Re: [liberationtech] [Freedombox-discuss] BTNS on Freedombox
Any Debian developers listening? - Forwarded message from Jonas Smedegaard d...@jones.dk - Date: Thu, 13 Jun 2013 01:28:18 +0200 From: Jonas Smedegaard d...@jones.dk To: Eugen Leitl eu...@leitl.org, freedombox-disc...@lists.alioth.debian.org Subject: Re: [Freedombox-discuss] BTNS on Freedombox User-Agent: alot/0.3.4 Quoting Eugen Leitl (2013-06-12 20:47:07) On Wed, Jun 12, 2013 at 07:48:30PM +0200, Jonas Smedegaard wrote: Quoting Eugen Leitl (2013-06-12 17:46:54) Do you see why IPv4/IPv6 BTNS wouldn't be a good out-of-the box feature for the Freedombox? Uhm, could you please elaborate a bit on that? Bitch That Need Slappin' and Toolbar Control and Button Styles are some of the options coming up when I try figure out the meaning of that acronym. Oh, right. I always thought that acronym was rather unfortunate. It's Better Than Nothing Security, http://tools.ietf.org/html/rfc5386 an opportunistic encryption IPsec mode that omits authentication, and hence the whole PKI/DNS key publishing overhead. The result is resistant to passive taps, but not active (MITM) traffic tampering on the wire (which is great, since latter is expensive, and forces you to show your hand, and hence is detectable in principle, which ups the stakes in the game). There are already some implementations, albeit labeled experimental. It could be a low-work way to make a lot of traffic go dark, and annoy some professionals. Thanks for clarifying. Sounds cool, but also sounds like something that needs maturing. FreedomBox is a server engineered by us geeks to be owned fully by non-geeks, and therefore have *no* system administrator. That means there is even less room for failure than the servers we run ourselves. I strongly believe that any and all pieces that we put into FreedomBox should already be in common use among geeks. Eat our own dog food, so to speak. To me that means we can *only* include in FreedomBox what is in Debian. So way forward for this is to get it into Debian. If it is patches to kernel drivers then work with Linux upstream to get the code into mainline branch, as it is highly unlikely that the Debian kernel team will be convinced to take the burden of maintaining it on their own. If it is patches to ipsec or another independent tool then file bugreports against the relevant package if/when mature enough for production use. Parallel to that, it might make sense already now to jot it onto one of the wiki pages for FreedomBox, for tracking its progress. But beware that FreedomBox wiki pages is *not* progress, only monitoring - always need action elsewhere to be of use. Hope that helps, - Jonas -- * Jonas Smedegaard - idealist Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private - End forwarded message - -- Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org __ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5 -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] FW: [Ottawadissenters] Infinite Romeo: The Secret Government Program to Manipulate Dating Sites
Now we know. M From: ottawadissent...@yahoogroups.com [mailto:ottawadissent...@yahoogroups.com] On Behalf Of Steve Kurtz Sent: Thursday, June 13, 2013 6:48 AM Subject: [Ottawadissenters] Infinite Romeo: The Secret Government Program to Manipulate Dating Sites http://dailycurrant.com/2013/06/12/infinite-romeo-the-secret-government-prog ram-to-manipulate-dating-sites/ http://dailycurrant.com/2013/06/12/infinite-romeo-the-secret-government-pro gram-to-manipulate-dating-sites/?utm_source=rssutm_medium=rssutm_campaign= infinite-romeo-the-secret-government-program-to-manipulate-dating-sites __._,_.___ http://groups.yahoo.com/group/Ottawadissenters/post;_ylc=X3oDMTJybHMxZzJjBF 9TAzk3MzU5NzE0BGdycElkAzE1MjA5MDU5BGdycHNwSWQDMTcwNTA4MzUxMgRtc2dJZAMyNTI0NQ RzZWMDZnRyBHNsawNycGx5BHN0aW1lAzEzNzExMjA0ODc-?act=replymessageNum=25245 Reply via web post mailto:kur...@ncf.ca?subject=Re%3A%20Infinite%20Romeo%3A%20The%20Secret%20G overnment%20Program%20to%20Manipulate%20Dating%20Sites%20 Reply to sender mailto:ottawadissent...@yahoogroups.com?subject=Re%3A%20Infinite%20Romeo%3A %20The%20Secret%20Government%20Program%20to%20Manipulate%20Dating%20Sites%20 Reply to group http://groups.yahoo.com/group/Ottawadissenters/post;_ylc=X3oDMTJmdTYxdTA1BF 9TAzk3MzU5NzE0BGdycElkAzE1MjA5MDU5BGdycHNwSWQDMTcwNTA4MzUxMgRzZWMDZnRyBHNsaw NudHBjBHN0aW1lAzEzNzExMjA0ODc- Start a New Topic http://groups.yahoo.com/group/Ottawadissenters/message/25245;_ylc=X3oDMTM3Z mlzNWprBF9TAzk3MzU5NzE0BGdycElkAzE1MjA5MDU5BGdycHNwSWQDMTcwNTA4MzUxMgRtc2dJZ AMyNTI0NQRzZWMDZnRyBHNsawN2dHBjBHN0aW1lAzEzNzExMjA0ODcEdHBjSWQDMjUyNDU- Messages in this topic (1) Recent Activity: http://groups.yahoo.com/group/Ottawadissenters;_ylc=X3oDMTJmYnFkYjlwBF9TAzk 3MzU5NzE0BGdycElkAzE1MjA5MDU5BGdycHNwSWQDMTcwNTA4MzUxMgRzZWMDdnRsBHNsawN2Z2h wBHN0aW1lAzEzNzExMjA0ODY- Visit Your Group http://groups.yahoo.com/;_ylc=X3oDMTJlamVsc2t1BF9TAzk3NDc2NTkwBGdycElkAzE1M jA5MDU5BGdycHNwSWQDMTcwNTA4MzUxMgRzZWMDZnRyBHNsawNnZnAEc3RpbWUDMTM3MTEyMDQ4N w-- Yahoo! Groups Switch to: mailto:ottawadissenters-traditio...