/os/ - Online Security

News, techniques and methods for computer network security.


New Reply on thread #1145
X
Max 20 files0 B total
[New Reply]

[Index] [Catalog] [Banners] [Logs]
Posting mode: Reply [Return]


Anonymity can be achieved by going to different public buildings that you can access telephone jacks in, (unseen and unrecorded by camera). Wear a wig and sunglasses when you go there and then put on a ski mask before you enter the building (preferably at night time). The BBS server software should accept anonymous postings and anonymous logins.   Security can be achieved by writing the BBS server and client software to implement some type of TLS connection and transmission communications scheme.  Finally you should be able to use this system to publicly post pgp/gpg encrypted messages on the bulletin board, where you pre-share signed keys by hand with local recipients, and leave the messages for the pseudonym of your recipient to flag the message for the person who should copy it and decrypt it ( on their air gap after copying it to a floppy and shuttling it over to their air gap decryption station).    

Every city in North America should have 10-30 of these encrypted telephone BBS's running, and the whole mass surveillance problem will fall apart.  Also you can setup telephone peer to peer encrypted communications from 8 bit computer to 8 bit computer, and skip the public posting part and have authentication to post on your machine and exchange the pgp messages that way.  So I email my friend encrypted over the telephone network dumb machine to dumb machine and leave a message (So what if it's recorded, ooooooh you know that I called my friend from school in town, good for you, but its encrypted so unless he's a rat you don't know what we talked about, and when the machine is power cycled, its gone off of the dumb machine, wiped from memory, poof, gone).
I think this is top priority. The people with the skills to revive this and modernize BBS client and server software with modern crypto should get working on it ASAP.   I shouldn't need to run UNIX or GNU or anything else to send someone in my city an encrypted message, you didn't in the 70s and 80s and you don't now.  Someone please make this happen (create the software and hardware platforms) and post detailed instructions on how to set the servers and clients up.  Forget GNU, forget Tor, what I'm describing is the actual solution to the problem. Everything else is smoke and mirrors bullshit.  It existed in the past it will exist again but this time better and more secure.    

Of course international communications is another story and GNU and Tor is the best we have for that right now.  But get the dumb machine to interface with SOCKS5 on Ethernet and we're in business (Tor Proxy).  I anticipate that there will be an Ethernet module published for the RC 2014 within the next 3 years. There are already Ethernet modules for the Commodore 64 and other units. Forget TAILS, this approach is the answer. A text based HTML 1.0 Client connecting by SOCKS 5 on a dumb 8-bit machine to a Tor Proxy on LAN running on a minimal GNU or OpenBSD server on non X86 hardware.  Then specialized Shit posting Text only boards that are onion hosted can be created for posting to.  That's pretty much the end of the line.
Nobody really gets in trouble for reading wrong think if done discretely.  People get in trouble for posting or voicing wrong think in "public" and then getting their real life identities associated / attributed with the wrong think that they've posted or said vocally.  

The consequences can range from public shunning and community ostracism, to loosing your job, to being blacklisted from your career and industry, to being publicly harassed, to being violently attacked, to being murdered or assassinated.  And I'm not talking about communist China here, I'm talking about America. 

And then there are people who get in trouble for reading the wrong information (Knowing too much), reading classified documents, learning the truth about events (9/11, moon landing, insert conspiracy theory) etc. 

I'm not really concerned with that case.  Most regular people just want to be able to engage in open debate (anonymous or not) on the internet about the taboo subjects (Politics, Religion, Sex, whatever) without loosing their fucking job or being black balled from their careers.  For me I just want to read the news, watch some Youtube videos and occasionally post and debate in forums anonymously without backlash or negative repercussions.  We don't live in a free society or in a free country, we've been lied to.
I'm using Hyperbola now on OpenRC.  The packages are old and a lot of stuff doesn't work like mpv. So i'm done with endstream development until it works again, I'll either build it from source or wait for the package updates.  

When I tried to install parabola base-openrc and it kept trying to pull in systemd as a dependency no matter what I did.  Weird. I wiped the partitions and then used the parabola openrc disk to migrate to Hyperbola. Hyperbola seems OK, but the packages aren't as fresh, and some things don't work properly.  I can't use links2 right now either because of some missing libraries or something.   Whatever. 

