173
submitted 6 months ago* (last edited 6 months ago) by SeventyTwoTrillion@hexbear.net to c/news@hexbear.net

Also known as "Foucault's boomerang" or the "imperial boomerang".

Image is of a sniper on the roof of the Indiana Memorial Union at Indiana State University, overlooking a student protest.


The Imperial Boomerang is the observation that the tactics of mass oppression and totalitarianism used by Western countries in their colonies and neocolonies will, sooner or later, return home to be used against the citizens of those Western countries. While the people living at the time of WW2 were, rightfully, in deep shock of the concentration camps used by Nazi Germany, those paying attention to what was occurring in Africa would not have been terribly surprised. Concentration camps were used in several countries in order to separate out ethnic groups and place them in more easily controlled environments which aimed to prevent them from rising up and fighting back against the Western governments which exploited them. There is the additional factor of governments taking notes from each other - Hitler was inspired by America's racial segregation and genocide of indigenous groups, which author Carroll Kakel among others have written books on.

Today, the totalitarian strategies used by the Zionist entity in occupied Palestine are being brought home to Western countries as the American Reich and its global influence accelerate in their decline. Gaza was and is a cyber-concentration camp, with digital surveillance taking place alongside old-fashioned techniques of paying informants. Aside from being an unsinkable aircraft carrier and disrupting the entire Middle East, Israel's primary role appears to be to generate new ways to monitor entire populations. Propaganda about China being an authoritarian police state with social credit scores and AI which knows where everybody is at all times was probably created, at least in part, to deflect attention from Israel doing those exact things. The paranoid and flimsy American regime with its gerontocratic upper circles now use these tactics at home: cracking down on any and all protestors with political views left of Mussolini; placing snipers on roofs ready to fire at the slightest provocation; and arresting organization leaders. Pegasus has wormed its way around the world, with a notable recent example in Poland, in which the previous conservative government used the spyware to monitor the current liberal ruling party. The Israeli military, experts only in killing children and not actual warfare, have trained the police of other nations.

It would be easy to end the preamble there, on a gloomy note about the brick wall - or, indeed, iron curtain - that upstart left-wing groups are up against. What history has shown is that these regimes are, in fact, beatable. Liberation movements around the world have found ways to counter imperialism, even if they required wars in which millions of their countrymen were murdered. The legacy of Israeli propaganda psyops and digital tracking is not victory, as Hamas demonstrated on October 7th and continues to show with every ambush executed and every Merkava destroyed. The legacy of Western military defence equipment is not success, demonstrated by every missile fired by Hezbollah and Iran which hits Israel. The legacy of the American Navy is not competence, with a naval blockade of the Red Sea still maintained after months by one of the poorest countries on the planet.

The protests of at least the last couple decades have been marked by failure to produce material results: from those against the Iraq War, to Occupy Wall Street, to the BLM protests of 2020. Of course, it would be silly to tell American protestors to start digging tunnels. But sooner or later, the failure of Western protest movements will be overcome, and a more effective strategy will be devised, in order to deflect the boomerang.


The COTW (Country of the Week) label is designed to spur discussion and debate about a specific country every week in order to help the community gain greater understanding of the domestic situation of often-understudied nations. If you've wanted to talk about the country or share your experiences, but have never found a relevant place to do so, now is your chance! However, don't worry - this is still a general news megathread where you can post about ongoing events from any country.

The Country of the Week is the United States! Feel free to chime in with books, essays, longform articles, even stories and anecdotes or rants. More detail here.

Please check out the HexAtlas!

The bulletins site is here!
The RSS feed is here.
Last week's thread is here.

Israel-Palestine Conflict

If you have evidence of Israeli crimes and atrocities that you wish to preserve, there is a thread here in which to do so.

Sources on the fighting in Palestine against Israel. In general, CW for footage of battles, explosions, dead people, and so on:

UNRWA daily-ish reports on Israel's destruction and siege of Gaza and the West Bank.

