Slashdot Mirror
Cult of the Dead Cow Going P2P?
An Anonymous reader writes "The BBC is reporting that cDc is releasing a new Peekabooty software in July which will defeat totalitarian governments and law enforcement from their current monitoring efforts. The article states: 'A group of hackers are developing a web browser that it claims will make it easier for people to circumvent censorship and avoid the attentions of law enforcers.
The software, which is due to be unveiled in July, uses a combination of encryption and a Gnutella-like network...'" CDC of course is famous for tools like Back Orifice, which is mostly controversial because its a perfectly legit admin tool with a really scary sounding name, and the fact that countless crackers use it. This is just another P2P tool, but these guys have a history of making waves, so it'll be interesting to see what happens.
You said P2P. I love funny words, b2b, synergy, now p2p. hehe synergy...
It'll be pretty great to see something like that. I've always liked the cDc for creating things so controversial. They always, however, manage to keep everyone in line, including microsoft, when they demanded they recall SMS(I believe that's its name) when MS said BO2k was classified as a virus. Don't think we heard from MS about that afterwards. Cheers
Of course you can make norton ignore BO2K. Theres a tab called exceptions or something to that efect that allows you to specify files or directories that norton ignores. I imagine that most anti-virus software have similar features.
... and a Gnutella-like network correct me if I'm wrong...but isn't this pretty much Freenet? What are they doing that's supposed to be better? Not code in Java? :P At this point there's a bunch of different groups working on all these networks, and none of them are perfect...it'd be better if they joined efforts with each other to build something that actually works well...gnutella has problems, freenet has problems and chances are this will also...these technologies still have a long way to go.
mmm... old school text files.. here is one about the mentality of your average /. poster
In theory, you'd be able to use your web browser, P2P client, FTP client, Usenet client, IRC client -- everything -- in the encrypted space without modification. In practice, everything would be slow and unreliable, and possibly open to exploitation (Who gets what encrypted Internet address? How do you know what you're connecting to? Can someone break out of the encrypted network to the regular Internet through your connection and run attacks through your computer on it?) Still, is there anyone out there with more knowledge about whether or not a system like this is possible, feasible, or already in development?
BTW: cDc rocks. I'm a good deal more warped for having read most of their material.
This seems to be quite similar to crows.
Crowds is an idea from Michael Reiter and Avi Rubin at AT&T. The basic idea is to become anonymous by joining a crowd, and to pass browsing requests to a random member of your crowd. In effect, every member of the crowd runs a proxy server for the benefit of the eveyone else. Read all about it at AT&T crowd central.
acz
Just 3 months ago there was a whole article made by one of the napster makers of why gnutella can't scale( Article here) I'm aware that it says "gnutella like" but i don't know how this could be better implemented. Also one reason why encryption isn't used all the time is because it's not as fast to get the info compared to non-encrypted websites and such. Judging by the Back Orfice encryption, i suspect that this encryption will either a)Be terribly slow that no one will want to use it. or B)It will get cracked in a week. The government can take active participation, it's not like they don't try to crack encryption scemes. I don't really see this web browser as being the ultimate privacy killer-app because you'll need users that are going to commit to slow downloading of webpages and a network protocol that has been mathmaticlly proven not to scale.
sounds to me like a government that blocks access to nazi memorabilia would find under the regimes that limit access to information.
personal freedom for everyone but nazis?
personal freedom for everyone but jews?
anyone have any examples of countries that value their citizens' freedom as an example for french people to move to?
For what reasons, exactly, do you respect the French government?
Peekabooty and tools like it, are the last defense for citizens against the thought police. Just because the French know how to make wine doesn't mean their government isn't as dangerous as the one in the USA, or the one in ROC, or the one in EEC, etc...
; -- the corruption of government starts with its secrets. a truly free people keep no secrets. --
And by stint of association with the US, the French government is "A-OK with me"?
Hmm.
; -- the corruption of government starts with its secrets. a truly free people keep no secrets. --
This is one particular case where platform agnosticism is crucial.
