Urgent: serious backdoor impacts major linux distros Fedora, Kali, openSUSE, Debian

DegenRocket has summarized the info & given you a simple command to check if your Linux machine is vulnerable:

https://linked-out.me/news/55d3c9f25acde2d95282 

 Why should you have a self-hosted email?
Because without it, you don’t own anything.

Most websites force you to link an email, and the email can reset the password. And because email forces you to trust the provider, the provider really owns your accounts.

Don’t use Protonmail. The emails come in as plain text, and then they supposedly encrypt it.  But this is a conflict of interest, as they are protecting you from themselves. 

Instead, here at Simplified Privacy, each customer gets the login credentials and SSH keys to their own tiny cloud (VPS).  So you fully control your own data, and lock us out.  With Protonmail, you can’t verify their cloud.  But with your own VPS, you are the cloud.

Our combo package is designed to keep your VPS lightweight and save you money, while being jammed packed with functionality!

We’ll setup 3 services, (using open source software, all on the same VPS):
1) Email
2) Chat (Your choice of XMPP or SimpleX)
3) Team cloud docs w/ CryptPad (like Google docs but encrypted)
4) With a full YEAR of tech support after.
5) Includes domain name registration AND the first month of VPS costs.
All for just a one-time $99 setup fee, and then after the first month you take over paying the VPS directly (like $8 a month).

See screenshots and learn more:
https://simplifiedprivacy.com/email-cloud-combo/ 

 US State Department worker publicly resigns (ending her career) over Israel & Joe Biden's genocide:

https://linked-out.me/news/d469aa35c83110a4958f 

 Can this huge influencer be changed?

LewRockwell is an extremely popular Libertarian website.  They recently published a well shared article from Dr. Mercola on why to ditch Google:
https://www.lewrockwell.com/2024/03/joseph-mercola/goodbye-google/

While it’s great that people see the messages of privacy and anti-censorship, it’s bad that the suggested solutions not only won’t help, but in fact likely turn people off.   Here’s a key example:

“Your suggestion of reading the privacy policy for every website people visit to avoid Google analytics is not practical.  A far better solution is to use the browser extension uBlock Origin, which lists all third party JavaScript calls by domain, and allows you to block it.  In fact, your own website MercolaMarket has Google’s APIs on it, which allows them to see the IP address of anyone buying your products.  The most ridiculous part is the very article on LewRockwell.com telling me to read privacy policies to avoid Google Analytics, uses Google Analytics and Gmail.”

And this is just one of the many examples in an open letter we wrote.  The primary problem is not technological, but apathy.  It doesn’t have to be like this.  We just need the real solutions to make it to the readers screens.

I stand here today to ask you to share our open letter, so that the thousands of readers of LewRockwell can learn:
https://simplifiedprivacy.com/letter-to-lewrockwell/

I stand here today to ask you to be part of the genuine change.  Because at the end of the day,  LewRockwell is only a reflection of what his readers want.  And so the challenge is not convincing him, but you. 

 Most Nostr users post to relays on Cloudflare and Hetzner

They don’t realize that they’re easily censored, and it’s not decentralized.

Here’s our NEW guide to Nostr relays:
https://simplifiedprivacy.com/nostr-relay-guide/

Featuring a guide to Tor Onion relays, with tips for speed on Gossip:
https://simplifiedprivacy.com/tor-nostr/

Plus a list of clearweb relays by company, so you can diversify,
https://simplifiedprivacy.com/nostr-relays-by-company/

I’m an optimist.  I’m putting in the effort.  If you want to stay an obedient Big Tech slave, you chose to do so.  Don’t you dare spit that pessimism at me.

Change is possible, it comes from you.  Share this, they gotta learn also. 

 Julian Assange Wins Temporary Stay Against Extradition:

https://linked-out.me/news/7b8ede04074c459eb7eb
 

 Some claim these politicians have money and power.

But their money is just them typing numbers.
And their power is just violence.

But they can't be violent to everyone, or they lose control.  So their only real power is psychology.

There are alternatives outside the system.  Learn. Grow. Read the guides:
http://simplifiedprivacy.com/summary 

 The UN finally voted for a Gaza strip ceasefire!

The USA vetoed the previous 3 resolutions, but this one finally got through when they abstained.  Context & Source:
https://linked-out.me/news/2e519ab9ab2473ba8e3f 

 Simplified Privacy is being DDoS attacked on SimpleX.