I tried installing Gentoo briefly when parabola failed.  I got it to book off of LUKS on LVM, but then the kernel I compiled with make menuconfig, and then with genkernel, but the init sequence kept halting half way down the OpenRC boot sequence.   I resynced and then recompiled,  # emerge --ask @world and waited for 3 hours for it to finish then tried again, same stuff, non bootable kernel.  I gave up after 16 hours of compiling, wiped everything and now I'm on Hyperbola. Gentoo Fail. I hate computers.
 >>/1272/
I use Artix Linux these days. Yeah it's not full on 100% free software, but I had to use that on my new desktop while my librebooted X200 rots away due to its incredibly terrible battery life and general overheating issues that I always have with any old laptop. I probably have to wait another decade before I get an actually competent laptop, while I've heard some shit against the Purism team in sending out the wrong older gen laptop models than what was paid which I'm really fine with a 99% free corebooted laptop with modern specs but currently totally unaffordable.
 >>/1273/
I just tried Artix. xorg would start and then freeze with no keyboard or mouse input. Also I had to manually modprobe my network driver to get internet to start.   Seems like it will be good in the future, but didn't work for me out of the box.  Thanks for the tip.  

I wiped that partition then attempted an Alpine linux install on encrypted lvm.  I got it installed and booting, internet works, but my video card driver doesn't put a /dev/dri/card0 into the devices so Xorg won't start. apk is a fast  package manager, packages are limited.  No tor or torsocks, so I tried to manually compile these. torsocks compiled but there were missing libraries that prevented tor from compiling or getting past ./configure.   Also several things had to be linked manually.  I tried to use modprobe and it didn't work so I had to make a soft link to uname -r in the kernel modules directory, the package manager had a hiccup so I had to delete and remake a directory in /var/cache/apk, and other small annoying things. For instance not knowing how to add a user since useradd and usermod groupadd aren't there, so busybox has adduser and addgroup instead.  Took me an hour just to figure that out. 

I have /boot unencrypted and two lvm partitions that are encrypted with volumes for /root /usr /var /swap and /home.     
My second encrypted partition boots to hyperbola which is familiar enough for me to keep using minus some missing applications and missing libraries causing unexpected behavior.  mpv and endstream are working again.  I noticed that endnode wasn't working out of the box on Alpine, I fixed it on that partition and I'll upload the changed file to github later.  

I put Alpine on the first encrypted lvm partition after failing with Artix.   I used these as a guide after setting up the luks encrypted lvm the usual way:

https://wiki.alpinelinux.org/wiki/Installing_Alpine_Linux_in_a_chroot

https://wiki.alpinelinux.org/wiki/Setting_up_a_laptop

https://wiki.alpinelinux.org/wiki/Alpine_setup_scripts#setup-xorg-base

It took me a day of tinkering to get it to be usable in the command line (tmux, links, torsocks, geoiplookup ...) , but I couldn't get xorg to start due to a missing kernel driver or some kind of problem with the kernel not creating a /dev/dri/card0 for the display driver.   My impression is that it's not ready for prime time yet.  I'm going to keep looking.  I might try Slackware next, that seems like a safe bet.
I think I'm going to go with this configuration: 

Hyperbola/GNU/linux-libre-lts/OpenRC/ base + xorg-server + Guix  for packages

I think that's as GNU as it gets right now. 

https://www.gnu.org/software/guix/download/

https://www.gnu.org/software/guix/manual/en/html_node/Binary-Installation.html

## The only thing with the manual is that you need to download the current binaries and signatures and 
## apply the steps to those files.  You may have to download the signing key manually if gpg fails. 

That way I can boot into my encrypted LVM, with the linux-libre-lts kernel, and then pull new packages from the guix repository.  I've got the guix-daemon installed on my experimental partition this way, and installed zsh from the guix repository to test it (seems to be working). I may have to change the partition sizes to make more room for the guix packages in /var.  Most of this goes into /var/ and /gnu/ , so I might have to make /var a slightly larger partition to accommodate.

