Remove Metadata in Git history

0x01

众所周知的可能泄露个人信息的元数据是图片中的 EXIF (Exchangeable image file format),包括相机型号,拍摄日期,焦距等技术信息。即使使用智能手机拍摄,也可能包括拍摄设备,拍摄地点,不少相机应用这些选项是默认开启。Telegram 和 Signal 会自动从待上传的图片中移除所有 EXIF,其他情况下你可以使用自由开源的安卓应用程式 Scrambled Exif (f-droid.org) 在发送之前手动移除它们。

对于职业和 amateur coder (APNews ),使用 Git (Software) 十分常见。作为版本控制软件,其会记录历史变更的时间,作者邮件地址等。

Git history 记录了备份被审查机器删除文章的项目端点星的志愿者的一些真实身份信息,共产党当局由此找到了他们,非法拘禁数月,随后安排了表演式起诉。

蔡伟,湖北人,1993年生,原在北京某互联网公司工作,2015年本科毕业于中央财经大学,2018年硕士毕业于清华大学社会学系。
大学期间,蔡伟参与过大学生通识教育夏令营(即立人大学),也在一些青少年教育活动中做义工。

可能由于事件引发的寒蝉效应 (Chilling effort),一个寻求匿名的开发者不敢用 Git 了。


AntiZhaPian, 存储库和 souce.zip 中均不包含 .git 资料夹

0x02

此段列出了 Git 历史中的一些元数据以及如何匿名化它们。

Name

Read More

Constance, Amelia and Tsubaki

The post is about visual novel
冬のポラリス(Fuyu no Polaris) and contains spoilers

stage-nana released Fuyu no Polaris on 2017 after 2014’s Ame no Marginal.

The first one is on the end of world where everyone caught covid-19 and died one by one all human disappeared suddenly, unreasonably, with no priority, except the protagonist.(Later he learned himself as a Fushisha (Immortal) ).

Fuyu no Polaris

The protagonist wandered across humanless Japan and recalled a nostalgic feeling when seeing a rough handwritten message in red color on deserted cement wall.
Therefore he met another Fushisha he doesn’t know, a mysterious girl seemd is waiting for the protagonist.

As she said, the girl’s name is Tsubaki, meaning camellia in English.

Ame no Marginal

Read More

Removing SoftDenchi DRM

Background

My first time purchasing games on dmm.co.jp (or FANZA), having experienced the confusing download page(it told me to use Browser’s Save Link As because Chrome doesn’t support dmm downloader) , I extracted game files from 3 separately downloaded rar part.

(No Photo)

There’s one README.txt(filename is in Japanese) and one game folder in extracted folder.

(No Photo)

Fine, the main program must be xxx.exe

A dialog textbox throwed, as I opened tha main program, I can read Chinese character (or Kanji) , knowing it’s something my PC lack to run the game. And installed SoftDenchi with clicking OK at all.

I submitted my dmm.co.jp user ID and password in first launch.

The problem is, I need to use textractor to read scripts from the game, and translate it to English in read time.
However, there were three independent process for one game.

  • koikake.exe
  • koikake.bin
  • koikake.exe

Read More

Your State is Not Mine

你的状态不是我的

A Closer Look at Evading Stateful Internet Censorship

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page.
Copyrights for components of this work owned by others than ACM must be honored.
Abstracting with credit is permitted.
To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from permissions@acm.org.

IMC ’17, November 1–3, 2017, London, UK

© 2017 Association for Computing Machinery.

ACM ISBN 978-1-4503-5118-8/17/11. . . $15.00

https://doi.org/10.1145/3131365.3131374

Read More

EXHENTAI 的鉴权

[//]: #(Author : Yogaskung)

[//]: #(Licensed under the Creative Commons Attribution Share Alike 4.0.)

大佬,我怎么进不了里站啊

EXHENTAI 的鉴权

本文会介绍 exhentai.org 的鉴权过程

https://exhentai.org/

如果浏览器中并没有存储 exhentai.org 域的任何 cookie,对此 URL 的访问会收到 302 ,并转到

https://forums.e-hentai.org/remoteapi.php?ex={BASE64_ENCODED_1}

在本例中,此 URL 为

Read More

Stop using "翻墙" or "Great Firewall" and learn about Internet censorship in China

China’s Internet censorship is a far cry from “building a great wall to prevent exchanges” from technical means. The use of “翻墙” will give people misunderstandings, and in fact legalized the silent “illegal intrusion of computer information systems” by the Chinese government.

Let us look at how the “blocking of specific websites” works in China’s Internet censorship.

DNS pollution


The 1st and 2nd fake DNS packet arrived earlier. Photo by Nick Cao

In this process, the distributed malicious nodes launch attacks on Internet users/DNS servers to answer their DNS queries.

RST

During this process, malicious nodes interfere with the TCP connection with a specific network address.

Routing black hole

In this process, the administrator of the audit system interferes with the order of the Internet and establishes a black hole router/AS. [1]And through the border routing protocol to direct network traffic to these black holes.

Deep Packet Inspection

Read More