Until this is resolved, do NOT DM our support on SimpleX.  Use Session (ID: Support). 

 Do you use Nostr w/ Tor?

Follow some of these Tor Onion Relays I now post to.  And start posting to them yourself:

oxtrdevav64z64yb7x6rjg4ntzqjhedm5b5zjqulugknhzr46ny2qbad.onion,
bitcoinr6de5lkvx4tpwdmzrdfdpla5sya2afwpcabjup2xpi5dulbad.onion, 2jsnlhfnelig5acq6iacydmzdbdmg7xwunm4xl6qwbvzacw4lwrjmlyd.onion, skzzn6cimfdv5e2phjc4yr5v7ikbxtn5f7dkwn5c7v47tduzlbosqmqd.onion, 
nostrland2gdw7g3y77ctftovvil76vquipymo7tsctlxpiwknevzfid.onion 

 Nostr ain't uncensored, yet.

I like Cyph3rp9nk, he's got great content.  So this isn't an "attack", but a friendly philosophical debate over if Session messenger's DNS is worthwhile for censorship.  He thinks it's not, and we only need Nostr & SimpleX w/ government domains.  So to prove my point, I did a DNS lookup on Cyph3rp9nk's Nostr relays to find a bunch of pro-US government entities that can easily wipe his content off 1 phone call.

Cloudflare, Inc.
wss://relay.damus.io

Cloudflare, Inc.
wss://relay.primal.net

Amazon.com, Inc.
wss://nostr.mutinywallet.com/

Amazon.com, Inc.
wss://relay.current.fyi

Hetzner Online GmbH
wss://nos.lol

Hetzner Online GmbH
wss://relay.nostr.band

Hetzner Online GmbH
wss://relay.nostr.bg

The Constant Company, LLC (USA Vultr forced KYC)
wss://purplepag.es

MULTACOM CORPORATION (USA California Democrat HQ)
wss://nostr.bitcoiner.social

Now mine are not much better, so what's the answer?  Mike Dilger of Gossip was telling me he'd eventuality integrate Tor relay support.  But until that's widely adopted, Session is the king. 

 Spain has banned Telegram.

Now some users will be forced to consider decentralized solutions. As I have repeated many times, Session messenger empowers users to defy state level censorship, with its unique blockchain based DNS that completely separates physical locations from identity.

However, Session receives a lot of criticism. Rather than ignore this, I tackle it head on, https://simplifiedprivacy.com/spain-has-banned-telegram-defending-session/ 

 My direct competitor WatchmanPrivacy quit today.

Although there was a lot to rag on, I didn’t attack him because I wanted him to succeed.
Even though you were rude to me, I’m still sorry to see you go mate.

Considering Michael Bazzell also quit, privacy is a dying breed. 

 Dear Tor Project,

I'm disputing the legitimacy of Duckduckgo being Tor browser's default search engine.

This is how the URL should look:
podbean.com/podcast-detail/5bakh-79e4c/The-Breakdown-Podcast 

This is the spyware Duckduckgo does:
duckduckgo.com/l/?uddg=https%3A%2F%2Fwww.podbean.com%2Fpodcast%2Ddetail%2F5bakh%2D79e4c%2FThe%2DBreakdown%2DPodcast&rut=5c2461ff3cf9724900b2808b2011523bc08f4b82046e913bb14471790466518c

Further, once you click the link, the websites themselves have Duckduckgo's 3rd party javascript inserted into the page load, such as "improving.duckduckgo.com" to report back to their AI your behavior on the site itself.  And then on top of that, Duckduckgo is just front-end for Bing, but it's hosted on Microsoft's servers.  So Microsoft hiding from Microsoft is a conflict of interest.

How many times have we all accidentally mistyped a URL, where we meant to go to the site itself, but that then got searched on Duckduckgo's AI.  Sucks if it's an Onion address, at least let me turn search off?!

Final kicker. In 2022, Duckduckgo's CEO Gabriel Weinberg said they are actively censoring "Russian misinformation", that later turned out to be true, when 2 years later the CIA purposefully leaked to the New York Times that they had military bases in Ukraine PRIOR to Putin's invasion. Further the Times admits that Putin was correct for accusing the US of militarizing Ukraine BEFORE he invaded. [1]

The official Tor Project website goes on and on about protecting whistleblowers.  So why is this the sole default choice for anonymous whistleblowers, if we're just repeating the CIA's narrative with AI spyware? 

