l, that surely knows better also the specific
"legal" requirements that may impact the procedures and workflows for
Whistleblowing.
If we can gives some advice / support in evaluating / deploying
globaleaks in that context, let's fire an email! :-)
--
Fabio Pietrosanti (naif)
HE
and automatic advocacy and advice for email security to sender
writing me from unsecure email.
Any email provider that enable to do so?
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - https://globaleaks.org - https://tor2web.org -
https
, color,
disability, gender, national origin, race, religion, sexual orientation,
veteran status, or any classification protected by law.
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - https://globaleaks.org - https://tor2web.org
On 2/19/15 8:23 PM, Yosem Companys wrote:
From: Hille Koskela hille.kosk...@utu.fi
Has anybody done research on surveillance in Africa (South of Sahara)?
You may wish to speak to Opennet Africa (http://opennetafrica.org/) that's
working on that kind of issues too.
--
Fabio Pietrosanti
in that direction, opening up tons of new users.
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - https://globaleaks.org - https://tor2web.org -
https://ahmia.fi
--
Liberationtech is public archives are searchable on Google. Violations
that use a computer procedurally, the learned
procedure to do stuff, and once those procedure completely because the
entire operating environment change, it's likely too hard .
Sounds like there's no easy-go-solution for that kind of users
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency
.
I think that we would see many country-based PubLeaks-like initiatives
if there would the right approach to push that kind of initiative.
A collaborative leak-site in each country of the world, would be a nice
target for 2017? :-)
--
Fabio Pietrosanti (naif) @fpietrosanti
HERMES - Center
Il 5/15/14, 11:47 PM, Tom Ritter ha scritto:
On 14 May 2014 23:36, Fabio Pietrosanti (naif) li...@infosecurity.ch wrote:
i think that would be very important to organize a project to Audit the
functionalities of Auto-Update of software commonly used by human rights
defenders.
Sounds
Il 11/28/13, 7:21 PM, Fabio Pietrosanti (naif) ha scritto:
A frequent thinking is, how can we troll the surveillance industry
with unconventional methods?
A very nice, yet controversial, way could be to improve Opensource
Surveillance Technologies.
In reference to this post, i'd like
Il 4/28/14, 9:25 AM, Fabio Pietrosanti (naif) ha scritto:
Il 11/24/13, 2:19 PM, Fabio Pietrosanti (naif) ha scritto:
I just wanted to notice that the mostly used encryption software like
GnuPG and Enigmail, have some privacy leak that in the XKEYSCORE's ages
could represent a major risk
by -Y (PGP Universal service);
Sun, XX XXX 20XX 11:11:11 +0100
X-PGP-Universal: processed;
by XX-X on Sun, XX XXX 20XX 11:11:11 +0100
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http
to understand
how information technology can be used to defend human rights, improve
governance, empower the poor, promote economic development, and pursue a
variety of other social goods.
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org
to fix that kind of problem.
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org
--
Liberationtech is public archives are searchable on Google. Violations of
list guidelines will get you
Il 5/18/14, 6:24 PM, Rich Kulawiec ha scritto:
On Thu, May 15, 2014 at 07:36:07AM +0200, Fabio Pietrosanti (naif) wrote:
i think that would be very important to organize a project to Audit the
functionalities of Auto-Update of software commonly used by human rights
defenders.
Yes, but I'll go
such a projet and/or providing proper funding for
such purpose.
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org
--
Liberationtech is public archives are searchable on Google. Violations
Il 11/24/13, 2:19 PM, Fabio Pietrosanti (naif) ha scritto:
I just wanted to notice that the mostly used encryption software like
GnuPG and Enigmail, have some privacy leak that in the XKEYSCORE's ages
could represent a major risk.
a) Enigmail, Thunderbird's PGP plugin, does send X-Enigmail
of users, whenever they get impacted by
internet-censorship during their browsing activity, could have a
valuable path to look at to fix the problem .
I don't see many difficulties, but we should likely ask to Mozilla
Firefox and Google Chrome team?
Opinions?
--
Fabio Pietrosanti (naif)
HERMES
into
the stock Android OS, as a standard feature?
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org
--
Liberationtech is public archives are searchable on Google. Violations of
list guidelines
than the native ones.
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org
--
Liberationtech is public archives are searchable on Google. Violations of
list guidelines will get you moderated
From the very active OpenPGP.js community it has been just released the
Alpha version of WhiteOut mail, an encrypted email client entirely done
in HTML5/Javascript delivered as a Chrome Packaged App with Gmail
integration.
It's worth looking at the future of this project.
--
Fabio Pietrosanti
is in the the future of any application development, it's the
only eterogenous application development environment, the browser is the
home of the end-user.
That's what we just need to accept, it already happened, it's always
that way. We just need to deal with that.
