On 2016.11.15 02.57, Zacharia Gichiriri wrote:
> Hi,
>
> Are there any countries that have implemented a form of mobile voting?
> Is there any research on the potential, challenges and applicability of
> mobile voting?
> Considering the explosive growth of mobile phones across Africa, would
>
Hi folks,
I've started a new series of Patreon-supported[1] essays, many of which
will be relevant to folks here. The first one is up at
http://dymaxion.org/essays/pleasestop.html.
In it, I ask folks to stop writing secure messaging tools, not because
we have too many of them (although there
As far as I can tell, Reporta is a grade A example of a large NGO with a
reasonable degree of funding doing absolutely everything wrong in
application development and potentially putting their users at real
risk. IWMF has been completely unresponsive, but I'm hoping we can get
some meaningful
On 2015.01.26 21.06, J.M. Porup wrote:
Here's my reply:
Security Journalism, Full Speed Ahead! I’ll Go First
https://medium.com/@toholdaquill/security-journalism-full-speed-ahead-34e490742056
What a shocking failure at understanding what she wrote.
E.
--
Ideas are my favorite toys.
--
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2014.12.10 11.31, Dmitri Vitaliev wrote:
Dear Libtech
In recognition and celebration of Human Rights Day, eQualit.ie is
proud to release the first public draft of a provably secure
protocol for group messaging on the Internet
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2014.10.31 21.46, The Doctor wrote:
It may raise the hair on the backs of some of our necks, but
protestors have been known to find one another and organize
actions using Facebook. Facebook setting up a Tor hidden service
would not
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2014.10.06 01.56, Bill Cox wrote:
I will have an impact on the code going forward. Also, I am
entirely a pragmatist. I am an engineer, not a cryptographer, and
I build stuff that works in the real world. Can you explain a
deniable
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2014.10.01 04.22, Greg wrote:
On Sep 30, 2014, at 2:48 PM, Eleanor Saitta e...@dymaxion.org
wrote:
I don't have any field stories that I have permission to share,
but yes, I've heard of specific incidents.
Incidents involving our
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2014.10.02 20.39, Greg wrote:
There are different types of deniable encryption systems, with
very _different_ deniability properties.
What you're failing to see here, I think, is that your adversary is
almost never a cryptographer. You
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2014.10.02 21.37, Greg wrote:
Have you read everything in the reddit r/security link I sent you?
Of course not. It turns out I have other things to do than read
voluminous ramblings by folks on Reddit who don't actually do field
work. I'll
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2014.09.28 04.15, Greg wrote:
Dear Rory,
See this list on ArsTechnica's forum:
http://arstechnica.com/civis/viewtopic.php?f=21t=1245367
I work for Tao Effect LLC, our software is on that list, and you
can read about how its plausible
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2014.09.30 18.01, Jonathan Wilkes wrote:
Hi Eleanor, I understand the logic of the argument, but are there
news stories about people being harmed in the field due
specifically (or mainly) to deniability of the software they are
using? (Or
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2014.05.24 09.54, GALINDO Virginie wrote:
Anyway, thanks for taking the time to share your view with us. You
are pointing us to an interesting problem, that we discussed
intensively. We are currently trying to see how to word warning to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2014.01.31 11.31, Amin Sabeti wrote:
In the Iran case, I think using TrueCrypt would be better because
hiding files is more important than destroying it. For instance, it
would be not practical to destroy files when the authorities
confiscate
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.09.10 20.27, Lucas Gonze wrote:
Let's say major corps like ATT and Chase are doing favors for NSA.
Why would they if not for a quid pro quo?
And if they are getting favors in return, isn't that illegal?
I wonder if there is evidence
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.07.01 12.19, adrelanos wrote:
- you still have to tell the user you must download tool X before
you can download Y
This, of course, is a global problem everywhere. A secure channel
requires a shared secret, in this case between the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.07.01 15.15, Julian Oliver wrote:
..on Mon, Jul 01, 2013 at 06:03:01PM +, adrelanos wrote:
In response to the tool doesn't exist...
apt-get install tor torify wget http://path.to/file
And how did you verify the trust path for your
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.07.01 17.28, adrelanos wrote:
Eleanor Saitta:
On 2013.07.01 15.15, Julian Oliver wrote:
..on Mon, Jul 01, 2013 at 06:03:01PM +, adrelanos wrote:
In response to the tool doesn't exist...
apt-get install tor torify wget http
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.06.29 11.15, Jonathan Wilkes wrote:
It simply doesn't make sense to claim that someone didn't do
meaningful work when describing part of the research they've
done as awesome.
