[liberationtech] OTF Open Solicitation for Concept Notes: Jan 1st Deadline
Hello all, Submit now: https://www.opentechfund.org/submit We are excited to share the news that the Open Technology Fund’s ongoing solicitation of concept notes is open and receiving proposals for the next round. We seek to fund disruptive technology projects that advance global Internet freedom and human rights online. If you are interested in submitting a concept note for our consideration, the process begins by completing our short online form: https://www.opentechfund.org/submit. More information about our full proposal process can be found on our website: https://www.opentechfund.org/submit/guide. OTF utilizes public funds to support Internet freedom projects. We support projects that develop open and accessible technologies promoting human rights and open societies. In general, the areas of focus are research, development, implementation and deployment. We strive to advance inclusive and safe access to global communication networks. Created in 2012, OTF is an Radio Free Asia (RFA) program supported by funds from the Broadcasting Board of Governors (BBG). The BBG’s mission is to inform, engage, and connect people around the world in support of freedom and democracy. RFA’s mission is to provide accurate and timely information to the people of Asia who lack adequate protections for freedom of expression, free speech, and a free press. In a globally interconnected society, creating and protecting freedom of expression, free speech, and a free press requires cross-border technology tools that enable the exercise of human rights within repressive societies for the global population. OTF strives to incubate and support tech-centric projects that create or increase the use of these tools around the world. More information on our program can be found at https://www.opentechfund.org/about. If you have any questions, please send them our way by emailing o...@rfa.org. We look forward to your submission. -- Dan Meredith pgp 0x36377134 -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] 2 London events - New Voices via Open Gov Dec 2, Neighbours Online Nov 30
Thank you for posting my other two events. Here are two more: http://uknewvoices.eventbrite.com http://ukneighbours.eventbrite.com Slides and more along the way: http://bit.ly/clifteu13 Steven Clift From Estonia P.S. I was told there is an international Internet Freedom conference here next year. Anyone know the details? -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Secure Email Survey
Thanks for sharing the projects being funded. Just out of curiosity, can you disclose the donors/ source of funding of the secure email support initiative. Thanks! Robert On 2013-11-25, at 12:01 PM, Dan Meredith wrote: Hello LibTech, The Open Technology Fund is surveying projects working on next generation secure email or email-like communication. The purpose of this survey is to identify potential areas of collaboration, better understand the trade-offs made by the different projects, and to help the internet freedom community better understand these projects. This survey's findings will be published publicly to serve the above purpose. So far, we have invited these projects to participate: ansamb.com bitmail.sf.net bitmessage.org darkmail.info flowingmail.com leap.se mailiverse.com mailpile.is mailvelope.com mega.co.nz opencom.io parley.co perzo.com pond.imperialviolet.org retroshare.sf.net scramble.io startmail.com All these projects are working on email or email-like communication that departs from traditional encrypted OpenPGP or S/MIME email in one way or another. Although this survey only applies to asynchronous messages (i.e. not synchronous chat), there is a great deal of diversity among the approaches. Some projects are open source, some are not. Some projects provide services, some provide only software. There are centralized, federated, and peer-to-peer approaches. There are HTML5 apps, desktop apps, mobile apps, and extensions. You get the idea. Please let us know if we are missing any projects. Below is a link to the web-based submission form: https://docs.google.com/a/opentechfund.org/forms/d/1TpSrjuLXxG_POGv94C6qurjz4KKw2-ID69bzWWzpEB4/viewform Alternatively, you can complete the survey in the attached text file and email the message to email.sur...@opentechfund.org. The public key for that address is also attached. Please submit responses on or before December 1, 2013. Thanks in advance! -- Dan Meredith pgp 0x36377134 email-survey.txt-- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Secure Email Survey
Heya Robert, Apologies if the initial email wasn't clear. The purpose is a survey to map the space. The listed projects are merely projects publicly known to be developing secure email technology. As such, they have been invited to volunteer their time to complete the survey. Our commitment is to solicit survey submissions, compile the results, and report the results publicly. Our goal is to increase public knowledge. OTF does not have a specific secure email support initiative. That said, supporting tools that increase communication safety -- such as secure email -- are definitely within our remit. For instances, OTF directly supports LEAP and Mailvelope. You can see all OTF supported projects, past and present, publicly on our website: https://www.opentechfund.org/projects OTF is entirely a publicly funded program. Support is given from the US Congress in an appropriation bill each year. That and a whole lot more about OTF, including an annual report detailing our income and expenses, is publicly available on our website: https://www.opentechfund.org/about As for the other listed projects, I do not know how they support themselves. They would be the right