Slashdot Mirror
Zero-Knowledge Open-Sources Linux Client
jailbreakist writes "Zero-Knowledge Systems, a Montreal based privacy software company, has released the source code to their Linux client. The software in question provides anonymous web browsing, pseudonymous email, form filling, cookie management and more. You can get the source at opensource.zeroknowledge.com. The source is available under the MPL, and our clientshim and Yarrow (random number generation) implementations are under GPL." A while ago, we had covered Mike Shaver's move to ZK.
After having used the freedom network for a number of months, I have to say I like the idea of being anonymous on the net but don't like the price I have to pay in speed. I have a DSL line and I might as well be on a 56k line when I'm running the Freedom client, the response time is so reduced it's painful. This of course make me pick and choose when to run the client, which means I might as well not run it at all cause I frequently forget to start it when I should. Has anyone else had these difficulties?
The idea here is not that you trust us. The idea is that you don't have to. The name isn't just self-deprecation: the Freedom system is designed to protect us from knowing things about you, as well as protecting you from having us -- and others -- know things about you. The whitepapers cover this approach[*], and the limitations of it, so I won't bore you with the details here.
[*] though they focus on the 1.0 technology, the issues remain largely the same. The biggest change is in the mail system, where the removal of ``reply blocks'' removes the chain-of-warrants attack from that part of the system.
- Both authors and readers of information stored on this system
may remain anonymous if they wish.
- Freenet does not have any form of centralized control or
administration.
- It will be virtually impossible to forcibly remove a piece of
information from Freenet.
- Information will be distributed throughout the Freenet network
in such a way that it is difficult to determine where information
is being stored.
- Anyone can publish information. They don't need to buy a domain
name or even a permanent Internet connection.
- Availability of information will increase in proportion to the
demand for that information.
- Information will move from parts of the Internet where it is in
low demand to areas where demand is greater.
For more info: http://freenet.sourceforge.net/The freenet FAQ
RFC1925
Right. What if this software becomes standard among kiddy-porn traders? Would the guys at ZK find that funny?
I am so sick of 'what-ifs'.
So what if sickos use the software? The same sickos use the US Postal Service. Would you ban that?
I suppose digital cameras make it easier for the sickos to make kiddie porn - after all, you don't have to get film developed. Would you ban digital cameras? Hell, ban Polaroid for that matter.
Cryptography makes it easier for criminals to communicate with each other. Would you ban cryptography?
Most new technology has a up side and a down side.
I think in most cases the good far outweighs the bad.
--K
And really, do you honestly think the ZKS people never imagined that their software could be used for illegal/immoral purposes?
---
(I'm a Zero-Knowledge employee, but am not speaking for the company except where noted otherwise.)
I don't think the ``their own network'' part of the argument indicates a deep understanding of what's going on here: you can configure Freedom to use AIPs that are not owned or operated by ZKS, quite happily.
As far as the server source goes, I'm behind you 100%: the server source must be released, and it will be. We've said this in public, and I'll say it again here: <speaking officially>all of Freedom -- client and server software alike -- is destined for source release</speaking officially>. It's not going to happen all at once -- there's a fair amount of code involved, and trying to bite it all off at once is a recipe for unbridled pain -- but it's definitely going to happen.
When? Soon. Before you've forgotten that you read me write ``Soon''. =)
One of the primary features of the Freedom system is that it provides IP obscurity: people see your traffic originating at one of the Freedom network ``wormholes'', not from your real IP address. Is that not clear from the whitepapers?
- Mail
- Web
- SSL
- News
- IRC
- Telnet
I am a ZKS employee. I am not representing them in any offical capacity.You know, I really hate blatant sales plugs.
SafeWeb doesn't prevent SafeWeb from abusing users. It's sad that you guys even try to compare yourselves to a cryptographically secure protocol like Freedom.
First, SafeWeb is nothing more than a filter proxy. SafeWeb prevents doubleclick from profiling you, but who is to stop SafeWeb from profiling you?
SafeWeb could easily monitor any HTML FORMs you submit, and over time, build up a profile of you, including your name, address, credit card, etc. There is no theoretical security in SafeWeb, it's just another anonymizer.com/proxymate/etc solution.
