Personal tools
You are here: Home Blog
Document Actions


by Primož Vallant last modified 14-06-2014 01:01

Primoz Vallant's blog features his articles, audio and video podcasts on how everything we do influences world around us and what we can do to make world a better place for all of us living on it. Comments, discussion, constructive critics and suggestions are welcome.

Suspending all online/business activities for unspecified time

Due to severely worsened health I'm forced to suspend all my online/business activities for unspecified time.

Don't know if and when I'll be coming back. Thank you all for following and supporting me!

Primož Vallant

Tuesday, July 22, 2014  | Permalink |  Comments (0)
trackback URL:   Digg   Yahoo   Google  

Enjoy my favorite summer Festival Lent 2014

Enjoy Festival Lent 2014 from 20.06.2014 to 5.7. 2014, in Maribor, Slovenia! With numerous concerts, events, stand-up comedians, folklore and dance shows and best after parties...

Enjoy the festival with your Lenta

This year, Lenta is offering even more: 16 days, more than 120 events – and 20 % off if you buy it between June 2nd and 8th!

Lenta is the universal festival ticket for all venues and is the cheapest way to see the festival events.


The Lenta is valid for all 16 days and can take you to 121 events:

- 84 concerts (Central Stage, Minoriti Stage, Večer Stage, Mladina Stage, Judgement Tower, Union Hall),
- 8 folklore and dance shows and 1 musical (Central Stage, Puppet Theatre Maribor) and
- 12 stand-up nights (Vetrinjski dvor Mansion);
 -16 after-Lent DJ nights on the Minoriti Stage;
but without seat or standing place reservation.

With your Lenta you will get:

- a card to enter the venues,
- a program booklet,
- a handy folded leaflet with the festival overview,
- discounts for all 16 events with additional entrance fees (*).

During the presale between June 2nd and 8th, the Lenta is available for only 20 Euros, after that you will be able to buy your Lenta for 25 Euros.

Your Lenta provides you with discounts for tickets for certain festival events that you will find marked with an asterisk (*) in your program booklet:

- 3 concerts on the Central Stage,
- 2 concerts on the Večer Stage,
- 3 concert in the Vetrinjski dvor Mansion,
- 7 comedies on the Minoriti Stage,
- 26. Folkart – closing ceremony on the Central stage.

Your Lenta does not include a seat or standing place reservation and you will not be able to enter the venue when its maximum capacity is reached.

Wednesday, June 18, 2014 in Opinion  | Permalink |  Comments (0)
trackback URL:   Digg   Yahoo   Google  

Review of Guardian's SecureDrop

Preliminary review of Guardian's SecureDrop system for whistleblowers for submitting confidential documents to Guardian journalists.

Directions for whistleblowers on SecureDrop https page

On landing SecureDrop https page Guardian doesn't provide an actual link to http://33y6fjyhs3phzfjj.onion which is essential! Many specially non tech people will make mistakes retyping it from picture where it's only available and page doesn't explicitly tell them that, which will lead to failure, frustration and compromise of anonymity and security! I know the reason why they do that, to prevent automatic harvesting of . oninon page and to prevent automated attacks on it. But security through obscurity never works.

Whistleblowers should only use one fresh browsing tab with new identity in Tor browser for Guardian onion link only. All this is minimum needed. BTW Tor browser default setting is to remember 50 previous ULRs on each tab... Using only noncompromised SSL Perfect Forward Secrecy ciphers, enabled Private browsing, disabled JavaScript (at least warning for disabling it works), disabled Fonts and using default unresized Tor Browser window is also essential, etc... Guardian must demand all this from their whistleblowers and they must confirm their settings on IP check, QualysSSL, Browser leaks, Panopticlick and How's my SSL before coming to Guardian in fresh and only tab to really stay anonymous and secure.


Guardian's is using Comodo Certificate Authority for their SSL certificate on last https SecureDrop page. Big mistake, as we all know any CA commercially issued certificate pages are not safe any more. It's essential to use self signed SLL certificate, because this last page and of course the .onion page will be used by whistleblowers and 100% monitored 24/7 by NSA and Co, certainly every commercial SSL certificate will be compromised. They're using 2048/256 RSA encryption which is OK for normal use, but for such implementation they should use 4,096/256 RSA encryption.