English-language Palestinian Marxist-Leninist twitter account. Alt here.
English-language twitter account that collates news (and has automated posting when the person running it goes to sleep).
Arab-language twitter account with videos and images of fighting.
English-language (with some Arab retweets) Twitter account based in Lebanon. - Telegram is @IbnRiad.
English-language Palestinian Twitter account which reports on news from the Resistance Axis. - Telegram is @EyesOnSouth.
English-language Twitter account in the same group as the previous two. - Telegram here.

English-language PalestineResist telegram channel.
More telegram channels here for those interested.

Various sources that are covering the Ukraine conflict are also covering the one in Palestine, like Rybar.

Russia-Ukraine Conflict

Examples of Ukrainian Nazis and fascists
Examples of racism/euro-centrism during the Russia-Ukraine conflict

Sources:

Defense Politics Asia's youtube channel and their map. Their youtube channel has substantially diminished in quality but the map is still useful. Moon of Alabama, which tends to have interesting analysis. Avoid the comment section.
Understanding War and the Saker: reactionary sources that have occasional insights on the war.
Alexander Mercouris, who does daily videos on the conflict. While he is a reactionary and surrounds himself with likeminded people, his daily update videos are relatively brainworm-free and good if you don't want to follow Russian telegram channels to get news. He also co-hosts The Duran, which is more explicitly conservative, racist, sexist, transphobic, anti-communist, etc when guests are invited on, but is just about tolerable when it's just the two of them if you want a little more analysis.
On the ground: Patrick Lancaster, an independent and very good journalist reporting in the warzone on the separatists' side.

Unedited videos of Russian/Ukrainian press conferences and speeches.

Pro-Russian Telegram Channels:

Again, CW for anti-LGBT and racist, sexist, etc speech, as well as combat footage.

https://t.me/aleksandr_skif ~ DPR's former Defense Minister and Colonel in the DPR's forces. Russian language.
https://t.me/Slavyangrad ~ A few different pro-Russian people gather frequent content for this channel (~100 posts per day), some socialist, but all socially reactionary. If you can only tolerate using one Russian telegram channel, I would recommend this one.
https://t.me/s/levigodman ~ Does daily update posts.
https://t.me/patricklancasternewstoday ~ Patrick Lancaster's telegram channel.
https://t.me/gonzowarr ~ A big Russian commentator.
https://t.me/rybar ~ One of, if not the, biggest Russian telegram channels focussing on the war out there. Actually quite balanced, maybe even pessimistic about Russia. Produces interesting and useful maps.
https://t.me/epoddubny ~ Russian language.
https://t.me/boris_rozhin ~ Russian language.
https://t.me/mod_russia_en ~ Russian Ministry of Defense. Does daily, if rather bland updates on the number of Ukrainians killed, etc. The figures appear to be approximately accurate; if you want, reduce all numbers by 25% as a 'propaganda tax', if you don't believe them. Does not cover everything, for obvious reasons, and virtually never details Russian losses.
https://t.me/UkraineHumanRightsAbuses ~ Pro-Russian, documents abuses that Ukraine commits.

Pro-Ukraine Telegram Channels:

Almost every Western media outlet.
https://discord.gg/projectowl ~ Pro-Ukrainian OSINT Discord.
https://t.me/ice_inii ~ Alleged Ukrainian account with a rather cynical take on the entire thing.


you are viewing a single comment's thread
view the rest of the comments
[-] panned_cakes@hexbear.net 50 points 6 months ago

https://arstechnica.com/?p=2021987

Microsoft on Friday provided a peek at a comprehensive framework that aims to sort out the Domain Name System (DNS) mess so that it’s better locked down inside Windows networks. It’s called ZTDNS (zero trust DNS). Its two main features are (1) encrypted and cryptographically authenticated connections between end-user clients and DNS servers and (2) the ability for administrators to tightly restrict the domains these servers will resolve.

anyone networking-savvy want to explain how Micro$oft is trying to fuck people with whatever this is

[-] puff@hexbear.net 18 points 6 months ago

"it’s better locked down inside Windows networks" = it has a backdoor Microsoft can use and give access to the cia