@yahoogroups.com?subject=Change%20Delive ry%20Format:%20Traditional Text-Only, mailto:ottawadissenters-dig...@yahoogroups.com?subject=Email%20Delivery:%20 Digest Daily Digest . mailto:ottawadissenters-unsubscr...@yahoogroups.com?subject=Unsubscribe Unsubscribe . http://docs.yahoo.com/info/terms/ Terms of Use . mailto:ygroupsnotificati...@yahoogroups.com?subject=Feedback%20on%20the%20r edesigned%20individual%20mail%20v1 Send us Feedback . http://geo.yahoo.com/serv?s=97359714/grpId=15209059/grpspId=1705083512/msgI d=25245/stime=1371120487 __,_._,___ -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] FW: [Ottawadissenters] Infinite Romeo: The Secret Government Program to Manipulate Dating Sites
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 06/13/2013 07:51 AM, michael gurstein wrote: Now we know? Kevin Flynn... Hee hee hee... - -- The Doctor [412/724/301/703] [ZS] Developer, Project Byzantium: http://project-byzantium.org/ PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ So light your candles, and may SERVER protect us all. --Sean Kennedy VI -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.20 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlG53r8ACgkQO9j/K4B7F8HYbgCfXqWrWW9BI1F4f4zU0y2Nk5N2 dqcAmgP16nfQCltay6jDGycXOQffJTam =sjDT -END PGP SIGNATURE- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Brazilian Internet Privacy Rights
[From Carolina Rossini -- great to have an English translation, so thought I'd pass it along. 3 ] Hi all, Taking in consideration all the recent news, I would like to share with you the current version of the Brazilian Internet Bill of Rights (Marco Civil) in English. This is not the same version available in the Brazilian Congress website, it is the final version put out by House Representative Molon (thus, newer). There is a positive right to privacy in our bill, so it would be interesting to think if this is the time to ask the same in other countries. Below, articles 3, 8 and 10 that deal with the issue. Article 10 has been criticized by privacy advocates from other countries due to log retention, but I do feel it is something that has been incorporated in our culture, since been debated since 2000 in Brazil and the bill also requeres court order (even before we started the Marco Civil debate). *Article 3 The regulation of Internet use in Brazil underlies the following principles:* *II – protecting privacy;* *Article 8 Protection of the right to privacy and freedom of expression in communications is a prerequisite for the full enforcement of the right of access to the Internet.* *Article 10. Record retention of Internet connection and access to application logs, for the purposes of this Act, must protect the privacy, private life, honor and image of the parties directly or indirectly involved.* *§ 1 The provider responsible for record retention will only be required to provide the aforementioned logs, alone or combined with other information that may help identifying a user or terminal, upon court order, as set forth in Section IV of this Chapter.* * * *§ 2 Security and confidentiality measures and procedures must be communicated by the connectivity services provider and clearly meet the standards set forth by regulation.* * § 3 Breach of the aforementioned confidentiality right is subject to criminal, civil or administrative sanctions.* I will host Mr. Molon next week in meetings at Harvard (including at Berkman). So, if you have any thoughts or questions you want to ask him or contributions, please let me know. Talking to his assessors, we concluded that a letter of support, or words of support focused on how Marco Civil creates a positive right to privacy are also timely adequate and welcomed. Thank you, Carol -- *Carolina Rossini* http://carolinarossini.net/ *carolina.ross...@gmail.com* -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] [cryptography] [ipv6hackers] opportunistic encryption in IPv6
