Slashdot Mirror

← Back to Stories (view on slashdot.org)

Publius

Posted by michael on from the yet-another-anonymous-web-publishing-scheme dept.

Ukiah writes: "Publius is a Web publishing system that is highly resistant to censorship and provides publishers with a high degree of anonymity. Publius was the pen name used by the authors of the Federalist Papers, Alexander Hamilton, John Jay, and James Madison." Check out the system's home page or a Washington Post story. I just volunteered to host a server, so be sure to load up the system with bootleg Metallica mp3's - your chance to send a Slashdot author to jail, not something you get to do every day...

11 of 68 comments (clear)

  1. Re:Freenet encryption by Anonymous Coward · · Score: 3
    Freenet does encrypt files. They are labeled and retrieved by the (SHA) hash of the filename, and encrypted by the plaintext of the filename. So the person retrieving the file can decrypt it, but the server hosting the file has no way to reverse the search key to get the decrypt key. The only way the server can determine what files it stores is for it to hash all known searchkeys and see if any of them match--possible, but infeasible if there are lots of files, certainly provides deniability.

    There is one drawback to splitting files--if you have all the pieces on your machine, it's pretty likely that you intentionally retrieved or posted the file. From a deniability perspective it might be better to have a number of standard sizes for whole files.

  2. Re:Not again... by jetson123 · · Score: 3
    I think we have seen that information is subject to a lot of restrictions in democracies as well. Cryptography, violent content, politically extreme or "undesirable" content, and sexual content have all been restricted by democratic governments. And technical information, criticism of products and corporate behavior, and other content that businesses don't like get shut down using the legal, patent, trademark, and copyright systems of democracies.

    Something as simple as planning for secure tunnels through HTTP is not going to work because those accesses will stick out like a sore thumb among normal network traffic in restrictive environments. The presumption will simply be that if you use any such mechanisms, you must be doing something bad.

    One way I see to address this problem is to design protocols such that everybody accesses the Web in a way that content is encrypted and distributed. But unless we can engineer a very good business reason for that, it won't happen because it's more expensive and more complex than the simple-minded plain-text HTTP approach being used right now.

  3. Publius? Enigma? by SydBarrett · · Score: 3

    I know this may be a bit off topic, but the first thing I thought of when I saw the name "Publius" where the postings to alt.music.pink-floyd a few years back. For those of you who don't know about that:

    http://www.tapscott.com/~robp/enigma.html

    A hoax, maybe, but there are a few odd sound cues in the "Division Bell" album ("the cave" snd the odd counting during "Lost for words"). And during "Another Brick in the Wall pt.2" (from a ealier album) there are sound effects near the end of the song of kids yelling. At 3.47, one kids yells something that sounds like "Enigggggma!". It's wacky, man....

  4. DeCSS by Kwikymart · · Score: 3

    I think this this kind of situation would suit a DeCSS mirror more than whole bunch'o' Metallica mp3s. I think the idea is to have documents (code?), not a whole bunch of mp3s and the ineviable fake britney spears porn pic. This way DeCSS will be 110% impossible to get rid of ;-) (short of the world exploding)

    --

    Buying a Dell computer is equivalent to dropping the soap in a prison shower.
  5. Some Centralization by Zaffle · · Score: 4

    From my quick read of the article, it appears that although the data is copied onto numerous servers, there is still some list of central servers.

    If, like the gnutella system, it can be total distributed, and no central server(s) (to attack), then it is a good thing(tm). However if like napster or IRC servers, there are a specific list of central servers, which doesn't change often, then there can be points of attack (legal attacks I'm meaning).

    Freenet is (afiak) totaly distributed, and the data is spread accross many many servers (run by clients, like gnutella), which in my opinion is a good thing(tm). Each server can only see that a client is downloading some random chunk, and never sees the entire file. So I can download mp3s without any of the servers I'm getting them from knowing what I'm getting.

    I'm not sure if the content on freenet servers are encrypted at all, so it might be obivous if you have a chunk of a file on your server that has an MP3 header in it, that people getting that chunk are getting an mp3.

    If this system works like freenet, but offers encryption of the content, then that would be a very very good thing(tm).

    The sort of system I'd be looking for is something where:

    Files are split in small chunks, and the chunks are distributed to many servers, with many duplicates (eg serverA and M may host the same chunk of the same file).

    Files stored on the server are encrypted. The key is stored in part with the server. (eg to get the whole key, you need to get the whole file, from different servers

    Its impossible to tell what the name/url of the chunks you have on your server are.

    Totaly distributed (like gnutella), with enough redundancy that almost all files are available online right now.

    May be a pretty difficult system, but as I said, AFIAK, FreeNet is something close to this.

    ---

    --

    I use to have a funny sig, but slash cut it off, and I forgot what the punchline was.
  6. Re:Not again... by Dwindlehop · · Score: 4
    Anyway, this "Eternity service" doesn't have anything like that. Here, Kobrin will say "Is there anything else that this data could have been?" and "Could these have been key shares to any other data?" Alice will have to say "No."

    I believe you're missing the point. After reading the Publius paper, I have these points to offer:

    • According to the paper, when a server receives its share of the key and data, "At this point, the server has no idea what it is hosting - it simply stores some random data." They are incapable, in fact, of determining what is on their server--they haven't the full crypto key.
    • When a user wishes to retrieve some data, "In our implementation, all of the work is handled by the proxy." Handling this by proxy means that Helena is going to have a much harder time tracking down where the data is kept. If she does, the server will have no record of who publish the secrets, or even knowledge that the secrets were published! Perhaps it is possible to discover on which servers the disparate parts of the secrets are kept. If it is, Helena still will not be able to tell who originally published the secrets.
    • Publius by itself does not provide any sort of connection based anonymity. This means that an adversary eavesdropping on the network segment between the publisher and the Publius servers could determine the publisher's identity. If a server hosting Publius Content keeps a log of all incoming network connections then an adversary can simply examine the log to determine the publisher's IP address. To protect a publisher from these sort of attacks a connection based anonymity tool such as Crowds should be used in conjunction with Publius. (taken from section 5.4 of the paper)
      So, Publius can't defend against that sort of attack, but assuming the publisher does indeed manage to get his data published anonymously, perhaps through the use of anonymizers (which is what Crowds is) or encryption like SSL, his anonymonity cannot be broken. That is the point of this system.

    There's a lot more in this 14 page paper--it's very rich. It particular, it examines the attacks that an adversary could make against Publius and what safeguards could be put in place.

    The most important thing, and I can't emphasize this enough, is that these guys have a system. This is not some theoretical, pie-in-the-sky wouldn't-it-be-nice dream, like the XOR business was. They have the details and mechanics of publishing, retrieval, and updating worked out. You may read the paper yourself if you don't believe me.

    Unfortunately, I'm in no position to evaluate the strength of the crypto here. I would very much like to see someone with knowledge in this area come forward with an opinion after having read the paper.


    Jonathan David Pearce

    --
    Jonathan Pearce jonathan@pearce.name
    3EAAFB2A http://www.jonathan.pearce.name/
  7. Take Privacy into your own hands... by krystal_blade · · Score: 4
    A couple years ago, I heard a fairly old hacker telling me about privacy and the internet. I had raised concerns about cookies, and the information they contain, or could contain. His response was:

    "The internet was not, and still is not designed for privacy. Your privacy is your problem, so YOU take care of it."

    And he's right. Anonymity, and Privacy go hand in hand. Want to be anonymous? It can be done through YOUR actions. Want privacy? Don't plug in a computer you store your SSN on to the 'net.

    The issue of censorship, and free speech, especially on the internet, is easily remedied. First, know that by posting something on the internet, you create LOGS. And with LOGS, YOU can be found out. As long as you are who you say you are...

    Authors of yesteryear who published anonymously, or under assumed names did so knowing that what they wrote, and stated could possibly be traced back to them. For them, it was a way to express their ideas, without blatantly telling someone who wrote the article.

    The resoures available on the internet today are far greater than those of yesteryear. (Unfortunately, the techniques used to track someone down are better too) Privacy an Anonymity can be obtained through careful planning, thinking, and actions.

    If you want the "net-life" of a spec op, you better damn well start acting like one.

    krystal_blade

    --
    It will be easy to motivate our fellow man; there is hardly anything people treasure more than not being annihilated.
  8. Re:Not again... by Paul+Johnson · · Score: 5
    Then she gets her friend Christine to publish to usenet (or whatever) "Hey look: Alice xor Bob = Secrets!"

    This is the vulnerable point in every such scheme I've seen. The "recipe" which gives you the decrypted data has to be held in an identifiable location, and that location is therefore vulnerable to being shut down. Whilst the law seems pretty undecided on whether HTML linking is equivalent to publication, I'm pretty certain that this much more specialised kind of link is going to be counted as the publication. A better way of describing it might be as the "key" to the data. Either way, thats the weak link in the whole scheme.

    On the subject of the various forms of abuse, any system which can withstand the unfriendly attentions of a dictatorship will be wide open to this kind of abuse, because our police have to abide by civil liberties while those in a dictatorship can ignore them. Hence if you can use it to publish banned data in a dictatorship then you can always use it to publish banned data in a democracy.

    The real way around this problem is to site the servers in democracies and then design protocols to make it very difficult to block access from the dictatorships short of shutting down foreign access altogether. This is probably best done through proxy servers that tunnel secure data through HTTP.

    Paul.

    --
    You are lost in a twisty maze of little standards, all different.
  9. Not again... by prizog · · Score: 5

    This won't work. It won't work because there's no deniability.

    Remeber the last anti-censorship system on /.? The XOR-based system? That had deniability. Consider:

    Alice wants to share scientology secrets with the world. Alice looks around, finds Bob's chunk of random data, and XORs the scientology secrets with Bob's data. (In a real situation, she would also use Barry's, Bonnie's, and Billy's, but let's keep it simple). Then she gets her friend Christine to publish to usenet (or whatever) "Hey look: Alice xor Bob = Secrets!"

    Helena Kobrin (scientology lawyer) drags Alice and Bob. Alice says "I put random data up, Bob XORed Scientology secrets with my data." Bob says "I put random data up, Alice XORed Scientology secrets with my data." Mathematically, there's no way to tell who did it. There's also an easy way for both Alice and Bob to show that their data is innocent - just have Charlene and Darlene xor bits of the bible with Alice's and Bob's data, respectively, and say "We were just (independently) trying to get the bible into Iran/China/Libya..."

    Anyway, this "Eternity service" doesn't have anything like that. Here, Kobrin will say "Is there anything else that this data could have been?" and "Could these have been key shares to any other data?" Alice will have to say "No."

    At best, Alice is an ISP - and under the DMCA, she'll have to take it down until it's proved non-infringing (never). In the XOR system, all she needs is Charlene to prove it's innocent.

    That's my 2 cents, anyhow.


    -Dave Turner.

    --
    Become a FSF associate member before the low #s are used
  10. No, this can't store mp3s by MostlyHarmless · · Score: 5
    At the server page, it specifically states that files larger than 100k cannot be stored. I quote:
    • Could the Publius Server Software completely fill my disk with Publius Content?
      Yes, the Publius Server could completely fill your disk with Publius Content. For this reason you may want to have Publius Content stored on its own partition or own disk. The Publius Server limits the size of individually published files to 100K.

    (emphasis mine)

    It looks like this was designed to specifically avoid mp3s and pr0n. Probably, they wanted this to be more similar to the original, anonymous federalist papers in that it is more intended for writings that may be offensive to the government of the writers' respective countries. Of course, in the U.S. it will probably just fill up with instructions for bombs and drugs. But one of the prices you pay if you host anonymously is that you take the chaff together with the wheat.
    --
    Friends don't let friends misuse the subjunctive.
  11. New Slashdot Poll Topic... by Sir_Winston · · Score: 5

    You're on to something. This would make a great poll:

    Who would you most like to see in jail?

    1) CmdrTaco
    2) Hemos
    3) michael
    4) Jon Katz
    5) Roblimo
    6) Janet Reno
    7) Bill Gates
    8) everyone at Intel
    9) Jack Straw
    10) Metallica
    11) Hemos' new wife, CmdrTaco's gf, and Natalie Portman, in a prison shower scene like in "Caged Heat"
    12) Cowboy Neal and Whalen Smithers, in a prison shower scene like in "Cellblock Cumpanions"

    Of course, poor Jon Katz would win, even though in our hearts we all know we want that prison shower scene with the girls. Except for the ten percent of us who studies say would want to see the Cowboy Neal/Smithers scene... :-)

    --


    "The more corrupt the state, the more numerous the laws."--Tacitus, *The Annals*