PixelBot | 23 points
Do not trust PGP from mods!
They locked my other thread before I could respond. They are purposely trying to make a fake discussion to fool stupid people: https://www.reddit.com/r/pizzagate/comments/5djj4a/this_subhas_been_compromised_look_at_mod_list/
They are acting as if the PGP solution is good, and responding to each other in a chain, since PGP has been a topic of discussion with Assange. Please understand what this tech even is.
A PGP signature of a mod does NOTHING GOOD. We have already been compromised, what would we ever care about a PGP key from a compromised mod account? Please look into the 2 people responding to each other in that thread. That would be like asking someone "Hey, are you a bad guy?" and they respond "Nope!". You are just taking them at their word, and their dumb ass PGP solution is nothing but to trick stupid people.
Nothing should be trusted in this subreddit. Perhaps even this post! All I ask is that you look and read, and make up your own mind.
Furthermore, lots of users are being baited into a "Matrix" chat room. It's a honeypot.
Reddit is meant for discussion, don't trust ANYONE telling you to have a discussion elsewhere, including PMs. Most of the time, third party software is being used to capture your IP address, and also connect different online identities together (connecting your reddit account with other real world accounts).
FuckYoKarmaNigga | 7 points
This guy runs around every sub with this same scare tactic shit. You're just creating noise and confusion.
Piss off.
PixelBot | 18 points
Redditor for 2 days.
People reading this - do you see a trend yet? Look for patterns.
FuckYoKarmaNigga | 3 points
Read the sidebar, guy. They advise using throwaways for obvious reasons.
You are not adding anything of value here, or any sub for that matter. Check this guy's post history holy shit. You a bot bro?
PixelBot | 18 points
To anyone reading this:
They will always use the same tactics in responses, and try to re-frame conversations. Read my post history, he's hoping you won't.
I'm not here to scare anyone, I'm here to tell people not to trust the proposed solution that was offered in the link thread. The solution that those 2 mods agreed to, and locked the thread, IS NOT VALID. Any technical person will know that.
They will continue to try to reframe my conversation, but there are more of us than there are of them.
FuckYoKarmaNigga | -1 points
I think anyone with a reasonably sound mind would look at all of your posts/comments and think "ehhhhhh this guy might be bonkers."
What's funny is I'd agree with most of your points about security and being cautious (I just commented in another thread advising people to not download random software).
But you're bonkers bro. Get some fresh air and take it down a few notches. You're either trolling or way too excited. Or a bot.
PixelBot | 11 points
Fair enough!
I'm enjoying a beer and patio right now! Hope you're doing well too.
And yes, I am excited - as in I want to find the truth about Assange! I hope you do too!
FuckYoKarmaNigga | 3 points
We all do! But it's tough with distractions like this. Maybe you are not aware, but your posts make people think "ah fuck it why even bother researching, shit is rigged anyway"
Maybe that's not your intention, maybe it is. Honestly it's hard to tell.
Enjoy your brew. I'm sipping a tea myself. Peace.
pizzapartywithkids | -3 points
I'm not here to scare anyone
Maybe not but it sure comes across as concern trolling.
PixelBot | 13 points
"concern trolling" Nice, sweet buzzword to control the narrative. Your tactics are failing.
There are more of us than there are of them. To anyone reading this, look for patterns in their response behavior.
_Bubba_Ho-Tep_ | -4 points
Is your life so boring that you have to pretend real life is a spy movie?
Calm down with the drama and conspiracies.
conspExec | 2 points
You my friend have no idea what you're talking about. For those who read this post the only thing you should take from it is to do your own research.
PixelBot | 12 points
Redditor for 2 days.
Holovoid | 0 points
Dude why are you so obsessed with throwaways? I've been here for a week and change and the mods have been saying to use throwaways for as long as this sub has been active.
Tbh you're just creating drama.
Full disclosure, I don't fully believe the whole pizzagate thing, I just enjoy conspiracies.
PixelBot | 4 points
Because there has been a pattern of behavior from some new accounts - not all. They set off the detection almost every time.
Aeja226 | 2 points
Ok jesus people I am a mod and I'm going to release the mod logs. Hope this clears things up. Stop freaking out and focus on the matter at hand
pleasedontsuicideme | 10 points
Thank you. I hope you can understand why a lot of us are concerned. Especially since the side bar says "ATTENTION: Make sure you protect your anonymity. This is not a joke." coupled with a lot of weird shit going on.
