Dear friends,
I know! I know! You want maps. I will try to post one later tonight!
Right now I want to share a few things with you and ask a few questions.
First, accessing Russian websites. I notice that in the US a lot of .ru and .su domains are blocked. Today I had to use a VPN to go through Israel to access a page in Russia (https://www.vesti.ru). But my VPN does not offer any outlets in Russia.
Question: does anybody know of a strong, solid and quick VPN with Russian outlets?
Next, I am swamped with emails. Forgive me, but I am physically totally exhausted (it’s not just work, it is also being the object of hate, that is quite exhausting and I don’t wish that feeling on anybody). So I am sorry, but unless your email is marked “IMPORTANT AND URGENT” I might not reply to it. I will READ them all, but that’s the most I can promise.
I recently discovered the website The Gateway Pundit (turns out they used an article of mine recently) and I found out that, according to TGP, Duckduckgo also deranks and censors. As you might now, Google has massively deranked the Saker blog, and I don’t care since our traffic does not depend on search engines, but I do want to use a search engine which I could halfway trust when I need to look up something. So my next question to you is:
Question: which is the least bad, the least corrupt, search engine out there? It would have to be one physically and legally based outside Zone A.
Next, I was told by an IT friend that the messenger Signal is not truly free and open source (FOSS) software. Here my questions do you are:
Question: do you know of a 100% FOSS messenger, including its internal encryption mechanisms?
That’s it on my end.
By later this afternoon, I hope to bring you an update and, yes, a map :-)
Hugs and cheers
Andrei
Pure VPN is excellent, fast and has servers in Russia.
VPN Surfshark
Best most secure msg app the Briar which can be found on F-Droid
I would highly recommend an xmpp based solution if you want to avoid the spying that is prevalent on many, if not all, of the popular messaging systems.
You can run your own server using ether the ejabberd or OpenFire servers (there are others bit those are the two I am familiar with). I’ve used ejabberd quite a bit. it is 100% FOSS, very performant and stable. You can use the same server to provide XMPP, MQTT, and Websocket protocols as well as using it to server web pages. Additionally it can operate as a STUN server for voice and video calling. It servers there as a switchboard that sets up direct links between clients rather than routing calls/video through a central server.
You will need to choose a client from one of the many clients available several of which are open source. These exist for Window, Linux, Mac, IOS, and Android as well as browser based client. Choose a client that supports OMEMO (there are several although I haven’t looked for one for a handheld). OMEMO provides client to client encryption and thus would protect everything except the TO/From Addresses. I you want to you could easily add a forwarding service what would break the link between sender and receiver (except at the server), If you configure the server to keep no logs you will have the privacy protections you want.
what is Andisearch.com….says it is going to break the internet ….?????????? Any use??????
Not a messenger, but mailpile.is app provides encryption for email communication. It’s open source, everything is stored locally (no servers).
Andrei: this is Atul Saini, president of BaZaa Networks Ltd. We’ve developed a fully secure, anonymous Chat system which stores no messages. You can use nicknames, all messages are encrypted and nothing ever hits the disc. So messages are not stored but in a ‘live’ session, both parties can exchange whatever information they want. Once the window is closed, all messages are lost. Other than via keystroke capture, it is impossible to hack BaZaa. No tracking, no tracing, no IP addresses, you don’t even need a SIM-card on your phone to use it – just an internet connection. Much more secure than any existing system on the planet today.
BaZaa also has a Peer to Peer Publish and Search system. Your published “Buzz” (like a peer to peer Tweet, but there’s no web-interface), matches any person that types any interest as long as all keywords in the Interest are found in the Buzz. This is essentially uncensored Peer to peer Google.
Please see http://www.baZaanetworks.com for more detail. The system only works on ANDROID phones and desktops for now. It is NOT Opensource right now because that whould allow governments too hack the system.
You can contact me on whatsapp for starters at +44 7808 161603, or +91 98457 90865. Bazaa is pure FREEDOM Software.
The Playstore Link is: https://play.google.com/store/apps/details?id=com.bazaaptp
Desktop versions (apple, Windows, Linux) also available. Please download and check the system.
well…
Russia Today suggests PsiPhon.ca (or was it PsyPhone ? Whatever, it is on Wikipedia ) VPN. And while it was said the project is sponsored by Google still RT’s experience is backing them.