[-] AcidLeaves@hexbear.net 15 points 6 months ago* (last edited 6 months ago)

I don't think they are, just seems like a much needed improvement to record lookups tbh

Not everything is some secret op. Most software improvements are exactly what they are. Google didn't release Kubernetes to the world so they can at-will hijack everybody's containers

[-] panned_cakes@hexbear.net 5 points 6 months ago* (last edited 6 months ago)

Google didn't release Kubernetes to the world so they can at-will hijack everybody's containers

great point, software being open-sourced is ALWAYS a gesture of goodwill by Silicon Valley companies, silly conspiracy theorists!

as long as there isn't a direct backdoor, there cannot be an ulterior motive!

i love it, just like the "why would this be an op, it trashes amerikkkans" logic of Black Hammer

[-] AcidLeaves@hexbear.net 15 points 6 months ago* (last edited 6 months ago)

When did I say it was goodwill? Google open-sourced it so it can become the industry-standard like it has and they can reap lots of free labor from the community AND other companies to contribute/maintain their product instead of hiring and paying people to do it

Still doesn't change that Kubernetes is materially a great addition to the software world and isn't a malicious actor

Just like this DNS upgrade

[-] panned_cakes@hexbear.net 6 points 6 months ago* (last edited 6 months ago)

let me give you an even weirder example of security technology being circumvented by the feds, even though it actually works Tor relies on the exit notes not being compromised en masse by an incredibly resourceful entity with I mean, untold financial resources you know I'm talking about the US

let's say one sat there for hours. Debating with somebody whether tor was secure I would come to the conclusion it's great security software, and I have to use it without thinking about whether literally every single exit node or at least a large majority of them have literally been bought by feds so I'm asking for stuff. I'm not gonna think about that you know. I want access to the paranoias of more competent nerds than I am

I mean, I just really think my reach exceeds my grasp on the subject and that's not a reason to be less paranoid and assume security software is working. I am not really big on how security seems to be synonymous with US national security half the time with computer dudes. I mean hell on this DNS issue I'm speculating this could be some move by Microsoft to get around VPN but I don't know if they're already doing that. I'm sure they are. Maybe they're making it easier. VPN companies are compromised anyways I mean look at server map for Mullvad it belongs in always the same map that community on Lemmygrad.

However could just be a case of like you say, MicroSSoft being forced to actually compete, eventually, on security issues

[-] What_Religion_R_They@hexbear.net 5 points 6 months ago

VPN companies are compromised anyways I mean look at server map for Mullvad it belongs in always the same map that community on Lemmygrad

Can you elaborate?

[-] panned_cakes@hexbear.net 3 points 6 months ago* (last edited 6 months ago)

yannow how ThatOnePrivacySite used to have a thingy which would show you which intelligence-sharing agreements with NATO your VPN's country is in? I don't think that's really foolproof but consider that Mullvad's secure DNS servers are in Sweden and that would be a great place to attach the wiretap

Australia, Austria, Belgium, Brazil, Bulgaria, Canada, Czech Republic, Denmark, Finland, France, Germany, Greece, Hong Kong, Hungary, Ireland, Italy, Japan, Latvia, Netherland, New Zealand, Norway, Poland, Romania, Serbia, Singapore, Spain, Switzerland, UK, and of course USA

for Wireguard they also have Ukraine, Indonesia, and Thailand and I may be forgetting others

it's like a list of countries where a ~~removed~~ established member of the intelligence community wouldn't be shitting their pants about THE SEE SEE PEE

[-] What_Religion_R_They@hexbear.net 4 points 6 months ago

Very good point, and something I've considered myself. There's a tradeoff when it comes to security, and I've been grappling with it for a long time. If I want to do Serious Things™ then I will need to become Truly Secure™ and to do that... it's a lengthy process. At this point, "Security" has become an excuse to put off action, and I really don't know how to solve that.

