Skip to content

Instantly share code, notes, and snippets.

View pjstorm's full-sized avatar
💭
...derping

Pattern Juggled ie ðørkßöt pjstorm

💭
...derping
38 followers · 16 following
View GitHub Profile
@sarciszewski
sarciszewski / Idea.md
Last active August 29, 2015 14:13
Privacy Seppuku (Note: IANAL)

Let's say that you are an American whom produce software that respects user's privacy. And one day, the FBI comes knocking armed with a National Security Letter (NSL) and demands your signing key so they can distribute malware to your users, pretending to be you. There is no legal defense you can mount, they covered their bases.

What do you do? Lavabit fought, and was ultimately destroyed. If more companies pushed back, maybe the government would stop using it as an easy way to force compliance and silence. Or maybe they would just carry a bigger stick.

Here's another idea. Comply, then get "hacked" and have the keys they're demanding get leaked online and/or published via full disclosure.

Here, being "hacked" means either:

a) leaking the key to someone, discretely, over e.g. Tor with PGP and having them do it

b) leaking a backdoor to someone and having them actually hack in (over Tor) and steal the key

anonymous
anonymous / cryptostorm.sh
Created January 13, 2014 23:39
#!/bin/sh
token="<TOKEN TEXT HERE>"
config=$(pwd)/cryptostorm.conf
passfile=$(pwd)/cryptostorm_pass.txt
config_url="https://cryptostorm.org/download/file.php?id=594"
# create sha512 sum username
username=$(echo -n "$token"| sha512sum | cut -d ' ' -f 1)
@majestrate
majestrate / i2p inproxy howto v0.1
Last active March 27, 2018 15:41
BEWARE: THIS GUIDE IS OUTDATED
#
# this is a howto for an i2p inproxy from the best of my recollection
# you will need: nginx, squid3, polipo, i2p and a good vps provider that doesn't suck ass
#
# this setup uses nginx as load balancer + logger, squid for transparent proxy and polipo for interfacing with i2p socks proxy
#
# client => nginx -> squid -> polipo -> i2p socks -> i2p => eepsite
#
@Wack0
Wack0 / gist:17c56b77a90073be81d3
Last active July 23, 2021 12:54
It's not just superfish that's the problem.
Superfish uses an SDK from Komodia to do SSL MITM. That's probably known by now.
Superfish isn't the only product to use that sdk. there's others too.
Each product that uses the Komodia SDK to MITM, has its OWN CA cert and private
key pair. Seems a lot of people think they all use the superfish cert. That is
NOT the case.
First thing I checked was komodia's own parental control software,
Keep My Family Secure. (mentioned on komodia's own website).
@martinseener
martinseener / check_freak.sh
Last active January 9, 2022 03:21
check_freak.sh - A simple nagios-compatible check for the FREAK vulnerability (CVE 2015-0204)
#!/usr/bin/env bash
# check_freak.sh
# (c) 2015 Martin Seener
# Simple script which checks SSL/TLS services for the FREAK vulnerability (CVE 2015-0204)
# It will output if the checked host is vulnerable and returns the right exit code
# so it can also be used as a nagios check!
PROGNAME=$(basename $0)
@agl
agl / gist:876829
Created March 18, 2011 21:00
Proxy server for testing revocation
package main
import (
"bufio"
"fmt"
"io"
"net"
"strings"
)