 What’s the best ________ ?

Best VPS hosts,
https://simplifiedprivacy.com/vps/

Pro/Con of Phone Numbers/Services,
https://simplifiedprivacy.com/burners/

How VoIP works,
https://simplifiedprivacy.com/voip/

Best Crypto→ Fiat gift cards:
https://simplifiedprivacy.com/best-vendors-that-accept-cryptocurrency/

Types of DeGoogled Phones,
https://simplifiedprivacy.com/degoogledphones/

Pro/Con of Linux Distros,
https://simplifiedprivacy.com/linux-distros/

Pro/Con of Private Routers
https://simplifiedprivacy.com/router/

Pro/Con of Virtual Machines,
https://simplifiedprivacy.com/types-of-virtual-machines-whats-right-for-you/

Best Agora Societies,
https://simplifiedprivacy.com/realworldagora/

Best Google Alternatives,
https://simplifiedprivacy.com/degoogled-life/

Best email? Check out,
https://simplifiedprivacy.com/email-cloud-combo/ 

 Julian Assange Release ?!

Wall Street Journal reported that the US DoJ may be offering a plea deal to Assange, in which he gets to walk free.  Full sources and additional context on Linked-Out,

https://linked-out.me/news/415a42904e1affa60af7cfdfa4a249529d9eb19d304d4235df88cb6a1e6ba2117a97f46f3a1a9e2d097e19d24c9086d3378d8ce2af853ab200a6f8809d2924a1 

 Update! More Methods?!

reader suggestions for Youtube Downloads pour in...

BrikoX suggested Cobalt.tools
Which has the source code here: https://github.com/wukko/cobalt

One of our community moderators VidarReturns loves Youtube-DLP on Android with Termux using a script he made.  He was kind enough to open source his script to do so:  
https://simplifiedprivacy.com/wp-content/uploads/2024/03/termux-url-opener
Thanks Vidar!  Check him out on Nostr:
npub175hjc6ynj83pv7qtcdu8h8gcs5t8q4qvrvvr73qtjcayghu8zdrqfvfwhe

Another community bro Mister_Monster recommends Ytdlnis, which is also an Android front-end for the command-line YT-DLP. It can be gotten using Obtainium,
https://github.com/deniscerri/ytdlnis
As well as the IzzyOnDroid f-droid repo. Shout-out to Mister_Monster's Nostr,
npub1m5s9w4t03znyetxswhgq0ud7fq8ef8y3l4kscn2e8wkvmv42hh3qujgjl3

Some of our other Nostr readers suggested put.io for speed and convenience, but keep in mind its not open source.

One of our readers on Session sent savefrom.net, which is NOT private it’s got big tech, but he said quote: “if you just add “ss” in front of the domain, it takes you to “savefrom.net” for downloading. So, if the video is: https://www.youtube.com/watch?v=ClUjjWjevB0
you would just add “ss” in front of youtube.com, so it would look like this:
https://www.ssyoutube.com/watch?v=ClUjjWjevB0
And that allows for a download with no addon or plugin required.”

Shout-out everyone whose been contributing! 

 Download Youtubes

One of our readers asked if there’s an open source way to download Youtube videos, for music mp3 or the entire video.  Yes, there is.

For web browser,
There’s Invidious,
https://invidious.io/
You can use their list of instances or get served up a fresh one from farside.link

For Linux & Windows desktop,
There’s Freetubeapp,
https://freetubeapp.io/
You can download on FreeTube, but as a heads up, it doesn’t tell you the progress which is frustrating for a longer video.  As a tip, if you do a lower quality, it will be faster to help with this issue.

For Android,
There’s NewPipe, which is an F-Droid FOSS front end for Youtube.  You can download on here, and minimize videos while they play, which Google itself blocks on the real YT client.

For command line,
There’s both Youtube-DL and Youtube-DLP
One of our readers says the fork, Youtube-DLP is way better:
https://github.com/yt-dlp/yt-dlp
Our reader Vidar uses this with Termux on Android.
&
But here’s the older original for comparison Youtube-DL:
https://ytdl-org.github.io/youtube-dl/

For browser extensions,
There’s Firefox “Video Download Helper”
https://addons.mozilla.org/en-US/firefox/addon/video-downloadhelper/
https://www.downloadhelper.net/
Although I personally can’t vouch for this.

