CHATPRIVACYDONATELOGINREGISTER
DMT-Nexus
FAQWIKIHEALTH & SAFETYARTATTITUDEACTIVE TOPICS
«PREV234
Going Rogue Options
 
The Traveler
#61 Posted : 7/16/2012 1:11:22 PM

"No, seriously"

Administrator | Skills: DMT, LSD, Programming

Posts: 7324
Joined: 18-Jan-2007
Last visit: 02-Nov-2024
Location: Orion Spur
SeekerOfTruths wrote:
The Traveler wrote:

Also with the Encrypted connection, IP's and e-mail addresses that are encrypted offsite (meaning there is not way to decrypt it if you grab the DMT-Nexus server, the key to decrypt is just not on that machine) it will be REALLY hard to track someone down.


SSL isn't all that secure, its been broken numerous times recently. Also what makes you think email addresses are stored offline? I can click 'my profile' and it shows me my e-mail, that would lead me to believe that my email is indeed stored on the server and is obviously decrypt-able. I'd suggest not using an email address thats connected with anything else.

Hopefully they simply don't keep logs of access, no need to encrypt them, just don't have them to start with.

If you implement SSL the wrong way then it can be insecure indeed, please notice the 'If'. To accomplish a successful SSL/TLS attack the one you are attacking needs to comply to quite some preconditions.

One of those preconditions is that you need to have an older browser for example since the new browsers don't fall for that trick anymore, also the hacker needs you to run malicious javascript that is coming from the exact HTTPS source (site) that they like to hijack the SSL session from, not very likely to occur. And as the last one please notice that you cannot access the DMT-Nexus with the old SSL 2.0!

And about your e-mail that you can see, that is stored in a database in a highly sophisticated encyrpted form. If you access a page that shows you your e-mail address then that encrypted e-mail address is send to another server, that other server decrypts the string containing the e-mail address and sends it back to the DMT-Nexus server so it can be shown to you.

If you take away the DMT-Nexus server or in any way temper with the security, several protection switches are in place to brake the connection to that external server immediately and forever. Without a connection to that external server you can't do a thing with the e-mail or IP addresses.

Here is an example of an encrypted e-mail address:
ENCRYPTED wrote:
Nzym4vrZaHDPm8LHe/TH92RpjcL9lN8hwyEObv40gDroWinX9CXW4FZfz5EV/joeJZ5
ovN25ORfx3lRnv+ORZMYHRUPDUOsb1LzxmmYRCy6ka4Mn0e1+7C1XoQzH1RA22dvCOyMFqT22MIIQL+DiugH
DBLgG3za0YfYmZ5j+zI8M1YOV4SMitFNw/xBrIn+X68QWsEPjUXMiCalfJGpPj3BvC4+MDdRgzoLsay6Jauk
E/4/My2wgfj0TQtK3cp+e8Wp1TcvHccy8dkyqLfEL0oDXI/wGGLFuKP5BiuTR/Oi+aA2WDwn7GbTXrJZv69h
Ay03kLRwGvrqA1MdrsNAZ1RysNEJbTMdyYXU6k9VDMlM8nsYSJK3OcTRuuFrIKKlddQkOhBXNe/fHXckiiD6
cYpSsOYoqw35MTu2FK0uIovsGOnB03TxVyzPhw/6ryoylbeqUT8sYZc5y5+Ehj43sIEuZ0ArP2yUW0fNsS9U
aD+T8x6SlCc6ptTXc7HuOm8eh0bWWsPSWJ3CZbCTc7idHuIIV4cjU5YQ1jE/Lu1J0ZR1sgzm3VWLIIXSz5Xt
n57pt96hEgsS91qoesM8Rm9tueU1ZoOfnLuAyJ+V2rqHT8baFkSx2jRECBSFIpDyItxJOE1eA9lfWlDV1gbF
cp/ieLQfAPmRWhuBXFJ8/T2La2CcJ1sP7/B45rrK/L64sVNeaNaB4R2oi0ebz4wLVTPcpApG1I19juw9ujvg
rnsaqoMJdtLYRZzAQf8IdncFd28B5MBuofrFxGU+GFB/bzeFOVtjTxhN+ulhUbaIMMVmZ/sdgFeOVvbgAoL3
aZDX04Non9PuSeuQKXev1pXKm1sCiaHn9OuJnKTCKIr+KjFFrhamC5jEqtU1tWYZSpW/ydJmXyFewHhFD9D6
c6ttmgQFYKeJZDJMCwi5yHzDSX8H7JBLw7RLDMtX57G2rUyrOHiwi6E8BpsrhLEa5pgj+XxJ6m+moDlitCzt
kPQ1oy82Jb/Yxyx1ubnzdZDfXoJpRKOczN9E05J+ztVoVpDAc9c3x8eoAPBIJy7SuvhmEvknHNUGSZif6S+P
tocO+wq0lQV/QYG8Se3ipc/QIpzQsMROqJN528t9bGTD1eSPSDxQ1OUa8ElAgloQTaNMFH/6yU05j5bY25R3
hDXVMZvBU/d275Bo+YnI3s1bXF5KIxeUGL6HaZLmabdky6rY1IYL52/98us4hPOLJdECJMEVY0J9z4fCE0Eo
iN1Bu3bV3e/4msV9UU8vRwOtctvA8Bg6M5zOWYK03Wq3Z/xyOWfLYPQYk+t/4zqPERNCOqoXFaVyiArNo38n
smBjxKMwX6m4/jnnYXw2wM6yCjuFsI+HwkaC8LYJjP3VQzK5NVNtuzoXxAbWSrQRi+NpKImc/zjDdBNbwLsV
!Yx1XzCR4X0bX118jSmxNE6j8KS5ade89+C3/JqgDmdNOxTxo026q8m6sAHf+hFRPMY=


