Updates to Website
All Races, Ethnic Groups, Religions, Gay or Straight, CIS or Trans: If you can rock with us, you are one of us.
For the time being register with Protonmail until I can check with G-Mail.There are issues with missing attachments. I am looking into this.
Topics of Interest
Kiwifarms Gossip & Slap Fights Kiwifarms Down a Lot
- Thread starter Cat Administrator
- Start date
These threads cover general gossip and interacting with Kiwifarms (openly calling them out).
JewNiggerCock
Remarkable Onion
doubt it, he'll whine and cry about LFJ and people will throw money at him
"da troooooons want 2 destroy freeze peach on da internetz plz gib mi shekels"
So Netkas is running the Telegram chat again... but Naia is also back? Is this the same Naia who was helping Null with the chat injection?
For those of you who don't know who I am referring to, Naia joined #DropKiwiFarms only to break ranks and call out Keffals & Co for going as far as to spread malware (the code for which we know Liz Fong-Jones' close associate Kevin Karhan was distributing through his Github account) and to target Null's lawyers personally in order to deny him legal representation: "stop attacking people's right to counsel and supporting the distribution of malware. Not a good look!"
Naia called out the "malicious dark offensive" tactics of #DropKiwiFarms:
For those of you who don't know who I am referring to, Naia joined #DropKiwiFarms only to break ranks and call out Keffals & Co for going as far as to spread malware (the code for which we know Liz Fong-Jones' close associate Kevin Karhan was distributing through his Github account) and to target Null's lawyers personally in order to deny him legal representation: "stop attacking people's right to counsel and supporting the distribution of malware. Not a good look!"
Naia called out the "malicious dark offensive" tactics of #DropKiwiFarms:
JewNiggerCock
Remarkable Onion
vividly remember this guy from dkf couple months ago
edit:
jfc this is the guy that defending sappho
Pink Blush's latest update has a lot of replies all of a sudden.
I guess some of the Kiwis who were lurking here found her channel after I mentioned it here in the thread?
I guess some of the Kiwis who were lurking here found her channel after I mentioned it here in the thread?
Rez
Ladmin
JewNiggerCock
Remarkable Onion
more like top neck
Pink Blush cross-posted another update from Telegram:
Null now claims that an SSL Certificate Authority in Greece is going to revoke the https:// certificate for KF's Onion domain:
This is the Authority he's referring to: "Hellenic Academic and Research Institutions Certification Authority"
The name makes it sound like they only cater to academic institutions within Greece, but I guess they will provide certs to anyone who applies?
This is the ToU they're linking to in the above message:
I tried to read it but it's 17 pages and is extremely dense. Section 3.1 is verbose but, where it doesn't refer to copyright/IP/trademark violations specifically, seems to be a very vague "don't break the law" kind of deal:
They also say "HARICA Certificates cannot be used for services or systems that, in the case of disruption or failure, lead to considerable tangible or intangible damage or danger of life", but that seems to be in reference to something industrial though, like an "Internet of Things" type of clause, where you are trying to connect your nuclear reactor to the internet, and someone faking the cert to break in and shut it down might cause a catastrophe. To me this sounds like they don't want to provide certs to critical infrastructure. It doesn't seem to apply to some gossip website. (I mean in the way that #DropKiwFarms hysterics always accuse KF of being "a danger to human life", a "terrorist site", etc.)
In this ToU they refer to yet another document, their CPS, which is truly the definition of "Byzantine" at 167 pages (WTF?!):
I think this is the part that applies on the topic of cert revocation, but I have no idea, the CPS document is plainly tautological and unreadable to anyone but an experienced internet lawyer:
Here the ToU says that HARICA is supposed to give 20 days notice before revoking a cert... so why was Null given a mere 4 days notice?
I read a little further into this section and I discovered that HARICA has a "cert-problem-report" e-mail address. Could it be that #DropKiwiFarms contacted this particular e-mail address to snitch on Null? Null might want to contact them to see if they had received anything from LFJ and Sage:
This is the Authority he's referring to: "Hellenic Academic and Research Institutions Certification Authority"
HARICA is the Hellenic Academic & Research Institutions Certification Authority. It participates in all major Global 'ROOT CA' Trust Programs, and operates as a 'Trust Anchor' in widely used Application Software and Operating Systems.
