Slashdot Mirror

← Back to Domains

Domain: freenet.org.nz

Stories and comments across the archive that link to freenet.org.nz.

Comments · 35

  1. Re:Don't do it yourself by Mashiara · · Score: 1 · on Distinguishing Encrypted Data From Random Data?

    Replying to myself, seems like PhonebookFS has many of the same ideas as Rubberhose, but is probably easier to get into (it's not been pronounced officially dead yet but things are not looking good for it either)

  2. Re:For the fifty thousandth time by spazdor · · Score: 1 · on Securing Your Notebook Against US Customs

    PhonebookFS provides this functionality for Linux.
    http://www.freenet.org.nz/phonebook/manual.html

  3. Re:Deniability may sound fine by MyDixieWrecked · · Score: 1 · on Protecting IM From Big Brother

    Encryption technologies that provide plausible deniability are possible, but I doubt they will enter widespread use

    One really interesting project that I've been keeping my eye on and trying to come up with an excuse to use is Phonebook; a FUSE-based deniable encryption application. If I had the skill to implement such a plugin based on his sourcecode, I would make something like OTR... hell, even extend OTR so that every IM is of a specific size and contains the message inside it. It actually shouldn't be that difficult to implement. Such an implementation would add a large amount of deniability to your IMs and also have the ability to store several payloads per message.

    Speaking of OTR... it's a great little plugin, but it's poorly executed, imho. Fingerprints are transported between the parties too easily. They should have a paranoid setting where it requires that you manually add a fingerprint file for that user and a way of saving out your own fingerprint so you can email/IM/SFTP the file to the person on the other end for manual entry. I realize that it's got a menu where you can see your current privacy status, but I don't know how comfortable I am that everything negotiated properly all the time; especially during the initial transaction.

    Also, the OTR plugin is a little fragile. At my job, we have some kind of IM security system that not only logs all conversations, but also looks for spim (IM spam for the uninformed) and viruses, and if it thinks it finds something like that, it will send a challenge question across the line. When that happens during a private conversation, it totally whacks out OTR and requires me to restart the IM app (be it adium or Pidgin... pidgin flakes out more often) since simply refreshing OTR doesn't fix it. OTR needs better facilities for detecting that.

  4. Re:Maybe it is the same. But I'm not convinced. by Anonymous Coward · · Score: 0 · on Court Upholds Warrantless Internet Snooping

    That's why you need to use a system that has plausible deniability: you give up a key to dummy information and keep the real key (and the existence of that key) secret. If done properly, it is impossible for anyone to know that you didn't reveal a key.

    One example is Phonebook. You write dummy information under a different key. You also mix in random chaff. All of this gets mixed together as your ciphertext. When pressed to reveal your keys by the government or by someone threatening your knees, you give the dummy keys and explain that the rest of the data is just random chaff you have been mixing in.

    And pray that they don't have a polygraph machine.

  5. Re:Progressive decoding by BerkeleyDude · · Score: 1 · on Seagate To Encrypt Data On Hard Drives
    There's also phonebook. From the website:

    Deniable Encryption technology supplements conventional encryption approaches with a crucial feature - a structure which permits the owner (at his/her discretion) to disclose decryption keys for only non-sensitive (or faked replacements of sensitive) information, in such a way as to deprive an attacker or interrogator of any way of determining whether or not the interviewee is fully complying with decryption demands. As such, this technology is valuable in environments where people can be placed under high pressure (legal, military or other) to disclose decryption keys.
  6. Re:anonymizing via noise by Anonymous Coward · · Score: 0 · on The Drawbacks of Anonymous Surfing

    Have you considered using FoxyProxy for Google searches? It slows things down a bit when searches are routed through the tor network, but it might be worth it...
    http://www.freenet.org.nz/misc/google-privacy.html

  7. Re:CTO seems to be the wrong person. by Simon80 · · Score: 2, Informative · on AOL CTO Shown the Door

    http://www.freenet.org.nz/misc/google-privacy.html I might add that if you follow the above instructions, you also may have to worry about cookies... not sure. enjoy