[-] panned_cakes@hexbear.net 3 points 6 months ago

I feel the same, from knowledge and not having infinite disposable income, it's like my opsec is capped, and tech-libertarians aren't going to help us. They're just as concerned with the Chinese as their own govt which is still raking in Silk Road plunder years and years down the line, and that's all they use it for, illegal finances and drugs. Oh wait I forgot something important. Let's move on. At the very least I want to skootch people on to solutions which aren't a complete no-brainer like handing over all your internet traffic to the NSA directly, sending unencrypted text messages about unionizing that Starbucks can try to get a judge to pull. I don't just drop security procedures but I recognize their insecurity on a higher level.

[-] panned_cakes@hexbear.net 3 points 6 months ago

I know I'm going a bit nutty here, but Thailand and Indonesia being added recently kind of raises an eyebrow from me. Not involved with the datacenter business lol, I prefer being a geopolitical nutcase to stay far afield of anything that these people do as shit gets worse...

Thailand recently also started doing shit like mirroring US legislation about sending "nonlethal aid" to US-favored forces in Myanmar. That's a correlation that tells me I missed a lot of stuff happening.

[-] wheresmysurplusvalue@hexbear.net 13 points 6 months ago* (last edited 6 months ago)

(edit: Damn it, I only read the Microsoft article, but the Ars Technica article already explains all of this better. I'll keep this here in case this helps anyone.)

Sounds basically like an extension of existing encrypted DNS protocols (DNS over HTTPS, DNS over TLS) which integrates with the firewall. Can't think of a reason to be concerned about this. It strikes a balance between encrypting DNS lookups and allowing network admins to see which websites you're using. Think like corporate networks and work-from-home employees. If you don't configure it then you don't have to use it. "Zero Trust" is a marketing buzzword for the idea of authenticating endpoints before sending data, a lot of different things claim this label.

Quick primer on DNS (not a networking expert)

DNS is a protocol for converting names into IP addresses, so that you can type hexbear.net instead of remembering the IP address for hexbear. Classic DNS works by having a DNS server which provides IP addresses to devices which send lookup requests. DNS servers are usually hardcoded on your device somewhere in the system settings. Many free public DNS servers exist (Google has 8.8.8.8, cloudflare 1.1.1.1, etc) and also your ISP usually offers their own.

Company networks often have their own DNS to resolve internal names on the intranet (pointing to private zone IP addresses) before asking up the chain for names on the public internet. In a home setting, people also set up their own private DNS servers to block malicious names, for example to block advertisements by returning "not found" replies for lookups of domains that serve ads. (Pi-hole, Adguard)

Some problems in the classic model:

  • Privacy: Record lookups are sent in plaintext, so other devices on the same network can see which names you're looking up.
  • Security: No authentication of the DNS server itself or the replies it's serving. You are fully trusting that the server sending the reply is the one which you trusted. (Open to adversary-in-the-middle attacks)

To solve both of these problems, encrypted DNS uses certificates to both authenticate and encrypt DNS lookups. The response can only be decrypted if the server can encrypt the traffic using a key you trust. (Same idea behind HTTPS.) To be clear, encrypted DNS is already a thing, this is not the new thing offered by ZTDNS.

This ZTDNS (Zero Trust DNS) integrates with the firewall. A typical firewall blocks all incoming traffic by default, and allows all outbound traffic. This means you can't receive spontaneous traffic from hexbear.net if you never opened the site. However, if you first send a request to hexbear.net, then the firewall learns to open a hole for hexbear.net to reply back.

ZTDNS modifies this setup by blocking all outgoing traffic by default. Only when an IP address is known to be associated to an allowed domain, then the firewall allows outbound traffic to that IP.

I think the main point is that it forces all DNS lookups to use the system DNS:

  • A malicious program can't decide to bypass the system configured DNS server to resolve names some other way. This sort of method is used e.g. by Google products which try to bypass ad blocking DNS.
  • Strikes a balance between no encryption (network admins can tag your traffic) and encryption (network admins lose ability to see which sites you're accessing).
[-] ziggurter@hexbear.net 10 points 6 months ago

This part seems a little more concerning:

(2) the ability for administrators to tightly restrict the domains these servers will resolve.