Whats more, it slaps irritating ads on top. I'd personally pay $5/month for a privacy service just to get rid of the ads.
And because SafeWeb's only way of making money is advertising, it can't provide services for non-web based services like NNTP, IRC, SMTP, FTP, etc.
Finally, SafeWeb's business model is fundamentally at odds with its service. To sell ads, you have to target users. If you can't profile your users, you can't target ads. Non-targeted ads have extremely low CPM rates.
SafeWeb's only recourse is to sell URL-based targeting. In any case, I predict once the funding runs out, it won't last long.
Last but not least, you are not "first free, complete private, way to surf anywhere, anytime" Lucent's ProxyMate deserves that title.
Ta. That's exactly the sort of overview I was after. So the key for the cipher changes over time. Doesn't this approach give you known plaintext, tho (you can guestimate what the counter is). Why not encrypt the previous value, or the low order digits of the time?
Johan
"Freedom uses an untraceable transaction system that prevents the association of user identity information revealed during the purchase of a Serial Number
(for both cash and credit card transactions) to be connected in any way with any Nyms that are created."
read their privacy statement
The basic sleazeware produced in a drunken fury by a bunch of UCBerkeley grad students was still the core of BIND. --PV
If you had read the material on Freedom, you'd know that the serial number is used to purchase 'nyms', which cannot be traced back to you (read the white papers on the ZKS site for a description of the nym system.) All that anyone would know is that you'd purchased a Freedom serial number, nothing else. If you don't want even that on your record, I suspect that ZKS would even do a money-order transaction. Keep in mind that if "they" are watching you, then a sniffer on your internet access is going to show that you're running an encryption program, so "they" will already be suspicious.
"If I have seen further than other men, it is by stepping on their glasses." - Michael Swaine
As I understand it from the CEO a few months ago, the serial number does not even allow ZK to trace it back to you. They supposedly don't keep track of any of the serial numbers, it's all done on the client side.
Also regarding how it works, it's a kind of "onion" system. Let's say A wants to send a bunch of packets to B. The first thing that A has done upon setting up ZK is to choose up to 3 gateway servers for ZK, call them G1, G2, G3, in that order.
For each packet sent out by A, it will do the following:
- Put header with destination address to B
- Encrypt packet with G3's public key
- Add header with destination address to G3
- Encrypt the whole thing with G2's public key
- Add header with destination address to G2
- Encrypt the whole thing with G1's public key
- Add header with destination address to G1
Then it will send it using the first destination address. At each gateway, one layer will be peeled off using the private key, the destination address read, and the packet will be sent forward.
The cool thing about this is that at any point in the path, if someone intercepts and somehow knows the private key of a gateway, it can only figure out the previous and next hops, not the whole path.
Of course, if B has PGP or anything like that, nothing stops you from also encrypting the packet with B's public key.
The ZK system is an addition to this, providing anonymous transfer, not encryption of data.
It does take a performance hit to do all that, but it's not that bad. I just wish they made it free.
The importance of a good random number generator is often overlooked. Since symmetric (== fast)session keys are mostly randomly generated (and then encrypted by the asymmetric (==dog slow) user keys) if the the random number generator is weak, this can undermine the whole system's security.
You all recall that netscape's already paltry 40 bit encraption actually only had something like 14 bits of entropy, because so many bits came from the easily guessable clock (or something like that).
Anyway, Yarrow is from the always popular counterpane people. I haven't had a look at it myself yet, so if anyone has given it a gander, a summary would be well appreciated.
ZKS Freedom goes far beyond blocking cookies and encrypting e-mail.
They provide an encrypted, anonymous link from the website you're accessing, through your ISP to your machine.
All your ISP sees is you accessing a Freedom server, and all the website you're accessing sees is a Freedom server.
The whole point of Freedom is that, in theory, it should be impossible to trace back a name to an IP address.
You can't do this by using 'paranoid settings' in your browser.
--K
---
You can find out more here: .hu t.fi/Opinnot/Tik-110.501/1995/zeroknowledge.html
http://www.tml
I have no idea if any part of Zero Knowledge Inc.'s sytems use zero knowledge proofs or whether they just chose it for its cool name and vague relevancy.
It's just too bad that they're subpeona-able, rather than being based in a country that's not extremely cooperative with the US.
