CamScanner is free for students!

camscanner-phone-pdf-creator-full

I’m surprised that this isn’t very well publicized. They don’t make much mention of it on their website or really anywhere. But the awesome phone scanning app CamScanner is available to students for free, permanently, assuming you have a .edu email address.

Steps:

  1. Go to the CamScanner registration page and sign up with your .edu email address.
  2. Select Basic as your plan option.
  3. Verify your email.
  4. Receive an email telling you that your account is eligible for the .edu offer and have received pro features for free.
  5. Install CamScanner app and log in.
  6. Write a pleasant review, because they’re nice people who gave you something for free. Also, they give you an extra 200MB of cloud storage space for doing so.

CN2 for Foreigners: aka Faster Western Internet Connections for China Telecom Users

China’s internet could be best described as an open intranet, where domestically hosted content can entail blazing fast speeds, while connections to servers outside of China can be slower than finishing an entire Finding Waldo book. Many internet users in South China utilize the Chinanet network through China Telecom, a network with strong domestic interconnections but extremely congested pipes for international internet transit.

For those of us that can’t really live without uncensored journalism and cat videos on Youtube, we’re forced to resort to VPNs and other circumvention tools, generally reducing our speeds even further.

For those of you in certain parts of the People’s Republic of China, most notably Shanghai, you may be interested to hear that CN2, a still-censored but far less congested network, is available for an extra surcharge of 200 RMB+ a month.While CN2 is still limited by the Great Firewall of China, VPN/Proxy/Shadowsocks connections are generally far more reliable and stable, making it possible to stream 1080p off Youtube and enabling other high-bandwidth applications. You might get 5mbps at best for Chinanet to your (Asian) VPN, but Chinanet should be a dramatic improvement.

The requirement? A foreign passport.

While certainly more expensive, it’s definitely worth it for any stay in China.

Steps:

  1. Go into a China Telecom Office.
  2. Ask for 国际精品网.
  3. Present Passport
  4. ???
  5. Look at cat videos and gawk at Baidu.

Alternatives: Fyzhuji Shadowsocks relays your data with CN2 (via Chinanet) for a nominal fee to an outbound Asian server.

A-2016-00041 – Communications Security Establishment Canada’s (CSEC) Work on Tor

The Wubim Foundation recently filed an access to information request with the Communications Security Establishment Canada, frequently considered the Canadian equivalent of the NSA, requesting that they turn over all executive-level documents relating to the Tor Project within a relatively recent time-frame.

Request Summary

“All briefing notes, memorandums, presentation decks, and reports provided to the executive level at CSE (director-level and above) pertaining to: the Tor Project and related topics of Tor, Tor Browser, Tor Web Browser, the Tor Network, the Darknet, the Dark Web, The Onion Router, cooperation with foreign agencies pertaining to the Tor Project, Operation Onymous and Onion Routing.  Timeline: January 1st 2013 to June 20th 2016.  Exclude media monitoring.”

We received a heavily redacted mish-mash of communications and presentations that largely only confirms what has been public knowledge for a long time: cryptologic and intelligence agencies have been attempting to attack Tor for a long time, with unknown success. Regardless, I’m releasing the received documents for the benefit of the general public.

You can download the documents here.

Some observations:

  • There has been cooperation of an undisclosed subject matter, between CSEC and the GHCQ regarding the Tor Project. (Obviously, I know)
  • CSEC is doing interesting work on the Tor Project, enough that GHCQ leads are interested.
  • The NSA and GHCQ has some capabilities that could be ultimately furthered with the help of CSEC.
  • CSEC has an unclassified slide with a giant Q on it, just for questions.

 

 

The Rush for African Digital Gold: Gaming AfriNIC for IPv4 Addresses

Recently I’ve heard many grumblings about obtaining IPv4 addresses in light of the inevitable exhaustion of IPv4 space.

As a result, businesses and end users seeking large IP spaces to expand their size have been resorting to AfriNIC, for a cost-effective supply of IP addresses.