——
Signal, for what i understand, is very unfriendly towards other messengers using their servers. They say “we give you sources and you are free to use them, but mantaining working network of servers is hard and costly work, and we do not want to do it for you”.
I did not dig, but it seemed the general consensus was like that:
1. Forked Signal-derived messengers technically can connect to Signal servers and interact with Signal messengers, because technically there will be next to no difference between vanilla Signal and fork with minor enhancements.
2. Still it would be ungrateful to do so and good forks should avoid it.
So, if Signal in general is okay for you you might seek to buukd your own Signal from sources, or to find some small punk group who do their slightly changed Signal.
3. If used on Android phone/tablet you have to appreciate that for “legit” apps Google provides a centralized and power-optimized notification service. Forks can not use it and instead had to do “good old polling”, spending battery noticeably faster.
—–
Same is true about Telegram, there is official app and unofficial ones. And you can build your own from sources.
Telegram network though requires phone number for logging in…
Vanilla Telegram seems to have non-encrypted chat by default, so if you forgot to turn encryption on – bad luck.
Signal and Telegram exchanged opinions on where to draw the line between comfort and privacy.
—-
Signal protocol, end to end encryption, was also added to many XMPP/Jabber clients. XMPP is considered stagnating (hokywars about proprietary vs federated protocols), but does not require mobile phone number.
Of XMPP clients there are many opensource ones, but it is the same story: you either do build them yourself, and after you checled the code yourself, or you do entrust those who did the build for you. It is fundamental, you always trust someone who did the build. You do not trust Signal company, okay, but then chose whom you will trust to.
—
There is an interesting project, Delta Chat.
They turn any full-featured IMAP e-mail server into a chat-like messenger.
When two DeltaChat instances exchange mails=messages they enter mutually encrypted mode.
However, i find their user interface heavy and uncomfortable, also there were reports many mail servers ban Delta Chat soom, because of untypical pattern of very short e-mails very often looks like spam activity to them. My gmail was not banned though, in few months i tried it.
—-
But if you would need to really go under radar, i believe you have to go to serverless darknets like i2p and maybe Matrix.
Consumer qualities of internet, ease of use and speed, would be sacrificed. But darkwebs are called so for reason… If you need ultimate cloaking maybe it is worth it.
The most reliable thing you can do is set up your own VPN using Linux servers around the world primarily in neutral non-aligned countries. My company has such a network.
We use it to bypass censorship and “news” disinformation primarily with respect to financial markets and actual commodity prices around the world. [The mass media not only lies about political events, they also lie about financial market product prices (i.e. security prices), commodity prices, exchange rates, and even the weather.]
Their lying creates tremendous arbitrage opportunities, which pays for the servers and IT staff. I used to do productive work making genuine products that brought joy to people’s lives, now I play financial markets — it pays much better. I’ll have to go back to doing real work if, and when, the lying fake news stops.
I use Nord VPN and received this enquiry regarding there law enforcement policy. I was very unhappy(extremely!) about the news regarding Nord. I can connect no problem to Vesti.ru and a few others I like rutraker.org etc . I thought that had been blocked but must have just been a denial of service attack – so on the whole Nord is about as good as it gets in the so called West and I certainly trust it far more than Express VPN
here is correspondence verbatim from Nord
THINKING OF ASKING FOR A FULL REFUND ! TOTALLY SHOCKED BY THIS DEVELOPMENT
NordVPN to comply with law enforcement https://talkliberation.substack.com/p/big-tech-whatsapp-nordvpn
PRIVACY? In Australia or any 5 eyes country now we are increasingly losing all our freedom and you turn out to be a bunch of sell outs -are you CIA owned now? Or have you been purchased by the Israeli conglomerate that is a Deep state front anyway. Appreciate an honest answer
ps you will be lucky to have any customers left after this garbage
Hello,
Thanks for your email.
