Generate A Vanity .onion Address For Your Tor Hidden Service Using Eschalot

Ever wonder how Tor sites get those custom vanity .onion addresses such as silkroada7bc3kld.onion? These addresses can be generated by hidden service operators for production use, and are just as secure as the automatically generated (and often more cryptic) addresses.

Hidden service .onion addresses are really just the public part of a key pair. Utilizing asymmetric encryption, a hidden service uses the public key (a 16 character string that functions as the actual address prefix) and a private key (a much longer string that is known only to the hidden service) to verify the identity of the service. Anyone connecting to the public key can only do so if the hidden service has access to the private key. Under normal circumstances, only the service operator has access to that private key, so you could trust that the address has not been hijacked.

Keep in mind, while it takes a long time, it is possible for someone to generate the same keypair as another hidden service. While computationally expensive, entities able to throw enough resources at generating an identical address would be able to do so much more quickly than someone acting alone on a sole machine.


Generation with Eschalot

Eschalot is one tool that can be used for generation. Eschalot is based off of another tool I previously covered called Shallot. While Shallot only allowed for some basic matching with regular expressions, Eschalot gives the user a bit more control and even supports word lists. Eschalot will not be as fast as a tool like Scallion, but it is (in my opinion) more portable as Scallion seems to have issues running on ARM-based SOCs.

Let’s get started generating custom .onion addresses. I will assume that you have access to a Linux machine and are familiar with the terminal. I will be using Debian, but this guide should be easy to modify for most distributions.

First, install OpenSSL if we don’t have it, then clone Eschalot onto your machine:

$ sudo apt-get install openssl
$ git clone

Now, we will move to the eschalot directory, and build the eschalot executable:

$ cd eschalot
$ make

We can now make sure everything is working using the builtin testing option:

$ make test
./worgen 8-16 top150adjectives.txt 3-16 top400nouns.txt 3-16 top1000.txt 3-16 > wordlist.txt
Will be producing 8-16 character long word combinations.
Reading 3-16 characters words from top150adjectives.txt.
Reading 3-16 characters words from top400nouns.txt.
Reading 3-16 characters words from top1000.txt.
Loading words from top150adjectives.txt.
Loaded 150 words from top150adjectives.txt.
Loading words from top400nouns.txt.
Loaded 400 words from top400nouns.txt.
Loading words from top1000.txt.
Loaded 974 words from top1000.txt.
Working. 100% complete, 31122412 words (approximately 377Mb) produced.
Final count: 31366539 word combinations.
./eschalot -vct4 -f wordlist.txt >> results.txt
Verbose, continuous, no digits, 4 threads, prefixes 8-16 characters long.
Reading words from wordlist.txt, please wait...
Loaded 31366539 words.
Sorting the word hashes and removing duplicates.
Final word count: 31363570.
Thread #1 started.
Thread #2 started.
Thread #3 started.
Thread #4 started.
Running, collecting performance data...
Found a key for kindland (8) - kindlandudsw7nga.onion
Found a key for loudhour (8) - loudhourvype7cyn.onion
Found a key for cutwaxwin (9) - cutwaxwinstsf6mk.onion
Total hashes: 177519717, running time: 10 seconds, hashes per second: 17751971

When done, simply clean up the test results:

$ make cleantest


Now is a good time to use Eschalot to find an address that starts with a word or phrase of our choice. Let’s start Eschalot in verbose mode, with 4 threads, and have it continue to look for addresses even after it has found one. We will look for addresses that start with “apple”. After a little waiting, you should get some similar output with the .onion address (public key) and the private key:

$ ./eschalot -t4 -v -c -p apple
Verbose, continuous, no digits, 4 threads, prefixes 5-5 characters long.
Thread #1 started.
Thread #2 started.
Thread #3 started.
Thread #4 started.
Running, collecting performance data...
Found a key for apple (5) - appleiujtls4awea.onion

Additionally, you can use the included worgen utility to generate word lists that can be fed into Eschalot. Below is an example series of commands that will generate 10-character strings by mixing nouns that are 3-10 characters long each, and then run the list through Eschalot. Eschalot comes with several different word lists included what can be used by the worgen utility.

$ ./worgen 10-10 nouns.txt 3-10 nouns.txt 3-10 > wordlist.txt
$ ./eschalot -vct4 -l 10-10 -f wordlist.txt > results.txt

After generating a private key and address, you will want to use them with your Tor hidden service. The private key and address usually sit in files within the /var/lib/tor/hidden_service/ directory and are named hostname and private_key respectively.


For a full list of options and flags, we can run the eshalot executable with no arguments:

$ ./eschalot
Version: 1.2.0

eschalot [-c] [-v] [-t count] ([-n] [-l min-max] -f filename) | (-r regex) | (-p prefix)
-v : verbose mode - print extra information to STDERR
-c : continue searching after the hash is found
-t count : number of threads to spawn default is one)
-l min-max : look for prefixes that are from 'min' to 'max' characters long
-n : Allow digits to be part of the prefix (affects wordlist mode only)
-f filename: name of the text file with a list of prefixes
-p prefix : single prefix to look for (1-16 characters long)
-r regex : search for a POSIX-style regular expression

eschalot -cvt4 -l8-12 -f wordlist.txt >> results.txt
eschalot -v -r '^test|^exam'
eschalot -ct5 -p test

base32 alphabet allows letters [a-z] and digits [2-7]
Regex pattern examples:
xxx must contain 'xxx'
^foo must begin with 'foo'
bar$ must end with 'bar'
b[aoeiu]r must have a vowel between 'b' and 'r'
'^ab|^cd' must begin with 'ab' or 'cd'
[a-z]{16} must contain letters only, no digits
^dusk.*dawn$ must begin with 'dusk' and end with 'dawn'
[a-z2-7]{16} any name - will succeed after one iteration

You can also run the worgenexecutable with no arguments for a complete list of options:

$ ./worgen
Version: 1.2.0

usage: worgen min-max filename1 min1-max1 [filename2 min2-max2 [filename3 min3-max3]]
  min-max   : length limits for the output strings
  filename1 : name of the first word list file (required)
  min1-max1 : length limits for the words from the first file
  filename2 : name of the second word list file (optional)
  min2-max2 : length limits for the words from the first file
  filename3 : name of the third word list file (optional)
  min3-max3 : length limits for the words from the first file

  Example: worgen 8-12 wordlist1.txt 5-10 wordlist2.txt 3-5 > results.txt

              Generates word combinations from 8 to 12 characters long
              using 5-10 character long words from 'wordlist1.txt'
              followed by 3-5 character long words from 'wordlist2.txt'.
              Saves the results to 'results.txt'.


Generate A Vanity .onion Address For Your Tor Hidden Service Using Shallot

Ever wonder how Tor sites get those custom vanity .onion addresses such as silkroada7bc3kld.onion? These addresses can be generated by hidden service operators for production use, and are just as secure as the automatically generated (and often more cryptic) addresses.

Hidden service .onion addresses are really just the public part of a key pair. Utilizing asymmetric encryption, a hidden service uses the public key (a 16 character string that functions as the actual address prefix) and a private key (a much longer string that is known only to the hidden service) to verify the identity of the service. Anyone connecting to the public key can only do so if the hidden service has access to the private key. Under normal circumstances, only the service operator has access to that private key, so you could trust that the address has not been hijacked.

Keep in mind, while it takes a long time, it is possible for someone to generate the same keypair as another hidden service. While computationally expensive, entities able to throw enough resources at generating an identical address would be able to do so much more quickly than someone acting alone on a sole machine.


Generation with Shallot

Shallot is one tool that can be used for generation. Under the name onionhash, Shallot was first created and maintained by an anonymous developer named Bebop. After Bebop disappeared, development continued with the help of a programmer named `Orum who renamed it Shallot before disappearing himself. Eventually, katmagic moved the code to github where it lives today, but without active development. Over the years, other developers have made fixes, but none of them have been moved into the master branch of the application. Shallot will not be as fast as a tool like Scallion, but it is (in my opinion) more portable as Scallion seems to have issues running on ARM-based SOCs.

Let’s get started generating custom .onion addresses. I will assume that you have access to a Linux machine and are familiar with the terminal.

First, clone Shallot onto your machine:

$ git clone

Now, we will move to the Shallot directory, and download and apply some patches:

$ cd Shallot
$ wget
$ git apply 9.patch
$ wget
$ git apply 16.patch
$ wget
$ git apply 25.patch

Wait, what are these for?

  • Patch #9 fixes an off-by-one error that caused generation of incorrect keys.
  • Patch #16 adds an optimization for computing powers of 2 using a bitshift.
  • Patch #25 adds use of memcmp to speed up regular expression use.

Next, we will configure and make to build the shallot executable:

$ ./configure && make

We can now test it by generating an address that starts with “apple” utilizing regular expressions:

$ ./shallot ^apple

After a little waiting, you should get some similar output with the .onion address (public key) and the private key:

$ ./shallot ^apple
Found matching domain after 9231616 tries: applelmehzgcx37v.onion

The private key and address usually sit in files within the /var/lib/tor/hidden_service/ directory and are named hostname and private_key respectively.


For a full list of options and flags, we can run the shallot executable with no arguments:

$ ./shallot
Usage: shallot [-dmopv] [-f ] [-t count] [-x time] [-e limit] pattern
  -d        : Daemonize (requires -f)
  -m        : Monitor mode (incompatible with -f)
  -o        : Optimize RSA key size to improve SHA-1 hashing speed
  -p        : Print 'pattern' help and exit
  -f  : Write output to 
  -t count  : Forces exactly count threads to be spawned
  -x secs   : Sets a limit on the maximum execution time. Has no effect without -m
  -e limit  : Manually define the limit for e

The repository on Github also has a handy chart to estimate how long it will take to generate an address matching a certain number of characters on a 1.5GHz processor:

characters | time to generate (approx.)
1          | less than 1 second    
2          | less than 1 second    
3          | less than 1 second   
4          | 2 seconds    
5          | 1 minute    
6          | 30 minutes    
7          | 1 day    
8          | 25 days  
9          | 2.5 years  
10         | 40 years  
11         | 640 years  
12         | 10 millenia  
13         | 160 millenia  
14         | 2.6 million years

Configuring a Tor Hidden Service

Tor hidden services allow various types of services (web server, telnet server, chat server, etc) to be operated within the Tor network. This allows both users and service operators to conceal their identities and locations. Just about anything that can be run on the clearnet can be run within the Tor darknet.

Setting up a hidden service on Tor is a simple process and depending on the level of detail, an operator can keep their service completely anonymous. Depending on your use-case, you may or may not choose to anonymize your service at all. For anonymous operation, it is recommended to bind services being offered to localhost and make sure that they do not leak information such as an IP address or hostname in any situation (such as with error messages).

For this guide, we assume a Debian Stretch (or similar) Linux system with a non-root, sudo user. It is also assumed that the target machine has been set up with some standard security practices such as disallowing root logins over SSH, and basic firewall rules. This Tor hidden service will be masked on the darknet, but if the hosting server is deanonymized, a malicious party could uncover the machine’s actual clearnet IP address and attempt to penetrate it or otherwise disrupt service. Depending on the software running the services you are hiding, you may wish to install into a virtual machine to limit damage to the system by code vulnerabilities.

Installing Tor

Before configuring a relay, the Tor package must be set up on the system. While Debian does have a Tor package in the standard repositories, we will want to add the official Tor repositories and install from there to get the latest software and be able to verify its authenticity.

First, we will edit the sources list so that Debian will know about the official Tor repositories.

$ sudo nano /etc/apt/sources.list

At the bottom of the file, paste the following two lines and save/exit.

deb stretch main
deb-src stretch main

Now back in the console, we will add the Tor Project’s GPG key used to sign the Tor packages. This will allow verification that the software we are installing has not been tampered with.

$ gpg --keyserver --recv A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89
$ gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -

Lastly, run an update and install Tor from the repositories we just added.

$ apt-get update
$ apt-get install tor


Configuring the Hidden Service

We will be editing the torrc file, so let’s bring it up in our text editor:

$ sudo nano /etc/tor/torrc

Going line by line in this file is tedious, so to minimize confusion, we will ultimately rewrite the whole file. We will implement logging into a file located at /var/log/tor/notices.log and assume the local machine has a web server running on port 80. Paste the following over the existing contents in your torrc file:

Log notice file /var/log/tor/notices.log

############### This section is just for location-hidden services ###

## Once you have configured a hidden service, you can look at the
## contents of the file ".../hidden_service/hostname" for the address
## to tell people.
## HiddenServicePort x y:z says to redirect requests on port x to the
## address y:z.