[-] wheresmysurplusvalue@hexbear.net 10 points 6 months ago

I don't think this invents that ability, administrators already have control over firewall rules and DNS servers. If they wanted to block hexbear.net, they could already configure DNS to return "not found" for that domain. Or set up some firewall rule to block outbound traffic to 37.187.73.130.

I suppose this way is more secure in the event you get malware on your computer. If the malware tries to phone home and send sensitive information, it will get blocked by the firewall if the destination isn't allowed by the DNS. But that comes down to how effective the DNS rules are.

[-] ziggurter@hexbear.net 3 points 6 months ago* (last edited 6 months ago)

This is not true of existing secure DNS protocols like DNS over HTTPS and DNS over TLS, where the client makes a direct, encrypted connection to the DNS server. Not unless the client is configured to use the DNS server that the network tells it to, e.g. via DHCP.

I haven't looked at the details of M$'s design here, but it could be concerning if you're allegedly using a "secure/encrypted" protocol but the local network admins can still snoop/interfere despite the user configuring their system to securely connect to some well-known, outside DNS server.

[-] wheresmysurplusvalue@hexbear.net 3 points 6 months ago

Yeah agreed there. I have to admit I'm kind of split on encrypted DNS because it's so convenient to block ads on all devices on my home network, but obviously not giving that kind of control and information to network administrators is better, like on coffee shop wifi.

[-] panned_cakes@hexbear.net 10 points 6 months ago

I'm not afraid of the term Zero Trust lmao that would be funny "oh my god.. zero trust.. ... they're lying to us bros"

sure DNS over HTTPS is more secure but in practice isn't it just everyone handing over all their browsing history directly to google and cloudflaremost of the time anyways? watch them just leak all of the traffic to a third party server or something like apple

[-] wheresmysurplusvalue@hexbear.net 8 points 6 months ago

Lol yeah I'm not worried about Zero Trust either, just saying it's marketing fluff. And yes in practice this isn't going to fix all the other privacy issues with the internet. Microsoft doesn't care about that, this is about selling enterprise software with the word Zero Trust attached. But otherwise can't think of why this would change the game for normal people, even work from home employees who are already monitored.

[-] eduds6@hexbear.net 5 points 6 months ago

Yes this is what happens. You give them all your connection addresses.

[-] eduds6@hexbear.net 11 points 6 months ago

systemd will be soon introducing it, i`m very sure.

this post was submitted on 29 Apr 2024
173 points (100.0% liked)

news

23555 readers
802 users here now

Welcome to c/news! Please read the Hexbear Code of Conduct and remember... we're all comrades here.

Rules:

-- PLEASE KEEP POST TITLES INFORMATIVE --

-- Overly editorialized titles, particularly if they link to opinion pieces, may get your post removed. --

-- All posts must include a link to their source. Screenshots are fine IF you include the link in the post body. --

-- If you are citing a twitter post as news please include not just the twitter.com in your links but also nitter.net (or another Nitter instance). There is also a Firefox extension that can redirect Twitter links to a Nitter instance: https://addons.mozilla.org/en-US/firefox/addon/libredirect/ or archive them as you would any other reactionary source using e.g. https://archive.today . Twitter screenshots still need to be sourced or they will be removed --

-- Mass tagging comm moderators across multiple posts like a broken markov chain bot will result in a comm ban--

-- Repeated consecutive posting of reactionary sources, fake news, misleading / outdated news, false alarms over ghoul deaths, and/or shitposts will result in a comm ban.--

-- Neglecting to use content warnings or NSFW when dealing with disturbing content will be removed until in compliance. Users who are consecutively reported due to failing to use content warnings or NSFW tags when commenting on or posting disturbing content will result in the user being banned. --

-- Using April 1st as an excuse to post fake headlines, like the resurrection of Kissinger while he is still fortunately dead, will result in the poster being thrown in the gamer gulag and be sentenced to play and beat trashy mobile games like 'Raid: Shadow Legends' in order to be rehabilitated back into general society. --

founded 4 years ago
MODERATORS