On Jun 12, 2013, at 4:25 PM, Nico Williams n...@cryptonector.com wrote: There have been many proposed ways of doing roughly the same thing. To my knowledge not one has succeeded wildly. RFC5660 has not been implemented. Lacking IPsec channels one needs something like CGA to ensure peer key/ID continuity, as otherwise IPsec only authenticates individual packets (and their senders), not *packet flows*, which wouldn't be a problem if IP addresses weren't assigned dynamically. Any reasonable way to bootstrap this off DNSSEC and dynamic DNS in the in-addr? More complicated than DANE, but if the key distribution is the hard part, and DNSSEC solved that, I'd rather do the hard part once and get the benefit of it for multiple other protocols, rather than reinvent the wheel each time. -Bill -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] NSA Director Alexander @ Senate Appropriations Committee (Jun 12)
readers of this list may find interesting a brief analysis I've just posted of the discrepancies between General Alexander's testimony and media coverage of it--from the actual testimony it appears he did not mean to be claiming that dozens of terrorists attacks were prevented via collection of phone records, despite nearly every news source today using that as a headline: Through the PRISM of Media Distortions (of BLARNEY) http://www.uncomputing.org/?p=262 David On Thu, Jun 13, 2013 at 12:10 PM, Kyle Maxwell ky...@xwell.org wrote: Thanks for this. His comments on Guarding Privacy and Civil Liberties are as follows: Let me emphasize that our nation’s security in cyberspace is not a matter of resources alone. It is an enduring principle and an imperative. Everything depends on trust. We operate in a way that ensures we keep the trust of the American people because that trust is a sacred requirement. We do not see a tradeoff between security and liberty. It is not a choice, and we can and must do both simultaneously. The men and women of USCYBERCOM and NSA/CSS take this responsibility very seriously, as do I. Beyond my personal commitment to do this right, there are multiple oversight mechanisms in place. Given the nature of our work, of course, few outside of our Executive, Legislative and Judicial Branch oversight bodies can know the details of what we do or see that we operate every day under strict guidelines and accountability within one of the most rigorous oversight regimes in the U.S. Government. For those of you who do, and who have the opportunity to meet with the men and women of USCYBERCOM and NSA/CSS, you have seen for yourself how seriously we take this responsibility and our commitment to earning and maintaining your trust. Someday - not today, of course, but someday - they're going to get it about increased transparency. Some things will and should remain secret, but not anywhere near the extent of today. I hope that day comes sooner rather than later. On Wed, Jun 12, 2013 at 11:51 PM, Gregory Foster gfos...@entersection.org wrote: U.S. Senate Committee on Appropriations (Jun 12) - Hearing on Cybersecurity: http://www.appropriations.senate.gov/ht-full.cfm?method=hearings.viewid=33dda6f9-5d83-409d-a8c5-7ada84b0c598 Complete video of the hearing and prepared testimony of each of the witnesses is linked here. This previously scheduled hearing received some press today as it was General Keith B. Alexander's first public appearance since the inception of the Snowden event. The General's prepared testimony provides a useful primer on the NSA/CSS and its relationship with Cyber Command - the US military branch active in the networked domain (PDF download): http://www.appropriations.senate.gov/ht-full.cfm?method=hearings.downloadid=6ae112a2-f7e1-4c6e-92a9-bd7b16f2824e gf -- Gregory Foster || gfos...@entersection.org @gregoryfoster http://entersection.com/ -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- David Golumbia dgolum...@gmail.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] NSA Director Alexander @ Senate Appropriations Committee (Jun 12)
Reminds me of a recent comment from someone I was training: Government information should be public. Personal information should be private. Unfortunately, we have it backwards. On 06/13/2013 12:10 PM, Kyle Maxwell wrote: Thanks for this. His comments on Guarding Privacy and Civil Liberties are as follows: Let me emphasize that our nation’s security in cyberspace is not a matter of resources alone. It is an enduring principle and an imperative. Everything depends on trust. We operate in a way that ensures we keep the trust of the American people because that trust is a sacred requirement. We do not see a tradeoff between security and liberty. It is not a choice, and we can and must do both simultaneously. The men and women of USCYBERCOM and NSA/CSS take this responsibility very seriously, as do I. Beyond my personal commitment to do this right, there are multiple oversight mechanisms in place. Given the nature of our work, of course, few outside