  8. Heh. by paulmer2003 · · Score: 1 · on Defeating Google's Perpetual Search Logging

    Slashdotted. Site 503's on connect: This is Privoxy 3.0.3 on v*o.org (*), port *, enabled Your request for http://www.freenet.org.nz/misc/google-privacy.html could not be fulfilled, because the connection to www.freenet.org.nz (60.234.243.247) could not be established. Besides, why use a annon proxy? Who knows, it could be a honey pot or someone just running a packet sniffer. Bad idea to use anon proxies. Rather, order a unix shell from a hosting co (mines on a friends 100mbit server), and run a proxy from there. Its fast, and your privacy is protected :)

  9. List of Such Programs by Anonymous Coward · · Score: 0 · on UK Government Wants Private Encryption Keys

    "There are current encryption technologies already deployed in the market that allow for two sets of data to be encrypted with two keys into a single file."

    Here's a FOSS alpha version of such software:

    http://www.freenet.org.nz/python/phonebook/

    Is there any others?

  10. Re:They're morons who deserve to get caught by pasamio · · Score: 1 · on Police Need 90 Days To Crack Hard Drives

    A similar product is available using Fuse under Linux called Phonebook: http://www.freenet.org.nz/phonebook/ and fuse: http://fuse.sf.net/

  11. Re:Rubber hose crypto software by trurl7 · · Score: 1 · on How Long to Crack an 'Encrypted' HD?

    I think I know what you're referring to.
    I believe this is one of the implementations of this idea, the so-called "Phone Book Encryption"

    http://www.freenet.org.nz/python/phonebook/

  12. Re:Plausible deniability... and a URL by tjwhaynes · · Score: 1 · on Police Need 90 Days To Crack Hard Drives
    It's well worth remembering when discussing any aspect of British IT law that the present administration is headed by a man who was incapable of buying flowers for his wife over the Internet, what hope have they of understanding cryptography?

    To quote Mr. Prosser as the study of cryptography rolls over them: "None at all".

    Here's the link to the Phonebook project. Now that FUSE support is in the Linux kernel as of 2.6.14, this should be easier to get it installed.

    Cheers,
    Toby Haynes

  13. Re:what we need is a multi-key system by Anonymous Coward · · Score: 0 · on British Police Demand Access To Encryption Keys

    Yes, see also the more advanced Phonebook. And no, it does not use any one-time pad bs.

  14. Layered Encryption!! -- Phonebook by Anonymous Coward · · Score: 0 · on British Police Demand Access To Encryption Keys

    This is why systems that offer plausable deniability such as Phonebook are far more secure than just using an unlayered encrypted filesystem.

  15. Re:Physical access! by calica · · Score: 1 · on Just How Paranoid Are You?

    Look into the FUSE module Phonebook http://www.freenet.org.nz/phonebook/. You can set up multiple layers each with different passphrases. It is called "Deniable Encryption". It is also very handy for managing different stores with a single mount point.

    The fact that you're using it probably doesn't look very good though.

  16. Re:Even Encryption won't help in the UK by julesh · · Score: 1 · on EU Moves Forward with Data Retention

    Exactly. See, for instance, this project (google cache as the original server seems to be down at the moment) which provides an implementation of this idea as a Linux filesystem.

  17. Re:how about dual-plaintext messages? by Qzukk · · Score: 3, Interesting · on Plausible Deniability From Rockstar Cryptographers

    Yes, its called "Phonebook Encryption". Not sure why. It's written by familiar faces though.

  18. An introduction to FreeMail by QuietRiot · · Score: 1 · on P2P Not Dead, Just Hiding
    Freenet-only link to the page is here
    Regular internet link to the page is http://freenet.org.nz/freemail/

    Freemail runs on Freenet or Entropy networks.

    [from the page.... apologies for formatting - lameness filter...]

    FreeMail is a peer-to-peer Mail Server program (aka 'Mail Transfer Agent' or 'MTA') that makes it possible for you to send and receive email messages with unprecedented levels of privacy and anonymity.

    Normal mailservers (such as Exim, Sendmail, qMail etc) communicate directly over the normal Internet, and send/receive all of your emails in plaintext for Big Brother and goodness knows how many companies to see. Even if your ISP uses encryption for transfer of mail, a simple court order (or bribe) is all it takes for your emails to end up in front of prying eyes, even many years after you sent or received them..

    On the other hand, FreeMail encrypts your messages and hides them within the privacy-protecting Freenet network, where they are picked up and decrypted only by the people you're sending your messages to.

    Features
    A lot of thought has gone into FreeMail's design, to arrive at a secure, robust yet user-friendly system to satisfy your email communication needs.

    So far, FreeMail includes the following features:
    • 100% compatible with normal email client programs (eg Mozilla,
      Evolution, Outlook Express)
    • Military-grade encryption (RSA 4096-bit asymmetrical, 256-bit Blowfish symmetrical)
    • Protects every aspect of your privacy, by concealing:
      • What you are sending and receiving
      • Who you are sending to or receiving from
      • Whether you are sending or receiving messages at all
      • Whether you even have Freemail installed
    • Convenient Web interface for installation, administration and viewing of mail statistics
    • Fully peer to peer (does not depend on any in-Freenet service)
    • Unlimited personal email accounts (called 'identities'), that cannot be linked together or traced to you
    • Censors out 'X-Mailer' header, to protect your privacy
    • Unlimited message sizes
    • Full support for message attachments
    • Interacts with your favourite email client via the standard SMTP/POP3 protocols, with user-selectable host-based access restrictions
    • Difficult and time-consuming for spammers

    People familiar with Freenet will also understand and appreciate the following features:

    • Works fine with transient nodes, as long as the node (and the Freemail software) runs once every couple of days or so
    • Convenient to associate mail accounts with Freenet freesites, or use separately
    • All data inserted into and retrieved from Freenet is encrypted to the recipient and cryptographically signed by the sender; recipient verifies signatures by accessing the sender's freemail mailsite (a special kind of freesite whose URI is isomorphic to the sender's purported freemail address)
    • Receipted delivery of messages
    • Tenacious retry/confirmation protocol to overcome Freenet performance fluctuations
    • Every mail account is self-certifying. Certificates are validated via special 'freesites' created by FreeMail
    • Good use of Freenet keys:
      • KSK queues are protected from spamming/spoofing by the mandatory signature mechanisms
      • Ability to relocate the mess queues in the event of DoS attacks
    • Ability to balance performance against use of system resources

    At this time, there are no third-party certification. The author is open to suggestions from users about how this should happen. For example, a web of trust amongst linked freesites, assigning 'karma' to mail addresses.

    A

  19. Yes, you can: knx-hdinstall by RealProgrammer · · Score: 5, Informative · on System Recovery with Knoppix

    "You can't install it to your hard drive."

    Yes, you can: knx-hdinstall.

  20. Knoppix knx-hdinstall: best option for KDE lovers. by MsGeek · · Score: 4, Informative · on A Review of Ubuntu Warty Release
    I like the philosophy behind Ubuntu, and I'm waiting for my CD copies. However, my choice for easy Debian installation is to boot Knoppix, then run the knx-hdinstall script from a root shell.

    Here's the How-To:
    http://www.freenet.org.nz/misc/knoppix-install.htm l

    Next, if you so desire, you can dist-upgrade your Knoppix HD install to Sid or Sarge or even Woody if you're the conservative type. The author of this document:

    http://members.rogers.com/ctmlinux/knoppix2debian. html

    suggests that Sid is the best choice for a desktop machine because of the newness of the packages. The author also gives a how-to about removing Knoppix packages that are in there for completeness' sake but are not always necessary. However, the most important part of the upgrade to canonical Debian is these three steps:

    1.) Edit /etc/apt/sources.list to include more standard Debian sources.

    2.) Go into a shell, su to root, and type in:
    # apt-get update
    # apt-get dist-upgrade

    Then wait for each one of those commands to finish. Presto! You have a canonical Debian system.

    The instructions in the second referenced document also work for getting rid of Linspire/Lindows-isms on a Linspire/Lindows preinstalled machine. Click'n'run? We don't need no stinkin' Click'n'run!