Does Peekabooty run on Windows/MacOS/Linux/*BSD/BeOS/etc?
Is the source available? Can we port it quickly?
I'll be interested to see their launch of this tool at Defcon this year...
; -- the corruption of government starts with its secrets. a truly free people keep no secrets. --
There's no mention of this on the official cDc website, so we're still short of technical information. How does this compare to alternatives like Freenet and Mojo Nation, which are designed to avoid the mistakes of Gnutella and Napster? And how much closer does it bring us to the first P2P service proposed, Ross Anderson's Eternity Service, which basically describes all the ideal qualities a P2P could have? I'm looking forward to reading what the CDC themselves have to say about it - it's a shame we hear it from the BBC before we hear it from them...
--
Xenu loves you!
I suppose you're being a smartass but there already is one: Internet2? Though, if you're not at a university of government research site connected to it you're SOL right now. I bet there's hardly any spam and porn flowing across those nice fat pipes. *sigh* :-)
Some comparison with prior work please.....
--
Good luck!
--
--
--
--
I mean, hello? The BBC used to be the tower of clear English. I couldn't believe the number of silly typos and mistakes in that story -- it looks like it was simply not edited (somewhat like a Slashdot story...).
- Tal Cohen
While I hope that Peekabooty becomes a useable tamper/monitor resistant network, I wish the cDc had focused on some of the more challenging problems facing peer based networks.
There are already a number of secure information sharing networks, like Freenet, Publius, Anonymizer, etc, etc...
The problem with these networks, and probably a majority of the net is locating the content you want in the first place.
They do not mention any details on the discovery mechanism Peekabooty uses, so perhaps they have covered this base as well, but I doubt it.
Napster, which is great for locating content, is quickly dying a painfull death. Gnutella and Freenet, which are more legally resistant are no where near as effective at locating content.
Gnutella is especially inefficient at this task, so I hope Peekabooty is not modeled after the Gnutella style discovery method.
At any rate, I wish a lot of the focus of peer based projects would shift from simply being Peer to Peer!!! into specific implementations of peer based functionality, like resource discovery, content transfer, etc.
There was a paper written recently (http://www.darkridge.com/~jpr5/doc/gnutella.html) that details why Gnutella cannot scale well.
Many users (such as myself) with nice fast connections have bandwidth limits per month after which we start to pay. The moment the cable|dsl bill comes in the mail, little Billy's parents will be cutting off the broadband.
It's a great idea, but in practice it's popularity may be it's downfall.
grubbyTrolling is a art,
That seems like a great idea, a P2P web browser. The only problem is, sure you can find out a lot of things that maybe 'they' don't want you to. But that requires the information be on a server somewhere, and servers require bandwidth, so if 'they' really doesn't want you to see it, they can just take that server out. Like the French and Ebay there. We need more 'Freenet' alternatives too!
---
--
Insert Witty Sig Here
I don't necessarily think that cDc's implementation of the whoopass-crypto laden needle-in-haystack p2p app is any better or worse than the others could be. Back Orifice isn't the best of it's kind.
Currently, freenet's the 500lb gorilla of these. Crowds is cool. Hell, bolt some new host discovery tools on gnutella and use stunnel, that should be fun.
Currently the landscape has 3 variables. Encryption to hide what's being said, neat discovery protocols to hide who's serving, and transport protocols to hide who's requesting/recieving. Combined, the protocols can serve to counter traffic analysis attacks.
These things have already been thought out. It's some pretty nifty math. But all the implementations of this scheme have some fundamental weaknesses (theory/practice all over again).
The first is assuming that people will actually use them. I seriuosly doubt many people outside the geek, IP and gov community even know about freenet, crowds or such nifty things. If only a few people are using it, then they are automatically suspect, and can be attacked in other ways (tempest, wiretaps, room bugs), thus defeating the scheme.