of our Executive, Legislative and Judicial Branch oversight bodies can know the details of what we do or see that we operate every day under strict guidelines and accountability within one of the most rigorous oversight regimes in the U.S. Government. For those of you who do, and who have the opportunity to meet with the men and women of USCYBERCOM and NSA/CSS, you have seen for yourself how seriously we take this responsibility and our commitment to earning and maintaining your trust. Someday - not today, of course, but someday - they're going to get it about increased transparency. Some things will and should remain secret, but not anywhere near the extent of today. I hope that day comes sooner rather than later. On Wed, Jun 12, 2013 at 11:51 PM, Gregory Foster gfos...@entersection.org wrote: U.S. Senate Committee on Appropriations (Jun 12) - Hearing on Cybersecurity: http://www.appropriations.senate.gov/ht-full.cfm?method=hearings.viewid=33dda6f9-5d83-409d-a8c5-7ada84b0c598 Complete video of the hearing and prepared testimony of each of the witnesses is linked here. This previously scheduled hearing received some press today as it was General Keith B. Alexander's first public appearance since the inception of the Snowden event. The General's prepared testimony provides a useful primer on the NSA/CSS and its relationship with Cyber Command - the US military branch active in the networked domain (PDF download): http://www.appropriations.senate.gov/ht-full.cfm?method=hearings.downloadid=6ae112a2-f7e1-4c6e-92a9-bd7b16f2824e gf -- Gregory Foster || gfos...@entersection.org @gregoryfoster http://entersection.com/ -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Moving Martus forward
Dear LibTech, Brief update from us here at Benetech: we're pretty excited about the direction Martus is headed. We're working on all kinds of long-desired functionalities--built-in Tor integration, mobile write-only, translations, visualizations and onward. We've just released 4.2, with speed enhancements and some security improvements (and, for those interested: Burmese font compatibility!), and we're already working on 4.3. Have a look at what we're up to at https://martus.org And, what with all the exciting work to be done, we're looking for someone to manage a major software and training project as we develop Martus' next generation. You can read about the position here: http://www.benetech.org/join_us/position_postings.shtml#hrppm Please share that link around to anyone who seems a good fit or might be interested. And as always, we invite your input on how to make Martus better. Cheers, Collin Collin Sullivan Human Rights Program Associate Benetech Human Rights Program Email: colli...@benetech.org GPG:0x78657D4D XMPP: collin.sulli...@riseup.net OTR:A0946621 68E641FA 4DFBF9F0 10B20AA9 88601348 11C7957D 5A99DAF7 1D0DD4BC EE243287 943AD67A https://www.benetech.org - Technology Serving Humanity https://www.martus.org - Martus Human Rights Bulletin System -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Moving Martus forward
Awesome Collin. Sent from my BlackBerry 10 smartphone. From: Collin SullivanSent: Thursday, 13 June 2013 21:44To: liberationtech ListReply To: liberationtechSubject: [liberationtech] Moving Martus forwardDear LibTech,Brief update from us here at Benetech: we're pretty excited about the direction Martus is headed. We'reworking on all kinds of long-desired functionalities--built-in Tor integration, mobile write-only,translations, visualizations and onward. We've just released 4.2, with speed enhancements and somesecurity improvements (and, for those interested: Burmese font compatibility!), and we're already workingon 4.3. Have a look at what we're up to athttps://martus.orgAnd, what with all the exciting work to be done, we're looking for someone to manage a major software and training project as we develop Martus' next generation. You can read about the position here:http://www.benetech.org/join_us/position_postings.shtml#hrppmPlease share that link around to anyone who seems a good fit or might be interested. And as always, we invite your input on how to make Martus better.Cheers,CollinCollin SullivanHuman Rights Program AssociateBenetech Human Rights ProgramEmail: colli...@benetech.orgGPG: 0x78657D4DXMPP: collin.sulli...@riseup.netOTR: A0946621 68E641FA 4DFBF9F0 10B20AA988601348 11C7957D 5A99DAF7 1D0DD4BC EE243287943AD67Ahttps://www.benetech.org- Technology Serving Humanityhttps://www.martus.org - Martus Human Rights Bulletin System -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech-- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Secure and Cheap Provider in Sweden or Iceland?
