testmyname @testmyname@qoto.org

Windows 系统里验证 PGP 签名。

1. 按照前面的方法下载 Tor 浏览器安装文件和与它对应的 .asc 签名文件，保存在电脑的同一个文件夹。

2. 点击这里 https://keys.openpgp.org/vks/v1/by-fingerprint/EF6E286DDA85EA2A4BA7DE684E2C6E8793298290 下载 Tor 浏览器开发者的公钥。 它是一个 .asc 文件，把它保存在电脑里。

3. 下载安装 Gpg4win https://gpg4win.org/download.html

4. 安装以后会有一个图形界面叫 Kleopatra。第一次打开 Kleopatra，点击“新建密钥对”，在弹出窗口输入你的名字和邮箱，点击 OK 生成你的一对密钥。（图一）

5. 在 Kleopatra 点击“导入”，选择前面下载的开发者公钥。导入时会弹出两个窗口，每次都点击“认证”。（图二）

6. 在 Kleopatra 点击“解密/校验”，选择已经下载好的 Tor 浏览器安装文件。（图三）

7. 如果签名验证通过，就会显示绿色背景的一行字，写着“有效的签名”。（图四）这说明你下载的 Tor 浏览器安装文件可以放心使用。如果没有出现这样的字，请删除之前下载的文件，重新下载，重新验证。

大家好！为了更好地帮助中文用户，我们开通了这个 Mastodon 账号，希望能和中文世界的 Tor 用户多交流。欢迎大家提问！

2024 年 1 月，下载 Tor 浏览器（桌面版）的方式有这些，这些方法都可以获取正版安全的 Tor 浏览器，请根据你的情况选择一个。

1. Tor 浏览器的官方网站。中国大陆地区不能直接访问这个网站，需要翻墙。https://www.torproject.org/zh-CN/download/

2. 如果不能翻墙访问官方网站，也可以从 Tor 官方指定的镜像网站下载。https://tor.calyxinstitute.org/zh-CN/download/

3. 如果你能使用 Telegram，可以关注这个机器人 https://t.me/gettor_bot 找它要 Tor 浏览器的下载链接。

4. 如果你习惯使用 Email，也可以发邮件给 gettor@torproject.org 索取 Tor 浏览器的下载链接。记得在邮件标题里注明你的电脑操作系统名称，比如 Windows，macOS 或者 Linux。邮件正文留白就行。对了，为了你的安全，不要使用中国的邮件比如 QQ 邮箱和 163 邮箱。

Tor 浏览器团队一直在努力改善用户体验，我们分享的指南都会注明发布时间，好让大家可以参考最新的方法。好啦，希望以上信息可以帮到你！

@board

安装软件之前，验证数字签名！

下载完成、安装 Tor 浏览器之前，要进行数字签名验证。这一步非常重要！

大家使用 Tor 浏览器是为了上网的隐私和匿名，所以一定要重视软件本身的安全。让我们从最最开始的地方确保软件安全：下载 Tor 浏览器的安装文件之后，不要急着点击安装，而是进行“签名验证”。

有人可能会问：我是从官方网站下载的还会不安全吗？为什么要验证签名？

是的，即使从官方网站下载，也可能不安全，具体原因就不在这里详细解释，大家有兴趣可以自己去查。

验证签名的目的是为了确认你下载到电脑里的文件，与我们想要提供给你的文件完全相同，而没有被任何第三方篡改。一旦被人篡改，那就不是我们想要提供给你的 Tor 浏览器。

以上四种方式都提供 Tor 浏览器下载链接以及对应的 .asc 数字签名文件，请同时下载这两个文件，将它们保存在电脑的同一个文件夹里。不要更改文件名称。

（内容太多，请接着看下一条吧）

It is possible to feed 10 billion people a healthy, nutritious diet while increasing the space for the world’s wildlife.

Improving crop yields would have a massive impact on preserving wildlife. Changing what we eat and how much we waste would also help. https://ourworldindata.org/yields-habitat-loss?utm_source=pocket_mylist

2/2 #CSAR would lead to state monitoring of legitimate private conversations. This will harm everyone, including those the law wants to protect.

🔥If we work together, we can protect children whilst upholding confidentiality & security online. Join us!

https://stopscanningme.eu/en/

1/2 👏🏽Austria is the first country to take such a clear stance against the Commission’s #CSAR proposal which threatens to turn the internet into a space that is harmful to everyone’s privacy, security & free expression.

Read more from @edri@twitter.com member @epicenter_works@twitter.com below ⤵️

Musk is getting nervous. You are no longer allowed to link to your other social media profiles. At least not if that is the sole purpose of your Twitter profile.