The second is the number of apps/protocols doing this. Name 4 version 1.0, ready for prime time implementations that have been deployed widespread for consumer use...thought so. For a repressive gov or corp, it's like playing whack-a-mole with only 1 hole for the mole to pop out of.
This is where cDc comes in. The fact that the people who keep the closest eye on this kind of thing (us) heard about it from BBC says a lot. This is going to be all over the tv news. Everybody's going to know about this. Where freenet and crowds work on integrity and discovery of information, the mere idea that cDc is working on this increases the availability of the information to the defensive player. This is done through manipulation of open information sources. Brilliant.
As a result, the others who've been working on this for a while are going to become more motivated to work on their apps so that cDc doesn't steal their fire. How would you feel if you did all the basic research for this, spent years developing it, and then a bunch of drugged out, ascii art typin' wierdo's pulled the rug out from under you? I think cDc's app is going to make it so the whack-a-mole game is a whole lot more difficult. There will be more than one app/protocol simply because all the current projects will get more attention. For example: look at the current p2p landscape post napster smack-down. The other protocols are doing quite well. I would say to the effect that even though judge Patel ruled in favor of RIAA, p2p won. Thank you, RIAA, for enforcing a move away from cruft. Now we are more able to thwart you.
I don't know what cDc's app will be like, but I do know that as a platonic perfect object, it's going to be a resounding success by filling in a lot of the weaknesses of the practice of encrypted p2p. With Freenet and Crowds having worked out the theory.
Yay cDc!
"Let him go, Ralph. He knows what he's doing." --Otto Mann (simpsons)
If cDc plays nice, it'll support freenet gateways. The more the merrier! (think of the Mojo you could make by operating a MojoNation/FreeNet gateway!!) Hopefully the cDc version will support as much anonymity and security as freenet.
Returned Peace Corps IT Volunteer
diverse...oh, wait.
Ideally, one project would make everyone happy. But then we see things like microsoft... We're still in the early phases of the current P2P architectures (note the word 'current' -- let's not forget the 70s here, people). Different people will create from different paradigms, for different needs (cDc P2P--control any computer from any other computer?). We'll eventually figure out the central blob of features we need in every case, and the add-ons that each group prefers, and all will be happy.
I would hope that the freenet folks learn from the approach of the cDc folks, and vice verse. I presume cDc will be open source, as freenet is, so there can be code sharing to reduce duplication of effort.
So yeah, I guess my answer is diversity of features, but with a hope that people won't be stupid about it (the wheel already exists, don't reinvent it!) and a goal of a standard set of protocols and tools/features.
Returned Peace Corps IT Volunteer
The usefullness of this tool in countries like the US isn't really clear. If this tool will successfully redirect ip addresses for "secure" e-commerce sites, it is a MAJOR point of concern for online retailers.
This could be the script kiddies saftey blanket for online fraud like "carding" and creation of fake accounts for everything from software to porn.
I will not be surprised when users sit up and say "Why doesn't this forum remember me?" The nature of the user that this software atracts, is the half educated kid that doesn't really get it
On the other hand, cDc and L0pht have always produced tools that force security experts to stop being lazy and get back to making truely secure systems for e-commerce and the like.
Dissenter
Dissenter
"There is no knowledge that is not power."
Amh. How come? Another project will always create duplication of effort, meaning that if the coders had worked on one project instead of many, that one project would be better than any of those many projects. What are the benefits of additional projects? And don't say "diverse features" or something like that, that's bullshit, I see no reason why all the features couldn't be in one client, provided the architechture is versatile enough. And it should be.
-Kaatunut
- Kaatunut
I didn't say I'm against diverse features. I'm against diverse /projects/. Microsoft was a problem because it was one project with one goal; I don't see linux, for example, as such problem because it's one project with many goals. Likewise, rather than two projects (cDc vs. freenet for example), I'd prefer seeing one with plug-ins/mods/forks/whatever for different purposes. Because, if you do different projects, you're bound to do some reinventing if the projects have anything at all to do with each other (P2P...).