Try to put yourself in the shoes of people who aren't mods and just see some questionable things going on. Transparency here is important.
Thanks again.
ned_harriman | 1 points
I'm going to lock this thread because /u/PixelBot is moving from expressing valid concerns to trolling and spreading FUD.
If anyone things the matrix protocol is a scam, or the Riot App is insecure, they can examine that elsewhere.
pleasedontsuicideme | 16 points | Nov 18 2016 07:56:46
I don't fully trust this Matrix chat room myself. They are posting it publicly, so why post it at all? They aren't vetting people to come onto it and it is available to anyone...so I just don't see the point of it vs reddit.
Just my 2 cents.
permalink
PixelBot | 12 points | Nov 18 2016 07:57:55
If you connect while using wireshark, you can watch the network traffic it's using.
DO NOT TRUST MATRIX. It is definitely a honeypot operation.
permalink
pleasedontsuicideme | 8 points | Nov 18 2016 07:59:27
You probably noticed, but your other thread has already been locked.
permalink
PixelBot | 13 points | Nov 18 2016 08:01:14
Yes. They have been locking all of them.
I don't care about them, I just want the community to see for themselves.
All I ask, is that you keep working, and supporting the work of others to find the truth!
Don't trust anyone trying to demotivate you. They will try to appeal to you based on your comment history.
permalink
pleasedontsuicideme | 10 points | Nov 18 2016 08:06:43
Thanks for posting. I wasn't sure if I was the only one thinking the matrix/riot chats were sus.
Not saying it is 100% a honeypot. But again...why post there and risk it rather than just sticking with reddit...?
permalink
PixelBot | 15 points | Nov 18 2016 08:08:38
Let me ask you. When is the last time you've ever heard of that chat room? Ya, never. And I bet you use reddit all the time.
It's a trap, and people are falling for it.
They have now locked my warning against honeypots: https://www.reddit.com/r/pizzagate/comments/5dl9vf/honeypots_are_now_getting_posted_be_careful/
permalink
pleasedontsuicideme | 13 points | Nov 18 2016 08:12:03
Exactly, I did a search for matrix chat room and riot chat room and hardly came up with anything other than some LoL people using it.
Also, why is the upvote at 60%? I see other threads that are super tin-foily and dumb get 80-90%...
Again...could totally be legit and we are over worrying but....I always say play it safe.
permalink
PixelBot | 11 points | Nov 18 2016 08:13:43
Because the entire point of this subreddit, now that it's compromised, is to increase the noise ratio.
They don't have time to carefully plan this, so the attack plan is to create a wild goose chase.
permalink
ned_harriman | 1 points | Nov 18 2016 13:25:37
You know what, I've been watching you for a while. I get that people are confused. We all are to some extent.
But this really fucking pisses me off. You clearly know nothing about matrix (I'm not one of the core devs myself but at least I know what is encrypted and what is not, and the security features which go far beyond SSL encrypted traffic).
So you pointed wireshark at the SSL stream (you do know that ALL the urls we have given out are https, right) and you saw what, exactly?
If you can't answer what you determined from sniffing SSL traffic, then shut the fuck up. Or are you going to call Snowden a shill for encouraging people to use SSL?
Take a breath. Go learn something about encryption. What do you know about matrix? Come back and then let's have a reasonable discussion.
We only deal in the realm of facts on this DOM. Speculation and hysteria have no place here.
permalink
PixelBot | 14 points | Nov 18 2016 13:42:36
Funny common trend with you people.
Discredit. Divide. Re-frame the conversation.
This reply will be for everyone reading this. He does not want to have a real conversation, but I'll address the points:
I work in the field, but never called myself an expert. Interesting that you work on Matrix, because I'd know if you worked at amdocs, and you don't. I'm a very experienced software engineer who enjoys software debugging, reverse engineering and hacking. I'm very aware of many types of attack vectors, but I'm not a network ops guy.
Educate yourself about advanced techniques: https://www.schneier.com/blog/archives/2013/10/how_the_nsa_att.html
Do you want links for me to show you how SSL can be exploited? We both know what SSL is.
I refuse to connect to the endpoints being provided here, and I won't get tricked into it. I did NOT connect to the endpoints. But if I was going to, I'd use wireshark, as I suggested above.
Wireshark is a tool any network analyst uses, you should know that. My advice to him was to inspect endpoints.
Just because a connection is encrypted doesn't mean a) it's not exploitable b) it's safe, c) there aren't other connections/diagnostic info.
