Right, but other services like gmail, who run in the background at the same time, are simultaneiously seeing the same endpoint of the VPN. Whats stopping them from comparing logs for profit? Google knows its me, I'm signed in. Same thing with any other app I have that uses a paid subscription. If someone that sees my credentials also sees my VPN endpoint, they can then share the knowledge of "who is using that endpoint" with those who want to know elsewhere on the web (those sites who I have not shared credentials wit).
Simple but effective encryption program
- Thread starter MNwr786
- Start date
Help Support Doomsday Prepper Forums:
- Joined
- Jun 16, 2021
- Messages
- 3,543
- Reaction score
- 15,598
Once you are on VPN all internet communications are on VPN.
Cisco CCNA. 20 years out of date, but i believe it still holds true.
EXACTLY MY POINT! You connect to both the website you want anonymity with and the site you share your credentials with using the same darn VPN endpoint. One knows who you are, the other does not. Profit opportunity.
I just turned on my VPN. I think I am safe going wherever I want on the web because nobody knows it's me. However, at the same time, my radar app (which I have a paid subscription for) does an automatic update. It does so on the same VPN tunnel, but with my identifying information. My weather app now knows I an using such and such IP suring this timeframe. Same thing with emails or push notifications, websites you identify to voluntarily in the background are seeing your VPN endpoint (but still know its you because your device said so). The bank, whom I just logged into with my VPN, now knows that today I was using whatever VPN endpoint. If there is a database run by the feds that wants to match activity from various unknown VPN endpoints, all they gotta do is bribe/threaten the people that already know its you thanks to background apps or unintentional activity. Its almost like you need to reconnect to a new endpoint every time you do something different online and, at the same time, prevent all other apps from running in the background. If you run windows, open task manager, go to resource monitor, then watch how many times it phones home! It happens when you switch to a vpn too, but your computer ID doesn't change. You are screwed no matter what now.
There will always eb a connection happening in the background with your credentials to someone other than the site you are expecting anonymity. All they gotta do is swap some favors and your 性交ed. And who passes up an opportunity to profit from automatically collected data?? Nobody these days.
There will always eb a connection happening in the background with your credentials to someone other than the site you are expecting anonymity. All they gotta do is swap some favors and your 性交ed. And who passes up an opportunity to profit from automatically collected data?? Nobody these days.
Last edited:
I bet, in todays war on privacy, the most valuable hack in the world would be a simple script on your phone that sent your device's unique id to an online server every 30 seconds. Thats all it would take to 100% monitor what everyones VPN endpoint is and when. And as everyone who has ever set their phone next to an AM receiver already knows, that bitch is constantly talking to someone!
So if your question is, "Is a VPN bulletproof security?"
I have 45 years of IT experience in just about every aspect of IT and am a retired IT director. I wrote a password sniffer in the 1970s just to see if I could...and I did and it worked. My answer based on my experience is NO! There is no such thing as bulletproof security. But the volume of traffic on the Internet is so large that they would have to have a good reason to go to that trouble to trace your VPN.
Going back to the courier explanation, they could watch the mailbox, see who the courier was, tail him back to the U.S. and eventually trace things back to you. But they would have to have a damn good reason to go that trouble.
I use Protonmail myself, but it's important to remember that even if you use Protonmail, that doesn't mean that a standard email sent from Protonmail is protected/encrypted. Only Protonmail-to-Protonmail is protected, or if you send an email with encryption, which most don't understand how to use.
Use Proton VPN. They offer "double protection" (they call it "secure core"). The NSA and probably others can figure out typical VPN's if they set out to do so.
You might think you have nothing to hide, but your government might disagree. What you think is unproblematic and innocent, your government might disagree, and act accordingly against you. Said/wrote only women can be pregnant? You might be in trouble already.Funniest part, we really have nothing to hide, just a means to defend privacy and ruffle the feathers of those who don't value itI hope they get paranoid like they want us to be! F*** 'em!
Last edited:
It sounds like you only use VPN in your browser only (built-in VPN). If you use e.g. Proton VPN, all traffic will be under VPN protection.
The more trouble for them, the better.
Do you have the source code? It's a little difficult to follow...My friend made huge improvements to my program and made it into an android APK (which I never could have done alone) intended for use with tablets and other android devices that will never see the internet. Now, the program generates and captu .......... at received it and nothing with encryption keys ever sees a networked device, and is destroyed instantly upon use! Not to mention, we do not keep the SD cards in the tablets, good luck finding that just to see what we will say next lol. Funniest part, we really have nothing to hide, just a means to defend privacy and ruffle the feathers of those who don't value it
I will have to ask my friend (who wrote it for android) for the source code, if he still has it. There are decompilers online that would probably do it.
I only know a little c# in visual studio. He uses that game building engine (unity) to make apps because, with the same code, it can exported to any format for any OS. So, I am sure, because it contains unity engine stuff, the program is a litle bigger size wise than what would be if coded for android without unity. Neither of us know how to do that in VS, so thats why he built it in unity.
I could make a short video on how it works, but I will try to explain it better here. Here are the key steps:
- The devices with the encryption app are on tablets with no data/cellular/wifi or bluetooth connectivity. These tablets are isolated from the internet and other devices 100% of the time.
- The tablet allows you to type in some text, then it encodes it with a random one-time pad it has on a sd card and creates a QR code and displays it on the screen
- you then take your regular cell phone and take a picture of the QR code on the tablet screen and send it to your friend
- he grabs his offline tablet, opens the app, and the camera on the offline tablet grabs the QR code (the secret message) from the networked device you sent it to and decodes it
- a one-time pad is an encryption key that has no logic and never repeats. It is true randomness.
- Both offline tablets have matching folders of this random one-time pad data on an SD card. A massive amount of it. Once either of the devices uses a section of the one-time code data, it remembers what folder, file and line that key segment came from, adds that location info to the QR code message, then deletes the key section it just used by writing zeros over that location.
- At this point, the creator of the encoded qr code has no ability to decode it. You now have a QR of the secret message, but no way to decode it because the app already deleted the key.
- As long as both people keep their sd cards with the matching one-time pad data secure (they are easy enough to hide), and never insert them into a networked device, nobody else can decode the QR.
- After the recipient decodes it, his folder also has that key chunk written over destroying it on his end (now both copies of that key are gone forever). So, even if the QR was intercepted via stingray or whatever gov tech is out there, it cannot be decoded because the only keys to it are not only gone forever, but were never online to begin with.
- The one-time pad data is thus kept off the internet completely and the only thing that sees the "network" is encrypted. A photo of a QR full of random text.
- If you use true randomness to encode something, the code generated carries with it the same randomness as the one-time pad and cannot be cracked.
- If that is hard to understand, think of it like this. If I encode "HELP" with GWTI and get "EUVT" out, you wouldn't know if I used GWTI (decoding to "help") or TEFO decoding to "bomb". Because GWTI and TEFO have no logic or pattern associated with them indicating that one was correct and the other was not. For that reason, there is absolutely no way to know what key wasused because any carefully selected random-looking key could make it output any message you want, and the key looks just as randomly applicable. If I repeated a chunk of key, like GWTIGWTIGWTIGWTI, obviously a pattern would emerge and the key could be figured out. But if no part of it is reused and not based on something logical, it cannot be cracked due to the infinite, literally infinite, possibilities.
Last edited:
