Re: [liberationtech] Stability in truly Democratic decision systems
Hi! On Thu, Jul 18, 2013 at 2:20 PM, Peter Lindener lindener.pe...@gmail.com wrote: I think I mentioned Wide open group choice ranking systems as a critical component in the effective function of crowd sourced idea percolators... Why? Why should we rank anything? How can you put ideas into a linear ranking? What do you think that ideas are even comparable? That there is any partial or total order among them? My work in Social Choice theory, that is maximizing voter preference priority information flow is each voter's consistent representation across all possible group decision outcomes...turns out to be a critical component not only at the point of a group's eventual decision, but also during the group's deliberative process where the best of emerging alternatives are enduring further evaluation. Best in the meaning of most individuals expressed preference for it? But why would such an alternative be best for the group in the meaning of well being of the group? Mitar suggests: I could argue that the biggest issue is assumption that we can based on preferences of individuals determine what would be the best for the group as a whole. .. In response, our work in social decision theory builds upon the thought exercise of a Social-Political circumstance where individual and group objectives have by means of social contract been co-aligned... While this is only the beginning of our reasoning, it certainly does in some way begin to address your argument... So you are saying that you can show me how it follows that if everybody expresses what is his or her personal/individual preference (where we do not define any rules on how this preference should be established), that we are capable/that it is possible to compute what would be the preference of all people if they would take into the account everybody when making their decisions? So I think that such thing would work only if we would ask everybody to think what would be the best for everybody in their opinion. Not just for themselves. But for everybody. And because nobody can really take into account everybody, those preferences would be suboptiomal but still better than just individual preferences, and we might find a way to merge them together. And I believe we should concentrate on how to achieve that people take into account also other people when stating their preferences. How to present them with necessary information and knowledge and tools to be able to do this in the best possible way. one thing for certain... in the end, Democracy IS about the flow of information regarding the desires of the electorate into the governance process... No. If it is desires of the electorate then this is called mob mentality. We would like crowd wisdom, instead. Where individuals look at a bigger picture and we combine that into one picture at the end. Mitar -- http://mitar.tnode.com/ https://twitter.com/mitar_m -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] [Freedombox-discuss] Serval Mesh Extenders
- Forwarded message from haxwithaxe m...@haxwithaxe.net - Date: Fri, 19 Jul 2013 01:32:43 -0400 From: haxwithaxe m...@haxwithaxe.net To: FreedomBox freedombox-disc...@lists.alioth.debian.org Subject: Re: [Freedombox-discuss] Serval Mesh Extenders User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130514 Thunderbird/17.0.6 On 07/17/2013 12:11 PM, Eugen Leitl wrote: - Forwarded message from John Gilmore g...@toad.com - Date: Tue, 16 Jul 2013 11:17:54 -0700 From: John Gilmore g...@toad.com To: Eugen Leitl eu...@leitl.org, g...@toad.com Cc: freedombox-discuss freedombox-disc...@lists.alioth.debian.org Subject: Re: [Freedombox-discuss] [HacDC:Byzantium] Re: Serval Mesh Extenders if you expect every single device to be a mesh node in the same collision domain within range of each other of course it won't work :P It is not obvious that of course it won't work. A sensible mesh protocol would avoid congesting its medium, having most nodes avoid forwarding packets for each other in order to increase the amount of end-user traffic it could carry. So the real issue is that people have to manually configure mesh nodes versus end user nodes, generally in most use cases i've seen there are mesh nodes that are setup as APs for non-mesh nodes as well so there is little thinking to be done once the nodes are turned on. there are protocols that say they do more intelligent or less verbose communication but i haven't personally tested any in that way beyond ~28 mesh nodes in a small room. because if every node is a mesh node, the mesh protocol doesn't work. This operational requirement of current mesh protocols violates the principle of least surprise and the zero configuration principle. there will always be a tiny bit of config as a certain amount of collusion is required to get some details matched. with most protocols the collusion amounts to using the defaults and joining the right adhoc network (ala babel). in the case of byzantium we have a preconfigured network so it will just have to (automatically) run the mesh protocol to be usable. These multiport nodes run a spanning tree algorithm together, which will pick a working subset of multiport nodes and disable forwarding on the rest, to avoid traffic loops that congest the network. When most if not all of the contemporary, deployed, wireless mesh protocols implement loop avoidance or prevention of some kind. some of which are mathematically proven to prevent loops (so the babel people say). the network configuration changes, the algorithm adapts within a few seconds. Networks can have thousands of nodes without running into scale issues. See https://en.wikipedia.org/wiki/Ethernet for more details. on a practical level we have complex ways of consolidating the physical infrastructure in wired systems that make having that many wired nodes practical and you can in fact have thousands of nodes in a wireless mesh (not all in the same small room though :P). athens municipal wireless mesh network 1k mesh nodes and is the ISP for a giant chunk of athens, greece. http://www.awmn.net/ literally all greek to me http://en.wikipedia.org/wiki/Athens_Wireless_Metropolitan_Network The promise of mesh networks was to offer the same level of end-user utility and convenience as Ethernet, with radio links rather than wires. So far that promise has been unfulfilled. i'm too young to have heard that particular promise so my apologies for making assumptions :) by the time i heard about mesh networking, wifi was already at 802.11b. in my opinion wireless mesh is very close in the way of end user friendlyness and way ahead in not needing wires running between each of the nodes. i would even argue in many cases the time and energy spent running cables can be greater than setting up a wireless mesh. there are project like byzantium and serval that are trying to make things as easy as possible for end users. while it might not be the vision the people on roofnet had in mind the infrastructural mesh acting as a backbone for non-mesh clients is a decent short* term solution for several practical problems. some links that may interest you http://www.olsr.org/ - what freifunk, commotion wirelss, and byzantium use http://www.pps.univ-paris-diderot.fr/~jch/software/babel/ - babel which is what byzantium used to use http://bmx6.net/ - bmx6 which is a derivative of batman that is supposed to solve many of the issues that batman-adv has http://battlemesh.org/ - really big wireless mesh shootout and more info on the limits of the different protocols * when we get this whole ISPs not shutting down community/municipal networks in the US and someone writes a decent mesh protocol implementation for windows that doesn't require cygwin :P - End forwarded message - -- Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org __ ICBM: 48.07100, 11.36820