- Kaatunut
If anyone can spank the RIAA, the MPAA, and the archaic information control policies of places like China, Singapore and half of the middle east, all at the same time, it's cDc. They've got great hackers/coders, and a great publicity engine. This is gonna sound corny, but in the age of information security, control, and secrecy, people like the cDc are freedom fighters.
I am the king... of No Pants! www.penny-arcade.com
But no matter who gets it done right, the very concept of the tool is outstanding, because it gets right at the heart of the issue; do people have a right to privacy, or not? For the French and others, REAL P2P erodes their ability to say "We respect freedom of speech and thought... Except for X, which obviously has to be stopped."
But I bet the only way this thing resembles a "web browser" is in tunnelling everything through port 80 (and maybe 443). Now *that's* the way to hide in a crowd. I'm very interested in the technical details. They will actually have a lot to do with who uses it and how...
Boss of nothin. Big deal.
Son, go get daddy's hard plastic eyes.
Expanding a vast wasteland since 1996.
Now seriously, would *you* install a p2p client/server that comes from the same guys who do Back Oriface?
Sure you read the source...
Xix.
"Everything is adjustable, provided you have the right tools"
People at EFC have been seeking help for countries with restrictions on what they can and can't see so this would be a plus to them. (view their email on this)
;P
What will be nice to see is how governments and corporations will respond to this, concerning piracy, patent violations, the typical bullshit we've seen for the past few weeks.
Funny I posted this on my site days ago
Privacy links
Want Root?
1. World Free Web - an attempt to connect browser caches to Freenet, creating a "backup web" that would be as anonymous and private as Freenet, but as easy to use as Mozilla.
2. FreeSQL allows you to port your SQL-based apps to use Freenet as the underlying storage mechanism.
Can your IM do this?
These days a lot of the cDc members live in san francisco.
-- free as in swatantryam - not soujanyam.
The main reason China (and other nations) haven't YET cut off all internet access, and probably won't, is that as much as the governments love their ideology, they also love money and foreign investments. China, for example, knows it can't survive without foreign investment and commerce, and the internet helps facilitate that. Thus, I don't think China would ever completely cut off its citizens from the internet - though it might restrict things to a very few "approved" web sites.
-- "Those who cast the votes decide nothing. Those who count the votes decide everything." -Joseph Stalin
The dailynews.yahoo.com link above is a good example, as it is likely that you couldn't easily visit it from a computer in China. To see what I am talking about, look at these:
-
Punching Holes in Internet Walls, a New York Times article on various
attempts to circumvent access restrictions. (Here are the obligatory
partners and
channel links.)
- Beijing
Declares Victory But Chat Rooms Are Skeptical, a New York Times article
providing background information on web discussion boards used and censored by
people in China. (Again, channel and partners
links.)
- www.realmapping.com, (changing their
name to Quova), a company attempting to keep a database of IP addresses versus
geographic position. You can look at some technical information here.
What one gathers from the above articles is an on going tit-for-tat battle between the Communists (and other censorous governments, in conservative Islamic nations, etc) on one hand, versus the people of those nations, and those who would offer them information on the other. China and those other nations don't firewall based on the content of the data passing through; they just generally block connections to specific places, by DNS name and IP address. People found they could use a proxy service such as safeweb to get to the unfiltered Internet. Then the Communists found safeweb and blocked access to it. So safeweb started daily emailing out a new list of sites which were running the safeweb proxy, and the Communists would rush to block those and the safeweb folks would rush out new ones. Eventually the safeweb people came out with a way for any individual in the free part of the world to easily run a proxy that accepts connections and redirects you to safeweb, that is the Triangle Boy system. That's about the state of things now.A system or service like that described in the realmapping links might be used by gateway machines in China to broadly filter all sites outside the country, except for perhaps a select few. This is a real threat to the safety of the world. If Chinese grandmothers and high school students could easily and regularly read anything on the web, then China is much less likely to end up in a war with us or with Taiwan. The Chinese are not going to like America more or agree with our positions because they can read the propaganda and claptrap that our press spews out every day, but they will have a different sense of perspective (perhaps more cynical) and they will be less likely to get into a froth about some spy-boys getting a little rough with airplanes. I'm not going to get into the philosophy of it all, but suffice to say that I think that the more the people of the world can see and hear of each other, the safer the world will be. The Truth Shall Set You Free.