If someone could make a portable version of emerge from Gentoo and have it operate like guix in it's own profile space then that would be the final frontier.  Then you could set priority from where you launch your binaries in the $PATH variable or someone could dream up a more advanced scheme setting priority to emerge compiled binaries over guix over base from pacman or the other way around.
$ lsblk 

NAME               MAJ:MIN RM   SIZE    RO TYPE  MOUNTPOINT
sda                     8:0    0 223.6G  0 disk  
| -sda1                 8:1    0     2M  0 part  
| -sda2                 8:2    0     1G  0 part  /boot
| -sda3                 8:3    0  99.6G  0 part  
|  `-lvm              254:0    0  99.6G  0 crypt  
|      |-vg01-swapvol 254:1    0   500M  0 lvm   [SWAP]
|      |-vg01-rootvol 254:2    0     5G  0 lvm   /
|      |-vg01-usrvol  254:3    0    10G  0 lvm   /usr
|      |-vg01-gnuvol  254:4    0    20G  0 lvm   /gnu
|      |-vg01-varvol  254:5    0    10G  0 lvm   /var
|      `-vg01-homevol 254:6    0  54.1G  0 lvm   /home

$ df -h 

Filesystem                Size  Used Avail Use% Mounted on
/dev/sda2                1022M   59M  964M   6% /boot
/dev/mapper/vg01-rootvol  4.9G  219M  4.4G   5% /
/dev/mapper/vg01-usrvol   9.8G  1.9G  7.5G  20% /usr
/dev/mapper/vg01-varvol   9.8G  505M  8.8G   6% /var
/dev/mapper/vg01-gnuvol    20G  5.9G   13G  32% /gnu

The /gnu is filling up the fastest from installing packages from guix.   I might need to make this partition bigger. Just a heads up if you attempt to use guix.  Guix is very slow as a package manager, much much slower than pacman.   I've installed leafpad, emacs, vim and other stuff, the GUI applications seem to be working in X11.  

Installation:
$ guix package -i vim 
Search:
$ guix package -s vim
Remove:
$ guix package -r vim
Upgrade:
$ guix package -u
Update:
$ guix pull --verbose

I think I'll play around with this setup for a while.  I tried to install hurd but it didn't take. Maybe they'll write a tutorial on how to compile the hurd kernel and an initramfs, link a tutorial/walk-through for hurd if you know where one is...
I have used proxychains with 2 config files so that you can rotate proxies and still use tor. You cant use the random_chain option with 127.0.0.1:9050 because it fucks up the chain of obfuscation. One request could start with a proxy as the first hop and tor on the second. The next request would be tor then a proxy. So that would indicate the proxy with the exit node and then you would directly connect to the proxy that is tied to the exit node and that would defeat the purpose of using tor.
Now if you use 2 config options. 
like proxychains -f config1.config proxychains -f config2.config midori (its an example don't use midori for this)


That way you can utilize the random_chain option while also having a chain of proxies randomly rotating with every request on top of tor. Don't expect to hack the gibson or anything but its defiantly a good delusion when making dank controversial memes. I aint hidin i'm glidin' on ssl and socks.

The only thing wrong with this method is that you can't see the output so its like its running on quit mode but i think the program is ethercap or ettercap you can visualize if its working in that program.
 >>/1280/
sorry for doubleposting. I pressed reply twice when the first one had a connection failed message.latency is also another issue make sure the proxies are relitivly fast the chain is only as fast as the slowest hop.
 >>/1280/
 >>/1282/
make sure the first config strict_chain with tor in the chain. the second config use random_chain.

You could even use proxychains and proxychains-ng instead of multipal configs with proxychains

I am afraid to mess with the default dns and local adress range setting in proxychains-ng but i am sure there could be some hardining there.
 >>/1277/
Why not just use GuixSD by itself?

I once used Debian GNU/hurd, it used pulseaudio and had lots of problems, many things didn't work, That was like 4 years ago or something, maybe they got their shit together via Guix development that closes the gap between user and dev even more.
 >>/1285/

https://www.gnu.org/software/guix/manual/en/html_node/Limitations.html#Limitations

Support for the Logical Volume Manager (LVM) is missing. 

No luks on lvm. When they get that going, and write a tutorial, (their instructions are very good), then I'll try it out. 

Right now it's a simple side step to work the way that I'm used to. Lot's of good packages to check out.

This is just for playing around in, I'll mess it up, find out how much space I need for /gnu and then wipe and reinstall.
BBS Software
Server

Synchronet
http://www.syncro.net

Mystic BBS
http://mysticbbs.com/
http://mysticbbs.com/downloads.html

Client'

PuTTY
https://putty.org/
syncterm
http://syncterm.net 
NetRunner
http://mysticbbs.com/downloads.html

 Modem Information 

https://en.wikipedia.org/wiki/Hayes_command_set
https://en.wikipedia.org/wiki/USRobotics
https://www.usr.com/usr-root/products/56k-dialup-modem/

http://tldp.yolinux.com/HOWTO/Modem-HOWTO.html
http://tldp.yolinux.com/HOWTO/Serial-HOWTO.html
http://tldp.yolinux.com/HOWTO/ISP-Hookup-HOWTO.html
http://tldp.yolinux.com/HOWTO/PPP-HOWTO.html