Re: [liberationtech] Stability in truly Democratic decision systems
Am 18.07.2013 23:20, schrieb Peter Lindener: My work in Social Choice theory, that is maximizing voter preference priority information flow is each voter's consistent representation across all possible group decision outcomes...turns out to be a critical component not only at the point of a group's eventual decision, but also during the group's deliberative process where the best of emerging alternatives are enduring further evaluation. The deliberative decision taking fetish often overlooks that the core issue is contestability, not deliberative consensus. A perfect servant gets me water exactly when I want it, he does not bother me with decisions or commanding him. I advocate that a democratic order should become a perfect servant. Then voting is just a tool to contest a current rule and re-educate the governing persons about the genuine nature of their master-servant service. Best, André -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Job oppurtunity: an Arabic speaking Online Platform Manager
Hi guys, Small Media wants to launch the Arabic e-Learning Platform and needs an Arabic speaking Online Platform Manager. If you know someone, please pass this email to him/her: We are looking for an Arabic speaking Online Platform Manager to join our team! tag: Jobs http://smallmedia.org.uk/term/1/8 share this - http://www.facebook.com/sharer.php?u=http%3A//smallmedia.org.uk/content/97t=We%20are%20looking%20for%20an%20Arabic%20speaking%20Online%20Platform%20Manager%20to%20join%20our%20team%21 - http://twitter.com/share?url=http%3A//smallmedia.org.uk/content/97text=We%20are%20looking%20for%20an%20Arabic%20speaking%20Online%20Platform%20Manager%20to%20join%20our%20team%21 https://plus.google.com/share?url=http://smallmedia.co/content/97 Small Media is looking for an Arabic speaking Online Platform Manager to help with launching an online training platform targeting the youth in MENA region. The project is intended to provide practical training and skills to Arab youth (18-30 years old) utilizing a modern and edgy design and dynamic online platform equipped with unique relevant content and networking capabilities. Applicant should be passionate about either and all: design, social media, training, networking, Arab youth and making an impact through action oriented skills building. The position requires a leader, and ideal for someone who wants to build something from scratch and watch it grow. This position can be filled remotley. *Responsibilities:* - Be the primary person responsible for quality assurance and ensuring the diversity and relevancy of content for the Arabic e-learning courses - Intensive interfacing with course writers, leading to the development of a network of reliable and proficient course writers - Editing the courses to ensure accuracy and adherence to platform guidelines - Liaise with potential course writers, accept submissions, review and select - Be wholly responsible for managing and maintaining the reputation of the e-learning process in Arabic, including but not limited to: - Ensuring the smooth operation of the platform, liaising with Small Media’s Technology Team as necessary - Scheduling the courses - Facilitating the helpdesk for trainees and providing help in a timely and efficient manner, providing help as the need arises - Monitoring performance indicators, assessing performance with reference to targets, and presenting monthly reports including both narrative and metric indicators - Encourage the growth and development of an online community around the platform, a task that includes: - Managing the social media accounts for the platform (Twitter, Facebook, G+, YouTube) and developing an online community of users - Promote the e-learning platform in the broader Arabic webosphere - Managing, maintaining and moderating the blog. Create content to tag to penetrate into Arab language internet. - Foster and maintain connections with relevant individuals (bloggers, developers, IT experts, key social media personalities), tapping into their extended networks to disseminate the platform and recruit new trainees - Build site’s SEO by building site’s linkages with other sites, building site’s tagging system - Identify sites to advertise with - Monitor marketing campaigns to determine best return on investment - Monitor site’s analytics to understand usage and gaps in marketing - Coordinating with the Farsi e-learning manager to share experiences *Qualities:* - Self-starting- applicant should have experience with managing projects from start to finish. - Passion- applicant should be passionate about the potentials of online education and online networking particularly as it appeals to citizens rights and responsibilities, and citizen initiatives. - Problem solving- Applicant should be able to problem solve through project challenges independently and within a team. - Technology- Applicant should have an interest in technology, particularly website functionality and ensuring a quality user experience. - Training- Applicant should have a curiosity about the ways in which adults learn and the effective presentation of content and curriculum to ease learning. - Communication skills- Applicant must be able to communicate with a variety of people from contractors, to fellow colleagues, to designers across multiple languages. Effective communication and conflict resolution skills are essential for effective implementation of the project. - Social Media and website marketing- Applicant should understand how to market the site through content tagging, and other social media tools. Applicant should be interested in strategies to raise website SEO and other ways to increase website readership and conversions. - Able to
[liberationtech] Random number generator failure in Rasperri Pis?
