Cock.li
Images are sometimes not shown due to bandwidth/network limitations. Refreshing the page usually helps.
You are currently reading a thread in /g/ - Technology
You are currently reading a thread in /g/ - Technology
https://twitter.com/UsamaBenjiLadin/status/678997005012725760
https://my.mixtape.moe/kchcwy.mp4
Is this real?
Is cock.li really compromised?
http://arstechnica.com/tech-policy/2015/12/cock-li-e-mail-server-seized-by-german-authorities-admin-announces/
MORE
>>52007925
Based Germany
>>52007925
Yes.
How late can you possibly be?
And fuck off pedo.
I hope the FBI fucks you over.
>>52007925
aye
Fat 8gag memer sold you out and didn't encrypt anything, you're all fucked.
>>52007925
>no encryption
what a faggot
seriously why the fuck is this running unencrypted on someone else's server?
>>52008011
>implying
also nice dubs
Usually used the service for /soc/ or to make a quick account for something.
>>52008027
RIP 1/2 of /g/
>>52008027
>>52008011
I'm glad I never used email for anything more than confirming account creation or whatever. I'll setup a mail server whenever I get the chance.
>>52008116
OP here, pretty much all I used it for.
still a shame tho.
>>52007925
Oh well I hope the SS enjoys all the sale notifications and coupons I get which is all I use it for.
>>52007925
the fuck would anyone use a shitty email service for?
>>52008284
Bomb threats, apparently.
>>52008284
Because I trust him over google. Yes, the german government knows my emails, but they really won't care about gog account creation or whatever.
>>52008358
>>52008373
>lel ur using google services that never go down or have issues, they're stealing ur info!
>shitty autism service you use gets raided
>I-I only use this super secret thing to just do obsure shit i dont care about, w-who cares :3
>>52008388
At least cock.li won't sell your info to the highest bidder or let the NSA have dibs on your info whenever they want.
>>52008431
let me know when Larry Page makes a video on some shitty website nobody heard of to let us know our gmail accounts wont be usable til the forseeable future
>>52007925
Who Is this seman demon?
Thankfully I only used cock.li for spam
>>52008475
>inb4 they search through all the accounts to only find like 10 real emails
i registered 8-chin emails for shitposting :^)
>>52008524
I only used it because it was a funny email name
>tfw you were one of the ones that pioneered @tfwno.gf
>>52008456
ColdPlay
>>52008524
I only used it for the few accounts I had because of convenience.
I used cock.li mostly on websites that didn't allow 10minutemail or other temp email services
>switched my thrash accounts from hotmail to lavabit
>it gets raided and ended a month later
>was considering switching to cock.li for trash accounts
>it gets raided a week after considering this
Why even bother trying to move from hotmail and gmail.
>>52008682
>Why even bother trying to move from hotmail and gmail.
Because they're effectively being continuously "raided".
>>52008682
it is fucking you who keeps jinxing this shit.
didn't have anything important, but sucks losing an email address.
>>52008682
To get shekels. vc's lawyer is good. They will probably win the the case. Germany stole my emails, and I am gonna sue Germany for stealing and reading my emails without a warrant.
>>52010239
>without a warrant
They had a warrant for the HDD.
I can only imagine the amusement of the investigators upon seeing the list of usernames at domains like 420blaze.it, loves.dicksinhisan.us, and nigge.rs
>>52007925
>using cock.li as anything other than a throwaway
top jej
you deserve it
Deleting everything won't work, if you had content before 3 days ago. German authorities seized a HD and analyzed the data.
But cock.li was never secure.
It was just a neat little email service that didn't ask questions and was easy to sign up.
With stupid-ass hostnames.
>worrying about german authorities having your emails when your emails were all plaintext anyway
Really?
My account and emails won't be gone, would they? I'd hate to sign up for nVidia dev account again.
what do I use now?
used his provider for my work email and signed up for protonmail but that could take weeks before i get my invite
im not using cuck services like gmail hotmail yahoo
That's a shame, only used it for throwaways and spam shite.
Along with vanity names.
>>52007930
>she
ONE of cock.li's HDD
The service is still up you idiots, jesus H christo
>>52011412
That's not the problem. The problem is their SSL keys were taken as well. The service is compromised.
>>52011486
Oh no, now you can't sign up over SSL to get your plaintext emails
>>52011549
>implying this is what SSL is for
With compromised keys, even encrypted PGP is vulnerable to MITM attacks.
>>52008373
Trust a turbo neckbeard over anything else? Are people really this retarded?
>>52007925
Damn, I feel pretty bad for VC. He just wanted to run an email service with funny domain names for the lulz. He wasn't making any money doing this shit in his spare time and he'd already been subpoenaed 4 different times in the last 2 months for some stupid shit that people using his service did. Now his server's been raided by the German authorities, his SSL key has been compromised, and he's had to lawyer up... You can tell that he's pretty much at wit's end at this point. How much money do you think he's gonna blow on legal fees before he just gives up, pulls the plug, and walks away from it all.
So what now?
I still have my autistici mail account.
This is why you should be using Yandex.