folks to ask. All the best! Robert Guerra wrote: Thanks for sharing the projects being funded. Just out of curiosity, can you disclose the donors/ source of funding of the secure email support initiative. Thanks! Robert On 2013-11-25, at 12:01 PM, Dan Meredith wrote: Hello LibTech, The Open Technology Fund is surveying projects working on next generation secure email or email-like communication. The purpose of this survey is to identify potential areas of collaboration, better understand the trade-offs made by the different projects, and to help the internet freedom community better understand these projects. This survey's findings will be published publicly to serve the above purpose. So far, we have invited these projects to participate: ansamb.com bitmail.sf.net bitmessage.org darkmail.info flowingmail.com leap.se mailiverse.com mailpile.is mailvelope.com mega.co.nz opencom.io parley.co perzo.com pond.imperialviolet.org retroshare.sf.net scramble.io startmail.com All these projects are working on email or email-like communication that departs from traditional encrypted OpenPGP or S/MIME email in one way or another. Although this survey only applies to asynchronous messages (i.e. not synchronous chat), there is a great deal of diversity among the approaches. Some projects are open source, some are not. Some projects provide services, some provide only software. There are centralized, federated, and peer-to-peer approaches. There are HTML5 apps, desktop apps, mobile apps, and extensions. You get the idea. Please let us know if we are missing any projects. Below is a link to the web-based submission form: https://docs.google.com/a/opentechfund.org/forms/d/1TpSrjuLXxG_POGv94C6qurjz4KKw2-ID69bzWWzpEB4/viewform Alternatively, you can complete the survey in the attached text file and email the message to email.sur...@opentechfund.org. The public key for that address is also attached. Please submit responses on or before December 1, 2013. Thanks in advance! -- Dan Meredith pgp 0x36377134 email-survey.txt-- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Dan Meredith pgp 0x36377134 -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] First Case of Selective / Targeted Online Censorship: Pakistani Government Successfully Blocks Specific Links
Dear Libtech, In a new turn of events today users from across Pakistan faced issue while accessing a particular movie title on imdb.com. While IMDb remains open, the page for movie “The Line of Freedom” remains inaccessible. “The Line of Freedom” is a short baloch film. It should be noted here that time and again state has used all sorts of means to curb the dissidents’ views and expressions especially from the province of Baluchistan. Please read and share our press release widely on this issue. http://digitalrightsfoundation.pk/first-case-of-selective-targeted-online-censorship-pakistani-government-successfully-blocks-specific-links/ Best, Nighat Dad Director Digital Rights Foundation www.digitalrightsfoundation.pk Follow us on twitter: @digitalrightspk -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Secure Email Survey
First of all thank you for picking up this important topic - it's the kind of outcome out of the PGP criticism I had hoped for. Congratulations on the insight and depth of the questions in the form - looks like a better and more comprehensive survey than my tentative comparison page. :-) The reason I am writing is because I sense that looking at the e-mail use case by itself can favor suboptimal solutions. The discussions of the last few days have gotten me thinking of three imperfections in the design of Pond. No doubt Pond is a much much more advanced solution than PGP over e-mail, but still it has a centralized approach to shared secret rendez-vous which I hope can in future be resolved nicer with a privacy preserving DHT such as GNS (there's also the possibility to exchange keys in armor, if you already have a secure channel via OTR or PGP) And the other aspect is that each and every message goes to a Pond server. There is no optimization when two people are online at the same time and could actually have a real-time conversation. In a way that is intentional: An asynchronous Pond dialogue is much harder to trace. On the other hand those Pond servers, although they have no idea what they are hosting and for whom, have long term hidden service addresses and could become subject to traffic analysis over an extended period of time. Still nothing worth being concerned about - Pond has the most advanced privacy strategy I've seen - yet when two people are having a real-time exchange anyway, Pond should be able to make use of such an existing channel, skip the server involvement and deliver the message directly to the counterpart. That implies a tighter integration with other communication tools. The third aspect is group communication. Pond provides none, which is even less than PGP/SMTP. To cut a long story short: Asynchronous messaging would find a more advanced solution if looked at in a broader perspective of synchronous data exchange, multiparty data exchange and in particular scalable multiparty data exchange: None of the new and shiny obfuscated messaging systems would be able to timely serve a news announcements to thousands of recipients. Let alone the numbers Twitter and Facebook deal with. You may think - but if several thousands are going to receive that message, why does it have to travel over a secure email system? Because the fact that you are registered to receive this message is politically relevant. That's why when looking at alternatives for asynchronous messaging I think one should also keep an eye on the synchronous messaging and chat, at the social networking functionality and at the distribution scalability strategy