Hi all, Just came accross this article, apparently showing the bad quality of the hardware RNG in Raspberri Pi devices. http://scruss.com/blog/2013/06/07/well-that-was-unexpected-the-raspberry-pis-hardware-random-number-generator/ Quite interesting since (pseudo-) random numbers are heavily used in crypto. Interesting also to see another post on this topic, after the study of a random number generation procedure formerly used in Cryptocat and that was also problematic. Datalove, KheOps -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Random number generator failure in Rasperri Pis?
Just came accross this article, apparently showing the bad quality of the hardware RNG in Raspberri Pi devices. http://scruss.com/blog/2013/06/07/well-that-was-unexpected-the-raspberry-pis-hardware-random-number-generator/ I see nothing in the blog post indicating that the random data from the Pi HW is bad. Rather, he uses that to show how good random data should look, after which he implements RANDU to show how _not_ to do it. I have seen this being posted here and there as a look, Pi HWrand bad thing, but I have to wonder how many actually read the blog post, considering he even ran rngtest for a thousand runs with no failures on the output of /dev/hwrng Best /P -- Petter Ericson (pett...@acc.umu.se) Telecomix Sleeper Jellyfish -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Random number generator failure in Rasperri Pis?
Hey, Le 19/07/2013 14:22, Petter Ericson a écrit : Just came accross this article, apparently showing the bad quality of the hardware RNG in Raspberri Pi devices. http://scruss.com/blog/2013/06/07/well-that-was-unexpected-the-raspberry-pis-hardware-random-number-generator/ I see nothing in the blog post indicating that the random data from the Pi HW is bad. Rather, he uses that to show how good random data should look, after which he implements RANDU to show how _not_ to do it. I have seen this being posted here and there as a look, Pi HWrand bad thing, but I have to wonder how many actually read the blog post, considering he even ran rngtest for a thousand runs with no failures on the output of /dev/hwrng I might have read it and concluded too fast, and yes obviously he shows how another implementation is failing. But I see this: sudo cat /dev/hwrng | rngtest -c 1000 which for me refers to the previously installed driver for RasPi and then he says: We were lucky that none of the tests failed for that run; sometimes there are a few failures. RANDU, on the other hand fares very badly Meaning that RANDU is really bad whereas the RasPi one would be ... better but still failing to pass some tests in some occasions? That's how I understood it, KheOps -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Random number generator failure in Rasperri Pis?
On 19 July, 2013 - KheOps wrote: Hey, Le 19/07/2013 14:22, Petter Ericson a écrit : Just came accross this article, apparently showing the bad quality of the hardware RNG in Raspberri Pi devices. http://scruss.com/blog/2013/06/07/well-that-was-unexpected-the-raspberry-pis-hardware-random-number-generator/ I see nothing in the blog post indicating that the random data from the Pi HW is bad. Rather, he uses that to show how good random data should look, after which he implements RANDU to show how _not_ to do it. I have seen this being posted here and there as a look, Pi HWrand bad thing, but I have to wonder how many actually read the blog post, considering he even ran rngtest for a thousand runs with no failures on the output of /dev/hwrng I might have read it and concluded too fast, and yes obviously he shows how another implementation is failing. But I see this: sudo cat /dev/hwrng | rngtest -c 1000 which for me refers to the previously installed driver for RasPi and then he says: We were lucky that none of the tests failed for that run; sometimes there are a few failures. RANDU, on the other hand fares very badly Meaning that RANDU is really bad whereas the RasPi one would be ... better but still failing to pass some tests in some occasions? You raise a good point. I must admit ignorance in regards to the specifics of linux, HWRNGs, /dev/hwrng and /dev/random, but my personal guess would be that /dev/hwrng supplies true random values, while /dev/random is the place to look for properly hashed and checked random output. Having true random values fail a FIPS-140 test is definitely not out of the realm of possibility, though I have no idea how common it would be. It might be a good idea to do some digging around the components and source code, though. If for no other reason than it always is. Best /P -- Petter Ericson (pett...@acc.umu.se) Telecomix Sleeper Jellyfish -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Ensuring Free Access to Ideas in Public Spaces?