It has received a successful Conformance Assessment Report fulfilling the requirements of Regulation (EU) 910/2014 (also known as eIDAS) in the areas of "Qualified" Certificates for electronic Signatures/Seals, website authentication, and "Qualified" Timestamps.
HARICA - Harica SSL Certificate - Improve your Web Server's security
Use HARICA SSL certificate to ensure that visitors can browse your website safely, since all exchanged information is encryptedwww.harica.gr
The name makes it sound like they only cater to academic institutions within Greece, but I guess they will provide certs to anyone who applies?
This is the ToU they're linking to in the above message:
I tried to read it but it's 17 pages and is extremely dense. Section 3.1 is verbose but, where it doesn't refer to copyright/IP/trademark violations specifically, seems to be a very vague "don't break the law" kind of deal:
They also say "HARICA Certificates cannot be used for services or systems that, in the case of disruption or failure, lead to considerable tangible or intangible damage or danger of life", but that seems to be in reference to something industrial though, like an "Internet of Things" type of clause, where you are trying to connect your nuclear reactor to the internet, and someone faking the cert to break in and shut it down might cause a catastrophe. To me this sounds like they don't want to provide certs to critical infrastructure. It doesn't seem to apply to some gossip website. (I mean in the way that #DropKiwFarms hysterics always accuse KF of being "a danger to human life", a "terrorist site", etc.)
In this ToU they refer to yet another document, their CPS, which is truly the definition of "Byzantine" at 167 pages (WTF?!):
I think this is the part that applies on the topic of cert revocation, but I have no idea, the CPS document is plainly tautological and unreadable to anyone but an experienced internet lawyer:
Here the ToU says that HARICA is supposed to give 20 days notice before revoking a cert... so why was Null given a mere 4 days notice?
I read a little further into this section and I discovered that HARICA has a "cert-problem-report" e-mail address. Could it be that #DropKiwiFarms contacted this particular e-mail address to snitch on Null? Null might want to contact them to see if they had received anything from LFJ and Sage:
Last edited:
Null now claims that an SSL Certificate Authority in Greece is going to revoke the https:// certificate for KF's Onion domain:
View attachment 34056
This is the Authority he's referring to: "Hellenic Academic and Research Institutions Certification Authority"
The name makes it sound like they only cater to academic institutions within Greece, but I guess they will provide certs to anyone who applies?
This is the ToU they're linking to in the above message:
I tried to read it but it's 17 pages and is extremely dense. Section 3.1 is verbose but, where it doesn't refer to copyright/IP/trademark violations specifically, seems to be a very vague "don't break the law" kind of deal:
View attachment 34057
They also say "HARICA Certificates cannot be used for services or systems that, in the case of disruption or failure, lead to considerable tangible or intangible damage or danger of life", but that seems to be in reference to something industrial though, like an "Internet of Things" type of clause, where you are trying to connect your nuclear reactor to the internet, and someone faking the cert to break in and shut it down might cause a catastrophe. To me this sounds like they don't want to provide certs to critical infrastructure. It doesn't seem to apply to some gossip website. (I mean in the way that #DropKiwFarms hysterics always accuse KF of being "a danger to human life", a "terrorist site", etc.)
In this ToU they refer to yet another document, their CPS, which is truly the definition of "Byzantine" at 167 pages (WTF?!):
I think this is the part that applies on the topic of cert revocation, but I have no idea, the CPS document is plainly tautological and unreadable to anyone but an experienced internet lawyer:
View attachment 34055
Here the ToU says that HARICA is supposed to give 20 days notice before revoking a cert... so why was Null given a mere 4 days notice?
