#g0v-tor
2018-11-01
@patcon has joined the channel
Haha yeah, "darknet" was a name I was going to suggest we reconsider :)
Thoughts on renaming the channel/project to something that has more name recognition?
To clarify, I am interested in Tor, but if I was browsing channel names or github repos or project names, I might not realize that a project called g0vhs was of interest to me
To clarify, I am interested in Tor, but if I was browsing channel names or github repos or project names, I might not realize that a project called g0vhs was of interest to me
What about g0v-tor-hs or some variation of that? Added perk is that this slack channel names auto-complete on parts between dashes, so if someone remembers that there's a Tor-relatee project and types "tor", it comes up :)
@patcon set the channel topic: Docs: https://hackmd.io/s/SyOgbkL3Q
@patcon set the channel topic: Docs: https://hackmd.io/s/SyOgbkL3Q
@patcon set the channel purpose: For discussion of a privacy-preserving Tor hidden service within g0v.
Yup, I think you are right. g0v Darkweb might be much easier to attract people's eyes
You can rename it 🙂
@davisfreeman has renamed the channel from "g0vhs" to "g0v-darkweb"
@davisfreeman has renamed the channel from "g0v-darkweb" to "g0v-tor"
I change it to g0v-tor, how do you think?
- ❤️1
2018-11-04
@patcon do u have any machine that can allow me to build the client side of g0vhs?
Sorry, how do you mean? As in a spare desktop to act as the server?
Sorry, how do you mean? As in a spare desktop to act as the server?
The is the first feature I come up with, it’s called PGP talk.
and the other architecture I’m still plotting it … I will explain why I need a client machine after I finish the plotting
hm. ok i think i misunderstood the project. so it's not just offering privacy for visiting existing g0v websites, but also a new app that we think those privacy-seeking people might use?
Yes
It’s a kind of proxy and communication tool for those who have to avoid censorship of their countries
I suppose I thought it was about giving tools and support to existing projects to help them incorporate hidden service features, and not necessarily inventing the tools in this project
i guess i'm a little less sold on the value of that, as there already exist many tools and communication services for the purposes you mention. so why not support and deploy them instead of inventing our own?
It’s good idea to deploy them. But I just haven’t figure out which we can use
What’s your suggestions?
heh i would need to do research to know what to suggest -- i've been away from the privacy and anti-surveillance space for awhile -- but i'm of the impression we're not the first to see this challenge, and so i'm sure other apps exist 🙂
Another idea I’ve though about is to create a decentralized tor relays which contributed by volunteers around the world. The tor relay they contributed can be a bridge to help others who need to use tor
cool! have you had a chance to run the idea by a tor developer?
I’ve contact information of roger~ Maybe he will have ideas
can you clarify more how you think tor relays might be decentralized? like is the goal so more people who are new run relays more easily?
Yup, but give me seconds, I’m going outside now. Contact u later 🙂
haha for sure -- im heading to makerfest to learn about farmbot anyhow 🙂 talk later!
what if we took an approach of imagining and building a profile of the sort of person we're trying to support in the g0v community of nearby communities, and then asked in the tor chanenls whether peopel know of existing projects that might cover this demographic? And then we could do an inventory and see which one feels most interesting 🙂
It’s good idea. Asking experts’ suggestion are always important
heh, and to be fair, it is totally a valid approach to just start our own new thing. it's just not my preferred approach, but it's the right thing if it what energizes you (as the main driver on this!)
cool! have you had a chance to run the idea by a tor developer?
I’ve contact information of roger~ Maybe he will have ideas
can you clarify more how you think tor relays might be decentralized? like is the goal so more people who are new run relays more easily?
It’s good idea. Asking experts’ suggestion are always important
Yup, but give me seconds, I’m going outside now. Contact u later 🙂
i'm really glad to be talking about this by the way! I was a little unclear what the goals and approach of the project were, but this is so helpful!
haha for sure -- im heading to makerfest to learn about farmbot anyhow 🙂 talk later!