Hi folks, Thanks to the awesomeness that is TA3M [0], I've had a chance to talk with a few librarians who're somewhat disappointed by the fact that it's difficult to freely access knowledge at libraries: all Internet access is filtered and surveiled, reducing the freedom of expression and the free exchange of ideas. So, I promised I'd reach out to folks to see what, if anything, we can do about the situation. First, what technologies could public libraries employ that would ensure or best facilitate intellectual freedom, free expression and free access to ideas when people use the library? Different libraries will have different connectivity structures, so this is a fairly broad question. I think there's a more fundamental question, though, which is figuring out how to make libraries again responsible for providing unencumbered access to ideas. I don't know how to do this. I could help draft standards-language for The Responsibilities of Libraries to the Public but perhaps there's already such a document out there that could be updated or re-enforced. At this point, I'm trying to start a discussion. Thanks for your time, Nick 0: http://wiki.openitp.org/events:techno-activism_3rd_mondays -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Ensuring Free Access to Ideas in Public Spaces?
..on Fri, Jul 19, 2013 at 07:58:43AM -0500, Nick Daly wrote: Hi folks, Thanks to the awesomeness that is TA3M [0], I've had a chance to talk with a few librarians who're somewhat disappointed by the fact that it's difficult to freely access knowledge at libraries: all Internet access is filtered and surveiled, reducing the freedom of expression and the free exchange of ideas. So, I promised I'd reach out to folks to see what, if anything, we can do about the situation. First, what technologies could public libraries employ that would ensure or best facilitate intellectual freedom, free expression and free access to ideas when people use the library? Different libraries will have different connectivity structures, so this is a fairly broad question. Host the data locally and allow people to connect to it using computers at the library or their own phones associated with the libraries own 'offline' wireless network. Move terabyte archives to each partner library over snail-mail or securely copy it between libraries over the Internet, for local hosting. Here's a project of ours, that albeit artistic and conceptual in its goals, is a fully functioning wireless web-server that even takes the form of a book: http://weise7.org/book/ Being Internet independent the book can be read on wireless-capable devices in a cave, out on the ocean etc. Cheers, -- Julian Oliver PGP B6E9FD9A http://julianoliver.com http://criticalengineering.org -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Ensuring Free Access to Ideas in Public Spaces?
Hi Nick, In a recent search, I came across these folks: http://www.ifla.org/ See in particular their mailing lists and their FAIFE committee: http://www.ifla.org/mailing-lists http://www.ifla.org/about-faife Hope this is helpful, -- Michael Allan Toronto, +1 416-699-9528 http://zelea.com/w/User:Mike-ZeleaCom/in Hi folks, Thanks to the awesomeness that is TA3M [0], I've had a chance to talk with a few librarians who're somewhat disappointed by the fact that it's difficult to freely access knowledge at libraries: all Internet access is filtered and surveiled, reducing the freedom of expression and the free exchange of ideas. So, I promised I'd reach out to folks to see what, if anything, we can do about the situation. First, what technologies could public libraries employ that would ensure or best facilitate intellectual freedom, free expression and free access to ideas when people use the library? Different libraries will have different connectivity structures, so this is a fairly broad question. I think there's a more fundamental question, though, which is figuring out how to make libraries again responsible for providing unencumbered access to ideas. I don't know how to do this. I could help draft standards-language for The Responsibilities of Libraries to the Public but perhaps there's already such a document out there that could be updated or re-enforced. At this point, I'm trying to start a discussion. Thanks for your time, Nick 0: http://wiki.openitp.org/events:techno-activism_3rd_mondays -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] History of hardware RNGs in PC?
On Fri, Jul 19, 2013 at 02:03:23PM +0200, KheOps wrote: What is the history of HRNG is consumer PCs? Is there any indication that this lawsuit had any impact on the availablity of HRNGs in consumer PCs? http://dockets.justia.com/docket/texas/txedce/2:2007cv00024/100867/ Which side won the lawsuit or is that known since it was settled? Any indication of governmental influence in the lawsuit? Anyone knowing the true story please post it. Thank You. -- Paul Elliott 1(512)837-1096 pelli...@blackpatchpanel.com PMB 181, 11900 Metric Blvd Suite J http://www.free.blackpatchpanel.com/pme/ Austin TX 78758-3117 --- Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it. Edward Snowden -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Random number generator failure in Rasperri Pis?