$ man pppd
 >>/1288/

I'm suggesting that someone with the technical ability and know how should take and modify synchronet and syncterm so that after the initial dial up connection they perform a handshake and perform a key exchange and then the remainder of the session is encrypted (TLS).  The keys can be public keys generated by gnupg, openssl, gnutls or libressl.
I'm interested in protecting people who know each other in real life, and giving them a local telephone access method of communicating by BBS posting from random locations within a local area code (city) with telephone jacks. And also allowing for local public discourse on a local telephone BBS.  I don't want to or need to talk to someone from a foreign country about domestic politics, or about cooking recipes, or what good restaurants there are in the city to visit. 

The goal isn't to protect the location of the telephone BBS server, but to allow for local client users to access the BBS server quickly, encrypted, anonymously (no login identity), possibly with a universal password for users of the service (darknet), with access only from local area code numbers from anywhere in the city. 

The clients gain anonymity ( aside from stylometric issues) from posting from telephone jacks that are not connected to their residential or employment locations.  And by cycling locations around the city and possibly not reusing the same locations more than once or twice in a year.  Pseudo anonymity will be gained by using a code word / call sign / pseudonym and posting pgp /gpg encrypted messages in threads dedicated to encrypted messaging,  Post for Coolcat235 : qPgTnOxWiUIL+PFl4NFnUWLWM5ZVzX4oziQJEsxgodaigol908HXTvHS2MZzS/QevFq9BGmxFPQQ and so on.  The users that know each other in real life can pre-share a signed symmetric Key (AES) , or sign each other's RSA keys for use with gnu privacy guard.
Broadband internet can be shut off during a time of crisis, local telephone network will be robust unless there is a calamity (Tsunami , Hiroshima , etc ).   

This method of anonymity for the clients is pretty much opsec dependent, but if done correctly would be perfect anonymity.  

Tor's model of anonymity depends on Weak-crypto, Muh 3 hops onion, FireFox, Browser Plugins, Windows, MacOS, GNU, Systemd,  binary packages, trusting this entire ecosystem of garbage, and tricking you into doing all of this from your workplace or home residence, where a single IP leak  ( by whatever accidental or implanted method) ruins it all.  

But Use TAILS!!  No ...I don't need to trust Debian, systemd, or Tor, Tor Browser, Mozilla, or anything else. 

But use HEADS it uses Devuan and OpenRC !!  No ... I don't need to trust left wing communist hackers to protect me from a thought and speech policing totalitarians in the Government.

With my model I know from the get go that I don't post from home, so I get up off my ass find a place that I've scoped out previously and high jack a telephone jack for 2-10 mins.  For now lets use Linux, what do I need? ( an RJ-15 telephone wire patch cable, a US Robotics or Hayes 56K modem, a laptop with Linux, Windows, or DOS , a RS232 Modem cable, and possibly a power bar (or electric extension cable) for the modem wall-wart DC supply and the laptop power supply (use the laptop battery for this operation) ).
Most of this could be pre-assembled in a back pack or duffel bag, so that you just need to pull out the extension cord and find a power jack plug it in, and then switch the telephone wire from a plugged in telephone, reach into your bag and hit the enter key, wait for 10 seconds , take a peek inside the bag, and then disconnect.  You could write a script to post a whole series of messages and responses to previously viewed content. The whole thing could take between 10 seconds to 5 minutes to post everything disconnect, zip your bag up, reconnect the phone, and walk out.    

Better if its an old laptop with a built in soft modem (less stuff to plug in, just the phone cable), you could just walk in with the laptop under your armpit open it up and stand next to the phone, and if someone happens to see you, you could act like you're trying to get wifi reception, while standing with your back to the phone jack concealing the wire. 

Dumdy dum dumdy dum, unplugs phonejack, no wifi here...guess I'll mossy on by. Walk out of the building and don't return or reuse for a year or more, or ever, and cycle to the next location.  

A resourceful person should be able to find 50-100 different accessible telephone jacks in their city.  You'll use this method for postings that you will or may get in trouble for.  Run of the mill postings can be done from a smaller set of locations which don't overlap with your sensitive locations. 100 phone jacks for quick anonymous trouble posting, 20 re-usable phone jacks for casual browsing, and casual "Anonymous" posting. And maybe 2 or 3 longer duration locations where you can to connect from and browse for 30mins to an hour at your leisure for reading and saving messages to floppy disk.  And never from work or home connections.     