  21. Re:Enough with the Plug 'n Pray jokes by dmaxwell · · Score: 2, Informative · on Simplifying Linux Driver Installation

    Is there a normal Hard Disk installer available for it

    Yep.

  22. We already have this in the USA by Orion+Blastar · · Score: 1 · on Cut-Rate Windows 'XP Starter Edition' in Thailand
    It is called BartPE and all you need is a SP1 version of an XP Home or XP Pro edition CD. Borrow one from a friend if you can. ;)

    RTFM and follow directions on how to make a bootable BartPE CDR, and then how you can install BartPE to a hard drive.

    Then download and install OOO.

    Then give Microsoft and Billy Boy the middle finger. ;)

    Or try this alternative and install it to your hard drive for a Non-Windows edition and still give Microsoft and Billy Boy the middle finger.

  23. Re:Big claps to Mandrake ... by harikiri · · Score: 4, Insightful · on Mandrakelinux 10 Now Available To All
    He's probably referring to the fact that for a home user today, to get a well-integrated desktop Linux system (like what many of us used RedHat for), we have very, very limited options.

    Today, if you want a freely available desktop-oriented Linux distribution, you have to hunt far and wide. If you looked a week ago, you would have Fedora Core 2, which suffers from this major bug, Mandrake 10 Community - which is a pain to update. Knoppix is good but it's not really meant for installation though it can be done. A quick look on SuSe's downloads page shows that they do offer it free (minus commercial components), but it's either in LiveCD format or has to be installed via FTP.

    So, unfortunately today, we don't have the luxury we used to of being able to simply grab the 3 iso's for RedHat and installing them onto our system. Sure we could use Debian, or Gentoo, or even go out on a limb and try FreeBSD - but none of these are desktop-oriented, though you can achieve a nice desktop system if you work at it.

    I think that's what he's talking about. :)

  24. Re:Er... by Eythian · · Score: 2, Informative · on U.S. Considering Ratifying Cybercrime Treaty

    Rubberhose is unfortunatly very out of date. A newer equivalent, that should work with 2.4 and 2.6 kernels is PhoneBook.

  25. Re:Then it is time. Solution to encryption key. by Anonymous Coward · · Score: 4, Funny · on U.S. Considering Ratifying Cybercrime Treaty
    Famatra said:
    One interesting solution to having to hand over your pass keys is provided by the Phonebook Encryption Project. This program encrypts a file to have TWO keys which will decrypt into TWO different files. One key decrypts the file to reveal the beastiality porno, one key decrypts the file for pictures of barney the dinosaur :).

    But I don't want to have to re-encrypt all of my lesbian snuff films! Oh well...stupid government. <sigh>

  26. Then it is time. Solution to encryption key. by Famatra · · Score: 5, Insightful · on U.S. Considering Ratifying Cybercrime Treaty

    "Last time I checked, it seems the only rights you have in the U.S. are to privacy and to not be offended.
    Neither of these are guaranteed by the U.S. Constitution    ."

    Then it is time to make it apart of the constitution. Enough with this penis-vagina anti gay people amendment no one needs, lets get a useful privacy amendment started.

    This is what I really didn't like from the summary:

    "...pass laws to force users to provide their encryption keys and the plain text of their encrypted files"

    That is insane. If someone has documents in which they would be embarrased to have shared (yes, I'm looking at your direction the pro-animal necrophilia crowd) then what business is it of government's that they have them.

    One interesting solution to having to hand over your pass keys is provided by the Phonebook Encryption Project. This program encrypts a file to have TWO keys which will decrypt into TWO different files. One key decrypts the file to reveal the beastiality porno, one key decrypts the file for pictures of barney the dinosaur :).

    Also those that say Freenet wouldn't be necessary in North America, I thought the same for the Phonebook project just yesterday. Now I am very glad both Freenet and Phonebook are here.

  27. Freenet and MUTE? by Anonymous Coward · · Score: 4, Interesting · on Operation FastLink Yields Three Arrests

    I am surprised that they didn't use Freenet or MUTE to organize their files. Freenet also has an open source anonymous email client called Freemail you can download, its still alpha though.

    Also if you want to encrypt your hard drive try open source Truecrypt, its the successor to Scramdisk.

  28. Re:Live CD's run slowly, users don't understand by kayen_telva · · Score: 1 · on Four Linux Live CDs, The Executive Summary

    See for yourself.

  29. Re:Knoppix? Any CD bootable Linux 2.6 version? by interiot · · Score: 2, Informative · on Linux 2.6.0 Kernel Released

    Definitely, I can't wait. I just discovered the joy of knoppix's knx-hdinstall... it plops down debian-testing on your hard drive, with all your hardware autodetected. It was the easiest debian install I've ever done, and I've got apt-get, I couldn't be happier.

  30. Re:You seem knowledgeable... by !the!bad!fish! · · Score: 1 · on Knoppix 3.3 Is Out
    Type knx-hdinstall into a root console and Knoppix will install its bleeding edge debian distro onto your hard drive. See here, here, or here.

  31. Re:Searching on freenet? by Anonymous Coward · · Score: 0 · on Freenet 0.5.2 Released
    ...a general Freenet search for "Metallica MP3" and have results returned...

    There you are, 79 results.

    Anything else?

  32. Re:Searching on freenet? by Anonymous Coward · · Score: 1 · on Freenet 0.5.2 Released
    As far as I've understood, freenet is designed to be somewhere where you can access content, as long as somebody has given you the exact address to the file.

    The problem I see here, is that there are no easy ways to search for content, except for out-of-band stuff like the web or e-mail, which mostly defeats the entire concept.

    There are many ways to get to know keys, several of the index pages on Freenet are a good start. A number of them are generated automatically by crawlers.

    Other often used channels are Freenet-based message board Frost and Invisible IRC aka IIP which provides anonymous IRC. Contrary to Freenet, IIP is very quick and interactive - but only for very short messages.

    There is a full-text index to Freenet. Definitely out of band (insecure http), so use an anonymous proxy to visit it. Try the JAP proxy for example; powerful concept and acceptable performance.

    There's also work being done on making a full text search engine available via HTTP over IIP, which ultimately could be seamlessly accessible from your Freenet client. (Hope to be able to announce a link to this soon.)

    A project like Freenet will never be fully done of course. But keeping its goals in mind, it's already doing quite a fair job I think. Performance and usability should and will improve of course, but the level of privacy it offers is already outweighing these rawer edges for a significant user group.

  33. Re:On the subject of Debian by po_boy · · Score: 1 · on Debian And The Rise of Linux
    Anyway, these Debian posts here for the past few days have convinced me to dive into it. Where is the best place for a Debian newbie to start?


    I recommend using a Knoppix CD to start, install it to your drive, and then update it with apt. It's a pretty good way to get Debian installed quickly with a lot of software and good hardware detection. There's a pretty good installing debian from knoppix howto available.
  34. Re:"What Linux Needs," my reiteration. by RealAlaskan · · Score: 4, Interesting · on If I Had My Own Distro...
    However, I would love to see a good distro that:
    1. Does not use RPM for package management (I've had RPM screw up way too many times in the past).
    2. Has a decent GUI installer
    3. Can configure all of my hardware without me tewaking it (I'll understand for some of the latest/greatest hardware, like my AIW 9700 Pro, but for instance, getting wireless setup on my laptop with both RedHat 8.0 and Slackware 9.0-pre was a pain)
    4. Very configurable

    Knoppix?

    Seriously, Knoppix seems to have everything but a ``push me to repartition the hard drive and install automagically'' button. That link makes it look as if getting that magic button wouldn't take much effort.

  35. Knoppix installs full Debian system on Harddrive! by abcho · · Score: 5, Informative · on Klaus Knopper, Creator of Knoppix Talks to DistroWatch
    The usefulness of Knoppix goes far beyond demo.

    It already can serve as a Debian installation CD - and is arguably THE EASIEST Debian distro to install.

    LinuxWorld has an article about this capability: here

    The Knoppix-as-Debian-install-cd howto: here