Hey guys, In lieu of the recent NSA leaks, I'm going to transfer my website to a new provider in either Sweden or Iceland (because well, you never know). Griffin Boyce suggested I use moln.is, do you guys have any other suggestion? Any other kind of advice? Thanks! -- *Lorenzo Franceschi-Bicchierai *Mashable http://www.mashable.com Junior US World Reporter lore...@mashable.com | lorenzo...@gmail.com #: (+1) 917 257 1382 Twitter: @lorenzoFB http://www.twitter.com/lorenzoFB Skype: lorenzofb8 OTR: lorenz...@jabber.ccc.de www.lorenzofb.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Moving Martus forward
Oh gosh, I just have to ask. Which Burmese fonts? Dirk Slater Lead Consultant/Founder Fabriders www.fabriders.net twitter: fabrider skype: dirkslater On 13 Jun 2013, at 19:45, kipp.g...@gmail.com wrote: Awesome Collin. Sent from my BlackBerry 10 smartphone. From: Collin Sullivan Sent: Thursday, 13 June 2013 21:44 To: liberationtech List Reply To: liberationtech Subject: [liberationtech] Moving Martus forward Dear LibTech, Brief update from us here at Benetech: we're pretty excited about the direction Martus is headed. We're working on all kinds of long-desired functionalities--built-in Tor integration, mobile write-only, translations, visualizations and onward. We've just released 4.2, with speed enhancements and some security improvements (and, for those interested: Burmese font compatibility!), and we're already working on 4.3. Have a look at what we're up to at https://martus.org And, what with all the exciting work to be done, we're looking for someone to manage a major software and training project as we develop Martus' next generation. You can read about the position here: http://www.benetech.org/join_us/position_postings.shtml#hrppm Please share that link around to anyone who seems a good fit or might be interested. And as always, we invite your input on how to make Martus better. Cheers, Collin Collin Sullivan Human Rights Program Associate Benetech Human Rights Program Email:colli...@benetech.org GPG: 0x78657D4D XMPP: collin.sulli...@riseup.net OTR: A0946621 68E641FA 4DFBF9F0 10B20AA9 88601348 11C7957D 5A99DAF7 1D0DD4BC EE243287 943AD67A https://www.benetech.org - Technology Serving Humanity https://www.martus.org - Martus Human Rights Bulletin System -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Secure and Cheap Provider in Sweden or Iceland?
Sweden isn't much better when it comes to wiretapping: https://en.wikipedia.org/wiki/FRA_law. Iceland is probably a good choice. On Thu, Jun 13, 2013 at 2:51 PM, Lorenzo Franceschi Bicchierai lorenzo...@gmail.com wrote: Hey guys, In lieu of the recent NSA leaks, I'm going to transfer my website to a new provider in either Sweden or Iceland (because well, you never know). Griffin Boyce suggested I use moln.is, do you guys have any other suggestion? Any other kind of advice? Thanks! -- *Lorenzo Franceschi-Bicchierai *Mashable http://www.mashable.com Junior US World Reporter lore...@mashable.com | lorenzo...@gmail.com #: (+1) 917 257 1382 Twitter: @lorenzoFB http://www.twitter.com/lorenzoFB Skype: lorenzofb8 OTR: lorenz...@jabber.ccc.de www.lorenzofb.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Secure and Cheap Provider in Sweden or Iceland?
On 13 June 2013 19:51, Lorenzo Franceschi Bicchierai lorenzo...@gmail.com wrote: Hey guys, In lieu of the recent NSA leaks, I'm going to transfer my website to a new provider in either Sweden or Iceland (because well, you never know). Griffin Boyce suggested I use moln.is, do you guys have any other suggestion? Any other kind of advice? Thanks! -- Lorenzo Franceschi-Bicchierai Hi This company: http://ecodissident.net/ hosts websites out of Iceland specifically because of the Icelandic Modern Media Initiative (https://immi.is/): Iceland will become the inverse of a tax haven; by offering journalists and publishers some of the most powerful protections for free speech and investigative journalism in the world. Tax havens aim is to make everything opaque. Our aim is to make everything transparent. — Birgitta Jónsdóttir, the chief sponsor in parliament of the Icelandic Modern Media Initiative. Regards Bill Best -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Secure and Cheap Provider in Sweden or Iceland?
About Sweden: a person from the Swedish Pirate Party, which has a bunker data center there, was quoted in a video on Julian Assange saying that Sweden, in security matters, is the US lapdog. Best Regards | Cordiales Saludos | Grato, Andrés L. Pacheco Sanfuentes a...@acm.org +1 (817) 271-9619 On Thu, Jun 13, 2013 at 3:01 PM, Anthony Papillion anth...@cajuntechie.org wrote: On 06/13/2013 01:51 PM, Lorenzo Franceschi Bicchierai wrote: Hey guys, In lieu of the recent NSA leaks, I'm going to transfer my website to a new provider in either Sweden or Iceland (because well, you never know). Griffin Boyce suggested I use moln.is http://moln.is, do you guys have any other suggestion? Any other kind of advice? I know you're looking for out of the US providers, but why not consider hosting it yourself? If you've got the tech know-how, it's pretty easy and offers you a few more guarantees than putting it out at a provider. Of course, there's added costs and manpower which you may be wanting to avoid but, if not, why not consider that? A. -- Anthony Papillion Phone: 1.918.533.9699 SIP: sip:cajuntec...@iptel.org iNum:+883510008360912 XMPP:cypherpun...@jit.si www.cajuntechie.org -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Secure and Cheap Provider in Sweden or Iceland?