First of all, let me assure you that nothing has changed in the way we operate. PCMag did release an article that creates an impression that there was a fundamental change in our policies and that somehow we stopped respecting our values and our promise to our customers and we will now log user data under the request of law enforcement. Nothing has changed. There is no legal obligation for us to log user activity, and we won’t. Our infrastructure is built around the idea of privacy. That said, there are few things we want to make clear, to avoid confusion:
From day one of our operations, we have never provided any customer data to law enforcement, nor have we ever received a binding court order to log user data. We never, for a second, logged user VPN traffic, and the results of multiple audits prove that we are true to our policies.
We respect the privacy and security of our customers, so even if we were to receive such requests, we would do everything to legally challenge them.
However, if a court order were issued according to laws and regulations, if it were legally binding under the jurisdiction that we operate in, and if the court were to reject our appeal, then there would be no other option but to comply. The same applies to all existing VPN companies if they operate legally. In fact, the same applies to all companies in the world.
In the past, we made moves to secure our infrastructure from risks arising from the actions of states that limit freedom of speech. We will always stand up for such a cause with everything that’s in our power – that has not changed either.
Secondly, we would not be able to issue a refund as we only offer a refund within 30 days from purchase.
Do let us know if you have additional questions, we’d be happy to answer.
Best Regards,
Stella Gomez
Senior Customer Success Manager
Sorry to add yet anoth vpn; i use vypr. Its advantages are 1) it does have a server in russia 2) it runs its own DNS network, which apparently makes interception more difficult 3) offers an encryption protocol that it wrote itself that isn’t identifiable as being a vpn stream. This means it can bypass gov’t or private censors, including Netflix, and avoid the traffic/speed throttling or blocking to which other vpns are subject.
Saker/Andrei, have you considered Yandex’s search engine & Yandex’s browser? I use both and seem to be able to access .ru & .su websites without issue. However, I live outside Zone A.
Kind Regards & Best Wishes
A decade-long reader.
telegram only
Most of Latin America is neutral and I can reach https://www.vesti.ru directly. That suggests a non-US / NATO (allied) VPN in any neutral country of Latin America would work for you.
Andrei
On VPN’s, I have been using https://wevpn.com/ lately. It’s inexpensive and allows multiple devices. It is located in the British Virgin Islands which put it outside 14 eyes
https://wevpn.zendesk.com/hc/en-us/articles/360049737633-Privacy-Where-is-WeVPN-based-
It’s doesn’t have an outlet in China, but has many others. I chose Hong Kong and was able to connect to https://www.vesti.ru/
I noticed duckduckgo was being biased also. If you find a better search engine, please let us know.
Telegram is based in the UAE, so we can’t expected it to be impartial, although it has been carrying a number of good channels like ASBMilitary which has been banned from Twitter. it suppressed RT.com over a week ago. If you find a better one, please let us know.
Nord VPN allows access to most sites and is far more trustworthy than Express VPN
This is the reply from Nord regarding recent law enforcement
Hello,
Thanks for your email.
First of all, let me assure you that nothing has changed in the way we operate. PCMag did release an article that creates an impression that there was a fundamental change in our policies and that somehow we stopped respecting our values and our promise to our customers and we will now log user data under the request of law enforcement. Nothing has changed. There is no legal obligation for us to log user activity, and we won’t. Our infrastructure is built around the idea of privacy. That said, there are few things we want to make clear, to avoid confusion:
From day one of our operations, we have never provided any customer data to law enforcement, nor have we ever received a binding court order to log user data. We never, for a second, logged user VPN traffic, and the results of multiple audits prove that we are true to our policies.
We respect the privacy and security of our customers, so even if we were to receive such requests, we would do everything to legally challenge them.
However, if a court order were issued according to laws and regulations, if it were legally binding under the jurisdiction that we operate in, and if the court were to reject our appeal, then there would be no other option but to comply. The same applies to all existing VPN companies if they operate legally. In fact, the same applies to all companies in the world.
In the past, we made moves to secure our infrastructure from risks arising from the actions of states that limit freedom of speech. We will always stand up for such a cause with everything that’s in our power – that has not changed either.
Secondly, we would not be able to issue a refund as we only offer a refund within 30 days from purchase.
Do let us know if you have additional questions, we’d be happy to answer.
I use ExpressVPN connected to Singapore (Hong Kong and Macao work as well). It connects to vesti.ru a well as to all of the .ru sites I visit. I use Firefox mostly, with yandex search as an add-on. I live in China. No need to VPN that often, especially not for Russian sites.