HiddenServiceDir /var/lib/tor/hs_name_of_my_service/
HiddenServicePort 80

#HiddenServiceDir /var/lib/tor/other_hidden_service/
#HiddenServicePort 80
#HiddenServicePort 22

After saving the file, make and permission a log file, then we are ready to restart Tor:

$ sudo touch /var/log/tor/notices.log
$ chown debian-tor:debian-tor /var/log/tor/notices.log
$ sudo service tor restart

If the restart was successful, the Tor hidden service is active. If not, be sure to check the log file for hints as to the failure:

$ sudo nano /var/log/tor/notices.log

Now that the hidden service is working, Tor has created the hidden service directory we defined in the torrc, /var/lib/tor/hs_name_of_my_service/. There are two files of importance within this directory.

There is a hostname file at /var/lib/tor/hs_name_of_my_service/hostname that contains the hidden service’s public key. This public key acts as a .onion address which users on the Tor network can use to access your service. Make a note of this address after reading it from the file with cat:

$ sudo cat /var/lib/tor/hs_name_of_my_service/hostname

There is also a private_key file that contains the hidden service’s private key. This private key pairs with the service’s public key. It should not be known or read by anyone or anything except Tor, otherwise someone else will be able to impersonate the hidden service. If you need to move your Tor hidden service for any reason, make sure to backup the hostname and private_key files before restoring them on a new machine.

After restarting the hidden service, it may not be available right away. It can take a few minutes before the .onion address resolves on a client machine.


Example – Configure A Web Server with Nginx

Let’s use this hidden service to host a website with Nginx.

First, we will install Nginx and create a directory for our HTML files

$ sudo apt-get install nginx
$ sudo mkdir -p /var/www/hidden_service/

Now, we will create an HTML file to serve, so we need to bring one up in our editor:

$ sudo nano /var/www/hidden_service/index.html

Paste the following basic HTML and save it:

<html><head><title>Hidden Service</title></head><body><h1>It works!</h1></body></html>

Next, we will set the owner of the files we created to www-data for the web server and change the permissions on the /var/www directory.

$ sudo chown -R www-data:www-data /var/www/hidden_service/
$ sudo chmod -R 755 /var/www

We want to make some configuration changes for anonymity. First, let’s edit the default server block:

$ sudo nano /etc/nginx/sites-available/default

Find the block that starts with server { and you should see a line below that reads #listen 80;. Replace this line with to explicitly listen on localhost:

listen localhost:80 default_server;

Now find the line in the block for server_name  set the server name explicitly:

server_name _;

Next we need to edit the Nginx configuration file:

$ sudo nano /etc/nginx/nginx.conf

Find the block that starts with http { and set the following options:

server_name_in_redirect off;
server_tokens off;
port_in_redirect off;

The first option will make sure the server name isn’t used in any redirects. The second option removes server information in error pages and headers. The third option will make sure the port number Nginx listens on will not be included when generating a redirect.

Now we need to create a server block so Nginx knows which directory to serve content from when our hidden service is accessed. Using our text editor, we will create a new server block file:

$ sudo nano /etc/nginx/sites-available/hidden_service

In the empty file, paste the following configuration block. Make sure that the server_name field contains your onion address which you read from the hostname file earlier and not my address, nb2ticpl4j4hnoxq.onion.

server {
server_name nb2tidpl4j4jnoxr.onion;

error_log   /var/log/nginx/hidden_service.error.log;
access_log  off;

location / {
        root /var/www/hidden_service/;
        index index.html;

After saving the file, we need to symlink it to the sites-enabled directory and then restart Nginx:

$ sudo ln -s /etc/nginx/sites-available/hidden_service /etc/nginx/sites-enabled/hidden_service
$ sudo service nginx restart

To test the hidden service, download and install the Tor Browser on any machine and load up your .onion address.


Example – Configure A Web Server with Apache

Let’s use this hidden service to host a website with Apache. Note: Many criticize Apache for leaking server information by default. Apache takes more effort to secure.

First, we will install Apache and create a directory for our HTML files

$ sudo apt-get install apache2
$ sudo mkdir -p /var/www/hidden_service/

Now, we will create an HTML file to serve, so we need to bring one up in our editor:

$ sudo nano /var/www/hidden_service/index.html

Paste the following basic HTML and save it:

<html><head><title>Hidden Service</title></head><body><h1>It works!</h1></body></html>

Next, we will set the owner of the files we created to www-data for the web server and change the permissions on the /var/www directory.

$ sudo chown -R www-data:www-data /var/www/hidden_service/
$ sudo chmod -R 755 /var/www

Now, we need to make a few changes to the Apache configuration. Let’s start by setting Apache up to only listen to port 80 on

$ sudo nano /etc/apache2/ports.conf

Change the line Listen 80 to Listen and save the file.

Now we will access the security configuration file:

$ sudo nano /etc/apache2/conf-enabled/security.conf

Change the line for ServerSignature to ServerSignature Off and the line for ServerTokens to ServerTokens Prod to restrict information the httpd reports about the server.

Then, we will make an edit to the main Apache configuration file to override the server name Apache uses:

$ sudo nano /etc/apache2/apache2.conf

At the very bottom of the file, paste the following. Make sure that the ServerName field contains your onion address which you read from the hostname file earlier and not my address, nb2tidpl4j4jnoxr.onion.

ServerName nb2tidpl4j4jnoxr.onion

Next, we will disable Apache’s mod_status module to turn off status information:

$ sudo a2dismod status

Now we need to create a virtual host so Nginx knows which directory to serve content from when our hidden service is accessed. Using our text editor, we will create a new server block file:

$ sudo nano /etc/apache2/sites-available/hidden_service

In the empty file, paste the following configuration block. Make sure that the server_name field contains your onion address which you read from the hostname file earlier and not my address, nb2tidpl4j4jnoxr.onion.

<VirtualHost *:80>

 ServerName  nb2ticpl4j4hnoxq.onion

 DirectoryIndex index.html
 DocumentRoot /var/www/hidden_service/

  CustomLog /dev/null common


After saving the file, we need to symlink it to the sites-enabled directory and then restart Nginx:

$ sudo ln -s /etc/apache2/sites-available/hidden_service /etc/apache2/sites-enabled/hidden_service
$ sudo service apache2 restart

To test the hidden service, download and install the Tor Browser on any machine and load up your .onion address.



Your hidden service should be up and running, ready to server Tor users. Now that your relay is functioning, it may be a good idea to back up your hostname and private_key files mentioned earlier in the /var/lib/tor/hs_name_of_my_service/ directory.

I would strongly recommend taking a look at’s Tor Hidden Services Best Practices guide to learn more about proper setup of your hidden service.

Additionally, subscribe to the tor-onions mailing list for operator news and support!



Configuring and Monitoring a Tor Middle Relay

The Tor network relies upon individuals and organizations to donate relays for user traffic. The more relays within network, the stronger and faster the network is. Below, we will create a middle relay which receives traffic and sends it off to another relay. Middle relays will never serve as exit points for traffic back out to the clear Internet (a job for an exit relay). Because of this, many see running a middle relay as a safer way of contributing to the Tor network as opposed to running an exit relay which could find an operator at fault if illegal activity or content exits his node.

For this guide, we assume a Debian Stretch (or similar) Linux system with a non-root, sudo user. It is also assumed that the target machine has been set up with some standard security practices such as disallowing root logins over SSH, and basic firewall rules. This Tor relay will be public, and should be secured like any public-facing server.


Installing Tor

Before configuring a relay, the Tor package must be set up on the system. While Debian does have a Tor package in the standard repositories, we will want to add the official Tor repositories and install from there to get the latest software and be able to verify its authenticity.

First, we will edit the sources list so that Debian will know about the official Tor repositories.

$ sudo nano /etc/apt/sources.list

At the bottom of the file, paste the following two lines and save/exit.

deb stretch main
deb-src stretch main

Now back in the console, we will add the Tor Project’s GPG key used to sign the Tor packages. This will allow verification that the software we are installing has not been tampered with.

$ gpg --keyserver --recv A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89
$ gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -

Lastly, run an update and install Tor from the repositories we just added.

$ apt-get update
$ apt-get install tor


Keeping Time

It is important that a Tor relay keeps accurate time, so we will change the timezone and set up the ntp client.

First, list timezones to and find which one corresponds to the location of the machine:

$ timedatectl list-timezones

Next, we set the timezone to the one for the machine’s location. Amsterdam is used below as an example.

$ sudo timedatectl set-timezone Europe/Amsterdam

Finally, install ntp:

$sudo apt-get install ntp

You can check your changes using the timedatectl command with no options:

$ timedatectl
      Local time: Sat 2017-12-30 21:49:25 CET
  Universal time: Sat 2017-12-30 20:49:25 UTC
        RTC time: Sat 2017-12-30 20:49:25
       Time zone: Europe/Amsterdam (CET, +0100)
     NTP enabled: yes
NTP synchronized: yes
 RTC in local TZ: no
      DST active: no
 Last DST change: DST ended at
                  Sun 2017-10-29 02:59:59 CEST
                  Sun 2017-10-29 02:00:00 CET
 Next DST change: DST begins (the clock jumps one hour forward) at
                  Sun 2018-03-25 01:59:59 CET
                  Sun 2018-03-25 03:00:00 CEST


Configuring the Relay

By default, all new relays are set up to be exit nodes. Since we want to create a middle relay, there is some configuration that needs to be done.

We will be editing the torrc file, so let’s bring it up in our text editor:

$ sudo nano /etc/tor/torrc

Going line by line in this file is tedious, and to minimize confusion, I will outline some configuration outlines and paste a sample torrc file below that you can use with minimal changes.

  • We don’t need a SOCKS proxy, so uncomment the line SOCKSPolicy reject *
  • We want to keep a separate log file, so uncomment the line Log notice file /var/log/tor/notices.log
  • We will be running as a daemon, so uncomment the line RunAsDaemon 1
  • We will be running monitoring via ARM, so uncomment the line ControlPort 9051
  • Relays need an ORPort for incoming connections, so uncomment the line ORPort 9001
  • It is recommended that a relay has an FQDN or at least a subdomain of one. If not, the machine’s IP address can be used. We will unncomment the line Address and use our address in place of
  • The relay should also have a nickname, so uncomment the line Nickname ididnteditheconfig and use our own nickname in place of ididnteditheconfig
  • Contact information should also be provided, so uncomment the line #ContactInfo Random Person and use our own info in place of Random Person
  • We will be running a directory port, so uncomment the line DirPort 9030
  • The most important option, we don’t want to allow any exits, so uncomment the line ExitPolicy reject *:*
  • Optionally, we may want to limit the bandwidth that Tor uses. To do so, uncomment the lines RelayBandwidthRate 100 KBytes and RelayBandwidthBurst 200 KBytes. These values are defined for one way transport, so note that the actual bandwidth rate above could be 200KB/s total (100KB/s for each input and output). Burst defines a maximum rate, so a burst of 200 KBytes means bandwidth could reach 400KB/s total (combined input and output). Many will likely want their relay to be considered Fast by the network, meaning that the relay’s bandwidth is in the top 7/8ths of all relays. At the time of writing, a rate of 500 KBytes/s seems to be on the low end of achieving this according to a Tor team member.
  • Optionally, we may want to limit the total traffic Tor uses over a period. To do so, uncomment the lines AccountingMax 40 GBytes and AccountingStart month 3 15:00. The AccountingMax value is defined for one way transport, so note that setting 40 GBytes could use 80 GBytes total (40 GBytes for each input and output). If the machine is on a provider that limits monthly bandwidth, it is a good idea to adjust this value to align with the provider’s data cap and adjust the AccountingStart values to reset to reset when the data cap does. NOTE: If you do set accounting, the relay will not advertise a directory port and you will not get directory connections. Relays with directories are expected to have a lot of bandwidth and limiting it will result in other nodes not making directory connections.

Now, here is a full sample torrc file for the tor middle relay:

## Configuration file for a typical Tor user

## Tor opens a SOCKS proxy on port 9050 by default -- even if you don't
## configure one below. Set "SOCKSPort 0" if you plan to run Tor only
## as a relay, and not make any local application connections yourself.
#SOCKSPort 9050 # Default: Bind to localhost:9050 for local connections.
#SOCKSPort # Bind to this address:port too.

