Say you wanted to make a politically-based hidden service that would likely come under a lot of scrutiny...

Go, Rust, Python, Scheme, Haskell
Anything that doesn't expose pointer arithmetic,
when a NULL pointer dereference could literally land you in jail.

This. Also, create another VM for storing data. The website should be in a bsd jail that way no one can actually modify your website/webserver and potentially fuck over users. Also, use openbsd. It's primary goal is to be secure.

>a NULL pointer dereference could literally land you in jail
A crash will land you in jail? Not likely. The website would just go down. But OP should use a safe language regardless. It will protect data.

Realistically, I wouldn't worry so much. If your website can be static, that will make your life a lot easier. It depends on how paranoid you are I guess.

pfffffthahahahahahahahaha

Pretend to be pedos instead of "racists".

The biggest problem with these sites is giving it traffic
Do you have an exact plan OP?
Jow Forums is the actual mecca for nazi meetups, can you do any better?

i wouldn't be worried about traffic over security. hidden services spread on their own.

kek

Same way you secure any other web application, user.

most security isn't done for anonymity though.

bump

>hidden service
nobody in your country is going to read some faggots tinder blog clone
>best way to secure it
glue a trimmed blog print to the wall at night

Uh don't write a shitty backend? I don't see why anybody would come after you aren't doing anything illegal?

>why would people come after you if it's not illegal
Because some people do not agree with what you are doing.
Keyword 'political'.

You think SJW's are smart enough to take down your site and will even be aware of it's existence?

Im not op so that post was not about his site, it is a fact of reality when one faces adversion.

I wonder how would you moderate such service, since banning IP's is not an option on a anonymous service.

make "anonymous" accounts with some kind of blockchain to discourage duplicate/alternate shill accounts unless you want to dedicate increasing amounts of computing power as the total number of accounts scale.
someone posts illegal shit you blacklist the account.
optionally implement transient/per thread ids so as to limit samefagging

by using i2p

From last /cyb/ thread. Which one to use?

Attached: Topology.png (1280x1024, 27K)

i2p is a meme

all 3 options are 100% retarded

this

What is your recommendation then?

>It's primary goal is to be secure.
Yeah, by writing """""clean code"""""

There's a lot more to security than clean code. They sometimes sacrifice simplicity for security.

See: privilege separation

not having your tor server on your home network.

Your security:
First you should buy a server anonymously.
Use Monero (mine it and even use Tor to connect to the mining pool) and only connect to your server over Tor.
When your hoster doesn't know who you are, he can even get raided and you are safe.

Encrypt your harddrive (dm-crypt) and don't use Windows. Use a Linux distro of your choice.
I prefer Qubes + Whonix. It's pretty secure but remember that 100% security is never possible.

You could also add a hardware firewall (raspberry pi should do it) and only allow connections to guardian-nodes to prevent IP leaks.

Server security:
is right. You should look at Whonix and implement the same idea on your server. Host + 2 VMs.
One is a gateway, one the "workstation" your http server runs on.
Maybe use FreeBSD or TrustedBSD on the workstation VM, so the attacker needs to invest more money?

About Tor:
edwardsnowden.com/wp-content/uploads/2013/10/tor-stinks-presentation.pdf
>with manual analysis we (NSA) can de-anonymize a very small fraction of Tor user

Tor will safe you against most threats but three-letter agencies with billions of dollars can de-anonymize you if they really want. Mostly they won't, because you are not Osama Bin Laden, a politican or CEO of a Fortune 500 company, who is worth spying.

>virtual machines
>after SMTgate
Senpai, running multiple shit on the same machine is just asking for trouble.

Gah!

not posting about your revolution on Jow Forums

So you're a nazi.

There's no such thing as a "nazi" these days

Neo fascist white racist just doesn't have the same ring to it.

Absolule brainlet:

Wrong, both literally
>npr.org/2018/11/06/664673163/94-year-old-accused-in-concentration-camp-murders-goes-on-trial-in-germany

And figuratively if you go by

Understand what the word actually means, not its mis-appropriated meaning, you stupid bastard

He could also be from Turkey, Russia, China, Iran, Belarus, Ukraine, Saudi-Arabia or nearly every african state who wants to criticize his government.

LOL, panty-fa SJW get out

>panty-fa

Attached: 1374346251600.gif (500x455, 496K)

What the fuck kind of definition of nazi do you have, if not
>Somebody who was or is a member of the Socialist German Workers' Party
or
>A Neo-fascist white racist

Because those are the only definitions of Nazi I've ever heard used.

I'm going to choose to assume you're just mentally damaged and ever since you played Yahtzee as a child, you've had things horribly mixed up.

elaborate pls

>hidden services spread on their own.
The real SEO is hiding your shit.

No need for a blockchain. Just use HashCash on its own.

How so?

Traveling around in a van and gaining access to some asshole's wifi network so you don't need to use your home connection.

Too complex. Too many attack vectors. Bad idea asking about this on the clearnet just like the owner of Silkroad did.

Do some research you walking penis. Find out the origin of the word and why it was invented.
Panty-fa poofter!