It is no secret that AfriNIC is a gold mine for numbering resources, standing as the last RIR with any sizeable degree of IP space and continued liberal IP assignment policies. This is largely in part, due to the slow adoption of internet and networking within the African continent. AfriNIC’s liberal IP assignment policies do not revolve primarily around IPv4 exhaustion, but rather seek to speed up and encourage the adoption of information age technologies in a sense.

Continue reading

How to Call iNum Numbers

inum-logo

Recently, I’ve had an obsession with iNum, a project intended to introduce a new “international” country code for IP communications.  It’s really awesome because you can get iNum numbers from numerous VOIP providers for free.

Basically they’re in the format +883 5100 xxxx xxxx. Admittedly they’re very long, but that allows for a large degree of number allocation.

Keep in mind that virtually all cellular providers will allow you to send SMS messages to iNum. It will generally be pay-per-text or covered within [International] Texting Packages. Texting in general tends to be fairly inter-operable, Calling not so much.  I am able to text iNum from my Telus Mobility cellphone in Canada, it’s pretty great.

Continue reading

Ecatel is Rebranding to Quasi Networks

Ecatel Ltd. (AS29073) is now rebranding to Quasi Networks Ltd., and “moving” their corporate activities within the Netherlands, offshore to the tax haven of Seychelles, a virtually impenetrable corporate registry that is almost entirely anonymous in most cases (minus some tax treaties and law enforcement cooperation).

For those of you that are not aware about Ecatel, it is a major network rife with abuse, spam, malware and nefarious deeds. If I had to make a guess, I’d say that at least 90% of skiddie booters, “server-stress testing” and DDoS services are hosted on this network alone in terms of attack servers. They openly advertise IP spoofing and allow for illegitimate use of this network function.

It’s probable that they are switching their incorporation and brand in order to better protect themselves within a veil of anonymity off the public record and legal liability. It is extremely hard to pierce the corporate veil in the Seychelles, operating at nearly the same level as Nevada.

Certainly worth a mention considering the significance of Ecatel upon the world’s cyber-crime figures. Ironically they list an abuse email, but of course they have never acted upon nor replied to any of my abuse reports.

How to Set a Preference for IPv4 Connections in Linux

I’ve had some issues with Debian’s AAA (IPv6) records for their repositories and Crissic’s awful IPv6 routing. They tend to be ridiculously slow.

It turns out that it’s possible to keep IPv6 operating, but simply prefer IPv4 connections whenever possible by editing /etc/gai.conf in your linux distribution.

Simply just run:

nano gai.conf

Or substitute nano for your favourite text editor.

At this point, just add or uncomment the following line within gai.conf

precedence ::ffff:0:0/96  100

Voila. Once completed, you are no longer subjected to the tyrannies of subpar IPv6 routing, and have slightly hindered the adoption of IPv6.

Why China’s Internet is Slow to Western Websites

On September 20, 1987, two Chinese scientists sent an email to their German counterparts. Their email read:

“Across the Great Wall we can reach every corner in the world.”

Since then, China has undergone unprecedented investment in internet infrastructure. It has built fibre optic cables, established national telecom operators and reached an internet penetration rate composing of nearly half of it’s population.

A question that frequently comes up is: Why is China’s internet so slow to [insert western website here], and there’s a couple of reasons.

The first reason is simple: China is known to have engaged in throttling of websites like Google. The tactic is meant to deter users from using services not located in China, while maintaining the appearance that they’re not engaging in censorship. This has been widely acknowledged (see CFR).

Another reason is a bit more complex, and applies to all internet traffic including VPN and SSH traffic seeking to avoid Chinese censorship.

China’s internet is dramatically saturated. When you’re trying to accommodate for 500+ million internet users, you’re going to run into a number of bottlenecks.

To preface this, your internet connection doesn’t go to a central hub. Generally, your internet connection will be to a small ISP, which will rent a certain amount of internet connection to a larger ISP (such as an internet backbone), which will rent access to underseas internet cables and perhaps to an even larger ISP. There is much more to this, but your ISP will seek to find the fastest route to the website, that it has access to.