## Entry policies to allow/deny SOCKS requests based on IP address.
## First entry that matches wins. If no SOCKSPolicy is set, we accept
## all (and only) requests that reach a SOCKSPort. Untrusted users who
## can access your SOCKSPort may be able to learn about the connections
## you make.
#SOCKSPolicy accept
#SOCKSPolicy accept6 FC00::/7
SOCKSPolicy reject *

## Logs go to stdout at level "notice" unless redirected by something
## else, like one of the below lines. You can have as many Log lines as
## you want.
## We advise using "notice" in most cases, since anything more verbose
## may provide sensitive information to an attacker who obtains the logs.
## Send all messages of level 'notice' or higher to /var/log/tor/notices.log
Log notice file /var/log/tor/notices.log
## Send every possible message to /var/log/tor/debug.log
#Log debug file /var/log/tor/debug.log
## Use the system log instead of Tor's logfiles
#Log notice syslog
## To send all messages to stderr:
#Log debug stderr

## Uncomment this to start the process in the background... or use
## --runasdaemon 1 on the command line. This is ignored on Windows;
## see the FAQ entry if you want Tor to run as an NT service.
RunAsDaemon 1

## The directory for keeping all the keys/etc. By default, we store
## things in $HOME/.tor on Unix, and in Application Data\tor on Windows.
#DataDirectory /var/lib/tor

## The port on which Tor will listen for local connections from Tor
## controller applications, as documented in control-spec.txt.
ControlPort 9051
## If you enable the controlport, be sure to enable one of these
## authentication methods, to prevent attackers from accessing it.
#HashedControlPassword 16:872860B76453A77D60CA2BB8C1A7042072093276A3D701AD684053EC4C
#CookieAuthentication 1

############### This section is just for location-hidden services ###

## Once you have configured a hidden service, you can look at the
## contents of the file ".../hidden_service/hostname" for the address
## to tell people.
## HiddenServicePort x y:z says to redirect requests on port x to the
## address y:z.

#HiddenServiceDir /var/lib/tor/hidden_service/
#HiddenServicePort 80

#HiddenServiceDir /var/lib/tor/other_hidden_service/
#HiddenServicePort 80
#HiddenServicePort 22

################ This section is just for relays #####################
## See for details.

## Required: what port to advertise for incoming Tor connections.
ORPort 9001
## If you want to listen on a port other than the one advertised in
## ORPort (e.g. to advertise 443 but bind to 9090), you can do it as
## follows.  You'll need to do ipchains or other port forwarding
## yourself to make this work.
#ORPort 443 NoListen
#ORPort NoAdvertise

## The IP address or full DNS name for incoming connections to your
## relay. Leave commented out and Tor will guess.

## If you have multiple network interfaces, you can specify one for
## outgoing traffic to use.
# OutboundBindAddress

## A handle for your relay, so people don't have to refer to it by key.
Nickname peer3famicoman

## Define these to limit how much relayed traffic you will allow. Your
## own traffic is still unthrottled. Note that RelayBandwidthRate must
## be at least 20 kilobytes per second.
## Note that units for these config options are bytes (per second), not
## bits (per second), and that prefixes are binary prefixes, i.e. 2^10,
## 2^20, etc.
RelayBandwidthRate 2048 KBytes  # Throttle traffic to 2048KB/s (16384Kbps)
RelayBandwidthBurst 3072 KBytes # But allow bursts up to 3072KB/s (24576Kbps)

## Use these to restrict the maximum traffic per day, week, or month.
## Note that this threshold applies separately to sent and received bytes,
## not to their sum: setting "40 GB" may allow up to 80 GB total before
## hibernating.
## Set a maximum of 40 gigabytes each way per period.
#AccountingMax 400 GBytes
## Each period starts daily at midnight (AccountingMax is per day)
#AccountingStart day 00:00
## Each period starts on the 3rd of the month at 15:00 (AccountingMax
## is per month)
AccountingStart month 24 15:00

## Administrative contact information for this relay or bridge. This line
## can be used to contact you if your relay or bridge is misconfigured or
## something else goes wrong. Note that we archive and publish all
## descriptors containing these lines and that Google indexes them, so
## spammers might also collect them. You may want to obscure the fact that
## it's an email address and/or generate a new address for this purpose.
#ContactInfo Random Person 
## You might also include your PGP or GPG fingerprint if you have one:
#ContactInfo 0xFFFFFFFF Random Person 
ContactInfo famicoman[at]gmail[dot]com - 1DVLNHpcoAso6rvisCnVQbCFN8dRir1GVQ

## Uncomment this to mirror directory information for others. Please do
## if you have enough bandwidth.
DirPort 9030 # what port to advertise for directory connections
## If you want to listen on a port other than the one advertised in
## DirPort (e.g. to advertise 80 but bind to 9091), you can do it as
## follows.  below too. You'll need to do ipchains or other port
## forwarding yourself to make this work.
#DirPort 80 NoListen
#DirPort NoAdvertise
## Uncomment to return an arbitrary blob of html on your DirPort. Now you
## can explain what Tor is if anybody wonders why your IP address is
## contacting them. See contrib/tor-exit-notice.html in Tor's source
## distribution for a sample.
#DirPortFrontPage /etc/tor/tor-exit-notice.html

## Uncomment this if you run more than one Tor relay, and add the identity
## key fingerprint of each Tor relay you control, even if they're on
## different networks. You declare it here so Tor clients can avoid
## using more than one of your relays in a single circuit. See
## However, you should never include a bridge's fingerprint here, as it would
## break its concealability and potentially reveal its IP/TCP address.
#MyFamily $keyid,$keyid,...

## A comma-separated list of exit policies. They're considered first
## to last, and the first match wins.
## If you want to allow the same ports on IPv4 and IPv6, write your rules
## using accept/reject *. If you want to allow different ports on IPv4 and
## IPv6, write your IPv6 rules using accept6/reject6 *6, and your IPv4 rules
## using accept/reject *4.
## If you want to _replace_ the default exit policy, end this with either a
## reject *:* or an accept *:*. Otherwise, you're _augmenting_ (prepending to)
## the default exit policy. Leave commented to just use the default, which is
## described in the man page or at
## Look at
## for issues you might encounter if you use the default exit policy.
## If certain IPs and ports are blocked externally, e.g. by your firewall,
## you should update your exit policy to reflect this -- otherwise Tor
## users will be told that those destinations are down.
## For security, by default Tor rejects connections to private (local)
## networks, including to the configured primary public IPv4 and IPv6 addresses,
## and any public IPv4 and IPv6 addresses on any interface on the relay.
## See the man page entry for ExitPolicyRejectPrivate if you want to allow
## "exit enclaving".
#ExitPolicy accept *:6660-6667,reject *:* # allow irc ports on IPv4 and IPv6 but no more
#ExitPolicy accept *:119 # accept nntp ports on IPv4 and IPv6 as well as default exit policy
#ExitPolicy accept *4:119 # accept nntp ports on IPv4 only as well as default exit policy
#ExitPolicy accept6 *6:119 # accept nntp ports on IPv6 only as well as default exit policy
ExitPolicy reject *:* # no exits allowed

## Bridge relays (or "bridges") are Tor relays that aren't listed in the
## main directory. Since there is no complete public list of them, even an
## ISP that filters connections to all the known Tor relays probably
## won't be able to block all the bridges. Also, websites won't treat you
## differently because they won't know you're running Tor. If you can
## be a real relay, please do; but if not, be a bridge!
#BridgeRelay 1
## By default, Tor will advertise your bridge to users through various
## mechanisms like If you want to run
## a private bridge, for example because you'll give out your bridge
## address manually to your friends, uncomment this line:
#PublishServerDescriptor 0

After saving the file, we are ready to restart Tor:

$ sudo service tor restart

Now, we need to make sure everything worked properly and that the relay is functioning as expected. To do so, we will check the logs:

$ sudo nano /var/log/tor/log

If everything worked as expected, the following lines should appear near the bottom of the log file:

[notice] Self-testing indicates your ORPort is reachable from the outside. Excellent.
[notice] Tor has successfully opened a circuit. Looks like client functionality is working.
[notice] Self-testing indicates your DirPort is reachable from the outside. Excellent. Publishing server descriptor.

If you see anything different, make sure your torrc file is configured properly and that your firewall is set to allow connections to the ports you set for the ORPort and DirPort (by default, 9001 and 9030 respectively).


Monitoring Your Relay with Nyx

To monitor Tor relays, many people use a popular tool called Nyx which provides graphical information about activity and status of the node. Nyx utilizes the ControlPort we set earlier to connect into our relay. This port shot not need to be accepted by a firewall if Nyx will be running on the same machine and should be password-protected otherwise.

First, Nyx needs to be installed:

$ sudo apt-get install python-setuptools
$ sudo easy_install pip
$ sudo pip install nyx

Then,Nyx can be run:

$ nyx

The result is a nice representation of the relay’s traffic, utilization, flags, and general information.


Monitoring Your Relay with ARM (Deprecated)

While ARM is no longer maintained, it does still function.

To monitor Tor relays, many people use a popular tool called ARM which provides graphical information about activity and status of the node. ARM utilizes the ControlPort we set earlier to connect into our relay. This port shot not need to be accepted by a firewall if ARM will be running on the same machine and should be password-protected otherwise.

First, ARM needs to be installed:

sudo apt-get install tor-arm

Then, ARM can be run:


The result is a nice representation of the relay’s traffic, utilization, flags, and general information.



While my relay picked up traffic quickly, it took a long time to be able to fully utilize the bandwidth rates that I gave it. A new Tor middle relay goes through many stages before it can be deemed stable and reliable by the network. I highly recommend reading The lifecycle of a new relay to understand the whole process and know why you may not see traffic right away.

You may notice in my screenshots of Nyx and ARM above, my relay has procured several flags. If you are trying to obtain certain flags for your relay (which sort of act like markers of the relay’s capabilities), I recommend reading this StackExchange post on the subject.

If you want to see some statistics for your relay or share them with others, consider checking out the Atlas and Globe projects. This provides information on a relay by fingerprint of that relay, though you can perform searches with the relay’s nickname. Check out my relay on Atlas and my relay on Globe for examples.

Now that your relay is functioning, you may wish to backup your torrc, backup your relay’s private key (/var/lib/tor/keys/secret_id_key), read and implement operational security practices, and join the tor-relays mailing list.




The Best of 2017

Here is my third installment of the best things I’ve found, learned, read, etc. over the past year. These things are listed in no particular order, and may not necessarily be new.

See the 2016 post here!
See the 2015 post here!

This annual “Best Of” series is inspired by @fogus and his blog, Send More Paramedics.

Favorite Blog Posts Read

I end up reading a lot of articles over the course of the year, and cannot possibly remember all of them. Here is a good selection of that ones that I can recall:

Articles I’ve Written for Other Publications

I’ve continued to write for a few different places outside of my own site. Here is a complete list for 2017:

Favorite Technical Books Read

Favorite Non-Technical Books Read

  • Daemon (2006) – Awesome techno-thriller about an autonomous piece of software that slowly starts taking over the world. The book follows those who are trying to stop the daemon program, and those the daemon employs.

Number of Books Read

This year was noticeably disappointing when it came to number of books read. This is likely due to an increase in the amount of podcasts I now listen to.


Still Need to Read

Dream Machines, Literary Machines, Design Patterns, 10 PRINT CHR$(205.5+RND(1)); : GOTO 10

Favorite Music Discovered

Favorite Television Shows

Black Mirror (2011), Game of Thrones (2011) , Mr. Robot (2015), Halt & Catch Fire (2014), Twin Peaks (2017)

Favorite Podcasts

Reply All, TLDR, 99% Invisible, Jason Scott Talks His Way Out of It

Programming Languages Used for Work/Personal

Java, JavaScript, Python,Objective-C.

Programming Languages I Want To Use Next Year

  • Common Lisp – A “generalized” Lisp dialect.
  • Go – Sounds like fun for network-oriented programming.

Life Events of 2017

  • Visited NYC, New York.
  • Visited Nashville, Tennessee.

Life Changing Technologies Discovered

  • PC Engines – I recently got an apu2c4 and am impressed by this single-board computer. While I am just experimenting with it right now, the gigabit NICs should prove to help make a great pfSense router.
  • Orange Pi Zero – Not as fast as a Raspberry Pi, but for $9USD, this little board can be used for many, many small and inexpensive projects.
  • Mastodon – A really nifty federated social networking software package similar to Twitter that I don’t use as much as I should.