I hope that helps.
** VPN: Route traffic via Baltic countries or ‘neutral’ countries
Check out this trustworthy site: https://restoreprivacy.com/vpn/best/vpn-for-russia/
Zecurity VPN https://zsecurity.org/vpn/ (by Zaid – popular ethical hacking trainer)
Note: ExpressVPN, CyberGhost, Private Internet Access, Zenmate – all owned by notorious Israel Kape Technologies – avoid it
I mostly use Surfshark, while also have Ivacy (haven’t tried yet)
** SEARCH ENGINE:
Metager.org
Swisscows.com
Searx.com
http://www.mojeek.com
qwant.com
search.brave.com
yacy.net (fully decentralized)
Note: Startpage is owned by System1 – avoid it
** BROWSER:
Brave
Firefox
https://iridiumbrowser.de
** CHAT:
Privacy or metadata concerns on almost all of them, but try Signal
For private chat, setup own installation of Zulip (https://zulip.com/self-hosting/)
** OS:
Tails (runs on USB)
BackBox
Parrot OS
BlackArch
Found this on the interwebz, android, desktop clients and webchat.
That is all i know i literally just found it.
“XMPP (Extensible Messaging and Presence Protocol) is: “a set of open technologies for instant messaging, presence, multi-party chat, voice and video calls, collaboration, lightweight middleware, content syndication, and generalized routing of XML data.”
XMPP provides an open and decentralized alternative to closed instant messaging services. XMPP protocol offers a lot of advantages:”
“It’s Open (which means is free, open, public, and easily understandable)”
“It’s Secure (SASL and TLS has been built into the XMPP core and E2E encryption can be implemented)”
“It’s Decentralized (its network architecture is similar to email, meaning anyone can run their own XMPP server, therefore individuals and organizations can take control of their communications)”
https://howto.disroot.org/en/tutorials/chat
Be very carefull about which VPN to trust.
Personaly i prefer ExpressVPN.
But people need to understamd that most VPN providers are NOT that safe.
Yes most will protect against man-in-the-middle-attacks.
But most will leave revealing info on the source providers servers. Which example usa government can abuse.
And Russia implemented law a few years ago that all VPN providers inside Russia had to leave such info on the local servers there.
So i will never use a Russian VPN option either. (Dome VPN providers left Russia because of it a few years ago).
So best is to use quality VPN provixer who is protected, but not hq/etc in russia. And which have se4vers within russia vicinity (but not necesary inside russia).
Be aware, ExpressVPN was acquired by Kape Technologies for a whopping $936 Million. If you have no idea about that, read this https://restoreprivacy.com/kape-technologies-owns-expressvpn-cyberghost-pia-zenmate-vpn-review-sites/
and this https://israelpalestinenews.org/kape-technologies-israeli-malware-company-buying-up-vpns/
and this https://www.technadu.com/which-vpns-are-owned-by-kape-technologies/304917/
also read who are the investors and what and where they’re infamous for (Panama Papers, Israeli surveillance, Cyber Espionage, etc..)
so, anyone using ExpressVPN, CyberGhost VPN, PIA VPN, Zenmate VPN
I used yandex search engine sometimes…
Have found Andeii’s written material to be of great interest. Full of information.
His video attempt to counter US agitprop was less successful.
Not a Russian speaker but listening to translations I don’t think Russian and English translate to each other easily. Whether it’s because some translators don’t understand English idioms well enough or if it’s something fundamental about each language, am not certain. Would love to learn more.
http://www.privateinternetaccess.com (VPN) has Ukrainian server no Russian.
I found this interesting article ” Which Companies Own Today’s Most Popular VPNs? – Hidden & True Owners Revealed!” … do take a look
https://www.technadu.com/companies-own-todays-most-popular-vpns-hidden-true-owners-revealed/307475/
Good all around open source info here..
https://goodreports.com/post/tech-podcast.html
Try search Engines
Brave search http://search.brave.com
Presearch http://presearch.org (uses blockchain)
ProtonVPN is great.
As someone in computer science, I was under the impression Signal is FOSS. I wonder what the friend’ justification is?