of the entire architecture. Things like Pond are a great solution for today, to have at least a bunch of relevant use cases outside the reach of the man in the middle. But if anyone was thinking we could reach out for something like a future secure mail standard, for that I am writing this note of warning. We need a much more advanced and complex solution to become the next messaging standard for the world. Something none of the existing apps are even close to providing. On Mon, Nov 25, 2013 at 03:01:57PM +, Dan Meredith wrote: All these projects are working on email or email-like communication that departs from traditional encrypted OpenPGP or S/MIME email in one way or another. Although this survey only applies to asynchronous messages (i.e. not synchronous chat), there is a great deal of diversity among the approaches. Some projects are open source, some are not. Some We cannot recommend and should not finance anything that we don't have the source codes for. projects provide services, some provide only software. There are centralized, federated, and peer-to-peer approaches. There are HTML5 apps, desktop apps, mobile apps, and extensions. You get the idea. Please let us know if we are missing any projects. I would add liberte' cables (http://dee.su/cables) and the I2P messaging methods (Susimail, I2Pbote I believe). Is the project email or email-like (or both)? In other words, does it use SMTP? - It uses SMTP. There was a time when e-mail was not SMTP and there is no reason why those two terms need to converge. SMTP is the part of the e-mail architecture that needs replacement the most, whereas RFC822, POP/IMAP and PGP may still have a role in a future e-mail system (although I have criticism for each of these building blocks). Do you also provide service using your software? (For example, do you provide email accounts for users? This question does not apply, obviously, for p2p projects). - No Hm, federation is so commonly expected to be the normality that any distributed system is filed under p2p even if, like Tor, it runs on thousands of servers, thus rather distant from what p2p was supposed to mean. Tor started as P2P, but I think it isn't anymore. I2P is heading in the same direction and I expect the same from
Re: [liberationtech] Secure Email Survey
carlo von lynX writes: Hm, federation is so commonly expected to be the normality that any distributed system is filed under p2p even if, like Tor, it runs on thousands of servers, thus rather distant from what p2p was supposed to mean. Tor started as P2P, but I think it isn't anymore. I don't think Tor was ever peer-to-peer. It has a directory listing all of the public routers; originally the directory was maintained by hand by the Tor developers, rather than by automated announcement notices from new routers to the directory servers. I think the you should make every Tor user be a relay question has been in the FAQ all along: https://www.torproject.org/docs/faq.html.en#EverybodyARelay -- Seth Schoen sch...@eff.org Senior Staff Technologist https://www.eff.org/ Electronic Frontier Foundation https://www.eff.org/join 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107 -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Secure Email Survey
On Mon, Nov 25, 2013 at 11:06 PM, carlo von lynX l...@time.to.get.psyced.org wrote: I would add liberte' cables (http://dee.su/cables) I did fill out the survey, actually — by request, so no idea why Cables does not appear in the list above. The survey was clearly composed by a domain expert, so props for the effort, and I look forward to reviewing the outcome. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Secure Email Survey
Dan Meredith meredi...@rfa.org writes: OTF is entirely a publicly funded program. Support is given from the US Congress in an appropriation bill each year. So it's funded by extortion (taxation). That's the kiss of death! stealthmail (see .sig below) certainly qualifies for your criteria, but to accept OTF funding would therefore be to receive stolen property. -- -- StealthMonger stealthmon...@nym.mixmin.net Long, random latency is part of the price of Internet anonymity. anonget: Is this anonymous browsing, or what? http://groups.google.ws/group/alt.privacy.anon-server/msg/073f34abb668df33?dmode=sourceoutput=gplain stealthmail: Hide whether you're doing email, or when, or with whom. mailto:stealthsu...@nym.mixmin.net?subject=send%20index.html Key: mailto:stealthsu...@nym.mixmin.net?subject=send%20stealthmonger-key -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] Twitter: Fake followers, manipulate trending topics..WSJ
Dear LiberationTech, finally, i'm honored and happy to share my findings with the WSJ. Follow an article about Twitter underground economy on the homepage of the WSJ : http://online.wsj.com/news/articles/SB10001424052702304607104579212122084821400 best, -- Andrea Stroppa http://huffingtonpost.com/andrea-stroppa @andst7 -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] [cryptography] [Cryptography] Email is unsecurable
On Nov 25, 2013, at 1:51 PM, Stephen Farrell stephen.farr...@cs.tcd.ie wrote: Personally, I'm not at all confident that we can do something that provides end-to-end security, can be deployed at full Internet scale and is compatible with today's email protocols. But if others are more optimistic then I'm all for 'em trying to figure it out and would be delighted to be proven wrong. Cheers, S. I think compatibility is the feature that will have to go. Kill SMTP and move on. You cannot rewrite ancient protocols that were never intended to be secure to add security. Go total secure and then allow people to back some of it out if they need compatibility with older systems. Tamzen -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.