It is encrypted with AES, 256bit block size, special salting, multi round, and a random key of at least 200 characters long. Due to the special salting every e-mail address is encrypted in a different way. So even if they spend billions of years decypting one e-mail address another encrypted e-mail addresses takes again that long to decrypt.

And one question: Who are they in "Hopefully they simply don't keep logs of access, no need to encrypt them, just don't have them to start with."?

On the DMT-Nexus there is no logging of your browsing activity. The only things that are logged are:
* Date/Time of joining this site
* Encrypted e-mail address when you join the site (you can enter a fake one if you don't need to get updated with PM's and if it doesn't matter if you loose your password)
* Date/Time of last visit (needed for showing you the last topics)
* Encrypted IP address when you first sign up and when you make a post (needed for action against trolls).
* Date/Time of any post you make (again, we need that for active topics and to have a timeline for the topics)

Also for secure browsing, check this topic: How to secure your entire computer and surf completely anonymous


Kind regards,

The Traveler
 

Explore our global analysis service for precise testing of your extracts and other substances.
 
SeekerOfTruths
#62 Posted : 7/16/2012 2:13:54 PM

DMT-Nexus member


Posts: 130
Joined: 07-May-2012
Last visit: 29-Jul-2020
The Traveler wrote:


....

The Traveler


Ah, I didn't realize you were the admin of the site, by they I meant whoever was hosting the site Smile Thanks for the wonderful site/community.

Also, a lot of the times when they confiscate a server in a RAID they've likely done some heavy foot work. I don't know if the connection to the sever is through a reverse proxy with some random latency to prevent easy timing attacks. But realistically I don't see DMT-Nexus being under such heavy fire. Hopefully not at least Smile I'll still say my choice is to not use an e-mail associated with anything about yourself.
 
olympus mon
#63 Posted : 7/16/2012 7:22:25 PM

DMT-Nexus member

Moderator | Skills: Tattooist specialized in indigenous art, Fine art, medium ink and pen.

Posts: 2635
Joined: 27-Jul-2009
Last visit: 28-May-2018
Location: Pac N.W.
If there is one thing trav takes most seriously it is protecting our members privacy from those who would try to invade our home. Thank you trav for your un yielding dedication to keeping us all safe and secure.
I am not gonna lie, shits gonna get weird!
Troubles Breaking Through? Click here.
The Art of Changa. making the perfect blend.
 
«PREV234
 
Users browsing this forum
Guest (5)

DMT-Nexus theme created by The Traveler
This page was generated in 0.040 seconds.