I ❤️ awesome lists. found one for tor that might be a good starting point: https://github.com/ajvb/awesome-tor
GitHub
A list of awesome Tor related projects, articles, papers, etc - ajvb/awesome-tor
- ❤️1
heh, and to be fair, it is totally a valid approach to just start our own new thing. it's just not my preferred approach, but it's the right thing if it what energizes you (as the main driver on this!)
The origin idea
The original idea is as follow:
A user can use hidden service to join the g0v slack channels for discussion or to contact a specific users with PGP encryption is provided. The words he or she said will be spoken by the slackbot we provide. Thus, they can join the community without leaking their true identity on the internet. Bot is a speak “proxy” for them.
A user can use hidden service to join the g0v slack channels for discussion or to contact a specific users with PGP encryption is provided. The words he or she said will be spoken by the slackbot we provide. Thus, they can join the community without leaking their true identity on the internet. Bot is a speak “proxy” for them.
The benefit is that users do not need to use their email to get a slack account they can still talk and join the open communities to have conversation with others
The same idea can be transplanted to other platforms like telegram, whatsapp and so on.
ok cool! so the goal is to let people from privacy-hostile countries participate in g0v conversations on slack without leaking identity?
Yes
Let’s my true goal
I found out I just talk about a single function to u. lol I should give u the whole roadmap in the beginning
just to consider all options (because the most maintainable service and feature is the one that doesn't need to be maintained or even written 🙂 ):
can a similar privacy be had by creating a slack account with a mailinator.com disposable inbox, and just signing in via tor?
i'm just trying to understand the threat model, and whether things that already exists allows for similar protections, and just perhaps needs explicit documentation
I do not sure if the slack found out that they cannot send notification successfully to the email address and might suspend the email once the deliver is failed.
Yes The discussion and the clarify the needed is very important
(of course, maybe other options exist, but this one is a project that is energizing because it involves learning. and so this could be the right thing to build regarldess!)
fwiw i use mailinator quite often, and it's very rare for it to be blockd in any way
If there is a simple way to complete this functionality, we do not need to recreate it. Instead, we can just build a dark wikipedia to show others how to set their slack with high privacy 🙂
Learning is one of my consideration too! Iol
- 💯1
@patcon how if we build a dark service that can help people to generate deposable slack account with one button click ?
oooooh that sounds neat (assuming slack over tor isn't a terrible idea! still researching)
Motherboard
'Shhlack' allows you to send end-to-end encrypted messages within the popular chat app.
- 😎1
slack uses websockets, and so still trying to sort what that means for trying to use tor
- https://tor.stackexchange.com/questions/8868/websocket-over-tor
- https://tor.stackexchange.com/questions/8868/websocket-over-tor
Tor Stack Exchange
I've been researching for many hours, but haven't found a definite answer. Is it possible for a client to connect to a hidden service with websocket? If so, how can I learn more? If not, is there an
would it be worth trying to solicit stories or anecdotes of people who didn't join or participate in g0v conversations, or who self-censored due to concerns? as in, are there stories of this affecting people, from which we could get a better idea of what potential users are actually thinking?
I believe it is a good idea. I’m trying to share our ideas to the general channels to hope more people would like to join conversation with us
maybe we don’t have to setup the websockets service on our hidden service. As far as i know, the slack allows users to setup their socks server. But I do not sure is a normal user can have this capability or not.
- 🤔1
I believe it is a good idea. I’m trying to share our ideas to the general channels to hope more people would like to join conversation with us
But following our original plan, we should build websockets service on our own
ok, so mailinator signup won't work on slack, so that's a dead-end 🙂
You tested it?
yep
So slack just said it is invalid mail address?