View attachment 34061
I read a little further into this section and I discovered that HARICA has a "cert-problem-report" e-mail address. Could it be that #DropKiwiFarms contacted this particular e-mail address to snitch on Null? Null might want to contact them to see if they had received anything from LFJ and Sage:
View attachment 34053
This is actually horrifying if it succeeds as stated. Another nail in the coffin of the "lol build your own if you don't like it" argument certain people liked to spew a little while back. Is this a "legitimate" enough fight against censorship yet or are "mean things/less than polite attitudes" still an acceptable exception for some?
onionfarts
Baby Onion
Josh was blathering about how getting the SSL revoked was a possibility like a day or two before this happened. He basically gave his opposition this idea for free with his big mouth. I don't really understand why he wants an SSL certificate now, when he seemed to have been suggesting to people not long ago to use HTTP to get the onion site to load images better. It almost seems like he is trying to self-sabotage his site sometimes.
Tor Alpha wasn't letting me proceed to the site at all with no SSL. It was OK on desktop, but not on Android and a lot of people are phone posters.
Chrysler Building
Hellovan Onion
Null now claims that an SSL Certificate Authority in Greece is going to revoke the https:// certificate for KF's Onion domain:
View attachment 34056
This is the Authority he's referring to: "Hellenic Academic and Research Institutions Certification Authority"
The name makes it sound like they only cater to academic institutions within Greece, but I guess they will provide certs to anyone who applies?
This is the ToU they're linking to in the above message:
I tried to read it but it's 17 pages and is extremely dense. Section 3.1 is verbose but, where it doesn't refer to copyright/IP/trademark violations specifically, seems to be a very vague "don't break the law" kind of deal:
View attachment 34057
They also say "HARICA Certificates cannot be used for services or systems that, in the case of disruption or failure, lead to considerable tangible or intangible damage or danger of life", but that seems to be in reference to something industrial though, like an "Internet of Things" type of clause, where you are trying to connect your nuclear reactor to the internet, and someone faking the cert to break in and shut it down might cause a catastrophe. To me this sounds like they don't want to provide certs to critical infrastructure. It doesn't seem to apply to some gossip website. (I mean in the way that #DropKiwFarms hysterics always accuse KF of being "a danger to human life", a "terrorist site", etc.)
In this ToU they refer to yet another document, their CPS, which is truly the definition of "Byzantine" at 167 pages (WTF?!):
I think this is the part that applies on the topic of cert revocation, but I have no idea, the CPS document is plainly tautological and unreadable to anyone but an experienced internet lawyer:
View attachment 34055
Here the ToU says that HARICA is supposed to give 20 days notice before revoking a cert... so why was Null given a mere 4 days notice?
View attachment 34061
I read a little further into this section and I discovered that HARICA has a "cert-problem-report" e-mail address. Could it be that #DropKiwiFarms contacted this particular e-mail address to snitch on Null? Null might want to contact them to see if they had received anything from LFJ and Sage:
View attachment 34053
This is within the realm of possibility but I have trouble believing this is what's really happening.
Smart thunking aside... This is really one of those things where I don't believe it's safe (if you care at all about a free and open internet... or even just internet period) to get picky or nitpick. This isn't a hosting service, it's not a DDoS protection service, it's one of a select few security verification orgs who help verify.. The idea that they would or even could start denying services based on speech some people don't like, is dangerous. Not just for the future of the net, but in principle. This also raises the question of what's next? What's the next part of the internet to be broken and weaponized? It's death by a thousand cuts only not as a warning early on, but somewhere around 700-800 or so! One of those cases where I would be willing to back someone or group that I normally view as an enemy.
Null said on Telegram and on KF that he has never heard of a Certificate Authority that has revoked an SSL certificate before:
Certificate Authorities are supposed to maintain what is called a CRL, a Certificate Revocation List:
The existence of a CRL implies the need for someone (or some organization) to enforce policy and revoke certificates deemed counter to operational policy. If a certificate is mistakenly revoked, significant problems can arise. As the certificate authority is tasked with enforcing the operational policy for issuing certificates, they typically are responsible for determining if and when revocation is appropriate by interpreting the operational policy.
Certificate revocation list - Wikipedia
en.wikipedia.org
I also came across this article, which starts out talking about Certificate Authorities revoking certs for Russian Banks and then discusses the whole process of CAs revoking certs and how you can access CRLs:
What drew my attention was a tweet earlier this month that reported that the Certification Authority (CA), Thawte, had revoked certificates previously issued for some Russian bank domain names, and it was speculated that this was part of some form of sanction action (Tweet below and Figure 1).