2013-06-13 20:51, Lorenzo Franceschi Bicchierai skrev: In lieu of the recent NSA leaks, I'm going to transfer my website to a new provider in either Sweden or Iceland (because well, you never know). Griffin Boyce suggested I use moln.is http://moln.is, do you guys have any other suggestion? Any other kind of advice? Hi, another choice is to find someone in Sweden willing to be your proxy to send an encased Raspberry Pi with installed SD card and power cable/adapter to FS Data, as they offer free (gratis) hosting with 1 Mb/s full duplex: Info [Swedish]: https://fsdata.se/server/raspberry-pi-colocation/ Requirements: Only 1 per Swedish citizen. Case max size: 10x3x7 cm You get: 1 routable, PTR:able IP (not IPv6 yet) and 100GB/month. Even if they would quit this gratis service after a couple of months (remember to keep backups ;)), it'd be worth the small cost of purchase and shipping. Their official response on the company blog is however that they're not going to end the gratis service in the foreseeable future. I've no idea whether FS Data are devoted to good privacy policies or anything. But then again, I don't think those things mean a whole lot when dealing with third-party hosting anyway. Any profit-driven company offering a service like this will either: 1) let the police take your computer when they come with a warrant. 2) be raided by the police so they get whichever computer they want. (even Bahnhof, who many will probably recommend as they have managed to pull several PR stunts on privacy and integrity, are fully commercial and won't stand up against the police if they have a warrant) Another choice is just to move here. Thanks to our relatively high taxes, we've got good healthcare and social security. You're very welcome (and we currently are in need of some more people fighting for a free internet, but no real panic just as of yet). -- Mikael Nordfeldth http://blog.mmn-o.se/ XMPP/mail: m...@hethane.se -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Internet blackout
On Tue, Jun 11, 2013 at 05:44:38PM -0400, Richard Brooks wrote: This lead me to start thinking about the possibility of deploying something like Fidonet as a tool for getting around Internet blackouts. Has anyone tried something like that? Usenet has long since demonstrated the ability to route around amazing amounts of damage and flakiness and to maintain communications over very slow (including sneakernet) links. Arguably, that sentence describes the normal operational state of the network on a typical summer day just like this one, 30 years ago. ;-) Usenet has some very nice properties for applications like this: 1. There is no centralization. Thus there is no single target to shut down or block. 2. Messages are not addressed to individuals. This frustrates some traffic analysis. 3. It's transport-agnostic. Messages can be passed via IP, via UUCP, by USB stick, CD, DVD, etc. 4. It's highly delay-tolerant. 5. It's content-agnostic. 6. It's highly fault-tolerant. 7. It doesn't require real-time IP connectivity. In areas where IP connectivity is scarce, expensive, intermittment, wiretapped or blocked, this is a big plus. 8. It's standardized. 9. Mature open-source software already exists for it. 10. Peering relationships can be ad-hoc. Not that it would work for this application as-is: the article duplication method would need to be replaced because the current one leaks origin information. But I think that's a solvable problem. I submitted a proposal on this very point a few months ago; haven't heard a thing back, so my guess is that's not going anywhere. But I think with a relatively modest investment, the additional code could be written and a testbed network constructed to figure out if this really is a viable architecture. My hunch (of course) is yes but I'd prefer to remain skeptical until there's some experimental evidence that it'll hold up under the kind of duress we've seen in various countries during the past few years. ---rsk -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] The people of Turkey need you: Can you translate from Turkish to English and/or other languages?
