My OS is Debian.
I hope i have not Bored you. You have made some good points.
Ciao, See me in Court, soon!

my url if https : // Foff-and-die.com I guess they don’t like The work F Lmao. i thought this was an anything goes area. are we not all adults here. Anyway Thanks for reading my Cr*p. 8)

Perhaps I should clarify that it was a joke and that I actually mostly agree with you.

I have a few questions though, how do we know these encryption algorithms are unbreakable? How do we know the NSA hasn’t broken x or y encryption algorithm when we have no insight into the NSA (other than leaks)?

Personally I don’t like Tor, I find it to be too slow for what I do on the Internet and so far Tails isn’t really a good OS for gaming in my opinion, no Linux distribution is good for gaming at the moment because of the lack of games and proper drivers (my opinion of course). I’m not saying there isn’t a need for others, just that I personally don’t have a need for it. For VPN I just use Anonine and as a rule I assume that the NSA can ■■■■■ the encryption it uses, I don’t know whether they can or not but in my mind it’s safer to assume something has been broken rather than assuming something hasn’t been broken.

Also you didn’t bore me, was quite an interesting read and I agree on many points.

Hi again, well, i am a part time Math lover, to say i studied Physics and math in Uni but back in the 80’s, Elliptic curve cryptography (ECC), is a relative new comer, and even using haskell , programing lang, that is a front runner for qipper all tests point to the fact that with brute force it would take thousands of years even in the petaflop range to break, now that’s not saying Quantum computing won’t make all this out dated, but be sure, they have not broke it, had they, they would have shut down a lot more terrorists and hackers by now. Tor is slow as you know mostly because of the lack of bandwidth, exit nodes, and the wat onion routing works, but it’s safe, as long as you are safe. VPN is only as good as the operator, it’s a fair deal they have broken most parts of rsa 128, but i don’t see 256 being broke Yet! Problem, if they have broken rsa 128 well you can say goodbye to the net for anything secure, banking the lot, the fallout from Snowden, who really only woke up this generation, us old guys followed Echelon for years… has cost the US somewhere in the area of 35 to 100 billion in lost money to Cloud storage, trust of US software, and US comms companies. i do tend to rant, fast on the keyboard its a curse… I just like to make sure the point is clear i guess… My VPN keeps no logs, except for performance, no names or accounts a typical VPN uses…
Data Channel Encrypt: Cipher ‘BF-CBC’ initialized with 128 bit key
Data Channel Encrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
Data Channel Decrypt: Cipher ‘BF-CBC’ initialized with 128 bit key
Data Channel Decrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
as you can see it’s 128, there are people who have been saying RSA 128 bit is either broken or almost broken, but if that proof ever came out the financial damage to the World Economy would be staggering, your guess is as good as mine.
I agree about Tails, only good for security, as is all Linux, Ubuntu are trying, with Steam, but its a non starter, Gaming is a WindowZ domain, I use windowZ for it as well, i don’t dislike Windows, hell i even met bill once back at Comdex in the early 90’s i got a free copy of win3.0 beta. wish i had it today… Anyway, Nice chatting with you… I am quite sure Comodo will not give us a good answer to why they did not go to a non five eyes country, but at least we talk about it and its out now…
L8Tr All…

Here is a bit on Tor for your reading. Not by Me…

After more revelations, and expert analysis, we still aren’t precisely sure what crypto the NSA can break. But everyone seems to agree that if anything, the NSA can break 1024 RSA/DH keys. Assuming no “breakthroughs”, the NSA can spend $1 billion on custom chips that can break such a key in a few hours. We know the NSA builds custom chips, they’ve got fairly public deals with IBM foundries to build chips. You can see this for yourself by going to a live listing of Tor servers, like http://torstatus.blutmagie.de/. Only 10% of the servers have upgraded to version 2.4. The problem with Tor is that it still uses these 1024 bit keys for much of its crypto, particularly because most people are still using older versions of the software. The older 2.3 versions of Tor uses keys the NSA can ■■■■■, but few have upgraded to the newer 2.4 version with better keys.
Recently, Robert Graham Errata Security: Tor is still DHE 1024 (NSA crackable) ran a “hostile” exit node and recorded the encryption negotiated by incoming connections (the external link encryption, not the internal circuits). This tells me whether they are using the newer or older software. Only about 24% of incoming connections were using the newer software. Here’s a list of the counts:

14134 – 0x0039 TLS_DHE_RSA_WITH_AES_256_CBC_SHA
5566 – 0xc013 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
2314 – 0x0016 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
905 – 0x0033 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
1 – 0xc012 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA

The older software negotiates “DHE”, which are 1024 bit Diffie-Hellman keys. The newer software chooses ECDHE, which are Elliptical-Curve keys. I show the raw data because I’m confused by the last entry, I’m not sure how the software might negotiate ECDHE+3DES, it seems like a lulz-worthy combination (not that it’s insecure – just odd). Those selecting DHE+3DES are also really old I think. I don’t know enough about Tor, but I suspect anything using DHE+3DES is likely more than 5 years old.

(By the way, I used my Ferret tool to generate this, typing "ferret suites -r ".)

The reason software is out of date is because it takes a long time for repositories to be updated. If you type “apt-get install tor” on a Debian/Ubuntu computer, you get the 2.3 version. And this is what pops up as the suggestion of what you should do when you go to the Tor website. Sure, it warns you that the software might be out-of-date, but it doesn’t do a good job pointing out that it’s almost a year out of date, and the crypto the older version is using is believed to be crackable by the NSA.

Of course, this is still just guessing about the NSA’s capabilities. As it turns out, the newer Elliptical keys may turn out to be relatively easier to ■■■■■ than people thought, meaning that the older software may in fact be more secure. But since 1024 bit RSA/DH has been the most popular SSL encryption for the past decade, I’d assume that it’s that, rather than curves, that the NSA is best at cracking.

Therefore, I’d suggest that the Tor community do a better job getting people to upgrade to 2.4. Old servers with crackable crypto, combined with the likelyhood the NSA runs hostile Tor nodes, means that it’s of much greater importance.

Just a little more on the subject… Read the Authors Blog, it’s quite informative… A quick note we use are own private clinents on out tor network, the problem there is if one of us talks to the feds then we are all done, My father always said “Three Can Keep A Secret, When Two Are Dead!” something to remember…

Don’t like NSA. VPN is really best way to hide from them…

Yup i Use ExpressVPN and Torguard, and on my server i have a anon php proxy using tsl the VPN on my Iphone is not that reliable, so it tends to drop out a lot, so i have a backup proxy using tsl to my VPN on my server so that when my iphone drops the connection it goes to my proxy, it’s not that i am trying to break the law, i just hate knowing they monitor all our comms, it pi**'s me off.
But as others have said in this post and my self, if they want to get your data they will find a way…

Still waiting for Comodo to answer the original Question. But im not holding my breath.

Sorry should have said i use stunnel to the php proxy, not tls, normally browsers wont except an encrypted connection. My mistake. lmao, so much to remember, i sometimes wounder how i keep it all running. lol. Ciao. 8)