Why is Edward Snowden hiding in Russia? Because it's the only country on the planet safe from AmeriJews.
>>52011394
Yandex. It's a Russian service so it is completely secure from America.
Also they will host email on your own domain for free. Buy a cheap domain and you get 1000 email accounts on Yandex.
https://domain.yandex.com/domains_add/
>>52007930
>admin was in Romania
>server was in Bavaria
>seized by German authorities
wat
>>52012752
Should have hosted it in Russia.
>>52012752
I really hope you know that Bavaria is in Germany...
>>52008027
FDE does not add any kind of protection if the volume is mounted.
Look at this faggot not lurking the cock.li mailing list.
VC posted this to the ML so yes it's confirmed.
Also VC a sexy beast, regardless of how much the German government fucks him in the ass.
>VC is love, VC is life
>>52013680
Dude is a fucking moron hosting in Jew-occupied Germany.
>>52012608
This. Russians are master race.
>>52013813
But Yandex falls under Dutch jurisdiction.
>my erotic role plays are now in the hands of German officials
>>52013831
What?
>>52013831
Yandex is Russian.
Their mail servers are hosted in Russia.
Yandex Mail is as safe as Snowden. US can't touch them.
What is cock.li?
>>52013863
>>52013882
It's a Dutch corporation. They have done this to attract investors because Russia has a terrible investment climate and a bad legal system, while the Netherlands has a safe investment climate and a reliable legal system.
>>52013680
how old is he anyway?
also am i still fucked if i used it for somewhat less trivial uses?
>tfw used airmail.cc for job applications
>>52013910
It's a Russian corporation headquartered in Moscow.
Their mail servers are in Moscow.
They are 100% outside US grasp.
And you are a Jewish shill who doesn't want the goyim to host their mail where you can't reach it.
>>52013930
>Yandex is registered as a company in Russia, but 100 percent of its shares belong to the registered stock company Yandex N.V. in the Netherlands. The company's shares are listed as Yandex N.V. on the stock exchange, and it is not registered in Russia as a legal entity.
http://rbth.com/business/2014/04/28/yandex_reacts_to_putin_comments_about_foreign_influence_as_share_pri_36283.html
Maybe you should educate yourself.
>tfw you use airmail.cc adresses for work, university, schooling and business relations because it seemed safe an encrypted
well fug
>>52013910
retard
>>52013957
Maybe you should have read the front page of cock.li.
>>52013946
Nice try, Herschel. That's just where it is registered.
They are headquartered in Moscow and their mail servers are in Moscow.
>>52007925
fucking pedophile
I hope it stays up, forever. I love my @nigge.rs mail.
>>52013977
The mail servers for the Russian market are in Russia. For the European market the datacenters are actually located in the Netherlands.
>>52014076
https://gigaom.com/2014/12/09/yandex-opens-b2b-big-data-division-in-amsterdam-and-moscow/
>>52012779
Would the russian government cooperate with the german government?
>>52013961
no you
>>52007930
Can't even hold all my keks at how incompetent this is
>That means that SSL keys and private keys
Only a problem if he didn't use perfect forward secrecy or still hasn't revoked them.
>and full mail content of all 64,500 of my users
That's right, all your email was in plaintext on his server. He could grep through all of it if he wanted. This wouldn't be an issue (like it wasn't in the case of Lavabit) if he wasn't an idiot.
>as well as hashed passwords, registration time, and the last seven days of logs were all confiscated and now are in the hands of German authorities,
Same as above. Them acquiring hashed passwords isn't a big deal if he did it right. Registration time is a pretty minor piece of metadata. But he should have been encrypting his logs (and keeping his private key secure somewhere else) before they hit the disk.
>>52014076
>>52014090
All their mail servers are in Russia.
This article is referring to "Yandex Data Factory", a completely different service.
>>52007925
does she do any porn? name?
>>52014102
>russians
>cooperate
Their language doesn't have this word
>>52014102
Ask Snowden.
He seems pretty safe in Russia.
I send death threats from my Yandex Mail account all the time from my home IP address and nobody has seized their mail servers or arrested me.
>>52014302
You should get a new hobby senpai.
>>52014126
yes you
>/g/autists use obscure email server "to be freed from the botnet"
>plaintext emails now in hands of authorities
>I-i only used it for registrations
You couldn't make this shit up, you fucking retards
>>52012752
Murrifat detected
>2016 is almost upon us
>still not hosting your own encrypted mailserver on raspberry pi in your wardrobe
will you faggots ever learn?
>>52012752
Here let me rephrase that to burger terms
>admin is wherever
>server was in Ohio
>seized by the FBI
>>52014506
Should have listened to people saying host with Yandex.
>>52014934
how do you know this wont happen again with them?
>>52014907
no escape from botnet
>>52014951
Yandex mail servers are in Russia.
>>52014977
>be nsa
>buy some cheap vps in russia
Protonmail master race.
>using an email client made by a /g/entooman
>>52014995
Yandex is a huge Russian company. They are the Google of Russia.
It's definitely NSA-free.