Favorite Subreddits

/r/darknetplan, /r/cyberpunk, /r/homelab

Completed in 2017

Plans for 2018

  • Write for stuff I’ve written for already (NODE, Lunchmeat, Exolymph, Neon Dystopia,  2600).
  • Write for new stuff (Do you have a publication that needs writers?).
  • Publish article backlog. I have around 10 articles I have written or partially written that are not online yet.
  • Read more books.
  • Participate in more public server projects (ntp pool, etc.).
  • Continue work for Philly Mesh.
  • Do some FPGA projects to get more in-depth with hardware.
  • Organization, organization, organization!
  • Documentation.
  • Continue rebooting Raunchy Taco IRC (Have one server and a certificate authority configured).
  • Create a new SKS keyserver.
  • Assemble an RC2014.

See you in 2018!


On Music, Mondo, & Mayhem: An Interview With R.U. Sirius

This article was originally written for and published at Neon Dystopia on September 1st, 2017. It has been posted here for safe keeping.

I recently wrote an article for Neon Dystopia on Mondo 2000, a cyberculture magazine that helped shape the cyberpunk sub-genre. When thinking of Mondo, the first person that comes to mind for most people is Ken Goffman, better known as R.U. Sirius. While he may be best known for his time at Mondo 2000, Sirius has no shortage of interesting accomplishments. Aside from Mondo, Sirius has had articles published in Artforum International, Rolling Stone, Time, Wired, and Esquire. He has been editor-in-chief at Axcess Magazine,, and H+ Magazine. He’s hosted two podcasts, started multiple websites, and even had a run for the presidency in 2000 under the Revolution Party. Did I mention he has also authored or co-authored 10 books and appeared in two movies?

R.U. Sirius (Photo by Bart Nagel).

Aside from his accolades, Sirius is known as a knowledgeable, iconic, and somewhat eccentric guy. An acquaintance of his once stated, “[Sirius] once told me he had trouble reading anything written before 1990-it was 1980 at the time.” While Sirius has constantly been seen as being ahead-of-the-curve in a lot of ways, it was never something that hindered him — it only helped him excel. Without R.U. Sirius, we may have had a completely different experience traversing the digital revolution. At a minimum, it wouldn’t have been nearly as fun.

I had the pleasure of interviewing R.U. Sirius for Neon Dystopia over the course of the last few weeks while working on the Mondo 2000 retrospective. Being able to pick his brain was an experience, and after he answered my long series of questions, he started to tell me about his music — something I wasn’t at all familiar with. I had known R.U. Sirius the editor-in-chief of Mondo 2000, but not R.U. Sirius the musician. With a little research, I discovered he was the lead singer and songwriter for the band Party Dogs, which performed in New York in the 1980’s. Later in the 90’s, he would perform in the band Mondo Vanilli, which even signed a record deal with Trent Reznor’s Nothing Records (though there was never an official album release). Sirius recommended two albums to me, and I queued them up as I sat at my keyboard and pulled at the seams of Mondo.

The first album he recommended to me was MONDOtoxicated, a work-in-progress collaboration with psychedelic jamtronica band Phriendz. Sirius does the lyrics and has vocals on all but one song in the collection, “I Hope You Didn’t Dose the Pudding,” which instead features Phriendz’s own Daddy Phriday. The first track on the album, “Speed and Weed” is a great entry point into the unique sound put out by the collaboration. You can feel the funk and electronica elements, and they blend together seamlessly to create something otherworldly. Later in the album are two remixes from Sirius’s Party Dogs days: “On The Beam,” and “President Mussolini Makes The Planes Run On Time.” These songs are very punk-fueled, beckoning back to their original 1982 compositions, but blend well with the new electronic elements in the remix.

The second album, a much longer compilation spanning from 1982-2010+ titled That Which Does Not Kill Me Makes Me Hipper, features songs from Party Dogs, Mondo Vanilli, collaborations with Phriendz, and also songs by band SLT which Sirius supplied lyrics for. Aside from the Phriendz collaborations (which were also featured on the other album) the Party Dogs songs have a great punk rock sound that I could listen to all day. The real standouts on the album are the the techno-rock Mondo Vanilli tracks. “Love is the Product” in particular is a playful, satirical song that will get stuck in your head with its catchy chorus. While the album spans a number of decades and a few different genres, Sirius’ style shines through on each track. You are able to see how his music has evolved over the years, and never loses its power or passion.

While listening to these albums, I got the sense that music was and is an important part of Sirius’ life. I had to rethink my interview and go beyond the Mondo topics I was so focused on. I wrote back to pester Sirius with some additional questions, this time about his musical career.

Below is the full interview, with all of the questions on Mondo 2000, music, and everything else mingled together. Take a ride, and try not to fall off!

Neon Dystopia: Before you started working on High Frontiers, you were in a band called Party Dogs. Was this your first foray into music? How did you get involved in the band?

R.U. Sirius: Party Dogs was my first real foray. I recorded 3 songs before that with a band we called The Spoons as vocalist and lyricist in an analog electronic music room at a State University in Binghamton NY in 1976 – two of them got some local airplay. The song “Reggae Ripoff” caused a minor stir when a DJ who liked to play it realized I was a local white boy and freaked.  The lyrics are here. But there were no live appearances.

I had a few onstage moments after that… I’d go onstage for one song basically… “Jumpin’ Jack Flash” (or “Raw Power“, once).  But Party Dogs was the first sustained band that actually performed often. Actually the only band that performed often.

I was in Brockport New York, a small college town. I’d gained confidence in my voice by learning the entire Stones catalogue with a friend who thought he was Keith Richards (RIP, it goes without saying) … and when the neighbors came by saying they thought it was the Stones record and then realized we were doing it … I think that was my breakthrough in terms of confidence. I was already 25.

So I started putting together a band in Brockport. The first one we called Skippy and the Nice Guys. It was raw and confrontational. Everybody hated it.

When Party Dogs started, almost everybody hated that too… but we got good with practice. It was more punk-inflected rock than punk. Among our copy songs we played the Dead Boys, Sex Pistols and Iggy. But on the other hand, we played some Rolling Stones and Bowie. And mostly our own songs, of course. We ended up being kind of popular both in town and in Rochester, New York nearby. The other guys continued being in great bands in Rochester, including SLT, who I wrote some lyrics for a few years ago.

At our last Party Dogs appearance in Brockport, we closed as usual with a noise rock version of “Strangers In The Night.” Some jocks who were tripping on acid decided I was the devil and plotted to kill me. A girl who knew them and knew me talked them out of it!

ND: Music seems to be a big part of your life. Do you see yourself as a musician at heart despite all of the other work you’ve accomplished?

RU: There’s a great line in the TV show Dear White People… “Trust me. Find your label.” I guess I’m kind of too cosmic when it comes to considering myself anything. I’m amused by the way many millennials have this really expansive panoply of labels (particularly for sexuality) but such a constricting need to be codified.

Having said that, to the extent that I made a livelihood, it was mainly as an editor-in-chief and a writer.

I’d love to be known for my lyrics…  like maybe Van Dyke Parks or Bernie Taupin or Pete Brown (Cream)… except I guess mine are much weirder.  I don’t know. Who writes lyrics for avant-garde operas? I’d like to be him or her!

Mondo Vanilli album cover for i.o.u. babe.

ND: Have your influences changed dramatically between Party Dogs, Mondo Vanilli, and your most recent music?

RU: In terms of vocals, I’ve looked to people who work with rhythm and attitude but don’t have a vast range — Lou Reed, Jagger… for some examples.  And just before I embarked on my latest work, I had a cough that lasted for 2 months. I had kind of a recent-Bob Dylan growl befitting of an old man whose done a few naughty things…  but it disappeared. I don’t know if I will ever regain my voice the way I want it.

In terms of lyrics, it’s just whatever comes. I think maybe Frank Zappa is an influence although I’d maybe rather write like Leonard Cohen or Nick Cave. But I think my stuff is mainly unique and as good as almost anyones…  can I say that? I mean, for permission to go off the map of the usual rhyme schemes… I’d look to Don Van Vliet, Patti Smith and Bowie.

ND: In Mondo 2000, and earlier with Reality Hackers and High Frontiers, I see hippie/yippie influences, such as the work Stewart Brand was doing with the Whole Earth Catalog. I also see some parallels with Ted Nelson’s work, and the sort of general DIY attitude that the punk subculture perpetuated. What would you say were some of the biggest influences that Mondo 2000 drew from?

RU: I view the influences in terms of periodicals more than in terms of hippies or yippies etcetera, although a kind of counterculturalness is intrinsic. For myself, and I think for many others involved in the publication, there was a love of magazines.

Mad Magazine was as much an influence as Whole Earth.

Creem magazine with its irreverence… it’s disrespect for journalistic conventions and lack of rock star worship.

Some Dadaist publications like File (which became Vile after punk rock hit) for its use of allusion and not having to make sense.

The original underground papers of the late ‘60s/early ‘70s for their aliveness – trying to transcend their containment within a printed thing that you can buy and hold in your hand and have expectations towards. Can we make this object explode or dance or shoot off psychedelic sparks?

Interview… because it used interviews without the intrusion of the all-knowing authorial voice.

Omni for the pop science and technology and for recognizing that was the next cool thing.

Evergreen for counterculture in an urbane package with top tier writers like Terry Southern, Susan Sontag, Tom Wolfe, Eldridge Cleaver.

Wet for looking cool and feeling futuristic

ReSearch/Search and Destroy for exploring the connection between punk counterculture and various historical/anthropological memes like Situationism, body modification and so on.

That’s off the top of my head.

ND: What was the typical content of an issue, was anything too far out to be included?

RU: There was some relatively straightforward reporting on tech and science developments towards the front, usually … right after the very colorful and strange letters to the editors. Lots of interviews and conversations with people making up the hipper edges of the emerging tech culture but also musicians and just eclectic off-center stuff like an art forger/money counterfeiter. I mean, I can’t really do any issue justice in terms of how ultra-strangeness rubbed up against techie relative-normalcy.

I can’t remember a feeling that anything was too far out to be included. They were different times. The extremes hadn’t been fully weaponized yet, so to speak.

Mondo 2000 issue 2 contents.

ND: The 1980’s saw a big push into science fiction and the development of cyberpunk with Neuromancer and the growing popularity of publications like OMNI. Were you aware of the content in this space?

RU: Yeah we were friendly with Dick Teresi and other editors at Omni. We were excited with SF Eye and some other publications I’ve forgotten since. The excitement over the so-called cyberpunk writers was hitting us when we were still High Frontiers (the magazine we published from 1984-1988, preceding Mondo). Timothy Leary was very excited about Neuromancer, so he kind of led us towards that, but we had people around like St. Jude Milhon who were already trying to call our attention to that.  There were some cool periodicals doing something sort of vaguely similar that came and went. And Boing Boing preceded Mondo technically, although we had already done High Frontiers and Reality Hackers and they were influenced by those.

ND: Mondo 2000 is often cited as a large influence in the development of the cyberpunk subculture. How do you think it has been able to influence cyberpunk over the years?

RU: I think Mondo was more its own thing. Anybody who took cyberpunk too seriously as a movement or a memeplex might have been alienated by our eclecticism, our fancy design, our not-giving-a-fuck about cyberpunk or much of anything mien.  The hardcore nerds and cyberpunk sorts, for instance, hated that we did fashion spreads and girls with circuit boards around their nipples (as did some feminists). Mondo was an art project, really, specific to the people engaged in it, with the idea of cyberpunk or cyberculture in the nose cone but so much else going on behind it. And yet we hit a sweet spot for other eclectic sorts… I guess I’d say hipsters, in a positive sense (that label wasn’t a curse back then.) But also, the sort of person that loved Robert Anton Wilson and Church of the Subgenius.

ND: Tell me about the culture of the Mondo 2000 house. What was a normal day like? How would you describe the parties?

RU: It was a largish house in the Berkeley hills…  looked like a Blue Oyster Cult cover… thus called a “technogothic citadel” in various reports. There was a dead red 1956 MG out front.

The upstairs front room was used as the main office. Three people would roll in and start answering phones at around 9:30 am. Andrew Hultrkans our managing editor tended to come in early too. I slept in a room downstairs with my girlfriend at that time… we made some noise in the morning hours that would “frighten the horses” upstairs. I came upstairs in a silk bathrobe and nothing else usually around 11 am and went into the kitchen to make coffee.  Bart Nagel, Heide Foley and the art department was in a large downstairs room. I don’t know when they started but they often worked far into the night. The place was pretty dedicated to working on the magazine and dealing with the business and publicity on weekdays. Sometimes people would show up…  Jesus Jones (a “rock star” of the ‘90s); Buffy Saint-Marie! She’s awesome by the way. Some kids looking for me… the main dude said his dad was head of the CIA or something like that.

