[liberationtech] NSA Spy Scandal's Impact on US-EU Relations on April 15
From: FSI Events snel...@stanford.edu The Europe Center and the Freeman Spogli Institute invite you to attend: Assessing the Impact of the NSA Spy Scandal on American-European Relations with Ulrich Wilhelm Director General of Bavarian Broadcasting (BR) TUESDAY, APRIL 15th 12:00PM - 1:30PM Oksenberg Conference Room, Encina Hall (3nd floor) Please RSVP by April 11 at: http://europe.stanford.edu/events/registration/8118/ A light lunch will be provided The Europe Center Freeman Spogli Institute for International Studies and The Stanford Global Studies Division http://europe.stanford.edu -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] Wanted: arkOS Volunteer Associate Program Director
The CitizenWeb Project (developer of self-hosted server and data sharing platform arkOS) is looking for a volunteer Associate Program Director to help start a team! If you are in Montreal, Toronto, Ottawa or New York City, check it out: https://citizenweb.is/news/2014/03/assistant-program-director/ Please share far and wide if you know someone who might be interested. Thanks! -- Jacob Cook ja...@peakwinter.net https://peakwinter.net -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] How to make Whonix really user friendly? Looking for your suggestions!
TLDR: Future Directions - Where Whonix wants to be in 2 or 5 years? Do we want Whonix to be for average users or just for those with unix knowledge? Whonix is a useful tool for some already, got many fans. How can we make Whonix really user friendly to allow mass adaption by regular people who need anonymity most? Long: It seems, Whonix limits itself by its two machines design. [1] It's not exactly simple and user friendly to say you first need to get VirtualBox, then import these two VMs, then start Whonix-Gateway, then start Whonix-Workstation or use physical isolation [2]. How could that be improved while keeping Whonix's design? In the last days many had great ideas. One was to create a hardware appliance. Whonix running as physically isolated gateway running on devices such as Raspberry PI or OpenWRT or creating a Tor WiFi Hotspot (a WiFi hotspot once using it, torifying the whole connection). The issue is, having a route everything through Tor approach alone doesn't make it anymore nowadays. If someone would run their usual applications, such as their Firefox or Internet Explorer browser they used for non-anonymous stuff beforehand over Tor, they wouldn't be anonymous at all due to (flash) cookies, browser fingerpriting [3] and so forth. Saying plug this hardware appliance between your router and your computer AND install this client package also doesn't sound exactly simple. Another idea was to create a Whonix Live DVD. But even if we managed to create one, it would still be clumsy to say you have to burn this iso to DVD, then boot it, then start Whonix-Gateway, then start Whonix-Workstation. Jason Ayala suggested to create an Whonix USB installer [4]. It would still be clumsy (as above), but installing Whonix would get simpler and more encouraging to use a non-Windows, separate operating system. We then would have to support lots of different hardware, but additional support by funding [5] this would be possible. Users still would have to figure out how to boot from USB, which is not entirely trivial due to different BIOS implementations. Also secure boot [6] won't make this simpler. Cerberus raised the idea to make Whonix fully managed. Perhaps he meant to enable automatic updates [7] for the host, Whonix-Gateway and Whonix-Workstation. Whonix-Gateway could then be fully managed and hidden from non-advanced users. However, there are some settings that need to be set up on Whonix-Gateway, such as settings for Tor bridges [8]. Maybe a Whonix-Host operating system could ssh into Whonix-Gateway to manage it. Or maybe while we're at discussing a Whonix-Host operating system, we should revive the OneVM [9] concept? In essence, we're shipping Whonix-Gateway as VM package, because it is a simpler and more robust implementation to support a variety of different host operating systems and configurations. As long as Whonix doesn't provide a host operating system, the two VM solution is more robust. But if Whonix is enters the next stage of evolution, i.e. by shipping a host operating system, the OneVM concept may work better. The idea to add Whonix to the usual app stores, such as Windows / Mac app store as well as “sudo apt-get install whonix” has been raised as well. This wouldn’t make Whonix less clumsy (still two VMs), but it would make installation simpler and more secure. In summary, we're not sure yet where the journey should go to. We'd appreciate the input of the community. Please share ideas on how Whonix could become really usable while not sacrificing security. Footnotes: [1] https://www.whonix.org/w/images/9/90/Whonix.jpg [2] https://www.whonix.org/wiki/Dev/Build_Documentation/Physical_Isolation [3] https://www.torproject.org/projects/torbrowser/design/ [4] https://www.whonix.org/forum/index.php/topic,205.0.html [5] https://www.whonix.org/forum/index.php/topic,201.0.html [6] https://en.wikipedia.org/wiki/Unified_Extensible_Firmware_Interface#Secure_boot_criticism [7] https://www.whonix.org/wiki/Dev/Automatic_Updates [8] https://www.whonix.org/wiki/Bridges [9] https://www.whonix.org/wiki/OneVM -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] How to make Whonix really user friendly? Looking for your suggestions!
As I suggested once in the past for another project, you could bundle up all the software in one package, and either run it on dedicated hardware *and VNC into it* to use it's secure browser, or run it locally in which case you interact directly with the VM (and it can still have multiple VMs if a script or other software makes the process entirely automatic). A dedicated box should support multiple simultaneous VNC users. - Sent from my phone Den 26 mar 2014 20:26 skrev Patrick Schleizer adrela...@riseup.net: TLDR: Future Directions - Where Whonix wants to be in 2 or 5 years? Do we want Whonix to be for average users or just for those with unix knowledge? Whonix is a useful tool for some already, got many fans. How can we make Whonix really user friendly to allow mass adaption by regular people who need anonymity most? Long: It seems, Whonix limits itself by its two machines design. [1] It's not exactly simple and user friendly to say you first need to get VirtualBox, then import these two VMs, then start Whonix-Gateway, then start Whonix-Workstation or use physical isolation [2]. How could that be improved while keeping Whonix's design? In the last days many had great ideas. One was to create a hardware appliance. Whonix running as physically isolated gateway running on devices such as Raspberry PI or OpenWRT or creating a Tor WiFi Hotspot (a WiFi hotspot once using it, torifying the whole connection). The issue is, having a route everything through Tor approach alone doesn't make it anymore nowadays. If someone would run their usual applications, such as their Firefox or Internet Explorer browser they used for non-anonymous stuff beforehand over Tor, they wouldn't be anonymous at all due to (flash) cookies, browser fingerpriting [3] and so forth. Saying plug this hardware appliance between your router and your computer AND install this client package also doesn't sound exactly simple. Another idea was to create a Whonix Live DVD. But even if we managed to create one, it would still be clumsy to say you have to burn this iso to DVD, then boot it, then start Whonix-Gateway, then start Whonix-Workstation. Jason Ayala suggested to create an Whonix USB installer [4]. It would still be clumsy (as above), but installing Whonix would get simpler and more encouraging to use a non-Windows, separate operating system. We then would have to support lots of different hardware, but additional support by funding [5] this would be possible. Users still would have to figure out how to boot from USB, which is not entirely trivial due to different BIOS implementations. Also secure boot [6] won't make this simpler. Cerberus raised the idea to make Whonix fully managed. Perhaps he meant to enable automatic updates [7] for the host, Whonix-Gateway and Whonix-Workstation. Whonix-Gateway could then be fully managed and hidden from non-advanced users. However, there are some settings that need to be set up on Whonix-Gateway, such as settings for Tor bridges [8]. Maybe a Whonix-Host operating system could ssh into Whonix-Gateway to manage it. Or maybe while we're at discussing a Whonix-Host operating system, we should revive the OneVM [9] concept? In essence, we're shipping Whonix-Gateway as VM package, because it is a simpler and more robust implementation to support a variety of different host operating systems and configurations. As long as Whonix doesn't provide a host operating system, the two VM solution is more robust. But if Whonix is enters the next stage of evolution, i.e. by shipping a host operating system, the OneVM concept may work better. The idea to add Whonix to the usual app stores, such as Windows / Mac app store as well as “sudo apt-get install whonix” has been raised as well. This wouldn’t make Whonix less clumsy (still two VMs), but it would make installation simpler and more secure. In summary, we're not sure yet where the journey should go to. We'd appreciate the input of the community. Please share ideas on how Whonix could become really usable while not sacrificing security. Footnotes: [1] https://www.whonix.org/w/images/9/90/Whonix.jpg [2] https://www.whonix.org/wiki/Dev/Build_Documentation/Physical_Isolation [3] https://www.torproject.org/projects/torbrowser/design/ [4] https://www.whonix.org/forum/index.php/topic,205.0.html [5] https://www.whonix.org/forum/index.php/topic,201.0.html [6] https://en.wikipedia.org/wiki/Unified_Extensible_Firmware_Interface#Secure_boot_criticism [7] https://www.whonix.org/wiki/Dev/Automatic_Updates [8] https://www.whonix.org/wiki/Bridges [9] https://www.whonix.org/wiki/OneVM -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is public
Re: [liberationtech] [tor-talk] How to make Whonix really user friendly? Looking for your suggestions!