Got more ways?  Comment below, I’ll add em to our site 

 In a shocking new hack, the data of 43 million French citizens was leaked from a government database, onto the darkweb.

Yet the French government is pushing for heavy VPN restrictions, to collect and identify huge amounts of data, including even banning foreign VPNs that wouldn’t have to comply.

Simplified Privacy has grave concerns about such a broad and powerful expansion of government power, when they have not proven the ability to handle even basic identifier data on their citizens:
https://simplifiedprivacy.com/france-hack-vpn-restrictions/ 

 You'd think Linux PC use would be a higher percentage than ~4%?

Pew Poll: 

77% of Americans have little or no trust in leaders of social media companies to publicly admit mistakes and take responsibility for data misuse.

70% say they have little to no trust in companies to make responsible decisions about how they use AI in their products.

About nine-in-ten Americans (89%) are concerned about social media sites knowing personal information about children. 

Roughly a quarter of Americans (26%) say someone put fraudulent charges on their debit or credit card.

Source: https://www.pewresearch.org/short-reads/2023/10/18/key-findings-about-americans-and-data-privacy/ 

 Why is the conviction of Roman Sterlingov for “Bitcoin Mixing” corrupt?

a. The ONLY evidence is Chainalysis software that’s proprietary with an unknown mechanism.  This ends “burden of proof”

b. Chainalysis sells services to the US government.  And to make the conflict of interest even worse, there’s a rotating door of employment with the government, with employees going back and forth.

c. The original prosecutor on Roman’s case literally joined Chainalysis mid-trial.

d. The only supposed Chainalysis evidence is from 2011.  This is past the statue of limitations. And mixing was considered legal in 2011.

e. The government gets to keep his Kraken funds that they had access to, because he didn’t hide legal funds.

f. There is no basis for someone from Sweden to be arrested in California but tried in DC, on the opposite side of the country.  They purposefully picked the corrupt Washington DC district where they could get a conviction.

g. Zero evidence was found on his personal devices or internet traffic.  And the FBI directly monitored him for 5 years. That's why they let it go so long [2011], to try to find real evidence.

I urge you for your own future freedoms to spread these words 

 Roman Sterlingov’s conviction for running a mixer is a dangerous legal precedent

The only hard evidence for him to serve 20 years in prison is that his KYC Bitcoin went through many hops and wallets before it later was used to buy a domain name. Which was then used for illegal activity.

This would mean that you’re responsible for the future actions of anyone you pay 

 Roman Sterlingov was convicted for operating the crypto mixer Bitcoin Fog

Proprietary Chainalysis software with an unknown method was used as evidence.  The jury trusted them at their word.  And a conflicting firm CipherTrace was going to testify against this software, but suddenly backed out.

The rest of this post is a big quote from CoinDesk:

"In particular, in a lengthy pretrial debate, there were concerns the software had not been “peer-reviewed” or scientifically accredited and could generate false positives. This ended up not mattering much in court: Judge Moss said he was “unpersuaded” by the defense’s stance that blockchain analytics is faulty. “Substantial evidence supports the government’s submission that the software is highly reliable—and, if anything, conservative,” Moss wrote in a 31-page pre-trial order.

In August, Jonelle Still, director of investigations and intelligence at competitor analysis firm CipherTrace, submitted a 41-page expert report claiming Chainalysis used “unverifiable” and “incomplete” techniques to incorrectly link Sterlingov to Bitcoin Fog. Mastercard, which bought CipherTrace in 2021, later spiked the report.

“We lost our tracing expert right before the trial,” Ekeland said (Sterlingov's lawyer), adding “we never got a really clear reason why.”

Source: https://www.coindesk.com/consensus-magazine/2024/03/13/how-a-bitcoin-mixer-laundering-conviction-might-be-appealed/ 

 Torrent Tips:

I hate JavaScript, because not only is it used to identify you, but also enables ads and malware.
Since torrenting often is illegal and risky for a website operator, there’s a high motivation for the website to try to spam you with ads, or sometimes even put malware tracker cookies.

Tor browser safer mode often will fail with certain sites, so you want to use a torrent site that doesn’t need JavaScript, even if you will be downloading the torrent itself over just a VPN.  I’ve found LibreY to be reliable for “No JavaScript” torrents.  It’s an open source front-end aggregator that pulls from a couple of sources.  It needs the tracking URL to function, but that’s way better than getting cookie bombed with affiliate trackers.