On Fri, Jul 19, 2013 at 01:17:51PM +0100, Michael Rogers wrote: On 19/07/13 13:03, KheOps wrote: Just came accross this article, apparently showing the bad quality of the hardware RNG in Raspberri Pi devices. http://scruss.com/blog/2013/06/07/well-that-was-unexpected-the-raspberry-pis-hardware-random-number-generator/ Quite interesting since (pseudo-) random numbers are heavily used in crypto. Interesting also to see another post on this topic, after the study of a random number generation procedure formerly used in Cryptocat and that was also problematic. Is that what the article shows? Looks to me like the Raspberry Pi's hardware RNG (/dev/hwrng) is being held up as an example of 'good randomness' in contrast to the RANDU algorithm's 'bad randomness'. Regardless of the quality of the HW RNG on RPI, it's not good to expose the entropy directly to userspace in /dev/hwrng. Rather, the RPI kernel should mix the entropy into the kernel entropy pool and apps should use /dev/random to get high-quality entropy mixed from all available entropy sources. That way even if an attacker has a backdoor to the HW RNG, the user still has a second line of defense due to the other unpredictable data mixed into the same pool. -andy -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Random number generator failure in Rasperri Pis?
On Fri, 2013-07-19 at 10:42 -0700, Andy Isaacson wrote: On Fri, Jul 19, 2013 at 01:17:51PM +0100, Michael Rogers wrote: On 19/07/13 13:03, KheOps wrote: Just came accross this article, apparently showing the bad quality of the hardware RNG in Raspberri Pi devices. http://scruss.com/blog/2013/06/07/well-that-was-unexpected-the-raspberry-pis-hardware-random-number-generator/ Quite interesting since (pseudo-) random numbers are heavily used in crypto. Interesting also to see another post on this topic, after the study of a random number generation procedure formerly used in Cryptocat and that was also problematic. Is that what the article shows? Looks to me like the Raspberry Pi's hardware RNG (/dev/hwrng) is being held up as an example of 'good randomness' in contrast to the RANDU algorithm's 'bad randomness'. Regardless of the quality of the HW RNG on RPI, it's not good to expose the entropy directly to userspace in /dev/hwrng. Rather, the RPI kernel should mix the entropy into the kernel entropy pool and apps should use /dev/random to get high-quality entropy mixed from all available entropy sources. That way even if an attacker has a backdoor to the HW RNG, the user still has a second line of defense due to the other unpredictable data mixed into the same pool. And there's a daemon for this: apt-get install rng-tools -- Mathematics is the supreme nostalgia of our time. -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Random number generator failure in Rasperri Pis?
Dear Colleagues, I am presently writing on politicians, namely Gore and Obama, talking about the internet on the campaign trail. I am looking for citations for research on discourses on technology in politics. Any leads? Thank you. Best, Adam Fish, PhD Media and Cultural Studies Department of Sociology Lancaster University, UK, LA1 4YT p. 01524592699 University Research Portalhttp://www.research.lancs.ac.uk/portal/en/people/adam-fish(10a5067e-a828-497b-95ae-e35ed07f9ba1).html Twitter https://twitter.com/mediacultures On Fri, Jul 19, 2013 at 1:03 PM, KheOps khe...@ceops.eu wrote: Hi all, Just came accross this article, apparently showing the bad quality of the hardware RNG in Raspberri Pi devices. http://scruss.com/blog/2013/06/07/well-that-was-unexpected-the-raspberry-pis-hardware-random-number-generator/ Quite interesting since (pseudo-) random numbers are heavily used in crypto. Interesting also to see another post on this topic, after the study of a random number generation procedure formerly used in Cryptocat and that was also problematic. Datalove, KheOps -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] India cuts Internet in Kashmir?