SecureDrop https page is on two cloud service servers located in Dublin, Ireland. More info on link and below

SecureDrop servers are separated from (which BTW has bad SSL info

More on SecureDrop servers below, you get detail by clicking on IPs and links.

Server Domain(s) Test time Grade

Thu Jun 05 16:54:33 UTC 2014
Duration: 69.362 sec

Thu Jun 05 16:55:43 UTC 2014
Duration: 69.781 sec


SSL Protocol Details

Protocol Details
Secure Renegotiation Supported
Secure Client-Initiated Renegotiation Supported   DoS DANGER (more info)
Insecure Client-Initiated Renegotiation No
BEAST attack Not mitigated server-side (more info)   SSL 3: 0xc013, TLS 1.0: 0xc013
TLS compression No
RC4 Yes (not with TLS 1.1 and newer) (more info)
Heartbleed No (more info)
Forward Secrecy With modern browsers (more info)
Next Protocol Negotiation No
Session resumption (caching) Yes
Session resumption (tickets) Yes
OCSP stapling No
Strict Transport Security (HSTS) No
Long handshake intolerance No
TLS extension intolerance No
TLS version intolerance TLS 2.98 
SSL 2 handshake compatibility Yes


Test date Thu Jun 05 16:54:33 UTC 2014
Test duration 69.362 seconds
HTTP status code 200
HTTP server signature Apache/2.2.27 (Amazon)
Server hostname
PCI compliant Yes
FIPS-ready No


SecureDrop https pages are hosted on cloud service in Dublin, Ireland which is big security and privacy problem. Because US authorities can order all data on server any time and getting log data of whistleblowers beside that hacking Amazon is no big deal. NSA is monitoring this two server IPs all the time and fingerprinting every connecting browser to get whistleblowers IPs or their personal identities. Perfect Forward Secrecy SLL chiphers (FIPS) is not enabled as default and works only on newer browsers, must work on all. Https SecureDrop pages default to AES-128 ciphers and not AES-256 as they should. Servers are vurnable to DoS attacks. Beast attack is not mitigated on server side. Https doesn't default to TLS 1.2 as it should. RC4 chipher should be disabled as it not secure any more. OCSP stapling is not supported as is not Strict Transport Security (HSTS), both are mandatory. SSL2 handshake should be disabled as it's not secure any more... So not a safe place for whistleblowers yet.

Sorry this is total no go, because every whistlblowers first comes to this page before going to .onion page. All access and log data on such server, specially in the cloud used for such pages is not secure! Hope they're not so fullish to use same sever for .onion page. and I at ( used Sweden's PRQ's servers. But Sweden and PRQ are not safe any more. Server for .onion SecureDrop should be somewhere Europe in countries leading the press freedom list and at hosting provider that can assure security and anonymity. OVH doesn't come in question because it doesn't allow use of Tor network on it's servers anymore.

33y6fjyhs3phzfjj.onion page

You must enable cookies to reach the actual .onion submit page, very big security and anonymity problem. This should go without cookies.

To do

When I'll have enough time I'll do thorough vulnerability and penetration test of SecureDrop https and .onion pages.


Sorry, but this is very bad implantation of SecureDrop! Guardian has a lot more to do until their SecureDrop is really secure and anonymous. This system is not ready for production yet!

BTW I have more then 20 years experience in IT security and privacy and was administrator of ( alternative WikiLeaks site for more than three years... If you need help let me know.

Friday, June 13, 2014 in Review  | Permalink |  Comments (0)
trackback URL:   Digg   Yahoo   Google  

Bloger Mitja Kunstelj pravno preganjan in ogrožen

Slovenski bloger Mitja Kunstelj pravno preganjan in ogrožen zaradi svojega pisanja in dokazov, ki kažejo na utemeljene sume hudih kaznivih dejanj Janeza Janše in njegovih sodelavcev.