...
A conventional PKI response to manage revocation is for the CA to regularly publish a signed CRL. A CRL contains a list of the certificate serial numbers of all unexpired revoked certificates that have been issued by the same CA as the issuer of the CRL and the time of revocation. A CRL also contains the date of issuance of this CRL and the anticipated date of the next CRL to be published by this issuer. CRLs are signed documents, signed with the private key of the CA. A standard profile for CRLs for use in the Internet is published in RFC 5280.
What’s going on with certificate revocation? | APNIC Blog
Does X.509 certificate revocation work as intended, or even work at all?blog.apnic.net
TLDR, even if a CA revokes a cert and puts the revocation on its CRL, as long as cert users have stored local copies, they can still use a revoked cert.
Zoomers, if you want to be like Elaine go to this website where you can look up certs for KF or any other websites you're interested in:
I did a little research on LGBT rights in Greece; They are strongly enforced. Liz Fong-Jones' accusations of Kiwifarms cyberbullying transgendered people to the point of suicide is seen as a serious offense in the eyes of the Greek authorities and they are doing a lot of damage.Null now claims that an SSL Certificate Authority in Greece is going to revoke the https:// certificate for KF's Onion domain:
View attachment 34056
This is the Authority he's referring to: "Hellenic Academic and Research Institutions Certification Authority"
The name makes it sound like they only cater to academic institutions within Greece, but I guess they will provide certs to anyone who applies?
This is the ToU they're linking to in the above message:
I tried to read it but it's 17 pages and is extremely dense. Section 3.1 is verbose but, where it doesn't refer to copyright/IP/trademark violations specifically, seems to be a very vague "don't break the law" kind of deal:
View attachment 34057
They also say "HARICA Certificates cannot be used for services or systems that, in the case of disruption or failure, lead to considerable tangible or intangible damage or danger of life", but that seems to be in reference to something industrial though, like an "Internet of Things" type of clause, where you are trying to connect your nuclear reactor to the internet, and someone faking the cert to break in and shut it down might cause a catastrophe. To me this sounds like they don't want to provide certs to critical infrastructure. It doesn't seem to apply to some gossip website. (I mean in the way that #DropKiwFarms hysterics always accuse KF of being "a danger to human life", a "terrorist site", etc.)
In this ToU they refer to yet another document, their CPS, which is truly the definition of "Byzantine" at 167 pages (WTF?!):
I think this is the part that applies on the topic of cert revocation, but I have no idea, the CPS document is plainly tautological and unreadable to anyone but an experienced internet lawyer:
View attachment 34055
Here the ToU says that HARICA is supposed to give 20 days notice before revoking a cert... so why was Null given a mere 4 days notice?
View attachment 34061
I read a little further into this section and I discovered that HARICA has a "cert-problem-report" e-mail address. Could it be that #DropKiwiFarms contacted this particular e-mail address to snitch on Null? Null might want to contact them to see if they had received anything from LFJ and Sage:
View attachment 34053
Did a Kiwi in Greece threaten a Greek LGBT person or drive them suicidal through KiwiFarms? No! There are no Greek victims or perpetrators involved. It's legally a stretch to claim that simply using a Greek CA to allow users to get to the right website would somehow would give the Greek authorities jurisdiction over anything KF does that doesn't pertain to Greece specifically. This is NOT how jurisdiction works on the internet.
In other news, HARICA has apparently issued a new cert for KF:
Here is the announcement from HARICA on KF:
Let's go over it:
HARICA supports the freedom of speech and expression, and the right for privacy which is why it invested time and effort to support and offer Onion certificates. This decision was welcomed by the Tor community.