--
Fabio Pietrosanti (naif)
HERMES
Greetings,
released today from the draft report on NSA Surveillance by EU Committee
on Civil Liberties, Justice and Home Affairs.
http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-%2f%2fEP%2f%2fNONSGML%2bCOMPARL%2bPE-526.085%2b02%2bDOC%2bPDF%2bV0%2f%2fEN
Fabio
--
Liberationtech is public
attack, profiling the end-user target.
Are those pieces of information really needed to make the Enigmail /
GnuPG software working?
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org
by improving those one.
I'm confident that it can be done, but all of the crypto activist
community must works in that direction.
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org
p.s. It's
something like that, they should drop out an IETF's
standards based internet-draft and subject it to public review and
discussion ASAP.
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org
.
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org
Il 11/1/13 4:44 PM, Sacha van Geffen ha scritto:
http://threatpost.com/lavabit-silent-circle-form-new-anti-surveillance-dark-mail-alliance/102757
those documents.
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org
--
Liberationtech is public archives are searchable on Google. Violations of
list guidelines will get you moderated
Il 10/20/13 5:02 PM, anon14...@safe-mail.net ha scritto:
On 18.10.2013 20:20, Fabio Pietrosanti (naif) wrote:
Generally is not valuable to use only 1 email provider, because email is
made up of many pieces:
- Inbound flow
- Outbound flow
- Data storage
That require a user to have
/flows by using
easy web-interfaces of hosting providers without having to deal with
server's setup.
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org
--
Liberationtech is public archives
* than a single email provider setup, in a single
country, in a GCHQ/NSA massively monitored communication line.
This is obviously for an average user that does not engage in
snowden-grade leaks :)
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http
, we would be happy to propose and discuss our support for
active participation.
Regards,
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org
p.s. GlobaLeaks project is actively looking
.
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org
--
Liberationtech is public archives are searchable on Google. Violations of
list guidelines will get you moderated:
https
% of storage? Just don't record it!
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org
--
Liberationtech is public archives are searchable on Google. Violations of
list guidelines will get you
interacti with that
This will finally enable Javascript application to full interoperate
within OpenPGP world, from Web and Mobile environment over HTTPS.
I really feel that 2014 is going to be a year plenty of good news for
massive adoption of end-to-end encryption :-)
--
Fabio Pietrosanti (naif
willing to work on that kind of issues from a global internet
perspective, requiring a lot of work in a lot of different areas, would
be my personal heroes for 2014!
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http
Il 8/16/13 11:59 PM, Yosem Companys ha scritto:
From: Zooko Wilcox-OHearn zo...@leastauthority.com
also posted here:
https://leastauthority.com/blog/open_letter_silent_circle.html
Totally agree.
I underlined the same point some months ago there
http://mashable.com/2013/06/28/encryption-apps/
/RNG_nordsec07_cameraReady.pdf
- The Sources of Randomness in Smartphones with Symbian OS
http://www.fi.muni.cz/~xkrhovj/lectures/2007_SPI_Sources_of_Randomnes_in_Smartphones_slides.pdf
- ZRTP Standard 4.8 section
https://tools.ietf.org/html/rfc6189#section-4.8
--
Fabio Pietrosanti (naif)
HERMES
Il 8/9/13 3:29 PM, Joseph Lorenzo Hall ha scritto:
On Fri Aug 9 06:55:12 2013, Fabio Pietrosanti (naif) wrote:
This is because with OpenFire + Chrome you can also do end-to-end
encrypted WebRTC Audio/Video call.
Firefox nightlies, as far as I'm aware, also provide WebRTC capability
Because that's become a trolling-engagement thread, i cannot resist to
hijack it.
I LOVE NADIM AND JAKE!**
-naif
** Especially when they engage in trolling
Il 8/6/13 12:32 PM, Jacob Appelbaum ha scritto:
--
Liberationtech list is public and archives are searchable on Google. Too many
emails?
, maybe the amount of TorHS that has been takendown are just a few.
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org
--
Liberationtech list is public and archives are searchable on Google. Too
Il 8/5/13 1:15 PM, Andrea St ha scritto:
Hello Liberationtech friends,
after the last research on Twitter
(bits.blogs.nytimes.com/2013/04/05/fake-twitter-followers-becomes-multimillion-dollar-business/),
i'm doing a new about Facebook. What is your definition of social spam
on Facebook?
If
Clinic (Canada)
28. SHARE Conference | SHARE Defense (Balkan Region)
29. Statewatch (United Kingdom)
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org
--
Too many emails? Unsubscribe, change
,
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org
Il 7/9/13 11:43 AM, oana.ciobo...@cyberghost.ro ha scritto:
Hey guys,
After the discussion we had on Twitter I decided that it would be
great
such as SSH or
SSL private keys.
That way anyone would be able to fully inspect the server, even without
logging-in, by assessing configurations and checking out that logs are
not kept.