>>52007925
fuck you pedo
M O D S
O
D
s
>>52015029
they are most likely KGB-full though
>using email in $(date +"%Y")
>ever
>not using encrypted thought transmission service
so what is this yandex browser? looks like chromium skin, is it free from google botnet?
Isn't "safest" mail you can do is encrypted personal home server through vpn?
>>52012752
retard
"It’s raining dicks right now. And the forecast isn’t that good either. There’s a 90 percent chance of dicks tonight and a 90 percent chance of dicks tomorrow."
today's weather forecast for cock.li:
"it's raining dicks" right now.
tomorrow's forecast:
"90% chance of raining dicks"
cock.li users are advised to look up at the sky, as your mouths are already wide open.
>>52015214
The IMAP protocol itself is why email's not secure.
As of right now, it's impossible to store encrypted emails on the server because IMAP has no such support for end-to-end encryption.
A public key/private key encryption model would be the best thing for email.
Yes, PGP works, but PGP is individual encrypted emails, and the actual email body/headers are stored unencrypted on the email servers.
A system where the unencrypted emails are received over SSL, encrypted in memory using a public key of the email recipient, and THEN stored on the hard drive would be the best system for secure emails in my opinion.
If ProtonMail doesnt require you to store a private key on your own machine, and your email address == a hash of your public key similar to Onion Hidden services then I have no idea how the fuck they think they are secure.
>>52015887
Decrypt them on the fly. That's what my server does. All my email is encrypted using a key that is encrypted using my user password.
>>52011407
"she" is referring to the lawyer.
>>52015887
This.
Encrypted email is a fucking oxymoron.
>not using an isp that allows outbound email traffic.
>not running your own email server.
When will you flaming memelords get it? It's all backdoored/raided/hacked. Trust only your physical machine and the software you run.
NO D00D. I had tons of ILEGALS data there. He should have protected those hard drives with his fat life. fucking eurobeans man.
And it just so happens the only questionable stuff I've done is on there. Not that intelligence agencies would care. I just hope that the info doesn't go public.
>>52017130
is there any guide for dumb people like me?
>>52013957
>encrypted
They got nothing on me but registration emails
The few messges I sent were PK encrypted so fuck off
Good luck cock
>people used this garbage to store cp unironically
you can't make this shit up senpai
>>52017593
fuck off nigger
>how can I trust you
>you can't. email is stored unencrypted as IMAP does not yet support client-side encryption. use PGP if you want to make sure no one's reading your email, but make sure you use PGP correctly so the person you're sending email to can read your email because you probably want that.
It's on his website.
>>52015887
>The IMAP protocol itself is why email's not secure.
You mean SMTP.
IMAP can run on SSL, this is how I access email from my phone for example. But SMTP is indeed plaintext.
>tfw have multiples cock.li emails but there's nothing bad on them because I'm not a fuckwit
>>52018593
SMTP supports both TLS (port 25 and 587) and SSL (port 465).
>>52015887
Use IMAP over SSL. Use an encrypted filesystem that requires your to enter a passphrase or key when you mount it. If that's not enough, simply modify an existing open soruce IMAP server like Dovecot or Cyrus to provide on-disk encryption. If you know what you are doing, it could be "done done" within a few hours.
>shoutout to Zyzz
>>52018703
Come to think about it, yes that's true. I remember having to set it up to send email.
Is any of that used in the between-ISPs traffic though?
>>52018763
It depends on the MTA. Many can be configured to try encryption first, or even only allow encrypted connections. Some MTAs don't support encryption, but those are usually mass mailers / notifications from websites, etc.
>using cock.li for anything serious
I sure hope you guys didn't do this. Probably going to move all my accounts now since VC is unfortunately going to get raped in legal fees and I doubt he'll keep the service going for long. Seemed like a good guy though; what a shame.
>>52007925
And i just today bought a VPS from hetzner, i had no idear that the cock.li server would be in germany...
Remember when Germany used to be cool?
http://motherboard.vice.com/read/the-story-of-cockli-the-site-used-to-shut-down-the-la-school-district
it was nice knowing you, /g
what are they gonna do about it anyway?
Data retention law in Germany is - although planned - not currently enforced so your IP is worthless.
They could literally only fuck you over if you were stupid enough to enter any real data there
>>52015044
plus a spy here or there
>>52017130
is this moot's grandpa? I see him constantly as a meme here on 4chan.
maybe you should accept it that it's time for a new grandpa, who is chinese this time :'^''(
>>52019737
aye my domain made it into a vice story... today is a good day
>>52011238
Considering the conversation Merkel had with Zuckerberg last week, they'll probably arrest anyone connected with these account for hate speech if they ever set foot in Germany.
>>52011564
How? PGP is end-to-end, nobody cares what medium you transfer the message over. That's the whole point and why it's considered
>pretty good
I use cock.li for random forums, spam, irc
proton for personal shit
ghostmail for other important shit
>>52021178
>How?
The crypto operations are made in the browser, using a js library. If the server returns a compromised library, anything is possible, from leaking of the keys to direct grabbing of plain text.