India cuts Internet in Kashmir again after latest Ramban Massacre http://t.co/TMKzp63wfq via @georgiebc -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Liberationtech Jobs List
Just a reminder that we have a Liberationtech Jobs List, so feel free to join and spread the word: https://mailman.stanford.edu/mailman/listinfo/liberationtech-jobs We also have an events list here: https://mailman.stanford.edu/mailman/listinfo/liberationtech-events And, of course, the drones list: https://mailman.stanford.edu/mailman/listinfo/drone-list Best, Yosem, one of your moderators -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Fwd: A hacker's guide to Amsterdam
-- Forwarded message -- From: Jens Christian Hillerup j...@hillerup.net Date: Jul 19, 2013 11:12 AM Subject: A hacker's guide to Amsterdam To: Hackerspaces General Discussion List disc...@lists.hackerspaces.org Cc: ... So I'll be coming to Amsterdam on the 27th of July, following the UbiCrypt summer school on reverse engineering in Germany (anyone going? let's hook up!) I plan on showing up at the OHM site a few days in advance to help with the build-up etc, but that still leaves me with two or three days in A'dam. I'm looking for suggestions for things to see that might be of interest for hackers -- small or large, well-known or obscure. I've not been in Amsterdam for ten years, so my knowledge of the city is close to nil. Technical stuff, DIY stuff, urban exploration stuff, graffiti stuff and hackerspaces is my deal. If anyone has suggestions (or even a place to crash), I'm all ears! Thanks, JC -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] seeking open wireless projects
Hi libtech, We at EFF are writing up a taxonomy of existing open wireless commercial or non-commercial projects that have launched and would love input from folks on this list. So far we are looking at: Fon - http://corp.fon.com/ Comcast - http://corporate.comcast.com/news-information/news-feed/comcast-unveils-plans-for-millions-of-xfinity-wifi-hotspots-through-its-home-based-neighborhood-hotspot-initiative-2 Karma - https://yourkarma.com/ Ruckus - http://www.ruckuswireless.com/ KeyWifi - is this project still active? We're sure there are many more, and wanted to see if people here could help by pointing us towards launched projects to add to the list. It's hard to draw a bright line between what counts as a launched project vs, say, a technical solution. For example, we don't want to include a protocol like EAP-SIM or firmware that has optional open wireless as a launched project, but firmware that ships with default on guest networking might qualify. Any suggestions you have are great so don't hesitate to let us know about any cool thing related to open wireless, just please don't be offended if we decide not to categorize it as a launched project. Our goal is NOT to promote these solutions, but rather just to give an idea of what's out there, what desirable properties each offering has, and what properties it lacks. For example, we think decentralized solutions that have no captive portals or authentication and are universally available are preferred. We do not want to get into a discussion of the security properties of open wireless, or any discussion about the merits of one solution vs another -- we are simply seeking information on what is out there. Thanks, -- Dan Auerbach Staff Technologist Electronic Frontier Foundation d...@eff.org 415 436 9333 x134 -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] seeking open wireless projects
Hi! I hope you checked this list: https://en.wikipedia.org/wiki/List_of_wireless_community_networks_by_region :-) There were already few times people were analyzing existing wireless networks. I think you should get into the contact with those researchers. (At least I know that I had to answer interview questions few times already.) Currently, as far as I know, part of this current EU project is to also analyze existing networks. I would recommend that you get into the contact with them: http://confine-project.eu/ And of course with everybody involved in International Summit for Community Wireless Networks. http://wirelesssummit.org/ I am involved with wlan slovenija, http://wlan-si.net/. Mitar On Fri, Jul 19, 2013 at 2:44 PM, Dan Auerbach d...@eff.org wrote: Hi libtech, We at EFF are writing up a taxonomy of existing open wireless commercial or non-commercial projects that have launched and would love input from folks on this list. So far we are looking at: Fon - http://corp.fon.com/ Comcast - http://corporate.comcast.com/news-information/news-feed/comcast-unveils-plans-for-millions-of-xfinity-wifi-hotspots-through-its-home-based-neighborhood-hotspot-initiative-2 Karma - https://yourkarma.com/ Ruckus - http://www.ruckuswireless.com/ KeyWifi - is this project still active? We're sure there are many more, and wanted to see if people here could help by pointing us towards launched projects to add to the list. It's hard to draw a bright line between what counts as a launched project vs, say, a technical solution. For example, we don't want to include a protocol like EAP-SIM or firmware that has optional open wireless as a launched project, but firmware that ships with default on guest networking might qualify. Any suggestions you have are great so don't hesitate to let us know about any cool thing related to open wireless, just please don't be offended if we decide not to categorize it as a launched project. Our goal is NOT to promote these solutions, but rather just to give an idea of what's out there, what desirable properties each offering has, and what properties it lacks. For example, we think decentralized solutions that have no captive portals or authentication and are universally available are preferred. We do not want to get into a discussion of the security properties of open wireless, or any discussion about the merits of one solution vs another -- we are simply seeking information on what is out there. Thanks, -- Dan Auerbach Staff Technologist Electronic Frontier Foundation d...@eff.org 415 436 9333 x134 -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- http://mitar.tnode.com/ https://twitter.com/mitar_m -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] seeking open wireless projects