From: Lydia Lorenz Lada lydial...@gmail.com [gezipark.nadir.org] We need you: we need people who can translate from Turkish to English or other languages. If you want to help, send an email to gezip...@nadir.org http://gezipark.nadir.org/index_eng.html -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Internet blackout
Rich Kulawiec writes: Usenet has long since demonstrated the ability to route around amazing amounts of damage and flakiness and to maintain communications over very slow (including sneakernet) links. Arguably, that sentence describes the normal operational state of the network on a typical summer day just like this one, 30 years ago. ;-) Usenet has some very nice properties for applications like this: 1. There is no centralization. Thus there is no single target to shut down or block. 2. Messages are not addressed to individuals. This frustrates some traffic analysis. 3. It's transport-agnostic. Messages can be passed via IP, via UUCP, by USB stick, CD, DVD, etc. 4. It's highly delay-tolerant. 5. It's content-agnostic. 6. It's highly fault-tolerant. 7. It doesn't require real-time IP connectivity. In areas where IP connectivity is scarce, expensive, intermittment, wiretapped or blocked, this is a big plus. 8. It's standardized. 9. Mature open-source software already exists for it. 10. Peering relationships can be ad-hoc. These properties are really awesome. One thing that I'm concerned about is that classic Usenet doesn't really do authenticity. It was easy for people to spoof articles, although there would be _some_ genuine path information back to the point where the spoofed article originated. It seems like if we're talking about using Usenet in an extremely hostile environment, spoofing and forgery are pretty significant threats (including classic problems like spoofed control messages! but also cases of nodes modifying message content). A lot of the great properties you've mentioned above that Usenet has already demonstrated have more to do with performing well over slow or unreliable network links, but perhaps not over actively hostile ones. Some Usenet clients support PGP signing, but that may be of limited use unless most users can verify and generate signatures. -- Seth Schoen sch...@eff.org Senior Staff Technologist https://www.eff.org/ Electronic Frontier Foundation https://www.eff.org/join 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107 -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Agora Voting
From: Eduardo Robles Elvira edu...@wadobo.com https://agoravoting.com we're currently working in version 3.0 which will be the first cryptographically secure liquid democracy voting system. We're going to use the open source library verificatum for mixnets. Here is a description of the secure voting scheme [1]. We'd love to have some funded help to work on make this voting software robust. We've been doing this for a while all in our free time. There are tons of things to improve, audit and implement. In fact, we spent a lot of time putting a group of institutions together to request European Union funding but we didn't make the cut (it was the first time I tried such a thing). So if you are interested in our project or helping us out, please do not hesitate to contact with me and thanks for reading =) Regards, -- [1] https://blog.agoravoting.com/index.php/2013/01/03/agora-a-virtual-parliament/ -- Eduardo Robles Elvira +34 668 824 393skype: edulix2 http://www.wadobo.comit's not magic, it's wadobo!-- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Moving Martus forward
On Jun 13, 2013, at 10:15 PM, Dirk Slater wrote: Which Burmese fonts? Zawgyi. -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Schrodinger’s Catnip: Questions Answers on NSA Data Collection
From: Mark Rasch mdra...@aol.com Schrodinger’s Catnip DISCLAIMER: I know nothing about the NSA surveillance programs other than what I read in the papers. Thus, my legal analysis of the program may be completely wrong, since they are highly fact dependent. The NSA programs to retrieve and analyze telephone metadata and internet communications and files (the former I will call the telephony program, the latter codenamed PRISM) are at one and the same time narrow and potentially reasonably designed programs aimed at obtaining potentially useful information within the scope of the authority granted by Congress. They are, at one and the same time perfectly legal and grossly unconstitutional. It’s not that I am of two opinions about these programs. It is that the character of these programs are such that they have both characteristics at the same time. Like Schrodinger’s cat, they are both alive and dead at the same time – and a further examination destroys the experiment. Let’s look at the telephony program first. Telephone companies, in addition to providing services, collect a host of information about the customer including their name, address, billing and payment information (including payment method, payment history, etc.). When the telephone service is used, the phone company collects records of when, where and how it was used – calls made (or attempted), received, telephone numbers, duration of calls, time of day of calls, location of the phones from which the calls were made, and other information you might find on your telephone bill. In addition, the phone company may collect certain technical information – for example, if you use a cell phone, the location of the cell from which the call was made, and the signal strength to that cell tower or others. From this signal strength, the phone company can tell reasonably precisely where the caller is physically located (whether they are using the phone or not) even if the phone does not have GPS. In fact, that is one of the ways that the Enhanced 911 service can locate callers. The phone company creates these records for its own business purposes. It used to collect this primarily for billing, but with unlimited landline calling, that need has diminished. However, the phone companies still collect this data to do network engineering, load balancing and other purposes. They have data retention and destruction policies which may keep the data for as short as a few days, or as long as several years, depending on the data. Similar “metadata” or non-content information is collected about other uses of the telephone networks, including SMS message headers and routing information. Continuing with the Schrödinger analogy, the law says that this is private personal information, which the consumer does not own and for which the consumer has no expectation of privacy. Is that clear? Federal law http://www.law.cornell.edu/uscode/text/47/222 calls this telephone metadata “Consumer Proprietary Network Information” or CPNI. 47 U.S.C. 222 (c)(1) provides that: Except as required by law or with the