I don’t know that I want to describe the parties.  Some of them were large… lots of people.  I don’t remember any outright orgies – despite hearing rumors about them. Massive psychedelic drug taking was more common during the High Frontiers period in the mid-‘80s.  There was tech being shown off… brain toys, definitely some drugs, sex in private places…   I have this memory from around 1991 of these ravers being really contemptuous that the old folks were “dancing to Bryan Ferry.” But it wasn’t Bryan Ferry. It was Roxy Music and they were way fucking better than anything EDM ever produced!

Editors Rudy, Queen Mu, Ken Goffman, with Bart Nagel, the graphic designer. (Photo by Bart Nagel.)

ND: I often think that Mondo 2000 benefitted from hitting at just the right time, as computers and technology were riding this sociopolitical wave in the late ‘80s and early ‘90s. Do you think that Mondo 2000 was just as influential at the time as it was reactive? What was the feedback loop like?

RU: I think Wired hit at just the right time to be commercially successful (they were, of course, more accessible to the “normies”). We intentionally teased out the countercultural influences in the early Silicon Valley digital culture and helped make the connections between alternativeness and technoculture. A fellow named Michael Gosney – who had a digital arts magazine called Verbum – sponsored something called the Digital Be-In, timed to the annual Mac gathering in San Francisco, independent of us… so there were other people doing this as well. (We attended those splendid events, of course.)

San Francisco counterculture’s embrace of the celebrations of technology, virtual reality etcetera at that time in the early ’90s is kind of an extraordinary thing that requires a whole other essay.  It was a culture where the people who throw rocks at the Google bus would have been at the same party as Larry and Serge… our party!  Anticipating the future brought people together more than the actual thing.

Cover for Verbum issue 5.2. Click here to read the whole issue.

ND: Why do you think Mondo 2000 was so successful at the time? What did it have that nothing else did?

RU: We had a lot of hype from the mainstream media … an excitement about the superficial stuff like VR and smart drinks… that helped to let people know we existed. But I think the magazine itself was something extraordinary. It was the message from some other planet… some other future… that Wired later claimed to be. And there was an audience that wanted that.  People used to haunt magazine stores, Tower Records, in various towns…  “When will we see another issue of MONDO 2000.”

I mean, it wasn’t that successful. We hit our peak just shy of 100,000 circulation.

ND:  Timothy Leary once said that Mondo 2000 was “a beautiful merger of the psychedelic, the cybernetic, the cultural, the literary, and artistic. It shouldn’t last a long time.” Do you think that Mondo could have gone on for many more years, or was it by nature much more fleeting?

RU: 2000 would appear to be an expiration date. It could have continued. There were some internal problems that I don’t want to air here. Wait for the book, still in progress. We could have charted a new course of outrage. We had a lot of opportunities in terms of advertising that weren’t used… but I’ll leave it at that

ND:  I often look back at the comic “The Guy I Always Was” by Patrick S. Farley and consider how Mondo 2000 was more of a publication that invented the future (in both a dreaming sense, or simply making things up) instead of simply reporting on it. Do you think that would be an accurate way to put things?

RU: Yeah it was saying this thing was happening and then helping it to actually happen. Except for the things that didn’t happen, like universal virtual reality and “sharpies mutants and superbrights” taking over the planet…  I mean, it was a fantasy of the total transmutation of everything… and it’s turned out to be more the total fragmentation of everything, although we always made sure to predict that too (just in case.) I mean, it wasn’t really all that message-driven … there were lots of pages and lots of varying views and visions and just plain fun.

By the way, I love that comic.

H.M. Ludens, from “The Guy I Almost Was.”

ND: A lot of people attack Wired magazine though accusations that they copied Mondo’s style and watered it down for a broader audience. Do you think Wired was ever able to bottle the Mondo 2000 spirit? Was their success just a matter of timing based on when they started?

RU: They used a lot of the same writers and covered some of the same stories at first, but the appeal was more towards the ordinary…  They were genre specific. They didn’t have interviews with Daniel Johnston or Diamanda Galas or gonzo anthropological theorizing about secret cultic uses of tarantula venom as an intoxicant… stuff totally outside the supposed techno genre. They had a conventional approach that hit a bigger audience and was comfortable for advertisers.

They weren’t trying to bottle the Mondo spirit. The writers were told explicitly to steer clear of counterculturalness… Alternativeness was just the colored sprinkles on the corporate frozen yogurt.  Negativland pranks were cute items where for us they were subversive blows against the empire … and the main article. I mean, they were probably right. The empire survived our culture jamming … and now the alt-right establishment is doing a form of it themselves.  None of this is meant to be all negative about Wired. They did what they did well and I enjoyed many of their issues… and even wrote a few bits.

ND: Are there any people from the Mondo 2000 days that you still keep in touch with?

RU: I’m in touch with many of them.  St. Jude Milhon, who I worked closely with, died in 2003. Our business manager, Linda Murman, died of cancer maybe a decade ago. Kathy Acker, who was a friend to all of us, also died of cancer. There have been losses like that. A lot of people have been interviewed for the Mondo history project. I’ve been in touch with many of them.

ND: One person from the M2K staff that has always intrigued me is Michael Synergy, especially with his quick-fire claims of government-toppling knowledge in the Cyberpunk (1990) documentary. Do you know anything about his activities after Mondo 2000? Did he indeed mutate and take over the world?

RU: That’s a complicated and difficult subject. He disappeared after failing to appear at his wedding, more or less. Howard Rheingold swears that he’s Michael Wilson, who was involved in the development of the TV show Burn Notice and that the main character was based on him or at least on his braggadocio.  There are some strange, disturbing scenes with Synergy in the book (yes, still in progress.)

Cyberpunk (1990) documentary cover.

ND: There are a lot of different reasons posed for Mondo 2000’s eventual halt in publication. Is there any one reason that you think was the root cause?

RU: Insanity.

ND: In Synthetic Pleasures (1995) you said that “the way to eroticize the brain is to explore sexuality with new media.” With the popularity of the Oculus Rift and virtual reality in general right now, how do you think the ideas of sex and eroticism will mingle with these technologies going forward?

RU: Did I say that? :–)  Many knew mediums gain their financial foothold via porn. What will virtualized eroticism bring to the party, not just in terms of porn but in terms of real sexual connection? It seems to me that a lot of relationships take place mainly online now. Gender, genital sex, smells…  are these things becoming obsolete?  I don’t know. I can’t get no satisfaction from any sort-of totalist approach, myself…

ND: What’s the current status of the Mondo 2000 History Project?

RU: Negotiating a book deal. Otherwise, close…  Not knowing the format has complicated its completion.

ND: I noticed recently that Mondo 2000 has a new twitter account and an announcement of a website coming soon. What are your future plans for Mondo 2000? Can we expect a Mondo 3000 to come soon?

RU:  … it should be operational by the time people are reading this…

ND: While I’m of the belief that Mondo 2000 was something truly unique, is there any organization or publication these days that carries the same spirit?

RU: Dangerous Minds covers some of the territory. Boing Boing covers some of it. Coilhouse was awesome but has apparently disappeared. I don’t think anyone would do Mondo 2000 now in the way we did it. It was – dare I say – radical but politically incorrect in a way that is much more difficult to approach in a playful manner now. I’m still not sure how I’m going to navigate that aspect of our change in the culture with

Mondo 2000 hypercard via Boing Boing.

ND:  I’ve noticed in the past that you keep an eye out for articles online that mention Mondo 2000. Are there any websites or other publications that you read regularly?

RU: My morning online commute runs as follows… recent facebook posts, recent Google+ posts, Boing Boing, Vice, RAW Story, Reason, Huffington Post, io9, The Intercept, Washington Post, Dangerous Minds, ego search for R.U. Sirius, Mondo 2000, Timothy Leary, Ken Goffman. My Steal This Singularity twitter. (Now) Mondo 2000’s twitter.

ND: Are there any big things you are working on these days that should be on our radar?

RU: I like doing lyrics and music more than anything else. I have lyrical song cycles – some that have actual songs and some that have just lyrics — that I like as much as anything I’ve ever done. I’ll probably post them on I think some of the new stuff that I will be working on with R.U. Sirius & Phriendz and some other folks will be stunning… It’s hard to get people to check it when they don’t know you for music though. People are real twats about that.  (My bandcamp…)

ND: Do you currently have any plans for more music coming up?

RU: Working on a bunch of songs… some may have my voice others not. R.U. Sirius & Phriendz may see the most production. Another artist who is known in the jazz world but who will be working under a pseud is working with me on some stuff. We’ll see.

I posted this sort of lyrical conceptual thing just recently. I’d love to get that done as a thing. Some of the songs exist already

ND: Many theoretical topics or downright crazy ideas from Mondo 2000 are becoming reality. How do you view the future these days? Where do you believe we are headed?

RU: The blurring of reality – the disbelief in even functional truth —  has entered too deeply into the realm of the political… People grasp for certainties, ideologies, authority… even anarchist authority if that’s their leaning. More chaos. Existential threats like the weather; increases in nationalism and racism and hostility; the spread of nukes…  There’s this sort of quasi-Leninist notion that bad material conditions lead to revolutionary progress.  Not true. They lead towards authoritarianism and reaction.


Hallucinations For Accelerated Mutants — A Mondo 2000 Retrospective

This article was originally written for and published at Neon Dystopia on August 28th, 2017. It has been posted here for safe keeping.

It’s difficult to explain Mondo 2000 to someone who hasn’t experienced it before. That’s really what I would call it at the end of the day: an experience. Like a hallucinogenic trip, or a roller coaster ride, or that tingle that you get after a first kiss — it’s something you just don’t really get by having it described to you.

I first became aware of Mondo 2000, the glossy cyberculture magazine which ran from 1989 to 1998, in the much more recent year of 2012. Late to the party, I admit, but sometimes you just can’t get there on time. In 2012, I began to research hacking magazines as I was getting worried that some of them would soon disappear from the world without a trace. Somewhere out there sat old, possibly moldy magazines full of articles and stories that once appealed to the hacking subculture. Nobody was saving them, so I decided to start. I began patrolling. Amazon, eBay, and basic HTML sites that haven’t been updated since the early days of the web became my usual haunts. Between monitoring auctions and mailing old email addresses,  I was able to begin buying these publications. The ones I could find, I would wrap in archival-grade plastic and scan into my computer when I had the time; a slight pit stop before pushing them to the Internet Archive. Now, five years later, I agonize over the magazines that I haven’t even heard of yet. I learned a lot about the technological landscape of the ‘70s, ‘80s, and ‘90s, but I didn’t have anything really resonate with my until I came across Mondo 2000. Sitting right on the border between the then-bleeding-edge and the surrealistic not-so-distant future, Mondo fostered a generation of tuned-in misfits who were making their way through hyperculture. This could have been me in a different time, but all I can do now is read the back-issues while wearing a bootleg Mondo t-shirt. Looking back, it feels like some sort of technophilic fever dream for kids with psychedelics and a ‘net connection. Drugs, sex, and the digital revolution dripped from the warm, colorful pages. Would you want to wake up?

Mondo 2000 issue 15 cover.

For many, Mondo 2000 was seen as just the thing a sharp-tongued, budding cyberculture needed. Others saw it as pseudo-intellectual nonsense, fabricated garbage that didn’t really mean anything. To the Mondoids, the dedicated followers, it didn’t matter if the normies didn’t understand. Mondo 2000 was playful, eccentric, irreverent, and brash — it worked on its own terms and it worked well. Yet, Mondo 2000 did always have a built-in expiration date. With a name like that, it could never go on forever. After 14 issues, Mondo ceased publication. The print was dead, but the ideas would live on — the infection would keep spreading. While Mondo hit the scene at an interesting time in the advancement of technology, it has a much more ludicrous origin story. Author Jack Boulware once reported in a famous 1995 postmortem, “Mondo’s history reads as if fabricated on another planet, spewed forth by a sweaty cyberpunk novelist tripping on nasal-ingested DMT.”

He isn’t wrong.