In addition there are a number we ( Inveneo, a non-profit based in San Francisco ) have worked on here are just a few: Northern Uganda - http://boscouganda.com/ Dadaab north eastern Kenya - http://www.inveneo.org/projects/dadaabconnect/ Chuuk, Micronesia - http://www.inveneo.org/2013/05/connecting-schools-in-micronesia-using-long-distance-wifi/ Also many others come to mind like wireless Nepal ( http://www.nepalwireless.com.np/ ) and Airjaldi ( http://drupal.airjaldi.com/ ) Mark On Fri, Jul 19, 2013 at 3:33 PM, Mitar mmi...@gmail.com wrote: Hi! I hope you checked this list: https://en.wikipedia.org/wiki/List_of_wireless_community_networks_by_region :-) There were already few times people were analyzing existing wireless networks. I think you should get into the contact with those researchers. (At least I know that I had to answer interview questions few times already.) Currently, as far as I know, part of this current EU project is to also analyze existing networks. I would recommend that you get into the contact with them: http://confine-project.eu/ And of course with everybody involved in International Summit for Community Wireless Networks. http://wirelesssummit.org/ I am involved with wlan slovenija, http://wlan-si.net/. Mitar On Fri, Jul 19, 2013 at 2:44 PM, Dan Auerbach d...@eff.org wrote: Hi libtech, We at EFF are writing up a taxonomy of existing open wireless commercial or non-commercial projects that have launched and would love input from folks on this list. So far we are looking at: Fon - http://corp.fon.com/ Comcast - http://corporate.comcast.com/news-information/news-feed/comcast-unveils-plans-for-millions-of-xfinity-wifi-hotspots-through-its-home-based-neighborhood-hotspot-initiative-2 Karma - https://yourkarma.com/ Ruckus - http://www.ruckuswireless.com/ KeyWifi - is this project still active? We're sure there are many more, and wanted to see if people here could help by pointing us towards launched projects to add to the list. It's hard to draw a bright line between what counts as a launched project vs, say, a technical solution. For example, we don't want to include a protocol like EAP-SIM or firmware that has optional open wireless as a launched project, but firmware that ships with default on guest networking might qualify. Any suggestions you have are great so don't hesitate to let us know about any cool thing related to open wireless, just please don't be offended if we decide not to categorize it as a launched project. Our goal is NOT to promote these solutions, but rather just to give an idea of what's out there, what desirable properties each offering has, and what properties it lacks. For example, we think decentralized solutions that have no captive portals or authentication and are universally available are preferred. We do not want to get into a discussion of the security properties of open wireless, or any discussion about the merits of one solution vs another -- we are simply seeking information on what is out there. Thanks, -- Dan Auerbach Staff Technologist Electronic Frontier Foundation d...@eff.org 415 436 9333 x134 -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- http://mitar.tnode.com/ https://twitter.com/mitar_m -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Traffic Analysis Countermeasures
The Doctor: On 07/18/2013 11:51 AM, Charles Allhands wrote: Thanks for the link! Is there a reason why mix networks aren't commonly used? I see mixminion hasn't been worked on in years. One possible factor may be that many people are less interested in anonymity of communications (i.e., sending e-mail) and more interested in anonymity of net.access these days. I doubt that there is only one factor contributing to the general lack of advancement in this field, though. Another good argument made on tor-talk (and probable a few other places) was, that the user interfaces were never user friendly. -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Stability in truly Democratic decision systems
Hi! On Fri, Jul 19, 2013 at 3:29 PM, Peter Lindener lindener.pe...@gmail.com wrote: So I gather your taking the position that Social Choice theory has no place in Social Decision Theory? That is that the formality's of information as well as Game theory are entirely inapplicable in the process of achieving a better understanding of the truly democratic group decision process... I have not yet found a mathematical function which would take two human produced texts describing two proposed solutions to a problem and produce a third text which would be a comprehensible and rational merge of this two proposed solutions. Maybe your theory should start from this? I agree that theoretical foundation is important. But don't forget what is the goal of democracy: that people can live together in a way which satisfies all of them the most. We are using voting as a method currently, because we might not know better (we are still using a two thousand year old method!). I agree with the interesting idea André pointed out. That we are voting and getting everybody involved in decisions because we don't know better. But the process of voting is not the end goal. It is not the question how can we optimize voting, but can we finally find something better? Which does not build on premises that everybody has to be involved, that everybody knows how to decide for everybody, that everybody has knowledge for that, and time to be involved. But which still makes sure that decisions we are making as a society are those people want and support. You can ask everyone of them (what is voting in a way), or you could be smarter and know what they want and support in some less invasive way? You know what is a good governance system? Not one where you ask all people for any small thing how they would decide. But one which produces solutions which all people when they see it say Wow, this is a great solution, if just I could come up with it myself! I support it! Because this is what you would like: that the solutions we decide for as a society are better than any individual him or herself could come up with by him or herself. Mitar -- http://mitar.tnode.com/ https://twitter.com/mitar_m -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] One time pad Management system?