Farside can serve you fresh instances of this open source software hosted on different VPS.  Either pick from the list on:
https://farside.link/
Or run this link, and it auto-serves you a fresh one:
https://farside.link/librey

And as a heads up, LibreY is the new version of the (now old) LibreX.  Then you want an open source torrent client on Linux, such as qBitTorrent.  But any will do, search your package manager. 

 If Nostr DMs aren’t private,
Then why am I, a privacy account, so excited about Nostr? 

Because “encryption as identity” is the basis for trust in anonymous entities, with their signature as their word, in an open court of law.  Join our forum, Linked-Out.me 

 Fiatjaf censored on Twitter

This is the importance of Nostr & an open web.  Let's keep it that way
Come alpha test our new Nostr "Reddit-style" federated web forum at:

Linked-Out.me 

 Monero Update just released! This has the fee fix

Binaries for Official Monero v0.18.3.2 are now available at http://www.getmonero.org

Also Feather wallet: Go to help -> Check for updates

Update your wallets! 

 Monero glitched.  Or is it an attack?

There is currently a fee bug with Monero, that the wallet doesn’t automatically bump the fee when there is a backlog.  This fee bug is causing sync issues with many wallets.  Self-hosted nodes or unpopular nodes are less affected.  The bug has already been solved with some wallets.

There are rumors that Nostr's creator is behind a spam attack.  We address this and have a ready working solution:
https://simplifiedprivacy.com/monero-attack-nostr/ 

 Alpha test of a new social network!!

Reddit has cracked down with intense surveillance and censorship.  Even worse, Microsoft’s Linked-In broadcasts your sensitive data the world.  They demand SMS verification, restrict VPNs, and asks for photo ID to scan your eyeballs.  By having all your information public, your haters can try to get you fired.

Instead, join a fun Liberty-Agora community, where people discuss technology, politics, vendors post their sales, and entrepreneurs can post crypto job ads.  Meet Linked-Out.

This is a community feedback alpha test.  You can be part of the process and give feedback on your experience.  Linked-Out.me is a federated message board, like Lemmy.  But unlike socialist Lemmy, accounts aren’t tied to government domains or IP addresses.  Instead, Linked-Out gives you the following choices:

1) Nostr web client, w/ direct connection to 14 Nostr Relays
You finally have a place to meet Nostr friends with similar interests and discuss topics in groups.

2) Ethereum signer.
Calm down, there are no Eth payments.  MetaMask has spyware and Eth is highly centralized. However, we are interested in the anti-censorship of Brave browser’s DNS and push.org notifications to replace Google. Without something like this, IPFS is just static.

Linked-Out.me and vid.simplifiedprivacy.com are two example federated instances.  As we expand beyond the alpha test, we will be “linking” with other instances, and Linked-Out will grow into an entire network of unstoppable Crypto-Agorists.  

Learn more about the alpha-test,
https://simplifiedprivacy.com/nostr-linked-out/

Please note: USA IP addresses are fully blocked from accessing Linked-Out.me
DM me your whatever Nostr Public Key you want whitelisted 

 Moral value is objective,
But economic value is subjective

Ayn Rand’s iconic writings laid out a foundation for “Objectivism”, which taught that morality is objective and man must use logic and reason to formulate how to live.  In my words, if morality is subjective there is no purpose.  I can commit crimes and say “oh but to me it feels right”.  And using reason, we can determine that the only time violence is moral, is to defend against others who do so.

On the other hand, Austrian economics teaches us that economic value is subjective.  The very definition of what something is worth is what market participants are willing to pay.  People can disagree, and if you force someone, then it’s no longer economic value, but violence.

Therefore,
It’s objectively wrong for governments to command subjective purchases.

This could also be phrased,
It is moral to use violence against governments dictating financial matters.

Also worded,
If you touch my Bitcoin, I will kill you. 

 Why XMPP is Better than Matrix:

XMPP is the gold standard of decentralized open source communications and the primary choice for the darkweb.  Now we can debate XMPP’s reliance on government domains vs SimpleX & Session.  Those are fair criticisms.   But all of these, including Matrix, have centralized development.  SimpleX got money from Microsoft.  Signal is on Amazon.  And while Session is on a blockchain, it’s like a corporation when it comes to changes.  While as XMPP is the only one that’s pure & truly decentralized, with nobody in charge.