The Edge Of A High Frontier

Mondo 2000 didn’t just pop up one morning out of nowhere. The roots of Mondo go all the way back to 1984. Ken Goffman published the first issue of High Frontiers, your source for “Psychedelics, Science, Human Potential, Irreverence & Modern Art,” in a small run of 1,500 copies. The first issue embraced mind expansion with interviews featuring Terrence Mckenna, Bruce Eisner, Timothy Leary, and even Albert Hoffman, the father of LSD. Goffman, an ex-yippie, former New York musician who had since moved to California, had already adopted his dadaist R . U. Sirius persona when he decided to embark on a publication that combined psychedelic exploration, science, and high technology. The premier issue, published in a newspaper format, featured his moniker on the cover alongside co-conspirator “Somerset MauMau.” The innards were packed with walls of text and tongue-in-cheek photographs that looked like cut-outs from Life magazine. The next issue would need to keep up the energy, and the fun.

R. U. Sirius.

Sirius’ life would change one night as he was distributing the first issue of High Frontiers at a birthday party: he would meet Alison Kennedy. Kennedy, the wife of a UC Berkeley professor and daughter of a wealthy California family, captivated Goffman. Soon, Kennedy would come to join the band of “Marin Mutants” (named for High Frontier’s Marin, California headquarters) that worked on the publication, sporting names like “Lord Nose” or “Amalgum X.” Meeting in a local pizza parlor with oddly-abysmal foot traffic, the High Frontiers staff would plot out their next articles. The second issue of High Frontiers, published a year after the first, would go on to include interviews with physicists, research on hallucinogens, and reviews of art and literature. By issue three, science and technology had become more of a main focus with articles on memory enhancement, psychoactive software, and quantum physics. Of course, drugs were still held in high regard with articles like “MDMA: Safe As Ice Cream,” and Kennedy’s own gonzo-anthropological “Tarantella And The Modern Day Rock Musician,” about hallucinogenic tarantula venom. Kennedy would soon go on to adopt a new persona of her own: Queen Mu, Domineditrix. After issue four of High Frontiers, Sirius and Mu would change the name of the magazine to Reality Hackers, which better represented the mix of articles on mind-expanding drugs and computer-based technology. As the magazine mutated, so did the staff. New additions included anarchist hacker Jude Milhon (who would become known as St. Jude) and the in-your-face Michael Synergy (real name unknown), a cyberpunk keen on toppling all of the powers that be.

High Frontiers issue 1. Read through all of the issues here!

With operations now moved to a large wooden house in the Berkeley Hills, Reality Hackers became a lightning rod for new, more diverse happenings of the psycho-technical fringe. There were articles on smart drugs, virtual reality, chaos theory, and isolation tanks, some featuring leading experts in these new and/or obscure fields.

Distributors, however, had no idea what to do with Reality Hackers and thought it was a magazine about literally hacking people to bits. Sirius would eventually be approached by Kevin Kelly of Whole Earth Review, the magazine spawning from Stewart Brand’s seminal Whole Earth Catalog, to work on a new digital culture magazine called Signal. Sirius ultimately declined in order to pursue a new mutation of Reality Hackers, honing-in on the young cyberpunk movement. Sirius and Mu would soon change the name of the magazine again to Mondo 2000 after publishing only two issues under the Reality Hackers name.

Reality Hackers. Issue numbering takes place where High Frontiers leaves off. Read all of the issues here!

At first, Mondo 2000 still resembled Reality Hackers between the cover art and black-and-white interior. After Bart Nagel was brought on as Mondo’s art director, things took a turn as he completely reworked the design of the magazine. Featuring colorful layouts, expert photography, full-page illustrations, and surreal covers, the new magazine was as stylish and beautiful as it was informative. New content went hand-in-hand with the new design; there were articles on cyberspace, computer viruses, and conspiracy theories. Authors that would grace the first issue include Bruce Sterling, William Gibson, and John Shirley, each notable for their work in the cyberpunk sub-genre. Gibson, an ex-hippie who had published the ground-breaking Neuromancer in 1984 (the same year the first issue of High Frontiers premiered), particularly resonated with the Mondo style. While Gibson would write about fictional high-tech outsiders who took smart drugs and jacked into cyberspace, the Mondoids were living it.

Mondo 2000 issue 6, featuring cover art by Bart Nagel. Read a selection of Mondo 2000 issues here!

Mondo 2000 embodied the cyberpunk subculture, and often served as the premier source for trends and news within the space. It wasn’t long before the rest of the world was trying to catch up. Sirius was starting to get quoted by mainstream sources like the Boston Globe or the Chicago Tribune who were dipping a toe into the bizarre cyberpunk waters for the first time. If John Shirley is known as being the “godfather of cyberpunk,” Sirius may have entered public eye as the crazy uncle. The Mondo 2000 house was regularly a who’s who of the eclectic Bay Area characters. Aside from Sirius, Queen Mu, St. Jude, and Synergy, regulars included contributors like subscriber-turned-music-editor Jas. Morgan, psychotropic-explorer Morgan Russell, and the drug-loving bankers Gracie and Zarkov.

Much of the content development for new Mondo articles stemmed from outrageous parties thrown at the Mondo house. It wasn’t uncommon for different rooms to be filled with active interviews, parlour games, or conversation between unlikely guests. A virtual reality expert might discuss politics with a smart drug theorist. Timothy Leary could discuss virtual sex with a computer hacker. Someone might suddenly get up to dance or go to the kitchen to try a 2CB analogue mixed with piracetem. As Mondo helped those on the fringe meet the like-minded, the culture only grew and evolved with each new issue. More and more reporters from publications like Newsweek or The New York Times were flocking to Mondo for a controversial opinion or unconventional view of the future. Before long, zine writers and editors like Gareth Branwyn and Mark Frauenfelder of bOING bOING, and Jon Lebkowsky and Paco Nathan of FringeWare Review started contributing to Mondo. Authors like Rudy Rucker, Robert Anton Wilson, and Douglas Rushkoff began submitting work as well. While the Mondo 2000 parties could only exist locally, articles came in from every corner of cyberspace or alternative plane of existence. Mondo had become a hub of interaction for those beneath the underground.

A Little ReWiring

As Mondo 2000 hit its stride, a new publication was just starting to take shape. Years earlier in 1987, Electric Word (originally launched as Language Technology) became a prominent linguistic technology and computer culture magazine in Amsterdam. White it generally focused on linguistic technology, and computer culture, Electric Word featured such pioneers as Xerox PARC’s Alan Kay, AI expert Marvin Minsky, MIT Media Lab founder Nicholas Negroponte, and even Mondo-regular Timothy Leary. After three years the magazine shuttered, leaving editor Louis Rossetto and ad sales director Jane Metcalfe without jobs. Partners in business as well as life, the pair decided to return to the United States and embark on a new magazine about cyberculture and technology. They wanted to call the publication “Millennium” to highlight the new technical revolution, but the name was already taken by a film magazine. John Plunkett, then the creative director, wanted to name it “Digit” (a play on “dig it” and “digital”).Eventually, they settled on Wired and started developing a prototype with a mission to decipher the new digital revolution.

Cover for Language Technology issue 3. Read select issues here!

When Rossetto and Metcalfe arrived in California after shopping the publication around New York, they were soon introduced to the Mondo 2000 team. Things appeared to be friendly enough, and Queen Mu would often visit Wired’s offices and engage Rossetto and Metcalfe in conversation while handing out fresh issues of Mondo. Just starting out, the Wired team did its best to differentiate itself from the madcap, already-successful Mondo 2000. Both the Wired and Mondo groups were well aware of what one another was up to, and there was care taken to not step on any toes. The Wired team didn’t want to compete or be compared, they wanted to come into their own.

Louis Rossetto and Jane Metcalfe, via

Not all was well within Mondo 2000 at the time. As Mondo grew, celebrities were vying to get into the magazine in an attempt to appeal to a more underground audience. When The Edge, guitarist for rock band U2, wanted to be examined for an article, Sirius recruited his friends from the band Negativland to conduct the interview. Negativland, who U2’s management had recently sued for copyright infringement, was a logical choice for Sirius. During the interview, The Edge didn’t know who he was speaking with and mentioned his views on intellectual property. At that point, Sirius revealed the band and trapped The Edge in his own hypocrisy. This resulted in one of the most well-known Mondo 2000 articles, but at the time it was strongly opposed by editor Queen Mu. After she refused the piece, Sirius had reached a tipping point and left Mondo, stepping down from his position as editor-in-chief. While Queen Mu eventually relented and published the article, Sirius never returned to his previous position. While he did eventually come back as a contributor, he also divested his share of ownership in the magazine.

Photograph of the band Negativland.

Too Weird to Live, Too Rare to Die

Though Mondo 2000 may have still been holding on to its popularity, there were increasing struggles to draw in advertisers. Mondo’s strong drug-friendly stance didn’t mix well with button-up businesses that had money to spend on product promotion, and the magazine suffered because of it. There was less cash on the table when writers looked to Mondo as a potential place to submit their articles, and many opted to go with other publications. While some continued to contribute to Mondo out of passion, outfits like the new Wired could afford to pay more per word. Looking back, Mondo was never truly run as a business looking to make as much profit as it could. Instead, it resembled an art project assembled by a hodgepodge of culture jammers and social engineers.

Still riding high in 1992, Mondo published Mondo 2000: A User’s Guide to the New Edge, a book containing 317 pages of compiled articles and artwork from past issues with new content mixed in. In February of 1993, Time magazine featured a “Cyberpunk” cover story, complete with art from Bart Nagel and numerous mentions of Mondo 2000. Cyberpunk had gone mainstream with Time’s article reaching households all throughout the USA. Much like Ron Rosenbaum’s “Secrets of the Little Blue Box” article published in Esquire in 1971, the Time article inspired hordes of new people to invade a subversive subculture. While Mondo received a boost from the story, it might have been a little too much attention.

Time Magazine’s February 1993 issue. Read the story here!

When Wired’s first issue came out in March of 1993, it was largely dismissed by the Mondo crew. In the eyes of many, it watered down the content Mondo was known for and passed itself off as a sub-par imitator. At the end of the day, Wired was appealing to a largely different audience. They didn’t need the hardcore console cowboys or smart drug pioneers to like them, they could get by with weirdo weekend warriors and flirt with the “normal people.” Mondo may have been a bellwether for the digital revolution, but it was on the decline. Many thought it was circling the drain.

Wired Magazine issue 1, March 1993.

Mondo 2000 was able to survive for another five years under the leadership of Queen Mu and her assistant-turned-editor Wes Thomas, ending with issue 14 in 1998. It may not ever be known if Mondo finally closed down due to infighting, failure to rouse advertisers, dilution of cyberpunk culture, or some perfect storm of those factors. Its legacy and influence, however, cannot be questioned.

Mondo 3000

In 2010, R.U. Sirius announced “MONDO 2000: An Open Source History”, a multimedia-driven Kickstarter project that attempts to capture the history and lore of Mondo 2000 — and all of its previous incarnations. Between a web document, a printed book, and video footage (that may ultimately become a documentary), Sirius hopes to save all of the stories, viewpoints, and ephemera that made Mondo what it was. He is currently in contact with past contributors, and continues to work on the project. In line with Mondo 2000’s whimsical nature, Sirius created a project reward that allowed one backer to be written into Mondo 2000’s history. Some of the events surrounding Mondo may not have happened, but all of them are true.

While we may not see a new issue of Mondo 2000 ever again, Sirius is hard at work. Within the last month, he has re-established Mondo’s Twitter presence and created a brand new website at featuring reprinted and expanded articles from Mondo’s past, as well as new content.

For those who remember it, Mondo 2000 is something equal parts special and weird. For many, it changed everything, and then it faded into the ether organically as the world changed around it. Browsing the new site, my mind starts to wander. Maybe there is a void left in the world that could only be filled by Mondo 2000 coming back. Maybe the world needs a “Mondo 3000.”

Somewhere out there, hackers and cyber-mystics are typing away furiously on computers in coffee shops and bus stations, creating new virtual worlds and building communities.

Maybe someone else has already created a Mondo 3000.

Maybe this time I’ll be around to catch it.

Keep your eyes bulged and your cybernetic implants on alert for a follow-up article featuring an interview with R.U. Sirius.


Bypass Your ISP’s DNS & Run A Private OpenNIC Server (2600 Article)

Now that the article has been printed in 2600 magazine, Volume 34, Issue 3 (2017-10-02), I’m able to republish it on the web. The article below is my submission to 2600 with some slight formatting changes and minor edits.