Links as well as handles are prohibited. Even in the mail format. Or screenshots of your profile.

https://web.archive.org/web/20221218182922/https://help.twitter.com/en/rules-and-policies/social-platforms-policy

My guess is, that accounts who deleted all their Tweets will be first to get suspended, but others will follow. #fedifinder #debirdify #Twitter #TwitterMigration

One of my last posts on the other site before it suspended me without notice:

Hi! A few stories:

https://www.washingtonpost.com/media/2022/12/15/twitter-journalists-suspended-musk/

https://www.washingtonpost.com/technology/2022/12/14/elonjet-twitter-suspension-jack-sweeney-talks/

https://www.washingtonpost.com/technology/2022/12/14/qanon-musk-revival-twitter/

No warning. I report on Elon Musk and other topics for The Washington Post and will keep doing so because free speech and transparency are important for the world.

In the last few days I ... wrote about Elon Musk. I posted links to publicly available, legally acquired data as well as links to Mastodon, which also now is banned on Twitter.

Elon Musk is free to ban whoever he wants from Twitter, just like people are free to take their speech somewhere else.

WOW. Elon Musk's Twitter straight-up banned the account for Mastodon. Just, wow.

Lol. So, uh, yeah. From @internetarchive I see that this is the last tweet that Mastodon has posted on the other site, pointing people to @elonjet

Quanto influiscono i modelli mentali nella percezione del mondo?

Siamo cresciuti con un'idea della geografia del mondo rappresentata dalle mappe presenti nei testi scolastici o appese ai muri.

Sapete ad esempio che Roma e Chicago sono alla stessa latitudine, così come New York e Madrid?

In questo articolo si fa chiarezza su alcuni errori comuni derivati da modelli mentali errati.

Grazie a @pcmasuzzo e @puntofisso per la segnalazione.

https://storymaps.arcgis.com/stories/1e7f582d478a4b99bd0c70fffeac4c8b

#maps #dataviz

I vaccini otterrebbero una più rapida diminuzione di carica virale e di virus contagioso. Si confermerebbe quindi che siano utili anche a rallentare il contagio. https://www.nature.com/articles/s41579-022-00822-w
Nella figura: carica virale (RNA) e contagiosità (IVL) in giorni di vaccinati e non vaccinati.

So maybe I'm clueless. Maybe I'm lazy, but following conversations on Mastodon that grow to multiple participants is not trivial. I've dropped out of a couple just because I didn't think it was worth my effort.

Hey #quantum crowd on #Mastodon.
Curious to know, which account you mostly use.
Explain why, if you have the time.

I love all of you and I want nothing but the best for each of you, particularly those on infosec.exchange. I understand that Mastodon isn't Twitter, that DMs are end-to-end encrypted, that we are spread across different instances and it can be hard to find your friends, and that an instance can go away at any time, and that translating posts doesn't work correctly, and there is no native giphy support, and that some instances are overwhelmed and super slow, and that you don't think the federated model can scale to a billion users, or that it doesn't support full text search of every post and account, or that we can't comply with the GDPR, or that we don't support quote tweet style functionality, or that we shouldn't collect IP addresses, and many other things.

The fediverse is a work in progress. I've been here for going on 6 years. In that time, it's come a long, long way. That said, Mastodon is not going to appeal to everyone. The decisions I make are not going to appeal to everyone. No one is forcing you to be here. No one is forcing you to disclose your personal secrets into a network of federated servers running by volunteers and hobbyists. NB: this is not Twitter. It has some similar functionality, but it is not Twitter. Parts of it are better, IMO, and parts are not. The security community is generally among the most skilled and competent IT people the world has to offer. Mastodon is open source. Do you see where I'm going?

I set this instance up a long time ago for reasons I don't even remember. I have poured my soul into this thing because I believe in the importance of this community. I have effectively peaked in my career as a CISO and I and my family live well. I am not running this instance for fame, money, a better job, or anything other than wanting to foster a community of people that can learn from each other and make the world a better place. That's it.

As I've said in several recent interviews, I felt particularly obligated to ensure the security community had a good handing spot in the fediverse as everyone was running for the doors in Twitter. We've grown from 180 active users to about 30000 in the span of 3 weeks. I do not expect everyone to stay. Some will set up their own instances. Some will move to one of the other excellent security focused instances. Some will give up and move to on to some other social media. And that is OK. While I am super excited to see the buzz here, I don't have subscriber targets, engagement targets, retention targets, or anything else. The only metric I hold myself to is whether I think this is serving a useful purpose to the community.

I appreciate all of you, regardless of where you land. Infosec.exchange has been here for a long time and will continue to be here for you.

As #mastodon have no algorithm for guessing for whom to deliver your posts, you have to keep in mind it when you write.

Meaning, use wisely these ingredients¹: target audience² (post visibility) and language, hashtags and content warnings.

[1] see image
[2] see https://nolog.link/s/69HCJt
#accessibility #tips #mastodonEtiquette