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org
* Whistleblower awareness.
Anyhow i'm excited to meet at OHM2013 the AdLeaks team and do a
brainstorming on it! :)
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org
--
Too many emails
economy strong privacy law)
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org
--
Too many emails? Unsubscribe, change to digest, or change password by emailing
moderator at compa
on the case related to that principles is
being prepared.
For media and analysts interested on it, they may contact
sandra.coli...@opensocietyfoundations.org and
jonathan.birch...@opensocietyfoundations.org .
Regards,
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital
attitudes to
using social media to blow the whistle, from the World Online
Whistleblowing Survey. Finally it reviews some of the advances, proposed
or actual, for whistleblowing laws in different countries.
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http
of Tor2web within a Whistleblowing platform must be used
with extreme care, by understanding exactly how it change the threat
model within the respect to the anonymity matrix
https://docs.google.com/document/d/1niYFyEar1FUmStC03OidYAIfVJf18ErUFwSWCmWBhcA/pub#h.fpje7tqvacyf
.
--
Fabio Pietrosanti
a
custom version of Tor (Tor2web Mode) that *remove* the anonymity on the
client side of the access.
In fact a user accessing Tor2web is not anonymous.
And it's strongly advised (by the injected disclaimer header) to
download TBB and goes directly.
--
Fabio Pietrosanti (naif)
HERMES - Center
it overkill for a general use.
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - https://globaleaks.org - http://tor2web.org
--
Too many emails? Unsubscribe, change to digest, or change password by emailing
moderator at compa
On 5/14/13 5:00 PM, Amin Sabeti wrote:
The 2013 Iranian presidential election is rapidly approaching, with
the first round of voting set to take place on June 14. This election
is tipped to be one of the most unpredictable contests in recent
years, with the conservative establishment having
On 5/5/13 12:57 PM, Collin Anderson wrote:
Readers of Libtech may be interested in the changes to the filtering
regime that were imposed a few hours ago. Currently traffic streams,
at least unknown streams if not all, are being dropped after exactly
sixty seconds, terminating the connection.
resources respect to current
simple, stateless firewall).
I invite people to look at that project and look for cooperation with
that guy as it really seems to me a promising approach!
--
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http
On 4/6/13 11:50 AM, Bernard Tyers - ei8fdb wrote:
Hi,
I've been thinking about this for a while, and can't find a logical
reason. Possibly I'm not thinking about it hard enough.
I'm curious as to why Bluecoat seem to be singled out for all this
attention regarding use in countries where the
On 3/21/13 5:27 PM, Jacob Appelbaum wrote:
I don't agree with that reading of the report. There is likely a lot of
word-smithing here - for example, Does Skype include SkypeIn and
SkypeOut or just Peer to Peer video, text and storage of (other)
meta-data? Does CALEA happen on the Skype side of
On 3/17/13 8:43 AM, Randolph D. wrote:
http://sourceforge.net/projects/torbrowser/
While i *strongly appreciate the idea* (a fully integrated browser
without different pieces of software glued together like TBB), it appear
to me that this project is trying to appear like if it from tor
project
Hi all,
i wanted to send a notice to the mailing list about the Crypton Project:
https://crypton.io/
From the website:
Crypton is a framework for building cryptographically secure cloud
applications. Such applications offer meaningful privacy assurance to
end users because the servers running
On 2/21/13 5:27 PM, Yosem Companys wrote:
Sadly, policymakers seem to think we have completely solved the
attribution problem. We have not. This article published in
Computerworld does an adequate job of stating my position:
http://news.idg.no/cw/art.cfm?id=94AB4F98-9BBD-1370-154D49FAA7706BE9
On 2/14/13 8:36 AM, Jacob Appelbaum wrote:
The live code review with ascii art was really something to behold. It
was some kind of new art form that isn't very good but at the same time
is nearly impossible to not watch...
Something interesting happened yesterday, here a summary in case someone
Here some notes i collected with a quick review of the source code:
https://pad.riseup.net/p/silentcircle
-naif
On 2/14/13 1:36 AM, Nadim Kobeissi wrote:
This is good news! Still far from a complete source code release, but
it's good that they're progressing, even if very slowly.
Once all
Wait, wait, i just read some code around but without taking care much
about the logic of the code itself.
So there are stuff that should be checked more in details by someone
else, notes also by other people ended up on that sort of
collaborative/caotic pad https://pad.riseup.net/p/silentcircle .