Bypass Your ISP’s DNS & Run A Private OpenNIC Server
By Mike Dank


With recent U.S. legislation regarding Internet privacy, we see another example of control moving away from consumers and towards service providers. Following the news of this change, many have taken a renewed interest in methods that can take back some of the control and privacy that ISPs and other organizations have slowly been chipping away.

One such service that consumers can liberate (and run) for themselves is DNS. The Domain Name System is responsible for retrieving IP addresses (like from domain names (like For a simplified explanation, when you go to visit a website your machine hasn’t seen before, your machine will query a caching server that is usually owned by your ISP or a company like Google or OpenDNS. This server will return the proper IP address, if they have it cached, or query its way along a chain of DNS servers to the authoritative one controlling that domain. Once found, the IP address for the domain entered will trickle back to you and complete the initial request, allowing your machine to resolve it.

Companies that control these services have a direct look into the sites you are trying to visit. You can bet that more than just a few of them are logging queries and using them for marketing purposes or creating profiles based on who is sitting behind the keyboard at the address of origin. However, there are alternative DNS providers out there who can offer more privacy than others are willing to supply.

One such project, OpenNIC, has been operating a network of DNS servers for many years. Unlike traditional DNS providers, OpenNIC provides an alternate root to the ICANN system (which resolves traditional TLDs, top level domains like .com, .net, etc.) while maintaining backwards compatibility with them. Using OpenNIC, you can still resolve all of the same sites, but also get access to those run by OpenNIC operators, with TLDs such as .geek, .pirate, and .bbs. OpenNIC is made up of hobbyists, engineers, and tinkerers who not only want to explore the ins and outs of DNS, but also offer enhanced privacy and free domain registration for TLDs within their root! You may see OpenNIC as just-another-organization to query, but many operators are privacy-oriented, running their own servers devoid of logging and/or in countries that don’t poke around in your network traffic.

Aside from using an official OpenNIC DNS server to query your home traffic against directly, you can also set one up yourself. Using a modest VPS (512MB of RAM, 4GB of disk) hosted somewhere outside of the US (or the 14-eyes jurisdiction, if you prefer), you can subvert organizations who may be nefariously gathering information from your queries. While your server will still ultimately connect upstream to an OpenNIC server, any clients at home or on the go never will — they will only directly query your new DNS server directly.

Installation & Configuration

Setting up a DNS server is relatively easy to do with just a basic understanding of the shell. I’m running a Debian system, so some of the configuration may be different depending on the distribution you are running. Additionally, the steps below are for configuring a BIND server. There are many different DNS server packages out there to choose from, though BIND is arguably the most widespread on GNU/Linux hosts.

After logging into our server we will first want to switch to the root account to configure BIND.

$ su -

Next, we will install bind9 and DNS utilities using the package manager. This will automatically configure a (non-publicly accessible) DNS server for us to work with and various DNS tools that will aid in setting up the server (specifically, dig).

$ apt-get install bind9 dnsutils -y

Now, we will pull down the OpenNIC root hints file for BIND to use. The root hints file simply contains information about OpenNIC’s root DNS servers that control the alternative TLDs OpenNIC has to offer (as well as provide backwards compatibility to ICANN domains). On Debian, we save this information to ‘/etc/bind/db.root’ for BIND to access.

$ dig . NS @ > /etc/bind/db.root

While the root hints information does not change often, new TLDs can be added to OpenNIC periodically. We will set up a cron job that updates this file once a month (you can specify this to be more frequent is you wish) at 12:00AM on the first of the month. Let’s edit the crontab to add this recurring job.

$ crontab -e

At the bottom of the file, paste the following and save, activating our job.

0 0 1 * * /usr/bin/dig . NS @ > /etc/bind/db.root

Next, we will want to make some changes to the BIND configuration files. Specifically, we will allow recursive queries (so our BIND installation can query the OpenNIC root servers), enable DNSSEC validation (to verify integrity of DNS data on query to OpenNIC servers), and whitelist our client’s IP address. Edit ‘/etc/bind/named.conf.options’ and replace the contents with the following options block, making any edits as needed to specify a client’s IP address.

options {        
    directory "/var/cache/bind";

    //Allow localhost and a client IP of        
    allow-query { localhost;; };        
    recursion yes;

    dnssec-enable yes;        
    dnssec-validation yes;        
    dnssec-lookaside auto;

    auth-nxdomain no;    # conform to RFC1035        
    listen-on-v6 { any; };  //Only use if your server has an ipv6 iface! 

Now, we will also change the logging configuration so that no logs are kept for any queries to our server. This is beneficial in that we know our own queries will never be logged on our server (as well as queries from anyone else we might authorize to use our server at a later date) for any reason. To make this change, edit ‘/etc/bind/named.conf’ and add the following logging block to the bottom of the file.

logging {
    category default { null; };

Finally, restart BIND so it can use our new configuration.

$ /etc/init.d/bind9 restart

Now, make sure that our server is using itself for DNS by checking the ‘/etc/resolv.conf’ file. If it doesn’t exist already, place the following line above any other lines starting with “nameserver”.


Testing resolution of both OpenNIC and ICANN TLDs can be done with a few simple ping commands.

$ ping -c4 
$ ping -c4 opennic.glue

Conclusion & Next Steps

Now that the server is in place, you are free to configure your client machine(s), home router, etc. to make use of the new DNS server. Provided you have port 53 open for both UDP and TCP on the server’s firewall, you should be able to add a similar ‘nameserver’ line to the ‘/etc/resolv.conf’ file (as seen in the previous section) on any authorized client machine, using the server’s external IP address instead of the loopback ‘’ address.
Instructions for DNS configuration on many different operating systems and devices are readily available from a myriad of sources online if you aren’t using a Linux-based client machine. Upon successful configuration, your client should be able to execute the two ping commands in the previous section, verifying a proper setup!

As always, be sure to take precautions and secure your server if you have not done so already. With a functioning DNS server now configured, this project could be expanded upon (as a follow-up exercise/article) by implementing a tool such as DNSCrypt to authenticate and secure your DNS traffic.



Recollecting The Future— An Omni Retrospective

This article was originally written for and published at Neon Dystopia on June 28th, 2017. It has been posted here for safe keeping.

The first time I read anything out of Omni, I probably had a completely different experience than you did. The original run of Omni, the iconic science and science fiction magazine, ran in print from 1978 to 1995, ending when I was just four years old. The first time I eyed the pages was maybe only five years ago — on my computer screen, with issues batch-downloaded from the Internet Archive back when you could find them there. While I didn’t get that feeling that comes with curling, sticky-with-ink pages between my fingers, or the experience of artificial light reflecting off of the glossy artwork and into my retinas, I was able to ingest the rich content all the same. While there is something sterile and antiseptic about reading magazine scans from a computer, there is more to say about reading Omni, in particular, this way; what the readers have been dreaming about since the publication’s inception has become reality. I have a whole archive of Omni issues that I can take with me everywhere in my pocket. To reference an oft-used quote from Ben Bova, previous editor of Omni, “Omni is not a science magazine. It is a magazine about the future.” The future is now, and maybe some things did end up changing for the better.

The iconic Omni logo.

Omni (commonly stylized as OMNI) got its start in a rather interesting way back in the late 1970s. Publisher Kathy Keeton, who had previously founded Viva (1973), an adult magazine aimed at women, and held a high-ranking position at the parent company for Penthouse (1965), proposed an idea for a new type of scientific magazine to Penthouse founder and her future husband, Bob Guccione. Keeton and Guccione would develop the concept of a magazine focusing on science, science fiction, fantasy, parapsychology, and the paranormal. It was a departure from both the over-the-top, pulp science fiction magazines of the 1940s and stiff academic scientific journals of the time aimed at pipe-smoking professionals in three-piece suits. Omni was aimed more at the layperson in that its content was accessible yet serious — they bought into their own brand and expected you to as well.

Guccione and Keeton, image via

A strange departure from the pornographic roots of both Keeton and Guccione, Omni was a completely new beast, eccentric and untried. While other science publications looked to ground their content in what was concrete, Omnifocused on the future with wonder and a sense of possibility. An issue may contain irreverent, gonzo articles about alien abductions, chemical synthesis of food, what personality traits should be given to robots, thoughts on becoming a cyborg, or the computer-centric musings of lunatic/genius Ted Nelson. You could find articles on drugs back-to-back with discussions of high-tech surgical procedures or homebrew aeronautics. No topic was off limits, and with decent rates for writers, the weird had a chance to turn pro. Whether it was intentional or not, Omni adopted a laid-back, transgressive west coast culture that praised the strange and favored the “out there.”  For a lot of readers in the late 1970’s, this was the only place to get this type of content. People couldn’t pull out a cell phone and hop online to get the vast swathes of information that we can now – there was an ever-present undertone of information isolation, and Omni filled the void.

Omni‘s premier issue, October 1978.

While the magazine was well known for its articles and comprehensive interviews with the scientific elite such as Future Shock (1970) author Alvin Toffler or astrophysicist Carl Sagan, the most flirtatious quality of Omni was its illustrations. Slick and glossy, Omni never failed to draw a shy eye from a newsstand with bright colors and airbrushed art of feminine androids or lush mindscapes in high contrast. Many notable artists contributed their work to Omni, including John Berkey, H.R. Giger, and De Es Schwertberger. For each issue, the gold-chain-wearing Guccione would be said to personally pick the featured art; each image was part of what he wanted to convey with the magazine, and it might be more than a coincidence that many of the covers featured women. Omni wasn’t the only publication of the time with intricate cover art, as Heavy Metal (1977) featured similarly detailed depictions, and even shared some of the same artists. Where Omni really set itself apart from others was through the use of artwork throughout the periodical as a whole. With sprawling, multi-page illustrations, the art didn’t take a backseat to the articles. Just flipping through, someone might think that they had picked up an art magazine; Omni was never one to skimp on the visuals.

H.R. Giger’s Dune concept art would grace the cover of Omni‘s November 1978 issue.

Above all of the articles and artwork, Omni may have been most celebrated for its short fiction. At its inception, nobody really knew how to react to Omni’s foray into the science fiction ecosphere. The SF community was tight-knit and amiable, but it wasn’t exactly used to sleek publications from groups that had no background in the subject showing up suddenly in bookstores and comic shops. Keeton and Guccione did their homework and hired notable editors, Ellen Datlow and Ben Bova (a six-time Hugo Award winner during tenure as editor of Analog Magazine (1930)), to seek out content for publishing. Like Bova, Datlow was a fan of the genre herself and wasn’t afraid to push the envelope when it came to buying far-out fiction. The magazine came to showcase science fiction for science fiction fans, and didn’t subdue or water down the content for the sake of a broader audience – the bottom line was never sacrificed. With contributors like Robert Heinlein, Orson Scott Card, Isaac Asimov, William Gibson, Bruce Sterling, George R.R. Martin, and William S. Burroughs, there were not only excerpts from larger works but complete short stories introduced to the world for the first time. William Gibson notably published “Burning Chrome” (1982), “New Rose Hotel” (1984), and “Johnny Mnemonic” (1981) through Omni, creating the foundation for the Sprawl that would later host some of his most celebrated novels: Neuromancer (1984), Count Zero (1986), and Mona Lisa Overdrive (1988). Omni helped launch the careers of many science fiction authors, and fostered exposure for countless others over its near three-decade reign.

The first page of William Gibson’s “Burning Chrome,” featured in Omni‘s July 1982 issue.

Omni thrived for many years as it continued to dazzle readers with exciting and thought-provoking composition. Eventually, Omni would get its own short-lived television show, Omni: The New Frontier (1981), a webzine on Compuserve, and six international editions with varied amounts of both reprinted and original articles. Later in the publication’s life, the articles took a more paranormal slant that left many fans and contributors wondering about the magazine’s direction. Keeton and Guccione had always held a lot of interest in the paranormal and found a kindred spirit in their editor-in-chief, Keith Ferrell, who took up the position in Omni’s twilight years. While Ferrell wanted to shift Omni’s focus towards the vetting of the unexplained, the magazine couldn’t sustain itself for much longer. Omni published its last print issue in the Winter of 1995, citing rising production costs. At the time, Omni had a circulation of 700,000 subscribers, many of whom were left high and dry if they hadn’t already abandoned the publication with the recent shift in focus. While it is unknown whether or not production costs were to blame for Omni’s demise, many surmise Guccione’s strategy of funding Omni via Penthouse’s profits was starting to fall apart. While free Internet pornography flourished in the 1990’s, it put the older print industry in jeopardy. The ship was sinking, and something would need to be thrown overboard before the situation would get any better for the Penthouse empire.