😥
Seems like we have to made our own service without doubt
It’s time for learning! lol
haha i'm still not sure. if we bridge our slack with any of these tools, then we might allow easy anonymous usage as well: https://github.com/42wim/matterbridge#requirements
(we already have a matterbridge chat bridge connected for translation, and perhaps soon even using it for the IRC/telegram bridging)
You tested it?
also, wondering if the chat bridge could be used here... it could theoretically bridge each channel with a channel on another, more privacy-preserving tool (like mattermost)
and then there's the added bonus that this would also mean that this project helped people have an option besides slack for visiting every channel, which many might think is a good step
yep
So slack just said it is invalid mail address?
i don't think this is helpful, but sharing just in case it could be rigged into something useful for effective anonymity: https://abot.app/
abot.app
Abot is a simple Slack bot for sending anonymous feedback messages in your team. If you want to conduct an anonymous survey, voting, poll, discussion, or collect your team's yearly performance reviews, you just need to type a simple command. Whoever receives a feedback can reply to it without knowing who is the author.
😥
Seems like we have to made our own service without doubt
It’s time for learning! lol
haha i'm still not sure. if we bridge our slack with any of these tools, then we might allow easy anonymous usage as well: https://github.com/42wim/matterbridge#requirements
bridge between mattermost, IRC, gitter, xmpp, slack, discord, telegram, rocket.chat,hipchat (via xmpp), steam, twitch, ssh-chat, zulip and matrix with REST API (mattermost not required!) - 42wim/ma...
(we already have a matterbridge chat bridge connected for translation, and perhaps soon even using it for the IRC/telegram bridging)
re: matterbridge.
it does feel that bridging slack a tool with a public view would make this whole thing a lot easier... like it's easy to send anonymous messages in (via tokens or some simple hidden service web app), it's the allowing someone to read any channel in a realtime way that's hard
but having a public view would make that a non-issue
rocketchat can be bridged to this slack via matterbridge, and has anonymous reading/writing features complete: https://github.com/RocketChat/Rocket.Chat/issues/604
So currently, Rocket.Chat is a very much a Slack clone. But my main issue with Slack is that it is not open enough. So I would like an option to make Rocket.Chat more open. What I mean by that is t...
ok, tried out signing up for riot via tor
started a chat with myself on riot, but could have talked to my gitter-self too, apparently
it worked!
and lots of productive discussions about tor among riot devs, so it's an ongoing conversation: https://github.com/vector-im/riot-web/search?q=tor&type=Issues
started a chat with myself on riot, but could have talked to my gitter-self too, apparently
it worked!
and lots of productive discussions about tor among riot devs, so it's an ongoing conversation: https://github.com/vector-im/riot-web/search?q=tor&type=Issues
A glossy Matrix collaboration client for the web. Contribute to vector-im/riot-web development by creating an account on GitHub.
thanks @patcon! So many information! lol
So it seems like our project direction is a bridge tool upon on the tor, right?
@pm5 has joined the channel
haha i definitely don't want to push a decision in that direction unless it fits your liking, but first glance seems like that would open up a privacy-preserving options that also have some great side-effects 🙂
@patcon Actually, I believe that bridge is the idea I want to do
Because my future plan is to make it cross platform~
it might make sense to talk to potential users (or find them) then, with the details of what users want, talk to tor folks before charting a course?
¯\_(ツ)_/¯
haha but I SUPPORT THE BRIDGE
So bridge is definitely the idea ! I just don’t know the accurate word to describe my idea!
even if it doesn't help _anyone_ with privacy stuff (worst case) it will still be a nice step away from slack
Yes, it is
OH!
ok ok yeah yeah so while it's not well-documented, matterbridge has an API that others have already built things on
one sec
the last 3 projects all use the API: https://github.com/42wim/matterbridge#related-projects
bridge between mattermost, IRC, gitter, xmpp, slack, discord, telegram, rocket.chat,hipchat (via xmpp), steam, twitch, ssh-chat, zulip and matrix with REST API (mattermost not required!) - 42wim/ma...