On 1/29/13 5:18 PM, Tye, John N wrote:
Hi everyone,
A petition on whitehouse.gov calls for the U.S. to deny visas to
anyone working to advance internet censorship, e.g. the builders of
the Great Firewall. So far it has 8796 signatures -- and needs 91,204
by February 24 before the White
What's about Transactional Records? [1]
http://privacysos.org/transactional_records
Fabio
On 2/6/13 12:47 AM, Ali-Reza Anghaie wrote:
They're agile about their coverage. ;-)
-Ali
--
Unsubscribe, change to digest, or change password at:
Please remind that for a service-based model the risks are not also
related to the transactional data :
http://privacysos.org/transactional_records
It would be really nice to know which is the data-retention policy for:
- connection logs
- phone call logs
- email logs (as they will provide also
Cool, this kind of media action cooperation worked very well.
In Italy (and in Italian) we made a press-release of Hermes Center (
http://logioshermes.org ) and broadcasted it to +50 journalists working
on internet-stuff and to all the major organization active on internet
privacy, digital rights
Hi all,
it has been publicly released a website reporting detailed data on
Internet Censorship in Italy.
It's in Italian, but it report detailed stats about blocked websites
http://censura.bofh.it/ .
For those who don't know, in Italy several organization can ask ISPs to
apply blocks for
With such kind of checklist it would be nice to create:
- an inventory of existing tools with related capabilities
- a wizard (even a purely javascript one) that let the user choose and
at the end does provide a report
It's not a small task, but it maybe wonderful to have a software to
choose a
On 1/2/13 8:27 AM, Gregory Foster wrote:
Within the first minute of his talk (~1:28:36), William Binney
describes the legal and intellectual property guidance he received
when retiring from the NSA to set the scene for an announcement that
he has created a commercial product which describes a
On 12/22/12 8:58 AM, Nadim Kobeissi wrote:
Dear LibTech,
I would like to report that Cryptocat is now being censored in China.
The URLs being 100% blocked are:
- Cryptocat Project Website: https://project.crypto.cat
- Cryptocat Development Blog: https://blog.crypto.cat
It should be nice to
Hi all,
i encountered such a project called Namecoin: http://dot-bit.org/Main_Page
Namecoin http://dot-bit.org/Namecoin is a peer-to-peer *generic*
name/value datastore system based on Bitcoin http://www.bitcoin.org/
technology (a decentralized cryptocurrency). It allows you to:
* Securely
application that's
using the Zorg (http://www.zrtp.org) oss implementation.
It's called http://www.lumicall.org/
Does anyone have tried it?
Fabio Pietrosanti (naif)
--
Unsubscribe, change to digest, or change password at:
https://mailman.stanford.edu/mailman/listinfo/liberationtech
Hi all,
i wanted to share that initiatives that i knew just now, ShofarLeaks
http://shofarleaks.com/ .
They say:
Distributing that kind of volume of whistleblower data, and the
analysis work of others, securely and anonymously, onto your desktop is
the goal of ShofarLeaks. It is a framework
On 10/12/12 1:55 AM, Christopher Soghoian wrote:
If conversations are taking place over ZRTP, and, assuming that the
crypto works, and that there isn't a backdoor, then the only data that
silent circle should have access to is conversation metadata and data
about the subscribers (IP addresses,
Hi all,
i'd like to suggest reading that ICC policy statement on Using Mutual
Legal Assistance Treaties (MLATs) To Improve Cross-Border Lawful
Intercept Procedures document, i found it very interesting regarding
the possible impact of policy development in that particular field.
Some
On 10/6/12 10:36 PM, Collin Anderson wrote:
File extension in URL requested, Content-Type or are they even finding
their own Content-Type?
You are correct, all that it took to trigger the blocking was a php
file with the following:
header(Content-Type: audio/mpeg);
The server
On 8/13/12 6:53 PM, Gregory Maxwell wrote:
For example, it wouldn't be hard to educate people to only install
software on their secure systems via a downloading tool that verifies
(cryptographically) that the software which is being installed has
been independently peer reviewed by multiple
On 8/3/12 9:07 PM, Yosem Companys wrote:
Hi All,
[...]
5. The Liberationtech mailing list archives are private to the extent
that only list members can access these archives.
But do we have a leak breaking the policy?
http://www.mail-archive.com/liberationtech@lists.stanford.edu/
On 7/27/12 11:54 PM, Andre Rebentisch wrote:
The common denominator of my campaigning on the EU level is reduction of
legal risks for software development. We both know that even
general-purpose equipment and operating systems could be dual use.
It's tricky from a regulatory perspective, but
Hi all,
i wanted to notice that there is a new internet draft in IETF that
should make us think on the chinese government respect strategies to
internet governance issues.
DNS Extension for Autonomous Internet(AIP)
https://tools.ietf.org/html/draft-diao-aip-dns-00
This proposal by China
Imho it does not have anything in common with stuxnet.
That's a poor's man malware.
There just a lot of hype by the AV Vendors and CERTs to claim big
discovery and get new budget to fight cyberwar!
All news and reports try to make comparison with Stuxnet.
There is NO RELATIONSHIP AT ALL with
81 matches
Mail list logo