Wat?
I never said this work wasn't meaningful -- please
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.06.29 11.09, David Golumbia wrote:
put more simply: the notion of a privacy-preserving social
network is an inherent contradiction in terms.
No, it's totally not. You can definitely build systems that allow
people to have meaningful
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.06.29 11.49, David Golumbia wrote:
I really think that is wrong, because it looks at the problem from
a purely technical level.
I'm not. I'm trying to solve specific technical problems which
support larger social ends.
This is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
tl;dr-summary:
Surveillance is not a scale-free property, and the notion of
privacy is a notion that refers primarily to surveillance at scale.
Targeted exploitation attempts are expensive and that expense
represents the existing social contract
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.06.29 12.37, Jacob Appelbaum wrote:
Eleanor Saitta:
None of those tools exist right now, not for locational privacy
and metadata obfuscation.
I disagree about the existence. Perhaps, I think we might be able
to agree on certain values
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.06.28 03.37, Alireza Mahdian wrote:
First of all anonymity is not a goal here.
I'm going to come down on you kind of hard here, but it's not aimed at
you, it's aimed at everyone building systems like this.
A month ago, you could plausibly
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.06.28 04.21, Rich Kulawiec wrote:
On Fri, Jun 21, 2013 at 04:56:24PM +0100, Michael Rogers wrote:
I agree - no smartphones is sound advice. No phones is even
better. But the problem is, nobody follows that advice. So we
have to be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
[apologies for top-posting]
There are different kinds of linkability that matter. Linkability
from an external adversary and my ability to identify myself to a
friend are unrelated. If we posit a Facebook where I only connect via
Tor, only post
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.06.28 13.14, Jonathan Wilkes wrote:
Just curious, Eleanor-- once you implement your bullet-proof
privacy- preserving network, how do you plan to make the user
experience at all tolerable without automated mirroring like what
this
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.06.29 01.18, Matt Johnson wrote:
Encryption meaningfully prevented a wiretap for the first time
ever in *2012* (or so we're told, for non-intelligence domestic US
wiretaps), and has only ever worked five times.
What are you referring
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.06.26 18.26, hellekin wrote:
Ecuador won a huge credibility bump in hackerdom when it offered
political asylum to Julian Assange. That is confirmed with Edward
Snowden jumping from HK to Ecuador via the Red Block to evade the
Angry
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.06.25 04.32, Eugen Leitl wrote:
On Mon, Jun 24, 2013 at 09:08:59PM -0300, hellekin wrote:
They are ramping such a system up but it isn't in place yet,
remember, they are firing 600 people in the following years.
*** I guess you mean:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.06.25 07.37, Lex van Roon wrote:
In my opinion, us (the people) being divided is whats taking away
our power, and that's imho much, MUCH more important then
governments losing their power and cracking down on us (the people)
so that they
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.06.25 09.00, Douwe Schmidt wrote:
Please help us to put the Resistance Back in OHM
What is the line where the organizers of a hacker event are so given
over to collaboration that the event becomes unreclaimable? Would
they have to be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.06.24 07.19, Douwe Schmidt wrote:
Dear LibTech Readers,
In a little bit over a month OHM2013 is happening in The
Netherlands. There has been a lot of controversy in the run-up to
this gathering. There was criticism of the involvement
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.06.20 22.55, Steve Weis wrote:
Hi Eleanor. I am a co-founder of PrivateCore and happy to answer
questions. I'll keep it non-commercial and focus on the technical
answers for this mailing list:
Thanks for responding!
[It isn't] clear
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.06.20 04.34, Mike Perry wrote:
We also include the full set of git hashes, version tags, and
input source hashes in the bundles themselves, so you know exactly
what went into your bundle if you want to try to match it at a
later date...