In any network analysis, topology must be established first. Wireshark is always used.
I've noticed a common theme with people like you. You attack people personally, with anger. You get REALLY MAD. Calm down, and stop trying to discredit others.
I'm not here trying to discredit you, but I should. I won't, because I'm going to let other people read your history of suppression.
I'm out here trying to find answers. Keep people safe, encourage. If you haven't seen a honeypot on 4chan, reddit, or elsewhere before, you are deceiving others - they exist, and they work.
Maybe you're telling the truth - but don't act as if it's not suspicios, and I'm not going to advocate anyone clicks links that are sent from very suspicious people, under suspicious circumstance.
Since when do mods ever send private chat requests to people with dissenting opinions? Since when do mods offer day 1 accounts mod access? The thing is crazy, and you want to discredit others who are trying to protect others.
Oh and by the way, here's some info about why trusting SSL blindly is a bad idea: http://arstechnica.com/information-technology/2014/06/a-year-after-snowden-internet-crypto-remains-spotty/ https://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security http://thehackernews.com/2016/08/nsa-hack-exploit.html http://thehackernews.com/2014/02/apples-ssl-vulnerability-may-allowed.html https://www.scmagazine.com/mitm-attacks-can-force-a-downgrade-to-ssl-30/article/540030/
Oh, one more thing. Matrix appears to use RapidSSL. http://www.computerworld.com/article/2504294/security0/flame-crypto-attack-very-hard-to-pull-off--researcher-says.html Not the first time rapidSSL is in the news for having crack-able certificates.
In the future, stop trying to discredit others as soon as they disagree with you.
If you REALLY cared about privacy, you would understand my concern. Instead you want to tell people I don't know what I'm doing. People need to have caution about what they click on the internet. If you want to educate people, you can't send PMs to people with disenting opinions out of the blue, while locking threads, and banning people - that's fishy as hell. You're acting as if there isn't reason to be concerned. Read the sidebar:"ATTENTION: Make sure you protect your anonymity. This is not a joke. For at least 30 years if not longer the things we are researching have perpetually been covered up by all of the most powerful people and organizations all over the world and has lead to people disappearing! | I highly recommend using Tor and a VPN, a reddit throwaway account is not a bad idea either!". Did you not read the sidebar of your own subreddit? There is excellent reason to be concerned, and you are trying to convince other people not to worry about clicking random links from untrustworthy people.
permalink
ned_harriman | -2 points | Nov 18 2016 13:56:15
I know honeypots exist. The difference is, you are running around calling matrix.org a honeypot. With zero proof.
You are correct I have no association to the org or the software project. But I'd go talk to them before accusing them of having utterly failed in their mission. Without any proof.
I don't trust SSL blindly. I also don't believe that you fired up your wireshark and managed to compromise the SSL cert of the Riot app, or the encryption on the matrix.org server. You had implied that.
I'm done this conversation, if there's nothing new to add. You haven't had anything to say for a while, and it's turning into meaningless banter. If you don't trust the matrix protocol, explain and provide an alternative. If you don't trust reddit (I'll just agree with you). If you don't trust us mods, provide reasons for your suspicions.
permalink
PixelBot | 11 points | Nov 18 2016 14:01:35
Stop trying to put people down in all of your posts. You always attack people, or put people down when you want to discredit them.
Everyone else is witnessing your behavior.
permalink
ned_harriman | -4 points | Nov 18 2016 14:10:47
Ok
permalink
PixelBot | 7 points | Nov 18 2016 13:59:52
Yep, I'm warning people of the danger, because I got a link to the same place, under really bad circumstances. I would not trust it, and I was passing on my advice. I've posted this numerous times but - it's just my opinion, he's free to think otherwise.
Again, you're addressing points I never made. I never said I ran wireshark against it. I said TO run wireshark against it. If you are going to go there, monitor. everything. Why the hell are you trying to make a counter point to that? That makes you untrustworthy if you don't agree that's a good idea. That's the first thing anyone does when investigating ANY endpoint. So please don't try to tell others that's a bad idea.
I'd advise the people I love in my life, not to click the link.
permalink
ned_harriman | 1 points | Nov 18 2016 14:14:07
You advise the people you love to not use the matrix protocol because you fear something will connect back to them? Do you tell people to not utilize email, either through webmail or a native client, for the same fear?
You're a troll spreading FUD. There are DOMs to discuss encryption tools. This is not one of them.
permalink