jaja! Muy bueno :-) Nico, ya hablamos en privado varias veces de por qué no le doy demasiada bolilla a las medidas de seguridad y la encriptación en internet, prefiero confiar mi 'seguridad' en estar preparado para que todo lo que envío a internet eventualmente sea publicado, aun contra mi voluntad. No recuerdo si ya envié esto a esta lista:
http://imgs.xkcd.com/comics/wikileaks.png Decir siempre la verdad (la propia percepción al menos) con sinceridad es necesario, aunque no suficiente. 2011/1/12 Nicolás Reynolds <[email protected]>: > > Me parece que derrapó un poco al final, pero no deja de ser interesante. > > ------ > http://sheddingbikes.com/posts/1293530004.html > > Shedding Bikes: Programming Culture And Philosophy > > Shedding Bikes > > What do you think? [1][email protected] > > By Zed A. Shaw > > Why I Don't Use Tor > > I have this hypothetical question I've been using periodically to talk about > the relevance of ad hominem in evaluating software: > > What if Hitler gave you a cheese sandwich? > > It's a pretty simple question. Imagine you're sitting there and, yeah, > Hitler is eating across the table from you. He's got a cheese sandwich and > he hands it to you. "Hey, want my grilled cheese?" > > Most normal folks would turn him down, politely most likely but they'd > definitely not eat a sandwich from a guy who used to slowly increase his > doses of arsenic. But also, you're probably thinking, "No way, this guy's an > insane mass murderer, I'm not eating that damn sandwich." > > Ok, change this up some more, what if you were walking by and there was a > box labeled "Cheese Sandwich" and right under that is a Nazi Swastika. You > gonna eat it? No Hitler involved, just a box with a cheese sandwich on it > sitting there looking like you can eat it if you want? > > Sure, you might open it, look at it, maybe sniff it, but most normal people > won't eat it. Why? Because that Swastika has suddenly got you thinking about > the /history/ of this sandwich. Why is that on there? Where did this thing > come from? Is it poisoned? > > Let's go one step further, and say you just find a random sandwich in a > clear plastic bag on a table. Nobody's around, and you're kind of hungry. > You going to eat it? Again, most normal people who can buy a sandwich won't > eat it. It's just laying there. Who knows how long it's been there or what > the hell's been done to it. > > Instinctively, humans have this sense of avoiding things that will poison > them, and that involves using their memories, sense of history, and ability > to think ahead to predict what could happen. This is how we're able to > figure out how to eat a huge range of stuff no other species has figured > out. We use this finely honed sense of "that food will poison you" to avoid > getting sick and to find food that will keep us fed. > > Programmers and other "logical" types seem to lose this ability when it > comes to information. They'll frequently get /information poisoned/ with > stupid ideas because they think the motivations and history of the person > telling them something doesn't matter. They remove the context of the words > and evaluate only what's said and nothing else, and then believe the most > absurd stuff ever. > > This belief that any look at a speaker's motivations is "ad hominem" leads > many smart people to believe the incredibly stupid things. > > Everything Has Already Been Said > > The reason evaluating a person's motivations matters these days is because > there's been a massive increase in the amount of information created and > stored over the last 500 or so years. Basically, a whole hell of a lot has > already been said by someone else at some point. In fact, most ideas are so > horribly unoriginal that the only thing you really have to go on when > evaluating them is why someone could be telling you this. > > Let's say I tell you that my software is "language agnostic". Well, that's > been done before in other ways, so you have to look at why I might be > telling you that. The idea itself isn't original or that useful, but if I > then tell you, "because I want people to be able to use the best tool and > not get caught up in language wars," then you can evaluate the statement > better. > > However, if I tell you don't look at my motivations, or where I'm coming > from, or what I used to do, and claiming "ad hominem!" then I'm most likely > trying to trick. An honest person has no problem with you looking past the > words to the motivation. Dishonest people will try to bluff so you don't > look too closely. > > If more technologists did this kind of critical thinking, then it'd be > harder to get them to use potentially dangerous or crap technology. If they > accepted that most everything has been said or tried already, then they can > use motivations and historical context to figure out why things might be > different. They can also use it to call bullshit or question why things are > the way they are. > > The Sordid Past And Present Of Tor > > Tor by itself, without knowing its history, seems like a great idea. You > point your browser at it and suddenly you can view web pages without people > knowing that it's actually you. Great right? > > The problem is that Tor's pedigree is less than stellar. First, it was > originally a [2]US Navy project then released to various "hackers" (a word > which in a lot of ways is just synonymous with "NSA collaborator" or at > least a wannabe). Whether the source code started there or just the idea, > you /have/ to ask why the hell the Navy would work on this and then release > it. > > The Navy of course gave some hand-wavy answer of wanting to use it, but the > Navy just doesn't do something like this without another reason. Who knows > what it is, but I this makes my spidey sense go off. > > That's the first strike against Tor, but let's look at more reasons to not > use Tor. How about the research that showed [3]how easy it is to break in > various ways. Those might be fixable, so how about that there can be > [4]super nodes that with just a small sample of traffic can figure out a lot > of content? > > Alright, maybe that can be fixed, but then you read about [5]a semi-secret > volunteer group collecting data from 12 ISPs and handing it to the > government. This Project Vigilant apparently has 600-1500 volunteers who are > all hackers collecting and analyzing data and handing it straight to the > government without user consent. Project Vigilant also claims it: > > tracks more than 250 million IP addresses a day and can âEURoedevelop > portfolios on any name, screen name or IP address.âEUR > > Holy crap, that's a lot of traffic analysis. Given how small the "hacker" > community is, that's also a gigantic percentage of hackers and security > experts on the volunteer payroll of a group who's job is to illegally > wiretap people and circumvent the law on behalf of the government. > > I don't have to remind you abou the panic over [6]the OpenBSD and NETSEC > accusations. What about the various entries to the [7]Underhanded C. The > truth is, if a large group of determined and patriotic hackers want to > infiltrate and inject seemingly innocent maliciousness into code they > definitely can. With 600+ potential recruits, they definitely are. > > Conflict Of Interest > > But all of this is just unsubstantiated and could be hypothetical, what > actually worries me is [8]Jacob Appelbaum works on Tor and works for > Wikileaks. This to me is the /Hitler Grilled Cheese/ of the argument, the > historical context that drives me away from Tor. Wikileak's job is to take > people's secrets and show them and who's hiding them to the world. Tor's job > is to do the inverse. The two project's goals don't align, and having one > dude do both gives me the willies. > > You see, if it is fairly probable that there are multiple attacks against > Tor, that there is a group actively trying to collect enough data to make > Tor pointless, a group with enough people to infiltrate the Tor project, and > then Jacob is working for Wikileaks and Tor, then there's too much going on > for me to trust jack and/or squat. Jacob's affiliation with Wikileaks has > made Tor a target big time, in addition to the obvious conflict of interest. > > For me--and this is /not/ an accusation against Jacob--the chance that > someone on the Tor project is in cahoots with someone else is too high. It's > either the government, this Project Vigilant, or Wikileaks, and who knows > what. When claims surfaced that Wikileaks got its initial set of magically > appearing documents from Tor, I wasn't surprised. Having Jacob claim > otherwise doesn't help at all, and I still won't believe this didn't happen > until possibly decades later when whatever really happens is declassified. > > Finally, I will go on record right now saying Wikileaks rocks. I think there > needs to be more of this, and actually I think the world will benefit more > from more international coverage and more corporate leaks. But, if anyone > from Wikileaks tries to work with me or on any project I'm on you bet your > ass I'm not trusting them one bit. > > Never trust a traitor, no matter how noble their intentions. > > P.S. I have a long bet that SELinux is an NSA backdoor. Any takers? > > > References: > 1. mailto:[email protected] > 2. http://www.onion-router.net/ > 3. > http://docs.google.com/viewer?url=http://www.csnc.ch/misc/files/publications/the_onion_router_v1.1.pdf&pli=1 > 4. http://archives.seul.org/or/talk/Apr-2007/msg00039.html > 5. > http://blogs.forbes.com/firewall/2010/08/01/stealthy-government-contractor-monitors-u-s-internet-providers-says-it-employed-wikileaks-informant/ > 6. > http://arstechnica.com/open-source/news/2010/12/fbi-accused-of-planting-backdoor-in-openbsd-ipsec-stack.ars > 7. http://underhanded.xcott.com/ > 8. http://en.wikipedia.org/wiki/Jacob_Appelbaum > > > ________________________________________________ > > > Solar-General es una lista abierta a toda la comunidad, sin ninguna > moderación, por lo que se apela a la tolerancia y al respeto mutuo. > Las opiniones expresadas son responsabilidad exclusiva de sus respectivos/as > autores/as. La Asociación Solar no se hace responsable por los mensajes > vertidos, ni representan necesariamente el punto de vista de la Asociación > Solar. > > [email protected] > https://lists.ourproject.org/cgi-bin/mailman/listinfo/solar-general > -- Pablo Manuel Rizzo ------------------------------- http://pablorizzo.com ------------------------------- ________________________________________________ Solar-General es una lista abierta a toda la comunidad, sin ninguna moderación, por lo que se apela a la tolerancia y al respeto mutuo. Las opiniones expresadas son responsabilidad exclusiva de sus respectivos/as autores/as. La Asociación Solar no se hace responsable por los mensajes vertidos, ni representan necesariamente el punto de vista de la Asociación Solar. [email protected] https://lists.ourproject.org/cgi-bin/mailman/listinfo/solar-general