PROSIM DELITE POVSOD NAPREJ IN POMAGAJTE! Mitja Kunstelj eden izmed najbolj znanih slovenskih blogerjev in najbolj informiranih Slovencev z osebnimi izkušnjami znotraj najožjega kroga Janeza Janše, njegovega načina dela in vladanja z svojim pisanjem in dokazi kaže na utemeljene sume hudih kaznivih dejanj JJ in njegovih sodelavcev. Je sedaj zaradi svojih aktivnosti pod zelo hudim pritiskom, pravnim pregonom JJ in njegovih, obstajajo pa tudi razlogi, da je njegova osebna varnost ogrožena.

Tukaj je njegovo zadnje sporočilo v njegovi skrivni Facebook skupini:

"33 članov ima skupina po novem! Tako sem se odločil. Izbral sem tiste, ki ste zraven od začetka. Večine osebno ne poznam. Tak je nov družbeni red, tu nimam kaj. Mnogi bodo užaljeni in ......... , ker sem jih izbrisal...! novih članov ne bo. Če je kdo odveč, naj se sam "skensla".

Zaradi blogov in knjige so mi obesiii kup tožb , po novem še nekj kazenskih ovadb.
Kako se bo vse skupaj končalo, ne vem. ? this is majer land now!

če ne drugje, bo na tej strani objavljeno vse, kar naj ne bi obstajalo. Če me umaknejo, potem ste vi tisti, ki boste "copy paste" .......!


Mitja Kunstelj mene bodo pospravili za rešetke, mene bodo umaknili, "ČE" ??? ne pa materiala in ......., ????? v tem je point......, lahko noč
2 hours ago · Like

Čas je, da celotna Slovenija to ve in naredi vse kar je potrebno, da ga zaščiti. ALI BOSTE POMAGALI?

Njegova FB stran in njegovi blogi

Saturday, May 12, 2012  | Permalink |  Comments (6)
trackback URL:   Digg   Yahoo   Google  

Slovenian blogger Mitja Kunstelj prosecuted and endangered

Slovenian blogger Mitja Kunstelj prosecuted and endangered because his writing and the evidences points to a reasonable suspicions of serious criminal offenses by Janez Jansa (current Slovenian prime minister) and his coworkers.

PLEASE SHARE EVERYWHERE AND HELP! Mitja Kunstelj, one of the most famous Slovenian bloggers and most informed Slovenians with personal experience within inner circle of Janez Jansa (former and current Slovenian prime minster), his kind of work and governance, with his writing and the evidences points to a reasonable suspicions of serious criminal offenses by Janez Jansa and his coworkers. Mitja is, now due to his activities, under very severe pressure, legal prosecution by Janez Jansa and his circle, and there are also reasons that his personal safety is threatened.

Here's his latest message in his secret FB group:

From now group is shrinked to 33 members! So I decided. I choose those who were here from the beginning. Most I don't know personally. This is a new social order, I can't help it. Many will be insulted and ... ... ... because I've deleted them...! There will be no new members. If anyone believes he doesn't belong here, he should "cancel" himself.

As a result of blogs and book I got hanged with a bunch of lawsuits, and freshly with some criminal charges.
How will all this end, I don't know. ? This is Myers (synonym for Premier Janez Jansa) land now!

If not elsewhere, in this group it will be published everything that should not exist. If I'm forcefully withdrawn, then you are the one who'll "copy paste".......!


Mitja Kunstelj I'll be stored behind the bars, I'll be forcefully withdrawn, "IF" ??? but not the material and ... ... ...,????? This is a point… .., good night
2 hours ago Like

It is time that free and responsible people all over the entire world spreads news about this, do everything is necessary to protect Mitja Kunstelj and help that Janez Jansa and his circle get proper legal prosecution and punishment. WILL YOU HELP?

His Facebook page and his blogs (in Slovenian)

Saturday, May 12, 2012  | Permalink |  Comments (0)
trackback URL:   Digg   Yahoo   Google