AnonTalk BBS — Discuss anything anonymously without registration.
Sysop started this discussion 2 months (2008-07-04 15:18:12 UTC) ago:
It's self-signed, though, because I cannot afford to have an authority sign the certificate. This means that it's encrypted, but not "fully secure".
All browsers will give you a warning because of this, but Firefox 3 takes this to an extreme and refuses to let you connect unless you make an exception. Pretty misleading and dumb, I would say…
https://www.anontalk.com/Anonymous 2722dd5e41d75c2657bc295f639b6161 replied with this 2 months (2008-07-04 15:44:07 UTC) ago, 26 minutes later (#30,417):
Awesome. This is REALLY important for us Swedes since the FRA-law was passed. :/ Thanks ♥
Anonymous 64423e378ab1fcb787ec2a8dc9505359 replied with this 2 months (2008-07-04 16:25:33 UTC) ago, 41 minutes later (#30,429):
Great, Sysop. Thanks!
Anonymous e2e1a531cc8826718a035575f04a6e3e replied with this 2 months (2008-07-04 18:20:11 UTC) ago, 2 hours later (#30,446):
For those who use FF3, just add it to the trusted site thingy that comes up when you try to enter the site.
Anonymous 8e6e2431a1b09634576ff0837fb69699 replied with this 2 months (2008-07-04 23:53:30 UTC) ago, 6 hours later (#30,481):
@30,417You know the SSL/TLS spec was never designed for that kinda shit - it was for protecting passwords and accounts. The police can still put the data together by applying a man-in-the-middle attack on the diffie-helmann the SSL uses. They can even do it afterwards since they most likely have the packet logs off of your ISP:s routers - in Finland that gathering these logs is mandatory, but I don't know about Sweden. Even if the police are as stupid as the people writing the legistlation, they can still prove that you visited this site. The IP, port and timestamp are all in plaintext in the header. Posting on the site is as easy to gather as measuring the HTTP requests your browser sends out.
If you really wanna get by the system, do as the spamlords have. Get yourself a shellserver from some eastern European country and ssh-tunnel it through there… I also hear the UK takes their motherfucking time in handing over evidence to any other country. Or you can just use Tor or some other system.
Even so, I wouldn't be too worried about the buttfucking cops. Their method of investigation is still based on complaints received and their resources are very limited.
Anonymous 56116e7d7442f475e6e5cae34723b72b replied with this 2 months (2008-07-05 08:31:10 UTC) ago, 9 hours later (#30,550):
@30,481Man-in-the-middle-attacks are easy to notice using SSL. I'm quite certain the browser will warn you. Not that people care about those warnings though <.< And it doesn't matter if they can see that you've visited the page, that's not as you have the right to read whatever the fuck you want on the internet.
Anonymous 58b0cab2292cf8376bb48360166b4bb6 replied with this 2 months (2008-07-05 09:26:03 UTC) ago, 55 minutes later (#30,551):
This is great news! I am glad you have implemented this feature. I have one question though. With ssl, is the url I visit encrypted as well? For instance if my isp sniffed the packets would they see that I went to this thread
https://www.anontalk.com/new_reply/6562, or would they only be able to see the ip address of this server?
Sysop replied with this 2 months (2008-07-08 23:44:57 UTC) ago, 4 days later (#31,207):
@30,551> With ssl, is the url I visit encrypted as well?Yep.
© AnonTalk.com 2008