And because hosting a Matrix server is so annoying, most people DON’T self-host, and use the official Matrix server w/ Google captchas fingerprinting your device and Gmail doing the verification.  That’s right, Matrix.org is linked to Gmail, which ties your Matrix account to your real name if you were dumb enough to trust them with your real email.  And can you guess what company actually hosts Matrix.org?  Can you guess what US-government compliant company sees who you talk to and when?  Drum roll... Cloudflare.

This is copy pasted from the previous post, as it was the main point.  I shouldn't have buried the point at the end 

 PrivacyGuides Loves Spyware

One of our readers asked how we differ from PrivacyGuides.  So I wanted to outline the technology choices for your benefit.

For those of you who are unfamiliar, PrivacyGuides.org is a website run by Jonah Aragon.  And although this post will heavily criticize PrivacyGuides, I must stress that I do respect Jonah and the rest of his team.  They are doing a huge service by running their guides as a non-profit.  And I encourage anyone who reads their stuff to continue to donate.

That being said, I have huge philosophical disagreements, and the main one is that we view Big Tech as corrupt and oppressive, because of their enormous involuntary surveillance and political censorship.  On the other hand, PrivacyGuides appears to just be concerned with low level evasion, where they place large amounts of trust in the very groups we criticize.  For example, their forum PrivacyGuides.net is on Cloudflare, their other forum Lemmy.one is on Cloudflare, and even his personal site JonahAragon.com is Cloudflared along with its email.  And even just for text and avatar icons with their staff bios, they use Microsoft Github.  You can’t afford to host 5 tiny jpegs?

While I genuinely admire Jonah for separating himself from the previous PrivacyGuides site because they sold out to commission links.  I do not think his current recommendations have enough adversarial thinking in mind.  For example, it’s only when Skiff email was recently bought by Notion, did PrivacyGuides remove it.  They never mentioned that Cloudflare can break SSL and see the private encryption keys served to you when you first sign-up.

Over and over, I have criticized Cloudflare seeing the bulk of our traffic and breaking SSL to see data.  And so it’s unfair to his readers to not even warn them that on his website, they’re being browser fingerprinted and logged for DDoS purposes when he tells them no data is collected.  Especially when his readers are first consulting his website to buy a VPN in the first place.  Further, users of their forums and Lemmy, don’t own their identities because CF sees the login passwords.   How can you say this doesn’t matter?  To quote Jonah’s own website: “Privacy is about power, and it is so important that this power ends up in the right hands”

But not owning your identity, how are readers of PrivacyGuides even supposed to know if Jonah is the one writing on the forums, or if it's really the government?  Even worse, it is painful for me to see Jonah Aragon criticize Nostr.  When Nostr is the very solution to his identity problem.  He said:  “I am trying out Nostr and so far am unimpressed. If anyone else is testing it out find me here and we’ll see if this even makes sense as a social network much less one we’d want to recommend on the site lol" [1]

Nostr is truly an amazing place and I urge him to try it again.  His website says “decentralization” but I was shocked to see he does not even mention XMPP on his list of encrypted messengers.  And when asked on forums, users are told to go to Matrix.  [2] I could not disagree more.  XMPP is the gold standard of decentralized open source communications and the primary choice for the darkweb.  How can he guide us on Tor without even mentioning it?

Now we can debate XMPP’s reliance on government domains vs SimpleX & Session.  Those are fair criticisms.   But all of these, including Matrix, have centralized development.  SimpleX got money from Microsoft.  Signal is on Amazon.  And while Session is on a blockchain, it’s like a corporation when it comes to changes.  While as XMPP is the only one that’s pure & truly decentralized, with nobody in charge.  And because hosting a Matrix server is so annoying, most people DON’T self-host, and use the official Matrix server w/ Google captchas fingerprinting your device and Gmail doing the verification.  That’s right, Matrix.org is linked to Gmail, which ties your Matrix account to your real name if you were dumb enough to trust them with your real email.

And can you guess what company actually hosts Matrix.org?  Can you guess what US-government compliant company sees who you talk to and when?  Drum roll... Cloudflare.