“Some of Us May Never Die,” article by Kathleen Stein, October 1978.

Omni did not disappear completely, and successfully transitioned into an online-only magazine dubbed Omni Internet in 1996. At the time, there were few examples of magazines who could make the jump to digital. Omni embraced the new format which allowed them to play with how content was structured and draw in fans with interactive chat sessions. While a conventional magazine could only be published once a month, Omni could now report on scientific news as it happened, setting a standard in web-based journalism that we still see today. This was a “blog” before Jon Barger coined the term the following year, and it holds a spot as an early example of the format. In 1997, Kathy Keeton died due to complications from surgery and Omni closed down completely just six months later. While Omni was the brainchild of both Keeton and Guccione, Keeton had always been the main driving force that held all of the moving parts together. The publication that always promised to bring the future would now become static, slowly fading into the past with each passing year. While no new content was published, the site remained online until 2003, when Guccione’s publishers filed for bankruptcy.

AOL welcomes you to Omni Online, one of Omni‘s first forays into the web. Image via

While Omni may have ceased production, its strong legacy cannot be questioned. While fans wax rhapsodic about the old days, there are plenty of remnants left over that have diffused the iconic Omni spirit to new generations. Wired (1993) owes just as much to Omni as it does its precursor, Language Technology (1986), as well as Mondo 2000 (1989), bOING bOING (1988), and Whole Earth Review (1985). While Wired didn’t rely on science fiction, it still yearned for a techno-utopian future and even hired on some Omni expatriate short fiction writers to become reporters for the new digital revolution. Later in 2005, a much-unknown was launched, claiming to be cared for by former staff and contributors of Omni, including Ellen Datlow, the fiction editor who worked at Omni for nearly its entire run. In 2008, the website io9 was created by Gawker Media (Later a property of Gizmodo) specifically to cover science and science fiction, just as Omni had done decades before. io9’s slogan, “We come from the future,” echoes Ben Bova’s Omni quote, and helps cultivate an image of the site as a spiritual successor.

Wired issue #1 from March, 1993. The cover features an article by science fiction writer and Omni contributor Bruce Sterling.

In 2010, Bob Guccione passed away at the age of 79 following a battle with lung cancer. While Guccione’s death didn’t immediately influence the future of Omni, it set off an interesting chain of events that would ultimately lead to a rebirth of the publication. In 2012, businessman Jeremy Frommer bought a series of storage lockers in Arizona, one of which happened to contain a large amount of Guccione’s estate. Frommer was enamored by his discovery and immediately fell down the strange and multifaceted rabbit hole of Guccione’s mind. With the help of his childhood friend, producer Rick Schwartz, Frommer started building The Guccione Archive in a nondescript New Jersey building. Out of the entirety of Guccione’s life work, Frommer became fixated on Omni and explored the collection of production materials, pictures, 35-mm slides, and original notes generated from the life of the magazine. It wasn’t long before he brought in others to sort the collection and track down original artwork used for Omni that he could purchase and add to the archive. For Frommer, it became a passion to create the most complete collection of Omni-related materials, and he had to get his hands on every bit he could find.

Artwork like this Di Maccio piece showcasing”Psychic Warriors,” by Ronald M. McRae was being tracked down to add to the archive.

Organically, Frommer came to the conclusion that he needed to take the next logical step: he needed to reboot the magazine. When Claire Evans, pop singer and editor of Vice Media’s Motherboard blog, met with Frommer to cover the Omni collection, she was asked if she would be interested in working on a new Omni incarnation. In August 2013, Evans was named editor-in-chief of Omni Reboot and got to work. The new publication was off to a strong start as Evans was able to get submissions and interviews from former Omni alumni and science fiction icons like Ben Bova, Rudy Rucker, and Bruce Sterling. Free scans of Omni back issues were made available at the Internet Archive, and the blood once again flowed through Omni’s withered veins. Nostalgia was in full force as people rediscovered their favorite article or got caught up in the whole journey of the reboot. Quickly though, criticism came in about the quality of the content and what would become of the Omni legacy under the new owners. Not everyone thought the magazine should be rebooted.

An Excerpt from “Hi Everyone. Welcome to the New Omni,” by Claire Evans served as the introductory article to Omni Reboot (August 2013).

While Omni Reboot still conformed to the science and science fiction roots of the original, it did so with a higher dose of cynicism than even the original obtained. When the old fantasies of science and technology started to become reality, it was only natural for people to consider how the world around them could grow to bite its master and send civilization into a negative spiral. In many cases, it already had. In contrast, the zeitgeist 40 years ago slanted more towards the hopeful idyllic; people used to have conversations about how an advancement would influence mankind and drive the world ahead. That’s not to say everything back then was so hunky dory – we always see the past through rose-colored colored glasses, smoothing over the corruptions and jagged edges in our memories. While the world aged and evolved, so did opinions towards its technocentric trajectory. Etherealism was no longer en vogue.

As the reboot grew it started to come under fire from authors as it was discovered that submitted work would become owned by Jerrick Media, Omni Reboot’s new parent, for a year after publication. Further fueling controversy, the back issues of Omni on the Internet Archive were removed in 2015, much to the disappointment of readers. In 2016, Jerrick Media released Vocal, a publishing platform for freelance writers to make money based on article views. Omni Reboot(now just Omni) was re-purposed as one of Vocal’s verticals, serving as an interface for science and science fiction related submissions from the Vocal content network. Browsing Omni now, there is an overwhelming, uneasy feeling of quantity over quality. A name that once stood proudly and represented a home for the weird and futuristic had become just a limb on a larger, alien body.

Omni’s current homepage, via

A few weeks ago in May of 2017, we got another chance to relive the rich history of Omni as back issues became available once again. Unlike the older Internet Archive scans, these new transfers are in high resolution, with each and every issue accounted for. Also unlike the older transfers, each issue costs $2.99 for a digital copy, though they are free if you happen to be a Kindle Unlimited subscriber. While it’s bittersweet that these issues are now available for pay, profits from their sales are going to a good cause. Omni announced a partnership with the Museum of Science Fiction who receive a portion of the revenue from each purchase.

Cover of Omni‘s February 1987 issue. Just one of many back issues that are now available for purchase.

While Omni has changed many times over the years, it is still remembered as that wondrous and weird, crazy and cool publication delivered to mailboxes month after month. Omni worked best because it didn’t try to fit into an existing space, it pioneered its own; It became a destination that amalgamated the new, the scary, and the unknown. In the true Omnispirit, we have no idea what is coming for the publication as the clock ticks ahead. Will it thrive and continue on, or become another ghost in the machine, slowly obsolescing.

The future is ahead of us, and for now, we can only look to it with hope and wonder.

We can only look to it just like Omni would want us to.


‘More Than Just A Game’– Brainscan Review

This article was originally written for and published at Neon Dystopia on May 22nd, 2017. It has been posted here for safe keeping.

In the mid-1990’s, we saw cinema saturated with cyberpunk movies. Some became staples of the genre, while others simply faded into obscurity. Brainscan (1995) combines elements of cyberpunk and horror, to create a unique story about a video game gone wrong. While not a particularly successful film, Brainscan turns out to be an interesting extension to the classic “killer computer” trope. At a time when owning a computer has become normal for your average household, it’s easy to ponder how things could go wrong, especially in the style of a Twilight Zone fever dream.

Upon watching, Brainscan instantly makes you feel uneasy with its instrumental score, and it is something you will notice over the course of the entire film. The electronic music quickly fills any scene with dread, reminiscent of 1978’s “Halloween Theme Main Title” (from the film of the same name) by John Carpenter. Coupled with a dark color palette, the mood is set and unchanging. While the film definitely exhibits a horror-themed, fanciful atmosphere, make no mistake about its ties to the cyberpunk aesthetic. Technology, and our inherent fear in embracing it (as a species), sits center stage for the full run of the story. Likely influenced by publications of the time such as Mondo 2000, we get a taste of the cyberdelic lunatic fringe.

When our protagonist Michael (Edward Furlong) is told about a horror-filled video game that interfaces with a player’s subconscious, he’s eager to call up the phone number printed in a Fangoria advertisement to place an order. His appetite for blood and gore is insatiable, but the game isn’t what he bargained for. Furlong gives an excellent performance, tapping into some of the same themes exhibited by his Terminator 2 character, John Connor, a few years earlier. Michael himself easily fills the role of the smart high school student. He has a voice-controlled computer, Igor, which he primarily uses to place and take phone calls. Red-light-drenched computer hardware spans a large section of his attic bedroom, including an interface to his video camera which he uses to spy on the neighbor-cum-love-interest, Kimberly (Amy Hargreaves). You may call him an introvert, or a misfit — he has few friends and even less family but seems close to his best friend, Kyle (Jamie Marsh).

The bedroom of my teenage dreams.

Upon calling Brainscan, Michael is told about the innovative, fully-customized game and gets electrically shocked before the mysterious voice on the other end of the line tells him that his game has been decided and the first disc will be mailed to him. At this point, I liken Michael to transgressive characters of other films, such as Thomas Anderson / Neo of The Matrix (1999) or David Lightman of WarGames (1984), who transcend connotations of the 1950’s idyllic and its three-piece psychology. In fact, I’d stress that there are a lot of parallels between this film and WarGames — the technophile wiz-kid finds a mysterious phone number which ultimately wreaks havoc on his life. When the first Brainscan disc shows up in the mail, things take a dark turn when Michael boots it up and is instantly transported into the game, seemingly immersed by the “subconscious interface” which creates something akin to an out-of-body experience. In a first-person view, Michael is instructed by a methodical, disembodied voice to commit a murder, which he dutifully complies with. When Michael sees the news the following day, he quickly realizes that the murder was real. The virtual reality has leaked over into the natural world, and the line between them starts to become fuzzy.

The first disc arrives.

At this point, Michael gets a visit from the Trickster (T. Ryder Smith), who materializes out of thin air in his bedroom. Trickster, resembling an undead hard rock front-man, seems to know everything about Brainscan and urges Michael to keep playing until he completes the entire game. If Michael has been a middling character up until now, toeing the line between a rebel and a complaisant, we see him reevaluate his morality as the Trickster begins to impose more and more chaos in Michael’s life. Michael isn’t only pitted against Trickster, but the game itself which Trickster seems to be connected to. He’s lashing out against the technology that has betrayed him but is helpless in combating it.

The Trickster will threaten you with a CD.

*Spoilers Ahead*

Michael is worried about getting caught and reluctantly agrees to keep playing Brainscan in order to tie up any loose ends that may implicate him in his crime. Feeling like he has no other options, Michael continues to kill before standing up to Trickster and refusing to commit a final act. Disappointed by Michael’s act of defiance, Trickster allows the police to shoot and kill Michael. Michael has finally broken out from the game and immediately wakes up in his chair just as he did after playing for the first time. The whole experience was just part of the game, and none of it actually took place. Realizing this, Michael completely destroys all of his computer equipment, symbolically freeing himself of his technological imperative and escapist tendencies.

Complete destruction.

While Brainscan doesn’t incorporate many cyberpunk visuals, it certainly captures the essence of cyberpunk itself. Much like Black Mirror’s “Playtest” episode, we see a main character who seems to detach from reality and chooses to escape into technology to chase a high that he cannot derive from the physical world. While Michael may not fit seamlessly into a generation of young adults who have complete access to information and media, he exhibits traits that make him susceptible to escapist behavior and the dangers that go with it. Exploring his infatuation with high-tech entertainment, we become aware of what can happen when fantasies overlap with reality. Can we expect similar real-world stories to come forward as virtual reality worlds become more immersive and realistic? Maybe we don’t even have to go that far. Is it a stretch to consider that players of conventional video games have difficulty disassociating with them after putting down the controller? Little stops these experiences from bleeding over into our day-to-day lives, especially for the self-actualizing who may be hesitant or unable to make the distinction.

Are you ready to play?

While the premise of Brainscan certainly fits within the cyberpunk genre, the film is not without its shortcomings. Furlong and Smith give notable performances, though the supporting characters are more one-dimensional. At 22 years old, the physical technology we see is laughably dated at times, despite the topical concerns brought up by the story. Brainscan would never win any awards, but it’s a fun guilty pleasure that you want to keep watching. Just make sure you don’t order any video games out of a magazine anytime soon.

Brainscan – 6/10