If you get caught browsing the BBS from the leisure locations (which shouldn't happen if you're careful), there is no way to prove that you are the trouble poster, unless you're retarded and confess to it.  Use different laptops for each class of activity (3 laptops, each encrypted with different keys).
On a side note (not to be a total hypocrite) but I'm posting from Tor Browser, and this appears to be the latest user agent: 

Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0
thumbnail of Symbos-msx2.gif
thumbnail of Symbos-msx2.gif
Symbos-msx2 gif
(43.18 KB, 512x424)
Some interesting, and relevant, low system resource operating systems:

http://www.contiki-os.org/

https://en.wikipedia.org/wiki/Contiki

"Contiki provides multitasking and a built-in Internet Protocol Suite (TCP/IP stack), yet needs only about 10 kilobytes of random-access memory (RAM) and 30 kilobytes of read-only memory (ROM).[1] A full system, including a graphical user interface, needs about 30 kilobytes of RAM.[5]"

http://www.symbos.de/

https://en.wikipedia.org/wiki/SymbOS

"SYmbiosis Multitasking Based Operating System (SymbOS) is a multitasking operating system for Zilog Z80-based 8-bit computer systems. Contrary to early 8-bit operating systems it is based on a microkernel, which provides preemptive and priority-oriented multitasking and manages random-access memory (RAM) with a size of up to 1024 KB. SymbOS contains a Microsoft Windows like graphical user interface (GUI), supports hard disks with a capacity of up to 128 GB and can already be booted on an unexpanded Amstrad CPC-6128, a 128K-MSX2 and an Amstrad PCW."

"Although only an 8-bit CPU, the Z80 can run a preemptive multitasking operating system. Features such as memory protection, which the Z80 lacks, are not essential in such an OS. For example, AmigaOS also lacks memory protection. The MP/M OS proved that multitasking on the Z80 CPU was possible. Yet, it was generally unavailable for home computers."
 >>/1294/

I just looked at my server logs, the user agent for an up to date Tor Browser on Linux that you download from the tor project distribution site is actually this:

Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0

Now why would they want to add that extra piece of information about me using Linux ?

We already know that ~85% of desktop and laptop computers run Windows, another 12% Run MacOS or OSX, which puts me squarely into the remaining 3% of desktop computer users.  That's really anonymous Tor Project.  Thanks. 

Look into my eyes, trust only in the Tor Browser Bundle, yes look deeply, you're getting sleepy, yes that's it, it will be all over soon...
 >>/1296/

this doesn't work...  

You have to call the application the way your originally specified with two calls to proxy chains with different configs.  I was optimistic and wrote that before I tested it.  I'll cross it out later.  The developers should just figure out that people want to use tor as static for the first hop, and randomize following http/socks nodes.  They should offer that as a feature.
 >>/1298/
$ torsocks proxychains -f ~/bin/proxychains.conf curl www.google.com

This works with random chain , however 

$ torsocks proxychains -f ~/bin/proxychains.conf iceweasel

Doesn't work. It tries to open a library (libproxychains.so) and can't (probably restricted by torsocks). 

So ($ torsocks proxychains)seems to work for some applications (terminal/console applications) but not well with GUI applications.  For that just just use proxychains in strict-chain mode and handle the proxies manually, or call it as you wrote earlier with two instances of proxychains with different configs.  I'm using proxychains-ng, because that's in the hyperbola repository. I'll go find the original and build it from source. 

Anyways don't listen to the naysayers, proxychains is a useful tool in some circumstances.
Due to the recent unfortunate news about Terry Davis, I'll be hosting a backup of TempleOS (downloaded from the main site Sept 1 2018) here:

http://ifcfqq3cwrr74v6q.onion/content/temple_os/

Someone should write a serial console and serial modem telephone BBS program for Temple OS and it will become instantly viable as a modern 64 bit Commodore 64 replacement.  Make Temple OS work with a US Robotics 56K Fax Modem over serial COMM port and we're in business.  

The main problem I have with the OS concept was in choosing x86_64 as the development platform, good intention but naive. I've booted it on bare metal to try it out, spent 2 hours with it and haven't revisited.  It's a good start, something to build off of. 