Saker
Russia has laws requiring VPNs to hold certain customer data and to release that data to the government should it be asked to do so. That is the reason why so many VPNs do not have Russian servers – there is no chance of privacy. With other VPNs they have servers in a country, but do not keep the logs that the Russians require and so when a government asks for data, the VPN will send them all they have – which amounts to almost nothing.
So if you use a VPN located in Russia, be aware that your data is kept and subject to Russian investigation.
Search engine? I use Yandex now that DDG has decided to turncoat.
Actually, I want to know if you have anymore information on the Pentagon’s secret biolabs in Ukraine…
You can use Tor Browser to access blocked sites. Doesn’t work on *every* site, though. Doesn’t work for thesaker.is, for example (or, rather, it works badly; you need to press Ctrl+Shift+L a lot).
Sorry, no dice with search. Until yesterday DuckDuckGo was my go-to choice for a search engine. Now I’m just as stumped as you are.
For a free messaging you can use Jabber (XMPP; it’s a federated protocol, like SMTP (i.e. email)) with OMEMO encryption (not all clients support that; I know first-hand that the Conversation client for Androird does; Try installing it from F-Droid). But that only works between consenting parties (with XMPP accounts and a desire for security). If you need to talk to random people – I have no advice for you. Security and privacy are tradeoffs. Also, security is always a security *against* something – so you should probably flesh out your threat model a bit before you make a decision. You can’t be secure against *everything* (well, you can, but you won’t be able to communicate with anyone).
A followup to my previous comment:
Some people recommend Matrix for messaging. I do know that the folks who came up with this technology are OK (i.e. well-intentioned), but I have a feeling that privacy and security were NOT at the forefront of their thoughts when they did so. That said, XMPP isn’t really better, but at least it’s more established. Matrix is the “new hot stuff”.
Also, there’s a way to force Tor Browser to only use specific exit nodes (or exit nodes from specific countries). You need to change the config file by hand to achieve that. The keywords to search for are “ExitNodes” and “StrictNodes”. For ease of use, once you figure it out, I would advise having 2 separate Tor Browser installs – one that is configured for Russia exit nodes and another that isn’t. But you won’t be able to use them simultaneously (it’s probably possible, but configuring them to co-exist is wa-a-ay above my abilities, and most likely above yours and your assistants’). Also, it’s not a silver bullet. A number of Russian websites block Tor exit nodes for some reason.
Proton VPN has Russian sites
A good overview of privacy-protecting, non-censoring search engines:
https://restoreprivacy.com/private-search-engine/
excellent search engines w/o cesorship an de-ranking: I mostly use Brave, works for me better than google.
* https://presearch.org/
* https://search.brave.com/
VPN with Russian exits:
* http://www.vyprvpn.com
* http://www.cyberghostvpn.com
* https://protonvpn.com
* http://www.hidemyass.com
I DO NOT KNOW any of the VPNs listed above, especially how “safe” they are.
HideMyAss has a bad reputation regarding cooperation with government agencies.
forgot something – without going into too much detail:
use Brave as a browser, to avoid being tracked and censored.
Reason: most other browsers (incl firefox!) lookup the address of each page being visited in order to see, if it`s “safe”. In case it is not, the browser will block it.
Make a guess, who owns the ONLY database of “safe/unsafe addresses”? Right, google.
I.e.Edge, Chrome, Firefox, etc all depend on google to “allow” access to every single page you visit.
Only Brave (to my knowledge) doesn`t .
About messaging: a decentralized, FOSS privacy combo is Jabber (XMPP) + Omemo (end-to-end encryption).
You would need to registered a jabber account on one of the privacy-oriented servers (or host your own on a VPS).
There are fully FOSS clients for Linux (dino, gajim, pidgin). For dino and gajim, Omemo encryption is built-in. For Pidgin, there are plugins for encryption – libpurple-lurch for Omemo and pidgin-otr for OTR (only 1-to-1 chats).
More details here: https://joinjabber.org/
1. Use Tor Browser instead of VPN.
2. A difficult question because the Duck is at least the Best of the great search machines. Try https://www.gruble.de/
3. Use Threema or Conversations (xmpp)
PS: in terms of privacy mullavad vpn ist the only choice.