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
So, a bunch of us were talking about secure hosting in Tunis. At one
point in a side conversation, PrivateCore came up as a tool that might
be interesting when you're looking at aggressive malware. It's
designed to allow you to perform certain
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.06.14 18.20, Rich Kulawiec wrote:
Now since I have (once again) opened my big mouth, I'll step up as
well: if any organizations want to get their email out of the
cloud/third parties, contact me off-list. I have a pretty good
stash of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.06.12 11.54, micah wrote:
I'm constantly hearing from people who complain about the UI in
things like gnupg. I feel your pain, I do not want to argue that
you are wrong. However, I do want to argue that complaining doesn't
help to solve
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.06.11 17.44, Richard Brooks wrote:
This lead me to start thinking about the possibility of deploying
something like Fidonet as a tool for getting around Internet
blackouts. Has anyone tried something like that?
Not Fidonet, because the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I'm going to step into this thread just once (and try to stick to
that); apologies for top-posting this.
I come from the security community. I understand very well many of
the arguments you're making and even agree at a technical level with
most
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.05.27 10.57, Yosem Companys wrote:
From: *David Farber* d...@farber.net mailto:d...@farber.net
Anyone believe this would actually work?
LETTER A Digital ?Safe Haven? for Syria
Technically? Yes. I and other folks have done the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.05.16 10.45, Fabio Pietrosanti (naif) wrote:
On 5/16/13 12:05 AM, Eleanor Saitta wrote:
Which parts of the Dead Drop architecture do you think are
unnecessary for a leaking platform?
First of all leaking is not necessarily whistleblowing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.05.17 00.05, Fabio Pietrosanti (naif) wrote:
I like deaddrop uber-paranoid approach. I'm just convinced that's
overkill, designed to be excessively scarifying usability
efficiency, thus not being suitable for the many uses that we'd
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.03.28 00.45, Carol Waters wrote:
At the risk of igniting an inbox-exploding smackdown thread, I
think the following piece by Schneier
http://www.darkreading.com/blog/240151108/on-security-awareness-training.html
is definitely worth a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.03.10 04.28, Bruce Potter wrote:
Apologies if this is too far afield, but a friend in a small island
needs assistance with an unexploded ordinance problem.
Is there a list or other resource I can refer him to?
While this is at best
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2013.01.23 01.09, Nadim Kobeissi wrote:
OpenITP will sign. Put me down individually, too.
E.
- --
Ideas are my favorite toys.
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.17 (MingW32)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2012.10.29 07.14, Sam de Silva wrote:
Perhaps there should be a 'TripAdvsor' for digital security tools
...
Expect a more thorough announcement once I've had time to get some
stuff written up properly, but OpenITP will be running a public,
On 2012.08.06 17.54, xmux wrote:
On 08/06/2012 08:50 PM, Nadim Kobeissi wrote:
Suggestions welcome!!
Don't provide the insecure version at all? How many people use the
Chrome plugin vs. the website version currently?
The insecure version is currently the only thing which is interesting
On 2012.08.06 17.51, Jacob Appelbaum wrote:
Jillian C. York:
It's difficult. I'm not a technologist, but I understand the issues and
the user needs well. My type, I'd surmise, is few and far between.
Security experts have obvious reasons for being conservative, and I get
that.
On 2012.08.06 18.40, Jacob Appelbaum wrote:
Eleanor Saitta:
It is true that you have to trust the server operator in both cases.
However, having a server configuration which does not completely
compromise user privacy (vs. the operator) by default, like Facebook
does, is still a significant
Please see the Briar Project, at http://briar.sourceforge.net. We're
happy to take on more resources, but yes, there are people working on
things like this.
E.
On 2012.07.31 16.12, David Majlak wrote:
Thesis: To provide an independently and individually(collectively)
controlled communications
On 2012.06.18 13.29, Parker Higgins wrote:
On 6/18/12 8:36 AM, Yosem Companys wrote:
Hi Liberationtech folks, is this always the case? I've heard cases
where people can still be tracked whether they have batteries in
their cell phones or not...
I've spoken with mobile security researchers
On 2012.05.25 16.37, Sarah A. Downey wrote:
I'll respond to your everything must be open source statement,
although I'm fairly certain it won't have any effect on your opinion
that closed always equals bad. And please keep in mind that we're
giving away a /free /add-on with /zero /tracking of
53 matches
Mail list logo