Shrine OS looks like an interesting fork. 
https://github.com/minexew/Shrine
TempleOS Mirror
https://github.com/minexew/TempleOS
https://github.com/codepony/templeos

http://www.templeos.org/
 >>/1302/

These are all the backups of Temple OS that I have on my hard disk. 

http://ifcfqq3cwrr74v6q.onion/content/temple_os/

I have just before the supplemental split in 2017, and some versions afterwards.

Some people are doubting the authenticity of latest versions in 2018. However I think that the 2017 stuff is probably OK.  I'm sure there are people out there with nightly ISO updates, but that should hopefully satisfy anyone's backup needs if you don't have any.   

I'm sure a super fan will emerge with even more backups in the future, but I'll leave it there for now.
Quick Destroy

I just had an idea,  what if you put your passphrase encrypted private key onto a floppy disk, an use that as a key to open up your encrypted lvm or full disk encryption.   The key could then be very long and random generated by /dev/urandom , or by passgen.  

You put the floppy disk into the computer as a key to unlock your workstation.

Then if you want to destroy your computer fast just have a neodymium magnet near by and  wipe the floppy a few times vigorously. For a fast shutdown destroy have a power switch or near by to your mouse or keyboard with the floppy nearby, grab the floppy and magnet and rub vigorously for 10 seconds.

You could make the key length as long as the floppy can hold so 500KB for a 5.25" B:\ floppy, or 1.44MB for a 3.5"  .  Or this could just be the passphrase to unlock the private key on your machine.  SO instead of something like (puppy monkey baby) (secure horse battery staple) or whatever bullshit their trying to push, your passphrase will be 500KB long or 1.44MB long of random ASCII.  They can just build a word combination dictionary brute force attack.   Cycle through all 2 word combinations to 10 word combinations from a dictionary and have this run on a parallel computing cluster.      

Summary:  Power switch next to mouse, next to floppy with passphrase for key to unlock LUKS,  Neodymium high field strength magnet nearby (on the floor nearby).  Need to destroy hit power switch, grab disk, grab magnet , rub, rub, rub.  Have a barricade for your bedroom door to buy you more time if necessary.   Your could do this in 3-10 seconds.
 >>/1310/

Buddybar
https://www.buddybardoorjammer.com/
https://youtube.com/watch?v=KuxGtAe3rEE
https://www.amazon.com/Buddybar-Door-Jammer-Home-Security/dp/B002BQ4VBU
  
OnGuard
https://youtube.com/watch?v=fqk_pyXcen0
https://www.globalsecurityexperts.com/shop/security-door-brace-51.html

Install One of each of these in each of your front and back doors, and in your study where you do your computing. 

That should buy you 5 mins or more against a battering ram.  Enough time to shutdown and wipe the floppy disk key, and burn it as well.
https://en.wikipedia.org/wiki/Paul_M._Nakasone

I didn't forget about you Captain Sulu.  I never forget a face....  

This guy's dad was busy translating Japanese decrypts for US Army Intelligence during WWII while George Takei grew up in an internment camp in California. He should hire Noriko (Ashley Hanrahan) as a cyber-warrior and she can post memes for US cyber command.  I think that would be pretty funny.  On a side note I have to repair NHK Japan in Endstream...Was this post racist?
REMOVED

Do not click on any links that pop up from these spammers and be careful with any links in general even ones I post. Use tor, no javascript, locked down in a firejail. Check them out with links browser or download the website with endget or endcurl.
Just watching the Kim, Moon,Trump impromptu meeting.  

When Kim comes to America, President Trump should take him to go watch the Chicago Bulls play a match live, court-side at the United Center, with Dennis Rodman, and Billy Corgan...  Michael Jordan should come along too. Afterwards they should go get burgers, fries and hotdogs, and then fly in the presidential helicopter back to the White House for talks.  Trump would get re-elected in a landslide. I'd pee myself laughing, and I'm looking forward to it.
 >>/1425/
Gotta let him have a free throw or do a layup at half time too! 

No wait... he should setup a pass to Jordan to do to do an Alley-oop slam dunk at half time. Then Kim could wave at the crowd and smile then go back to his box to watch the second half. Trump and Kushner would give a standing ovation. That would be awesome don't you think ?
 >>/1426/
We need Rodman in there too!  Chairman Kim dribbles at center court, then he passes to Rodman. Rodman does some moves, sets up the Alley oop for Jordan. Jordan Hangs on the rim after the dunk.  I'd be on the floor. Make my dreams come true...Just do it.

Post(s) action:


Moderation Help
Scope:
Duration: Days

Ban Type:


New Reply on thread #1145
Max 20 files0 B total