Jonah, I’m not attacking you.  I’m trying to make you realize that they are attacking us.  And instead of being at each other’s throats, we can empower our readers to take control of their digital lives.  That’s why I applied to write for you when I first started.  And my offer still stands. 

 I am doing a poll to find out what kind of content you want to hear.
Poll: What level of Linux knowledge do you have?

a) None, I'm on Windows
b) Average, I like Mint or Ubuntu
c) Above Average, I like Debian/Fedora
d) Expert, I'm on Qubes, Gentoo, Tails, other custom/hard to hack distros.
You don’t have to say which distro if you’re wearing a tinfoil hat. 

 Big Tech Hall of Shame

You won't believe who's here

3. Rob Braxman
Privacy "guru" Rob Braxman's WhattheZuck.net literally gives privacy advice on hiding from 3 letter agencies, location tracking, and EXIF data.  While his site uses Google Analytics and relies upon Google Ad Syndication.  Seriously bro, you gotta help the Google ad network because you're that poor?!  And Brax.me, which is marketed as “privacy social media”, is hosted on Amazon, the CIA contractor.

2. Arweave w/ Sam Williams
Arweave is supposed to be decentralized “crypto-powered” cloud storage to stop censorship.  But ArDrive.io, their main gateway to the platform, is literally hosted on Google Cloud.  What's the purpose of Arweave if it's not an alternative to Google Drive?  Then Arweave.net is on Amazon's AWS with Gmail doing their support tickets.  Hey Sam, can you guess which Arweave wallet I use to post to metaweave?  I'll give you a hint, I'm the only one using your platform.

1. Hive.io / PeakD
Hive is a Nostr competitor.  But the entire platform is built on the lie that you’re uncensored.  They say you own your identity, but yet they sell you the encryption keypair, and it's served from HiveDex on a Cloudflare server.  So the government can see the private key that you paid for, to do "uncensored" posting.

Hive can fix it, please listen to me.  Have your users create a keypair locally in your browser extension.  Then assign the names you want to sell to the public keys, using the blockchain as DNS.  This is how Session messenger already does it, and how Nostr should do it in the future.  Because it would solve all Nostr security issues and raise money for the client devs.  It could even use Bitcoin’s chain.

Parting Words,
I was expecting to be shadow-banned from Google search, and I am.  What I was not expecting is to have my domain gagged by Spamhaus from sending any emails to ANY domain, when it was clear for months.  The ban started when a bunch of gmails subscribed, and so my criticism of Google got labeled malicious.  I've now lost contact with the subscribers I paid Bitcoin Gab ads to initially get, to try to sell degoogled phones.  I got my back against the wall, and I'm swinging, but I need you.  Help me brother, share this and help me get the word out.  

We have but one life.  And when I am old and grey, rotting on a bed waiting to die, I want to look back with a smile.  That I fought, and maybe, made a difference.  And when I do, I hope to see your comments beside it. 

 Anarcho Capitalism vs Crypto Anarchy & Agorism.

Anarcho Capitalism (abbreviated AnCap) is an openly advertised political movement that promotes free markets and an abolition of the state. Most AnCaps will OPENLY tell you they are part of this movement, and it shares many similarities with Libertarians. Libertarians and AnCaps only really differ on should the government run a socialized police force and army.

Crypto Anarchy (also called CypherPunk) is usually a SECRET lifestyle, where one rejects the concept of external government control and instead chooses individual self-sovereignty. This concept of freedom and subverting the power of the state, is often expressed through the use of privacy and encryption technology, cryptocurrencies, and even frequently traveling to other countries with multiple passports to reduce a single government’s control over the individual.

The main difference between Anarcho Capitalism (AnCap) and Crypto Anarchy (CypherPunk) is that AnCaps organize politically to encourage voting, while as Crypto Anarchy involves using technology to subvert the system. This could involve creating code to defy surveillance, trading cryptocurrency without regulations, not using left-wing social media platforms, or even some type of “illegal market” depending on who you ask. Although I personally think drug markets degrades the core philosophies from more wide-spread acceptance. Fearing being oppressed for their actions, CypherPunks place a much greater emphasis on privacy and open source than AnCaps.

The AnCap says to the CypherPunk, “How can you not vote?! We need you!”
The CypherPunk says to the AnCap, “How can you register to vote? You’re telling the NSA where you live?!”

How does Crypto Anarchy differ from Agorism?