Get a TLS certificate for your onion site | Tor Project
We are happy to share the news of another important milestone for .onion services! You can now get DV certificates for your v3 onion site using HARICA, a Root CA Operator founded by Academic Network (GUnet), a civil society nonprofit from Greece.blog.torproject.org
Tor Project | HTTPS for your Onion Service
Defend yourself against tracking and surveillance. Circumvent censorship. | HTTPS for your Onion Servicecommunity.torproject.org
HARICA does not check or censor website content protected by its certificates. However, every CA must follow a process to handle complaints from Third Parties and Law enforcement authorities associated with HARICA-issued certificates. If the complaint claims that a certificate is used in violation of the CP/CPS or the Greek/European Law, HARICA is obligated to investigate and check whether those claims are valid. HARICA takes complaints seriously and is especially sensitive to the “forbidden certificate use” clause in section 1.4.2 of its CP/CPS.
Here they bring up section 1.4.2 of the CP/CPS - which, again, is almost 170 pages and so dense and Byzantine as to render it impossible to consult by anyone other than an experienced internet lawyer. The HARICA ToU and CPS were written for lawyers, and were not written with accessibility or readibility in mind. This is NOT a document the average web master can read and understand on their own!
Furthermore, the original e-mail that dr. Kostopoulos sent to Null pertained to section 3.1 of the ToU, not section 1.4.2. This inconsistency in the public statement indicates that HARICA themselves have a hard time understand and tracking which sections of their ToU and CPS (which refer to one another) apply to what issue.
In the Kiwifarms case, we received such a complaint and proceeded with our investigation which led to reviewing existing online content. The following URLs were especially examined:
Kiwi Farms - Wikipedia
Blocking Kiwifarms
We have blocked Kiwifarms. Visitors to any of the Kiwifarms sites that use any of Cloudflare's services will see a Cloudflare block page and a link to this post.blog.cloudflare.com
What does "such a complaint" specifically refer to? Does it refer to "forbidden certificate use"? There are countless of articles about KF online. Why would HARICA look at these specific pages... as opposed to all the others? This suggests that someone (and we all know who this is!) had sent HARICA these pages and requested they look them up.
Question: if these was "the risk of suicide" (and who was suicidal specifically?), why were HARICA contacted by a private individual and not LE? Did anyone at HARICA ever stop to ask this question? Or can I just take down any site that HARICA works with by mailing them with false and defamatory accusations of an impending suicide?
So dr. Kostopoulos was supposedly personally targeted by unnamed individuals. Dr. Kostopoulos was the only person who had signed the initial e-mail from HARICA sent to Null, so who are these other alleged "support team members" who also received threats? If they weren't named in the initial e-mail, how were they found?
And I consider internet intermediaries being asked to engage in political censorship at the request of LGBT activists to be also unacceptable, but hey, that's just me. We know Greece has a recent history with repression and censorship and isn't exactly used to this scary free speech thing like the Americans are who are long used to speaking their mind freely. Maybe Greece will become a true democracy one day and discover the benefits of having free speech like America does
Seriously now, was Null contacted by HARICA about this supposed harassment of CA team members? Did HARICA forward those e-mails to Null to ask him if he knew who these people were and whether they're Kiwis?
OK, so one Kiwi who reached out to HARICA wasn't a mentally ill thug. Maybe they can provide a copy of their e-mail to the rest of the Kiwis so they can sound less retarded next time they reach out to ISPs or CAs?
"by the Greek Law enforcement authorities", does this particular statement mean that HARICA have reported KF to Greek LE? Or that someone else has? Cos remember, Sinseer, who is involved with #DropKiwiFarms, is actually Greek. He lives in Canada but has a Greek surname (Ioannidis). I don't know if Sinseer has any ties to Greece but if he does, it would be trivial for him to contact Greek LE on behalf of #DropKiwiFarms and sic them onto Null with hysterical claims.
Again, how would Greek LE have any jurisdiction over KF simply because they've used a Greek CA? If there is no Greek perpetrator or victim? Will HARICA answer this question please? Since they purported to take the law into their own hands and determine on their own what constitutes legal speech.
Last edited:
"if any" is the most important phrase in HARICA's response and an acknowledgement that there may be nothing for Greek law enforcement to investigate.
I really think this experience should be used to inform KF strategy in the future. When service providers cut KF off, they get hostile messages, which reinforces the idea that KF is lawless and out of control. Well written, polite messages are a far better option and should be actively encouraged.