matterbridge is great. I originally plan to use go as the developed language!
i know the maintainer would love you if you felt like documenting the API as your were learning it: https://github.com/42wim/matterbridge/blob/master/bridge/api/api.go
bridge between mattermost, IRC, gitter, xmpp, slack, discord, telegram, rocket.chat,hipchat (via xmpp), steam, twitch, ssh-chat, zulip and matrix with REST API (mattermost not required!) - 42wim/ma...
perrrrfect
yeah, it's my first go project, and i'm really glad to be learning it
cool~
Today, we have a wonderful discussion! That’s so terrific!
So the reason I ask u about the machine because we need a bot as the client side to deliver the message and return those message through tor to the hidden service~
I’ve brought one machine for hosting g0vhs, but the client side should not be placed in the same machine
🎉
I'm travelling pretty light, so I definitely don't have any extra machines lying around, but I'm sure we can find one
my solution is to use openshift and create multiple clients due to its free restrictions on the power on duration : must make machine sleep 18 hrs in every 72hrs
is currently adding swagger API docs to matterbridg
my solution is to use openshift and create multiple clients due to its free restrictions on the power on duration : must make machine sleep 18 hrs in every 72hrs
2018-11-05
@pm5 Hi, forget to say hello to u. lol
Feel free to say anything 🙂
@chihao has joined the channel
@davisfreeman 🖖
@yutin has joined the channel
@davisfreeman ok, if you'd like to start experimenting, I've got the API working for my test gateway here:
http://matterbridge-heroku-g0vtw.herokuapp.com/api/messages
You can create new messages for the stream by dropping them in either #i18n-test-en or #i18n-test-tw
http://matterbridge-heroku-g0vtw.herokuapp.com/api/messages
You can create new messages for the stream by dropping them in either #i18n-test-en or #i18n-test-tw
also, hopefully the API docs will get merged soon: https://github.com/42wim/matterbridge/pull/551
Using the swag library: <https://github.com/swaggo/swag#> Not ready for review Preview:
Cool~ I would try~~ Too many works these days, I will have more discussion with you morrow
2018-11-06
@qitj965 has joined the channel
2018-11-07
Cool~ I would try~~ Too many works these days, I will have more discussion with you morrow
2018-11-08
@patcon So how does matterbridge work?
haha that's a big question. basically a big routing engine for transforming messages from each service. It currently holds no state aside from the credentials for each service. So it just sends things straight through, and keeps a cache of things it's seen for people to make edits and deletions for a few days 🙂
as for the API, I've never used it to post messages, so you might need to discover that part from reading the code...!
@qazwwe51688 has joined the channel
😀
- 👋1
haha that's a big question. basically a big routing engine for transforming messages from each service. It currently holds no state aside from the credentials for each service. So it just sends things straight through, and keeps a cache of things it's seen for people to make edits and deletions for a few days 🙂
as for the API, I've never used it to post messages, so you might need to discover that part from reading the code...!
@qazwwe51688 hi 🙂
2018-11-09
@stationaery has joined the channel
Anyone know any good VPN services for North Americans working in Beijing?
cc @davisfreeman for wiiiiiisdom
I’ve nothing to recommend. Haven’t travelled to China before
actually, i know TunnelBear is a great one from Toronto, but not sure if they would be functional in China
cc @davisfreeman for wiiiiiisdom
2018-11-10
I hear ExpressVPN is super
2018-11-11
I’ve nothing to recommend. Haven’t travelled to China before
@yutin I remember u have a slackbot app called g0ver. Which service are you used to host this application?? Linode??
so for, I run on heroku
Coo. Whats the app name btw? (Trying to create an inventory of who has access to what :) )
@yutin I see. It seems like it is impossible to run tor on heroku, right?
No 100%, but I think that's correct
https://github.com/g0v/g0ver-box repository at here, ToDo I need let it support multi-language and easier to use.