Agorism is a general term for economics and a parallel society outside the control of government institutions. Like a CypherPunk, Agoras don’t think the voting will help. Instead of voting, Agorism focuses on individual entrepreneurship to add value to the community and fix yourself first.

Agoras differ from CypherPunks, in that Agoras usually aren’t as tech-savvy, but look to get outside the system through other means, such as growing their own food. For example “Sal the Agorist” is a popular Twitter account promoting gun ownership and growing your own food, but he sells ads for his Twitter account using a Gmail.

So a CypherPunk says to an Agorist “How can you use Big Tech?”
While an Agorist says to a CypherPunk “How can you eat Big Ag?”

Summarize each:

Anarcho Capitalism (AnCap)
Let’s spread the message of freedom through education, and vote to be free.
Logic and reason are the pillars upon which we build objective morality.

Agorism
Society will not change. Using cryptocurrencies we can create a parallel economy and community, to fix ourselves first.

Crypto-Anarchy (CypherPunk)
I was born free, and you can’t stop me from using encryption to stay free. Big Tech is the government’s puppet for surveillance and censorship.

What is the purpose of this? Are you going try to convince me to join?

No, I can’t convince you to become a Crypto Anarchist. You have to self-realize it on your own.
And when you do, DM our bot on Session messenger, with the Session ID: Simple 

 Pro/Con of “Privacy” Phone Numbers/Services

JMP.chat
Type: Number
Pro: No KYC VoIP to XMPP (or Matrix) for anonymous Bitcoin, so you're using an open source client
Con: Only US and Canada numbers.  They're just reselling Twillio VoIP, which means that not only are you just paying more just for anonymity, but many services recognize these as Twillio VoIP numbers and will block you.
Solutions: There exists the possibility of buying a real world physical SIM and then transferring over service to JMP VoIP.  But you’re better off using 1 time burner services for most account registry.

Hushed
Type: Number
Pro: No KYC VoIP for Bitcoin, similar to JMP.chat
Con: Uses their proprietary client which isn’t private through the Google Play store.  I’d avoid Hushed.

Silent Link
Type: Number + Service
Pro: No KYC Crypto SIM card that separates billing and identity from the literal cell tower carrier
Con: Uses eSIM which requires Graphene’s Google Push service sandboxed.  No outgoing calls.  

Calyx Institute Hotspots
Type: Service
Pro: No KYC WiFi hotspot for Crypto
Con: It’s just reselling T-mobile service, so if you use this in your home and your home is KYC, then T-mobile will likely figure out that it’s you since celltowers see geolocation.
Solutions: You can avoid this by putting the hotspot in a faraday bag, and only using it outside your home.

MySudo
Type: Number
Pro: Multiple burner VoIP lines
Con: Requires Google Play store JUST to PAY for it, but then can be used on a degoogled phone once you add credit.
Solutions: This can be sandboxed or put on a separate old device and you can use bitrefill to buy the credits with cryptocurrency

SMS.usmobilenumbers.com
Type: Number
Pro: Quick easy cheap burner anonymous SMS verification for cryptocurrency.  It’s real SIMs and not VoIP.
Con: US only.  They resell the number for OTHER services, which MAY trigger anti-fraud for SOME services including Zelle, eBay, PayPal, LinkedIn, and others.  So you risk a ban on accounts.
Solutions: Avoid putting money in any account for a few days to see.  Use a residential proxy IP instead of a datacenter VPN, especially for eBay.

VirtualSim.net
Type: Number
Pro: Great for abusing foreign numbers in poor countries such as Cambodia or Ukraine for Signal or Telegram.  Quick easy cheap burner anonymous SMS verification and/or longer term monthly numbers for cryptocurrency.  It’s real SIMs and not VoIP.  Their customer support is excellent and we highly recommend them for Telegram verifications.
Con: They may loose access to the burner number after a period of time (like a year) where you can’t renew and someone else COULD potentially verify the number.

Crypton.sh
Type: Number
Pro: Huge amount of countries for real SMS anonymous crypto.  Get sought after Western European #s here that normally have strict KYC rules on physical SIMs
Con: Overpriced setup fee for 1 time SMS verification, but if you actually live in (or desire) that country it’s okay.  There’s no real purpose in all their “at rest encryption” advertising, because SMS is unencrypted transport.  

Follow us on Nostr for more!  Repost this if you want us to keep doing them.