Evidently, China’s ISPs doesn’t have much infrastructure in terms of undersea cables. Much of China’s internet revolves around access to domestic websites. Chinese users use Baidu instead of Google, Taobao instead of eBay and Sina Weibo instead of Twitter. China’s ISPs generally invest in domestic infrastructure instead, which sees much more use and utilization. There is far more capacity for inter-China connections, and therefore your internet speeds will be far higher.

As well, China’s ISPs have a monopoly. There are only two ISPs, China Telecom and China Netcom. There is little competition to provoke them into greater infrastructure development, and internet users can’t vote with their wallets.

So when you use your internet connection to access something hosted in the United States, you’re competing with millions of other internet users within a woefully at-capacity underseas cable. Your internet will slow to a crawl, as well everyone else’s internet.

tl;dr Domestic Internet is faster because there’s more cables. You’re competing with a million people on a few cables for internet access (thereby overloading said cables) when you’re accessing western websites and servers.

FlexDelivery and Lettermail

Canada Post introduced the FlexDelivery service in May, which allowed for parcels and packages delivered through Canada Post to be picked up directly at Canada Post offices and retail outlets.

It was introduced to compete with other shipping providers, provide convenience for receivers and to reduce incidence of package theft in neighborhoods where packages are stolen on a frequent basis.

I long wondered if Canada Post could also be used as an address intended for receiving lettermail, to use for my WHOIS entries and freebies. Canada Post has said on numerous occasions that FlexDelivery was not meant for lettermail.

A comment thread here is an example.

So as a quick experiment I sent off 4 different envelopes to various outlets throughout Vancouver on different days. The delivery standard was 2 business days for local mail.

  • West Georgia Retail Postal Outlet (right by Granville Station in London Drugs
    • Delivery Time – 2 business days days (July 1st-July 3rd)
  • Metrotown Kwik Images Retail Postal Outlet (located in Metropolis at Metrotown)
    • Delivery Time – 5 business days (July 10th-July 17th)
  • Vancouver Bentall Station
    • Delivery Time – 2 business days (July 17th-July 20th)
  • Carlton Cards Retail Postal Outlet (by Waterfront Station)
    • Delivery Time – Lost in Mail (not sure if this is due to an actual postal hiccup or because of FlexDelivery)

So as a rule, FlexDelivery does work for lettermail but be aware of potential service delays. Send yourself a lettermail to make sure your FlexDelivery location handles lettermail correctly.

I wouldn’t use this for actual postage, but it may serve as an adequate address if you ever have to reveal an address but you don’t want to reveal your home address. For example, WHOIS entries or having a buyer return a package to you.

 

The Government of Canada, and the Heartbleed Vulnerability.

In April 2014, a security vulnerability was discovered in an implementation of SSL/TLS known as OpenSSL. This was known as the Heartbleed Bug, and exploited a missing bounds check within the TLS heartbeat extension.

The best way to go about describing it is with this xkcd comic:

The various institutions of the Government of Canada organized delayed and clunky responses, largely composed of early organizational confusion and drafting PR responses.

The Canadian Revenue Agency was also breached by a malicious attacker, using the Heartbleed Bug. As a result, an estimated 850 Canadians had their personal information compromised.

The following Canadian Government Organizations have been queried for information:

  • Public Safety Canada (Department of Public Safety and Emergency Preparedness): The department responsible for the Royal Canadian Mounted Police and the Canadian Security Intelligence Service. Largely responsible for protecting public order via policing and domestic/overseas intelligence.
  • Canadian Security Intelligence Service: Canada’s primary intelligence service responsible for gathering intelligence on domestic and international threats to the safety and security of Canada.
  • Canada Revenue Agency: The effective equivalent of the Internal Revenue Service in the United States of America, the Canada Revenue Agency is responsible for overseeing the financial affairs of Canadians, and to administer tax laws.
  • Privy Council Office: The secretariat to the Federal Cabinet, providing non-partisan advice and support to the Prime Minister of Canada, and relevant leaders of Canada.

Continue reading