Paul Elliott pelli...@blackpatchpanel.com wrote: Given a secure communications channel for key exchange, OTPs are absolutely unbreakable. Against some attacks, yes. However, unless authentication is used as well, they have absolutely no resistance to a rewrite attack: http://en.citizendium.org/wiki/Stream_cipher#Rewrite_attacks -- Who put a stop payment on my reality check? -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Stability in truly Democratic decision systems
Mitar - You write: *I have not yet found a mathematical function which would take two* *human produced texts describing two proposed solutions to a problem* *and produce a third text which would be a comprehensible and rational* *merge of this two proposed solutions. Maybe your theory should start* *from this?* Your suggestion is interesting for that mater, our proposed solution is to achieve exactly what you suggest.. You seem to somehow think that it in some way is less that possible to build a collaborative information process that would produce the third text that you mention... That is: build a democratic word processor that permits forking versions of any proposed document...followed by a well formed preference ranking process Continue to Feed an ecosystem of proposed competing alternative solutions. Take care not to kill off embryonic proposals before they mature enough to survive with respect to other well formed proposed solutions... Before, dismissing all of what is being proposed here, Please consider that the one way of making any real progress here IS by way of some level of formality. -Peter On Fri, Jul 19, 2013 at 4:01 PM, Mitar mmi...@gmail.com wrote: Hi! On Fri, Jul 19, 2013 at 3:29 PM, Peter Lindener lindener.pe...@gmail.com wrote: So I gather your taking the position that Social Choice theory has no place in Social Decision Theory? That is that the formality's of information as well as Game theory are entirely inapplicable in the process of achieving a better understanding of the truly democratic group decision process... I have not yet found a mathematical function which would take two human produced texts describing two proposed solutions to a problem and produce a third text which would be a comprehensible and rational merge of this two proposed solutions. Maybe your theory should start from this? I agree that theoretical foundation is important. But don't forget what is the goal of democracy: that people can live together in a way which satisfies all of them the most. We are using voting as a method currently, because we might not know better (we are still using a two thousand year old method!). I agree with the interesting idea André pointed out. That we are voting and getting everybody involved in decisions because we don't know better. But the process of voting is not the end goal. It is not the question how can we optimize voting, but can we finally find something better? Which does not build on premises that everybody has to be involved, that everybody knows how to decide for everybody, that everybody has knowledge for that, and time to be involved. But which still makes sure that decisions we are making as a society are those people want and support. You can ask everyone of them (what is voting in a way), or you could be smarter and know what they want and support in some less invasive way? You know what is a good governance system? Not one where you ask all people for any small thing how they would decide. But one which produces solutions which all people when they see it say Wow, this is a great solution, if just I could come up with it myself! I support it! Because this is what you would like: that the solutions we decide for as a society are better than any individual him or herself could come up with by him or herself. Mitar -- http://mitar.tnode.com/ https://twitter.com/mitar_m -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] libfortuna fun
On Wed, 17 Jul 2013 22:19:06 -0700 (PDT), Waitman Gobble uzi...@da3m0n8t3r.com wrote: I've been researching the Fortuna PRNG and found a good implementation within PostgreSQL. I ripped out a big chunk of the code in pgsql/contrib/pgcrypto and turned it into libfortuna. My first tests are positive, seems to work. I'm building on FreeBSD, but should work on other BSD/Unix systems. Maybe GNU/Linux, not sure, I tend to only build other people's projects on Linux. At the moment my test program dumps out 1024 fortuna-generated random numbers. But there's a whole swiss army knife of encryption related routines in pgcrypto, so it looks to be great fun to tinker with and expand the library, import the rest of the pgcrypto code base. I'm just getting started experimenting. Perhaps irrelevant, yet it seems like there's a good interest in encryption in this group, so I thought I'd share. The library code is at: https://github.com/waitman/libfortuna testing 123 programs at: https://github.com/waitman/fortuna-tests It's mostly unmodified PG code, replacing the PG memory management routines with 'native' jemalloc/malloc_np.h. When it seems sane I'll submit a FreeBSD port. There weren't any replies to this, so maybe it's a totally dead/DOA issue, but I have seen some people talking about TRNG and PRNG recently.. so somewhat relevant.. follow-up. anyway, I ran some visual randomness tests using the MagicWand api and ripped the rngtest program out of rng-tools (Debian source), ported it to FreeBSD. So libfortuna passes the FIPS 140-2 tests (according to rngtest), and of course that's circa 2001... Anyway today I created a port and submitted it, as of r32 (now) it's in the FreeBSD ports tree if you want to check it out. tests, images, docs, source, etc on my personal desktop machine at https://dx.burplex.com/bin/libfortuna.html despite it's age, the rngtest tool is possibly a good thing to use on miniature computing devices. or software/api expirements, if only to get warm fuzzies.(?) i do want to check out sp800-90b as the poster recommended in another thread.. looks cool. if possible build an even better testing tool. -- Waitman Gobble San Jose California USA +1.5108307875 -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech