Publius

← Back to Stories (view on slashdot.org)

Posted by michael on Thursday June 29, 2000 @07:08PM from the yet-another-anonymous-web-publishing-scheme dept.

Ukiah writes: "Publius is a Web publishing system that is highly resistant to censorship and provides publishers with a high degree of anonymity. Publius was the pen name used by the authors of the Federalist Papers, Alexander Hamilton, John Jay, and James Madison." Check out the system's home page or a Washington Post story. I just volunteered to host a server, so be sure to load up the system with bootleg Metallica mp3's - your chance to send a Slashdot author to jail, not something you get to do every day...

7 of 68 comments (clear)

Min score:

Reason:

Sort:

Some Centralization by Zaffle · 2000-06-29 16:57 · Score: 4

From my quick read of the article, it appears that although the data is copied onto numerous servers, there is still some list of central servers.
If, like the gnutella system, it can be total distributed, and no central server(s) (to attack), then it is a good thing(tm). However if like napster or IRC servers, there are a specific list of central servers, which doesn't change often, then there can be points of attack (legal attacks I'm meaning).
Freenet is (afiak) totaly distributed, and the data is spread accross many many servers (run by clients, like gnutella), which in my opinion is a good thing(tm). Each server can only see that a client is downloading some random chunk, and never sees the entire file. So I can download mp3s without any of the servers I'm getting them from knowing what I'm getting.
I'm not sure if the content on freenet servers are encrypted at all, so it might be obivous if you have a chunk of a file on your server that has an MP3 header in it, that people getting that chunk are getting an mp3.
If this system works like freenet, but offers encryption of the content, then that would be a very very good thing(tm).
The sort of system I'd be looking for is something where:
Files are split in small chunks, and the chunks are distributed to many servers, with many duplicates (eg serverA and M may host the same chunk of the same file).
Files stored on the server are encrypted. The key is stored in part with the server. (eg to get the whole key, you need to get the whole file, from different servers
Its impossible to tell what the name/url of the chunks you have on your server are.
Totaly distributed (like gnutella), with enough redundancy that almost all files are available online right now.
May be a pretty difficult system, but as I said, AFIAK, FreeNet is something close to this.

---

--

I use to have a funny sig, but slash cut it off, and I forgot what the punchline was.
Re:Not again... by Dwindlehop · 2000-06-29 22:03 · Score: 4
Anyway, this "Eternity service" doesn't have anything like that. Here, Kobrin will say "Is there anything else that this data could have been?" and "Could these have been key shares to any other data?" Alice will have to say "No."

I believe you're missing the point. After reading the Publius paper, I have these points to offer:
- According to the paper, when a server receives its share of the key and data, "At this point, the server has no idea what it is hosting - it simply stores some random data." They are incapable, in fact, of determining what is on their server--they haven't the full crypto key.
- When a user wishes to retrieve some data, "In our implementation, all of the work is handled by the proxy." Handling this by proxy means that Helena is going to have a much harder time tracking down where the data is kept. If she does, the server will have no record of who publish the secrets, or even knowledge that the secrets were published! Perhaps it is possible to discover on which servers the disparate parts of the secrets are kept. If it is, Helena still will not be able to tell who originally published the secrets.
- Publius by itself does not provide any sort of connection based anonymity. This means that an adversary eavesdropping on the network segment between the publisher and the Publius servers could determine the publisher's identity. If a server hosting Publius Content keeps a log of all incoming network connections then an adversary can simply examine the log to determine the publisher's IP address. To protect a publisher from these sort of attacks a connection based anonymity tool such as Crowds should be used in conjunction with Publius. (taken from section 5.4 of the paper)
  So, Publius can't defend against that sort of attack, but assuming the publisher does indeed manage to get his data published anonymously, perhaps through the use of anonymizers (which is what Crowds is) or encryption like SSL, his anonymonity cannot be broken. That is the point of this system.
There's a lot more in this 14 page paper--it's very rich. It particular, it examines the attacks that an adversary could make against Publius and what safeguards could be put in place.

The most important thing, and I can't emphasize this enough, is that these guys have a system. This is not some theoretical, pie-in-the-sky wouldn't-it-be-nice dream, like the XOR business was. They have the details and mechanics of publishing, retrieval, and updating worked out. You may read the paper yourself if you don't believe me.

Unfortunately, I'm in no position to evaluate the strength of the crypto here. I would very much like to see someone with knowledge in this area come forward with an opinion after having read the paper.

Jonathan David Pearce
--
Jonathan Pearce jonathan@pearce.name
3EAAFB2A http://www.jonathan.pearce.name/
Take Privacy into your own hands... by krystal_blade · 2000-06-29 17:38 · Score: 4

A couple years ago, I heard a fairly old hacker telling me about privacy and the internet. I had raised concerns about cookies, and the information they contain, or could contain. His response was:
"The internet was not, and still is not designed for privacy. Your privacy is your problem, so YOU take care of it."
And he's right. Anonymity, and Privacy go hand in hand. Want to be anonymous? It can be done through YOUR actions. Want privacy? Don't plug in a computer you store your SSN on to the 'net.
The issue of censorship, and free speech, especially on the internet, is easily remedied. First, know that by posting something on the internet, you create LOGS. And with LOGS, YOU can be found out. As long as you are who you say you are...
Authors of yesteryear who published anonymously, or under assumed names did so knowing that what they wrote, and stated could possibly be traced back to them. For them, it was a way to express their ideas, without blatantly telling someone who wrote the article.
The resoures available on the internet today are far greater than those of yesteryear. (Unfortunately, the techniques used to track someone down are better too) Privacy an Anonymity can be obtained through careful planning, thinking, and actions.
If you want the "net-life" of a spec op, you better damn well start acting like one.
krystal_blade

--
It will be easy to motivate our fellow man; there is hardly anything people treasure more than not being annihilated.
Re:Not again... by Paul+Johnson · 2000-06-29 19:27 · Score: 5

Then she gets her friend Christine to publish to usenet (or whatever) "Hey look: Alice xor Bob = Secrets!"
This is the vulnerable point in every such scheme I've seen. The "recipe" which gives you the decrypted data has to be held in an identifiable location, and that location is therefore vulnerable to being shut down. Whilst the law seems pretty undecided on whether HTML linking is equivalent to publication, I'm pretty certain that this much more specialised kind of link is going to be counted as the publication. A better way of describing it might be as the "key" to the data. Either way, thats the weak link in the whole scheme.
On the subject of the various forms of abuse, any system which can withstand the unfriendly attentions of a dictatorship will be wide open to this kind of abuse, because our police have to abide by civil liberties while those in a dictatorship can ignore them. Hence if you can use it to publish banned data in a dictatorship then you can always use it to publish banned data in a democracy.
The real way around this problem is to site the servers in democracies and then design protocols to make it very difficult to block access from the dictatorships short of shutting down foreign access altogether. This is probably best done through proxy servers that tunnel secure data through HTTP.
Paul.

--
You are lost in a twisty maze of little standards, all different.
Not again... by prizog · 2000-06-29 15:21 · Score: 5

This won't work. It won't work because there's no deniability.

Remeber the last anti-censorship system on /.? The XOR-based system? That had deniability. Consider:

Alice wants to share scientology secrets with the world. Alice looks around, finds Bob's chunk of random data, and XORs the scientology secrets with Bob's data. (In a real situation, she would also use Barry's, Bonnie's, and Billy's, but let's keep it simple). Then she gets her friend Christine to publish to usenet (or whatever) "Hey look: Alice xor Bob = Secrets!"

Helena Kobrin (scientology lawyer) drags Alice and Bob. Alice says "I put random data up, Bob XORed Scientology secrets with my data." Bob says "I put random data up, Alice XORed Scientology secrets with my data." Mathematically, there's no way to tell who did it. There's also an easy way for both Alice and Bob to show that their data is innocent - just have Charlene and Darlene xor bits of the bible with Alice's and Bob's data, respectively, and say "We were just (independently) trying to get the bible into Iran/China/Libya..."

Anyway, this "Eternity service" doesn't have anything like that. Here, Kobrin will say "Is there anything else that this data could have been?" and "Could these have been key shares to any other data?" Alice will have to say "No."

At best, Alice is an ISP - and under the DMCA, she'll have to take it down until it's proved non-infringing (never). In the XOR system, all she needs is Charlene to prove it's innocent.

That's my 2 cents, anyhow.

-Dave Turner.

--
Become a FSF associate member before the low #s are used
No, this can't store mp3s by MostlyHarmless · 2000-06-29 19:46 · Score: 5
At the server page, it specifically states that files larger than 100k cannot be stored. I quote:
- Could the Publius Server Software completely fill my disk with Publius Content?
  Yes, the Publius Server could completely fill your disk with Publius Content. For this reason you may want to have Publius Content stored on its own partition or own disk. The Publius Server limits the size of individually published files to 100K.
(emphasis mine)

It looks like this was designed to specifically avoid mp3s and pr0n. Probably, they wanted this to be more similar to the original, anonymous federalist papers in that it is more intended for writings that may be offensive to the government of the writers' respective countries. Of course, in the U.S. it will probably just fill up with instructions for bombs and drugs. But one of the prices you pay if you host anonymously is that you take the chaff together with the wheat.
--
Friends don't let friends misuse the subjunctive.
New Slashdot Poll Topic... by Sir_Winston · 2000-06-29 17:10 · Score: 5

You're on to something. This would make a great poll:

Who would you most like to see in jail?

1) CmdrTaco
2) Hemos
3) michael
4) Jon Katz
5) Roblimo
6) Janet Reno
7) Bill Gates
8) everyone at Intel
9) Jack Straw
10) Metallica
11) Hemos' new wife, CmdrTaco's gf, and Natalie Portman, in a prison shower scene like in "Caged Heat"
12) Cowboy Neal and Whalen Smithers, in a prison shower scene like in "Cellblock Cumpanions"

Of course, poor Jon Katz would win, even though in our hearts we all know we want that prison shower scene with the girls. Except for the ten percent of us who studies say would want to see the Cowboy Neal/Smithers scene... :-)

--

"The more corrupt the state, the more numerous the laws."--Tacitus, *The Annals*