I don't think it matters. They've designed the system so that they *can't* trace anything.
The most they can do is deactivate a nym, but the nym can't be traced back to the person using it.
--K
---
In first issue of Help Net Security newsletter (named Default for some strange reason that bugged us for along time), published on Friday 13 August 1999, one of our editors was Jordan Socran from Zero Knowledge Systems. His first piece was about ZKS and its history, so it is very interesting to read it...
URL:
http://www.net-security.org/ tex t/articles/zks.shtml
I'll also try to find out an old interview I did with them, when Freedom wasn't even created, where he talks about future plans etc. I'll add the URL to this thread...
Cheers
Opensourcing an app the relies on their own network/servers- big risk, big deal; its just a publicity stunt.
Anyway, Sneakemail.com has better anti-spam/remailer features anyway, and their optional client has been in the the public domain. I'm sure the other features of zeroknowledge can be found elsewhere too.
Sneakemail is to spam filters what an ounce of prevention is to a pound of cure.
The only reason I kept a windows 98 box around was to run freedom. Looks like I can format that thing now.
Freedom is great. No one can trace your identity. If someone complains, they can trace it back to your nym and shut down the nym, but they can't trace the nym to you. When you buy a serial number, you get 5 nyms, or as I call them, 5 mistakes before you have to buy another serial number. You can do email, using your nym@freedom.net which is totally untraceable to anyone, unless you are stupid and put a signature in it. You can use IRC, ssh, telnet, www, and pretty much anything else that is a simple port to port connection. It's all anonymous, remote machines see a connection from an IP owned by zero knowledge, not from you.
I gladly fork out money for this service. If more people pay for it, ZK can afford to put in more servers and better servers to increase the performance of their network. It can be slow at times, but I only turn it on when I need it.
Need Free Juniper/NetScreen Support? JuniperForum
This app is really the cypherpunks dream come true. All the other pay products out there for anonymity are TOYS compared to Freedom in how well they protect your anonymity. The only thing that has a comparable level of anonymity is the mixmaster / cypherpunk remailers with the nym servers. I have used those too. They are much harder to use. They really only do email. You could use mail to web gateways to get web from the remailers but i never have. Wait a minimum of say 30 minutes (a chain of a few remailers) for one web page ? Yeah right.
3 .html
They took a while to release the source code. Some of the cypherpunks were wondering if they had been pressured by their VC backers not to. (one of the founders is one of the original cypherpunks). Im thrilled that they released the client code and expect that they will fulfill thier promise to release the server code - but dont take too long guys. They are also working on a semi-anonymous payment system. I say semi-anonymous because their comments indicate that UNLIKE the Freedom web product, they feel like they need to restrict the financial anonymity somewhat to comply with laws / banks wishes. I cant wait for it anyway.
Alot of you on slashdot have libertarian attitudes. Attitudes that include being against censorship and illegal snooping (like many think includes Carnivore / Echelon). If there is any company that will protect you against people who want to take away your right to anonymous speech that (US) Supreme Court cases have held exists from cases of anonymous political phamplets, it is Zero Knowledge systems.
Having said all this you all should know that it is quite likely that laws will be created to make strong anonymity like Freedom offers illegal. No kidding. The opponents of anonymity have not had much luck in congress yet. But right now there is the "Cyber Crime" treaty nearing signature that would require internet service providers to keep records that would make Freedom illegal. It would force DMCA like provisions on its signers. Who wants this and why will it happen ? Media companies, FBI, NSA and non us equivalents. From cnet.com [Edgar Bronfman Jr., chief executive of Universal Music Group parent Seagram, said last week. "As citizens, we have a right to privacy. We have no such right to anonymity."] http://www.canada.cnet.com/news/0-1005-200-198335
They are afraid it becoming far more difficult to go after Napster users if they need to. The FBI and NSA and thier non US equivalents like thier Carnivore and Echelon. Many believe that dispite thier assertions they do things that should require a warrant, without one. Here are some quotes from wired.com about this treaty proposal:
{..Require websites and Internet providers to collect information about their users, a rule that would potentially restrict anonymous emailers.}
{ "It's a direct assault on legal protections and constitutional protections that have been established by national governments to protect their citizens," says Marc Rotenberg of the Electronic Privacy Information Center. "It's both an end run by police agencies and a bit of policy laundering by the U.S. Department of Justice to get more (surveillance) authority." }
Strong anonymity is the only sure protection to the current level of corporate invasion of privacy. Do you know that for $50 you can get anyones SS# ? For a few hundred you can get all kinds of things like bank statements securities holdings, real estate holdings. I want pervasive strong anonymity so that i control my information and only a series of court orderd warrants can get it.