On 3/27/14, Patrick Schleizer adrela...@riseup.net wrote: TLDR: Future Directions - Where Whonix wants to be in 2 or 5 years? Do we want Whonix to be for average users or just for those with unix knowledge? Whonix is a useful tool for some already, got many fans. How can we make Whonix really user friendly to allow mass adaption by regular people who need anonymity most? I haven't yet read about how whonix works, but this has been on my mind: Have a VM creator driven by debootstrap or similar type script that depends on debootstrap to do early install. I believe that a lot of developers and even some non-developers have local or local-partial mirrors, and so debootstrap is in these cases very quick. Also, for those who have a (partial) local mirror, building an image may well be quicker than downloading an image. There are also those of us (like me) who live in rural areas and mostly only have access to slow high-latency and low bandwidth (1GiB per month) links to the internet - but I do sync a local debian mirror every week or two. So for me with a local mirror, if there were a small debootstrap like package for creating a whonix image, that is certainly what I'd use. That script or program could also be used to create a Linux lightweight container too, rather than a full VM (breathes more life into older hardware). Now if that script is driven by a YAML configuration file (or .INI or whatever you guys have chosen already, but I don't like XML), then it should be easy to build a GUI on top of this Whonix-creator script for customization of your new image (ie customization of the config file, before the script is run). This might be considered 'advanced install' only, but I do believe that by facilitating the so-called advanced or power users, or developers, you actually build a far higher loyalty to your project much more quickly than you would otherwise. You see, we are the ones who would build such images and install them for our friends and acquaintances. We are the ones who advocate a particular solution/ option/ set-up, and more often than not do that installation. So, you want to be pleasing us! Well, I should say, _we_ want to be pleasing ourselves by making our own lives easier - we should firstly target ourselves. And of course, such a simple 'advanced user' design, of course lends itself to easy image creation for download, for those who find the 'advanced' configuration gui too, daunting shall we say :) Good luck Zenaan -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] [SPAM:###] Toward a network commons: Building an Internet for and by the people.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Greetings Libtech, A coalition of free/libre community-owned networks around the world has submitted an application for a Knight News Challenge grant aimed at strengthening the Internet for free expression and innovation. https://www.newschallenge.org/challenge/2014/submissions/toward-a-network-commons-building-an-internet-for-and-by-the-people Please check it out, give us feedback in the form of Comments, and some Applause if you dig the idea! The goal of funding is trifold: * To support the development of the Network Commons License[1] and an organization to uphold it, * To support an international Free Networks summit to gather together representatives of free networks[2] in one place to share ideas and resources toward creating the aforementioned organization, * To support the creation of educational materials, workshops, and guides for the construction and maintenance of free networks. [1] There is currently an effort underway to develop a Network Commons License - similar to a Creative Commons License - to enable legal support for free networks. Two weeks ago, a group of folks representing Sudo Mesh, wlan-slovenija, LA Meshnet, Kansas City Freedom Network and Austin Freenet converged in Austin for the Free Network Foundation's winter summit. It was an awesome, intensive couple of days with remote participation from several other groups. You can read notes from the summit here: https://commons.thefnf.org/index.php/2014WinterSummitMondayNotes * Draft of the Free Network Definition: https://commons.thefnf.org/index.php/Free_network_definition * Draft of the Network Commons License: https://commons.thefnf.org/index.php/Network_Commons_License [2] The following groups helped draft the Knight News Challenge proposal, and we intend to reach out to many more in the coming weeks: * Sudo Mesh, launching the People's Open Network in Oakland, CA * Kansas City Freedom Network, in close alliance with the Free Network Foundation in Kansas City, MO. * wlan-slovenija across Slovenia and connecting Austria and Croatia! * Altermundi in Argentina * Guifi.net in Catalonia * Freifunk in Germany * Ninux in Italy * MedellinLibre in Medellin, Columbia * Village Telco in South Africa * Fédération FDN in France Please forward this along to other free network groups not currently included on this roster! Twitter Post (precisely 140 characters): Support an international coalition of community #mesh networks: Applaud our #newschallenge proposal for a net commons kng.ht/1dmIsCF On Reddit: http://www.reddit.com/r/darknetplan/comments/20wm92/toward_a_network_commons_building_an_internet_for/ Many thanks for your support, Jenny Ryan http://jennyryan.net http://sudomesh.org http://thevirtualcampfire.org http://technomadic.tumblr.com `~`~`~`~`~`~`~`~`~`~`~`~`~`~`~`~`~`~` Technology is the campfire around which we tell our stories. - -Laurie Anderson Storytelling reveals meaning without committing the error of defining it. -Hannah Arendt To define is to kill. To suggest is to create. - -Stéphane Mallarmé ~`~`~`~`~`~`~`~`~`~`~`~`~`~`~`~`~`~` - -- Jenny http://jennyryan.net http://sudomesh.org http://thevirtualcampfire.org http://technomadic.tumblr.com `~`~`~`~`~`~`~`~`~`~`~`~`~`~`~`~`~`~` Technology is the campfire around which we tell our stories. - -Laurie Anderson Storytelling reveals meaning without committing the error of defining it. -Hannah Arendt To define is to kill. To suggest is to create. - -Stéphane Mallarmé ~`~`~`~`~`~`~`~`~`~`~`~`~`~`~`~`~`~` -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJTM4GtAAoJEHTWWpBUSeDhJIYH/2ekAnlDbuAsEoGwLIwfwHhG 9BLh1sGQQ+Qq6WLHnCQ+qPRKLKqiIcxAYrqhy778exKIzgJycFUhzd9SwT9ZG2rF L3QpDrAThRY/IP2IVbDVhu/WcjjIOuYC8ou6zsT7zoAU8R5Fnf0ZKGQMmBmuRwy5 QnwoyGX9dkBsQg0KdEP6z2KbC3/jikzsfUn7qXWftr3bEwXyLJNwj2ycon/OoHM4 8f8SZDGD126MzVwh0ufm/kyONLoh5+p+0M18fXPWLbrkFX0K2jJm49RBWUF0k/JR Ib5lFnD13iwN2wAAadgMwo1iLPfbW5oS+mFM1V1FAXQbr+qyoiOC9n4HIHPMK5s= =J3qi -END PGP SIGNATURE- -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] The National Security Agency at the Crossroads (Austin: Apr 3-4)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 The National Security Agency at the Crossroads (Austin: Apr 3-4) https://strausscenter.org/details/279-privacy-surveillance-and-the-nsa.html If you review the agenda and speaker list, you'll see this event is a pretty big deal. The Intelligence Studies Project is a joint venture of the Strauss Center and Clements Center at the University of Texas at Austin, aiming to encourage policy-relevant academic inquiry into the past, present, and future of intelligence agencies and the legal, policy, and technological environments in which they operate. Nothing better illustrates the need for such inquiry than the events of the past year surrounding the National Security Agency. As part of a larger effort to improve public understanding of those events, the Robert S. Strauss Center for International Security and Law and the William P. Clements Jr. Center for History, Strategy Statecraft are hosting a major interdisciplinary conference focused on the NSA from April 3rd through 4th. It will cover topics including the history of the NSA, the role of the media in revealing classified information about its activities, the legal architecture in which it operates, the compliance and oversight mechanisms associated with the NSA, the diplomatic fallout from the recent revelations, and the prospects for reform. Although open to the public, the event is already waitlisted. I'm aware of at least a few concerned citizens who signed up to attend and plan to document the event through various channels. http://www.eventbrite.com/e/privacy-surveillance-and-the-nsa-tickets-8953832153 If you have an interest in this event you'd like to discuss, please contact me off list. gf - -- Gregory Foster || gfos...@entersection.org @gregoryfoster http://entersection.com/ -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.19 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBCgAGBQJTM62eAAoJEMaAACmjGtgj8NsP/AxHR2VOTHivwqv7MmnkZ9kS l+kFi9RC9ZB0e80jAljc32FnIRWhhmry1/BOU9dgtWEzmcpfInAQdTHV01droXT1 XlxiEvVfv5Sh7Ln3gE4nv2UgUFTy8GXZAmRoVilr/SCietQd5nOFoWhzLPEsnfGw PYAUE5FHu4Sh2tEcCJDSGPZOe/Rd7QvlU4qd3drTOwnC840X5x0CtylGXVWHxMcl K/nAzuMkhB+Zd3tErka2yR7vw42Ch5PeT6qN3c5TtLywhAVSamqQjzWfeJdx6NMk /F89Q8oJcJ1zLfpePhuj+m4FRCTq3/ONmk+d4NpwRAP5v+BeXk4EyHadibf5GJX2 7IUlR77p1cTi//QvwvkQq0iBnESBDRu+JaUI8fX2bluuIK9PZnS/AJG4A8KE9ujo wciHmFk0uAuxw5GqHNF0VLo8JQjc2DDNcmsHheVXuzE9txMShdgonWPoxVfouXys JetLGAZwFhbxfku5bXpqVYnNLQi5FfMaIEZ6saT8cEWdbuCpbuXKSAsEMSY/LIjK DaITHHO+YiRD7qlM/TakpI934F925k4pQ3rA3Y32ObihacjQHysN2LkOhUPuITY7 RLbUCbww1Dcb0QGUgib7INSRTWnN+vt+fsN07jgTtXr60VfXdGF3pUHAxqZ9d/nX esziR2DQx3s7u+15clcf =Wdx1 -END PGP SIGNATURE- -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.