So heroku allows developers to deploy docker?
I’ve built tor docker successfully and if the tor docker deployment is available on heruku. heroku can truly help us to build client bots as bridges!
Hmmm... Actually, maybe?? But my impression is that hidden services always need to be on their own servers to be secure, so not sure how they could bebhisted securely on a paas
But maybe other pieces of this app could be hosted there?
It will be secure as long as we pass the traffic through the tor’s socks server. Yes, the IP of bot is going exposed, but all the traffic will be transferred to our hidden service which is hidden inside the tor network.
so for, I run on heroku
Coo. Whats the app name btw? (Trying to create an inventory of who has access to what :) )
2018-11-13
@yutin I see. It seems like it is impossible to run tor on heroku, right?
No 100%, but I think that's correct
https://github.com/g0v/g0ver-box repository at here, ToDo I need let it support multi-language and easier to use.
g0v 專案與技能媒合工具. Contribute to g0v/g0ver-box development by creating an account on GitHub.
- 💯1
So heroku allows developers to deploy docker?
I’ve built tor docker successfully and if the tor docker deployment is available on heruku. heroku can truly help us to build client bots as bridges!
2018-11-14
I purpose an idea for g0vhs: Our system gives users two options for registration: users can enroll with their customized names and password or the service provide random hashes and password for usersthat. The random user ids are only valid in a very short period. In this way, they can assure that they identity will not be revealed easily.
What do you guys think?
use https://hack.g0v.tw/ or an anonymous id ?
Anonymous Id
Hmmm... Actually, maybe?? But my impression is that hidden services always need to be on their own servers to be secure, so not sure how they could bebhisted securely on a paas
But maybe other pieces of this app could be hosted there?
It will be secure as long as we pass the traffic through the tor’s socks server. Yes, the IP of bot is going exposed, but all the traffic will be transferred to our hidden service which is hidden inside the tor network.
- 👍1
2018-11-15
So is this feature a good or bad …?
@yutin Do u use heroku pipeline for development?
I’m use pipeline not yet, look is an new feature, great.
2018-11-16
heroku can’t run docker, maybe we can use k8s on Google cloud.
it can't? I mean, it can't run docker, but it can deploy containers, can't it?
Here is the document, so what do you mean it can’t run docker?
https://devcenter.heroku.com/categories/deploying-with-docker
https://devcenter.heroku.com/categories/deploying-with-docker
I was just acknowledging that the heroku dynos don't run the docker binary, ie "the hypervisor-like thing that does container management". They do run the docker _containers_. I think we're saying the same thing :)
looks is a new feature
We want to build slack bot with Golang, do you have interest, @yutin?
I’m use pipeline not yet, look is an new feature, great.
use https://hack.g0v.tw/ or an anonymous id ?
hack.g0v.tw
帶上你的腦袋與雙手,直接到活動現場找尋志同道合的提案吧!零時政府黑客松由 g0v 揪松團舉辦,兩個月一次的單天活動,百名與會者來自不同的城市、背景、專長與年紀,利用三分鐘的時間將自己想做的事快速發表,並在活動現場尋找志同道合的夥伴,發揮各自所長,同時透過線上與線下協作的方式,用弄髒雙手的精神來「讓事情發生」。
it can't? I mean, it can't run docker, but it can deploy containers, can't it?
2018-11-17
Anonymous Id
Here is the document, so what do you mean it can’t run docker?
https://devcenter.heroku.com/categories/deploying-with-docker
https://devcenter.heroku.com/categories/deploying-with-docker
devcenter.heroku.com
Resources for Docker-based Heroku deployments.
- 👍1
I was just acknowledging that the heroku dynos don't run the docker binary, ie "the hypervisor-like thing that does container management". They do run the docker _containers_. I think we're saying the same thing :)
looks is a new feature
2018-11-18
We want to build slack bot with Golang, do you have interest, @yutin?