approval of the customer, a telecommunications carrier that receives or obtains customer proprietary network information by virtue of its provision of a telecommunications service shall only use, disclose, or permit access to individually identifiable customer proprietary network information in its provision of (A) the telecommunications service from which such information is derived, or (B) services necessary to, or used in, the provision of such telecommunications service, including the publishing of directories. Surprisingly, the exceptions to this prohibition do not include a specific “law enforcement” or “authorized intelligence activity” exception. Thus, if the disclosure of consumer CPNI to the NSA under the telephony program is “required by law” then the phone company can do it. If not, it can’t. But wait, there’s more. At the same time that the law says that consumer’s telephone metadata is private, it also says that consumers have no expectation of privacy in that data. In a landmark 1979 decision, http://caselaw.lp.findlaw.com/scripts/getcase.pl?court=usvol=442invol=735 the United States Supreme Court held that the government could use a simple subpoena (rather than a search warrant) to obtain the telephone billing records of a consumer. See, these aren’t the consumer’s records. They are the phone company’s records. The Court noted, “we doubt that people in general entertain any actual expectation of privacy in the numbers they dial. All telephone users realize that they must convey phone numbers to the telephone company, since it is through telephone company switching equipment that their calls are completed. All subscribers realize, moreover, that the phone company has facilities for making permanent records of the numbers they dial, for they see a list of their long-distance (toll) calls on their monthly bills.” The court went
[liberationtech] Fwd: Schrodinger’s Catnip: Questions Answers on NSA Data Collection
Thank you for forwarding this, Yosem. For reference, here's the article online: http://www.raschcyber.com/1/post/2013/06/schrodingers-cat-nip.html The blog byline credits Mark Rasch and Sophia N. Hannah - and suggests that the authors are working on an analysis of PRISM, which I hope will also be forwarded to LibTech upon release. FYI, I've taken the liberty of replacing the original text forwarded to the list with a copy of the online text because the original character encoding introduced artifacts which made subsequent forwards hard to read. It also looks like there may have been subsequent edits. Thanks to the authors for this helpful analysis - gf Original Message Subject: [liberationtech] Schrodinger’s Catnip: Questions Answers on NSA Data Collection Date: Thu, 13 Jun 2013 20:09:23 -0700 (PDT) From: Yosem Companys compa...@stanford.edu Reply-To: liberationtech liberationtech@lists.stanford.edu To: Liberation Technologies liberationtech@lists.stanford.edu CC: Mark Rasch mdra...@aol.com From: Mark Rasch mdra...@aol.com Schrodinger's Catnip DISCLAIMER: I know nothing about the NSA surveillance programs other than what I read in the papers. Thus, my legal analysis of the program may be completely wrong, since they are highly fact dependent. The NSA programs to retrieve and analyze telephone metadata and internet communications and files (the former I will call the telephony program, the latter codenamed PRISM) are at one and the same time narrow and potentially reasonably designed programs aimed at obtaining potentially useful information within the scope of the authority granted by Congress. They are, at one and the same time perfectly legal and grossly unconstitutional. It’s not that I am of two opinions about these programs. It is that the character of these programs are such that they have both characteristics at the same time. Like Schrodinger’s cat, they are both alive and dead at the same time – and a further examination destroys the experiment. Let’s look at the telephony program first. Telephone companies, in addition to providing services, collect a host of information about the customer including their name, address, billing and payment information (including payment method, payment history, etc.). When the telephone service is used, the phone company collects records of when, where and how it was used – calls made (or attempted), received, telephone numbers, duration of calls, time of day of calls, location of the phones from which the calls were made, and other information you might find on your telephone bill. In addition, the phone company may collect certain technical information – for example, if you use a cell phone, the location of the cell from which the call was made, and the signal strength to that cell tower or others. From this signal strength, the phone company can tell reasonably precisely where the caller is physically located (whether they are using the phone or not) even if the phone does not have GPS. In fact, that is one of the ways that the Enhanced 911 service can locate callers. The phone company creates these records for its own business purposes. It used to collect this primarily for billing, but with unlimited landline calling, that need has diminished. However, the phone companies still collect this data to do network engineering, load balancing and other purposes. They have data retention and destruction policies which may keep the data for as short as a few days, or as long as several years, depending on the data. Similar “metadata” or non-content information is collected about other uses of the telephone networks, including SMS message headers and routing information. Continuing with the Schrödinger analogy, the law says that this is private personalinformation, which the consumer does not own and for which the consumer has no expectation of privacy. Is that clear? Federal law http://www.law.cornell.edu/uscode/text/47/222calls this telephone metadata “Consumer Proprietary Network Information” or CPNI. 47 U.S.C. 222 (c)(1) provides that: Except as required by law or with the approval of the customer, a telecommunications carrier that receives or obtains customer proprietary network information by virtue of its provision of a telecommunications service shall only use, disclose, or permit access to individually identifiable customer proprietary network information in its provision of (A) the telecommunications service from which such information is derived, or (B) services necessary to, or used in, the provision of such telecommunications service, including the publishing of directories. Surprisingly, the exceptions to this prohibition do not include a specific “law enforcement”or “authorized intelligence activity” exception. Thus, if the disclosure of consumer CPNI to the NSA under the telephony program is “required by law” then the phone company can do it. If not, it