Also checkout d.tube
You can see Oliver Stone’s Ukraine Documentary on it.
Go to The Corbett Report for your answer concerning search engines… an expert! :)
I use Brave search engine
There is no such thing as a secure communications app – because until the underlying device and operating system are secured, interlopers can just read your keyboard and see what you are saying before it is encrypted.
In a sense the problem is exactly parallel to the question of securing a Bitcoin (or other, similar) ‘wallet’- which is really just an encrypted file. The issues are identical – how do you protect your passwords from being stolen? So is the solution. In the case of Bitcoin, they call it a “hardware wallet”, but, really, the wallet is still software; it’s just that, now, the wallet is running on your computer, installed by you, and NOT connected to the internet.
In the case of secure communications, you would want to do the same thing – you would want to compose your messages on a machine that was disconnected from the internet, encrypt your messages while they are stored on the safe machine, delet your unencrypted data, and then transfer your encrypted communication, perhaps via USB device or CDROM, to your Internet-connected computer, where you would transmit the encrpted message, as an attached file, via email or other mechanism.
The software for encrypting and decrypting files is called OpenSSL. Install that, learn how to use it, generate a public key and load it to a key server such as the one at MIT, publish your key fingerprint, and anyone with Internet access and two computers can communicate with you securely. It won’t be secure forever, but it should be secure for ten or twenty years.
The Raspberry Pi makes an excellent hardware wallet / secure communications platform, IMHO.
This is exactly what I was talking about. If your threat model includes a 3rd party with access to your devices at hardware or OS level, then you need that kind of setup indeed. If your threat model is restricted to some nebulous *others* who don’t necessarily know who you are and who are not initially interested in you and don’t have access to your device, then you don’t really need to be *that* paranoid.
I use https://www.baidu.com/ .
It’s a Chinese website.
You can enter terms in English or Russian and it will come up with the results. It’s just that the summaries will be in Chinese. You will find that Ukrainian, Russian, and many other websites normally blocked or restricted in the West are available in China.
I have vypr vpn. I am able to select a server located in Russia. i just entered vesti.ru and was connected.
https://www.vyprvpn.com/server-locations
Incidentally, somehow I found your site in my effort to understand the Ukraine issue. I was clueless. Biden’s obvious provocation of Putin was suspicious. By chance, I heard a commentator mention Donbass. That started a search that has consumed virtually all of my waking hours. I want to thank you and your guests for such excellent information and analysis. Knowing that our US legacy media lies to the extent that they likely would self immolate and be called back to the Ninth Circle if they spoke a truth, I knew not to rely on them. After a bit of research, I had to discard previously trusted commentators who were parroting the Putin raging mad and obsessed with reclaiming all of Mother Russia narrative. The more I research, the more I am sickened by the actions of the US government – especially the despicable Nuland-Kagan, McCain and Biden. One of the worst discoveries from the documentary “Fascism: A history” was Churchill’s betrayal of Russia in planning Operation Unthinkable then Operation Dropshot. What a repulsive sub-human. I don’t know if you’re familiar w/ GETTR – supposedly a free speech site. When the question of Ukraine bio labs funded by the US arose, I posted brief summaries and links to the Russian Defense Ministry web site and the article by the Hungarian journalist on your site. Within hours, my account had disappeared. I shocked a friend when I said that I love Putin and Sergei Lavrov. I hope your more sophisticated readers will not make fun of me. I know I’m a novice but it’s lonely out here and appreciate being able to share. Anyway, thank you again for your contribution to my education and ability to discern truth from falsehood.
hi Andrei,
I use Cyberghost vpn, a Romanian company with lots of outlets, also in Russia and mainland China.
Kind regards
Werner
Ideal solution is if you have a good friend in Russia who is reasonably tech savvy and has a good internet connection, they can set up a VPN server or proxy server and DNS server for you at their own home/business. A dedicated small server would only cost $100-$200. Even a raspberry Pi could do it though might be a bit slow for VPN.
In light of recent developments I’m sure there’s plenty of HOWTOs on Russian tech forums to do such things and may people would be doing it.
As for messaging, as other have said the OS is the weak link. Matrix is probably best but you’ll need to RTFM to get it working the way you want.