We won the battle on encryption. But we are likely going to loose this at least with the lawmakers. Why ? BECAUSE in the ENCRYPTION debate BUSINESS was ON OUR SIDE. Now they are almost entirely against us. ZKS is for us. Who else ? You know the power of money. Help fight for anonymity and against the DMCA and DMCA like provisions. Write your representatives and support an organization that is part of The Global Internet Liberty Campaign : http://www.gilc.org/ (includes organizations like the ACLU, EFF, EPIC, CDT)
Support the organizations that make up the Global Internet Liberty Campaign http://www.gilc.org/
I've been looking at Freedom for a long time. In fact, I was a beta tester for all of three minutes, until the beta software somehow managed to complately hose my ability to connect to the Net--I have no idea how it managed to do it, but it was probably because I had some funky firewalls installed at the time. Anyway, what I want to know is this: How can it possibly be anonymous, in a country like the U.S.? Don't you guys get calls from law enforcement agencies all the time, and it it's really anonymous aren't those law enforcement types very, very angry? Why isn't the Web or USENET flooded with copyright violations, harrassments, and child pornography coming from Freedom, if it's really that anonymous? Or has there been a problem with that, and I just haven't heard?
/. Interview topic some time...
I'm very curious. Please let us know. Maybe an interview with ZKS would be a good
"The more corrupt the state, the more numerous the laws."--Tacitus, *The Annals*
Why would you be surfing anonymously from work? Try this one -- it's hit me.
You're trying to fix a software issue. You find a link to a page that should solve all your problems -- but it's hosted on Geocities [ugh!]. Your company's proxy blocks Geocities. Arrgh!
It's lunch time. You're not going to convince anyone to get you around the proxy. Sure would be nice to be able to circumvent it yourself, no?
(Btw, this occured while assisting a friend at his place of work -- I'd never work for such a non-clued company).
So you will need a serial number to use the "privacy services". Where's my privacy if you can track me down to a serial number? It's worst than the Pentium 3 serial number, because you only used it at one computer. If I want to use this software at different places then I should move with my serial number. Or purchase another.
Food for thought.
As I understand it, their "Freedom Network" provides total anonymity. IOW, when you transmit traffic through their network, there is no way for the site, or anyone in between, to trace that traffic back to you. So it's much better than PGP or other systems, which simply protect the integrity and privacy of the data. This system also protects the identity of the source. Of course, this is all IIRC... someone correct me if I'm off base, here. :)
I see a lot of people are a little confused about the implications of this. First, realise that Zero-Knowledge is a *privacy* company. By implication, they do some security stuff as well, but mainly they do privacy. A lot of people make fun of the name, but it comes from the fact their privacy network is designed so that even they can't link the real identity of their users to the pseudonymous identities the software allows them to create. And that sort of explains why they released the linux source. They want to be able prove that there are no NSA backdoors, and that the product actually works the way they say it does.
:)
Don't confuse Freedom with PGP. PGP will keep the contents of your messages a secret, but Freedom will also keep the origin of your communications a secret. In that respect, it's a little like a mixmaster remailer. Except it anonymises the http and telnet protocols as well. And it's much easier to use than the mixmaster remailer.
It's not a perfect system. One of the white papers on their site talks about the security vulnerabilities in the product. Another issue is performance. Performance is always traded for security, and that's the case here as well. I think that over time, things will get faster though.
Some people are complaining because it actually costs money to use. Well, the software itself is free. Anyone can download it. They are actually charging for people to access the network. Last time I checked, that's what every single service provider in the world does. (Except those free ISP companies, but they keep ending up in fuckedcompany.com.)
The tokens are all identical. No traces can be done on the token, and the token can't be linked to the serial number or the nym it is exchanged for.
All of this is explained in the Zero-Knowledge white papers. Zero-Knowledge is commited to providing privacy.