Okay, time to configure the hidden BBS frens.
Alright! The BBS is compiled and running. I can access it locally.
I'm having a problem SSHing in to it because of a cipher mismatch that I'll have to fix later because I'm going to cookout now.
But I can telnet over tor in to the BBS (which, IIUC, is well encrypted anyway?) so I know my setup is good other than the cipher issue which should be trivial to fix.
Any of my MuFos experienced in synchronet administration?
I've never done this before, and I want to get it right.
After the cookout, I'll write up instructions for other people to connect and then do a quick "this is how we do it" post on my blog. (Still need to write up a tutorial on hostnames, and figure out how to do all of this if you're not on a unix.)
Eventually, if there's interest I'll migrate this to a pi 4 with more RAM and a huge HDD. (For storing... messages?) Until then, it can live on this 0w with it's 16GB SD card.
(of course, I also need to write a tutorial for running an onion proxy...
that's also a WiFi hotspot...
that can be connected to by an ESP8266 based modem...
so you can access my BBS over Tor from your [c64|amiga|DOS PC|Win98 Rig|tandy 100] )
Damn, this is going to be a long zine.
Anyway, once I have all those bits in place, I'll configure gopher access and FTP access and email and the like, all over Tor.
And then I can start looking in to federation! And maybe even some kind of activity pub bridge? i seem to recall some BBS had that at some point.
Okay, the cookout ended up being like 6 or 7 hours long, and then we just hung out at the park by the water.
So progress has been sparse, but here we go:
I have a lot of crap left to figure out, not the least of which is how to do uploads and downloads on linux (I've only ever done this on a real bbs on a c64 or DOS/windows 3.1 and on those systems file transfer is built in to the terminal application.)
I have lots of configuration to do, and lots of things to document, but it works.
So, is there a good reason for me not to use telnet over tor?
I've seen some vague handwavvy warnings that it's super insecure, but I can't understand how it would be any less secure than regular telnet (which is basically the least secure thing in the digital world), and it seems like it should actually be more secure because it's E2E encrypted by tor, right?
@ajroach42 No, tor is NOT E2E encrypted, it is encrypted until you hit the exit node, and then its raw whatever protocol out (in this case telnet, non encrypted). So, do you trust the Tor exit node you've picked? Do you even know who runs it? (We know for example that wikileaks got a lot of its documents from tor exit nodes; you can bet that every intelligence service runs tor exit nodes.
@david In this thread, I talk about this being an onion address, a hidden service.
It is e2e encrypted, there is no exit node.
@ajroach42 Well, that changes EVERYTHING.. like completely everything. TECHNICALLY that last hop is still in the open; BUT you 'have' to trust that the person who setup the service (you?) trusts that last node (hidden services use _6_ nodes instead of 3. You're good unless the person setting up the hidden service is an idiot :)
@david I'm the person setting up the hidden service, so I'm good unless I'm too dumb to be good. :-)
@ajroach42 Running the tor service on the same machine? should be golden.. if not I am sure in 0.001 seconds someone else will chime in!
@ajroach42 Bah, I've done similar, I don't see it as fundamentally different than stunnel, and it neatly handles NAT and firewalls to boot!
@david indeed. Lots of people have. The consensus is that this is not something anyone would actually endorse, but it's reasonably safe.