A system like Triangle boy, which is a network of proxies run by volunteers to enable you to connect to safeweb, is what we really need to solve this Internet filtering in foreign countries. An easier to use freenet/ gnutella from l0pft will be very exciting of course, but I think it may not be the right solution for the Communist censorship problem.
For a gnutella/freenet to have effect on the Chinese student who wants to read a New York Times article, it has to be undetectable by the Communist Firewall (because the Communists might decide to block all encrypted traffic, or find the student himself) and it depends upon someone in the free part of the world running a script to dump www.nytimes.com over into the gnutella/freenet system every day. I believe it would be much better to set up something like Triangle Boy but without the single point of failure of the central safeweb service, and doing something to hide and disguise the web page requests and content.
That's really hard to do. If you settle for a distributed system that doesn't hide and disguise the traffic, then you run the risk that the Communists will simply block all encrypted traffic or start trying to track down and harass individuals inside their country. Maybe you can depend on the difficulty of running that type of firewall on a whole country, and the fact so many people will use it even the Communists won't be able to throw them all in jail. Maybe you can also set up clever proxy and client combinations that hide their real traffic in the meta tags and comments of innocent looking web pages, or use other steganographic techniques, but you would have to be constantly upgrading them against Communist detection.
By getting rid of the central safeweb point, you also avoid any censorship due to cooperation from publishers on the free side of the firewall. This would have the effect of making it impossible for Yahoo to not display Nazi stuff to France, because they couldn't tell who was from France. This would make the IP ban that occurs after you modded down 5 times in 24 hours also useless. Yahoo and the French, the Communists, and Rob Malda will all have to come to the realization that anything they put on the Internet is on the Internet for everyone, no discrimination.
That day cannot come too soon. We need to get to work.
pedant:on
You're right: this is terrible grammar. Ordinarily, a group / company / country should be taken as singular.
So, Microsoft is planning world domination, as opposed to Microsoft are etc.
The second should have a possesive apostrophe: blah blah at this year's Defcon.
However. In spoken UK English, at least in London, you are more likely to say "A group of hackers are developing" than "is developing" because it allows you to roll the "are" sound into the end of "hackers" to make a "hack-erz-a" sound. The grammar rules have yet to catch up with modern speech, and many journos try to write as it they were speaking. It tends to read better that way, y'know?
Still, if they dropped the "A group of" then the singular verb would be correct. As it stands, the to-be verb should correspond to the primary noun which is "A group", and not "hackers".
/pedant
...but not because it's revolutionary, new, or even somehow an impressive technical achievement (or achievement to be). It's important because cDc has the ability to make a statement that will be heard net-wide. It's importance is of a political nature.
That's funny, I thought the CDC was more interested in wiping out Ebola and AIDS...
Of course, it could always be (successfully) argued that governments ARE, in fact, a disease...
Hmm...
Zaphod B
Zaphod B
When duplication is outlawed, only outlaws will have
Ah, they're keeping at it.
They've actually been talking about this for years. Last year, I was at a 'hackers and law' conference at our local law school, and 2 CdC members were there (oxblood, and BroncBuster). They were debating with a local FBI agent, and they ended up actually discussing this project back then. I think the idea is great! I just wish that they had 'sourceforge'd' it so others can help! Maybe they will do that at defcon...
Moderations Totals for CmdrTaco: Troll -5
<grub> Reading
Dead on.
We really don't need anymore code that tries to implement yet another anonymous, decentralized peer to peer network and comes up a little short of its potential.
What we really need is a good specification written in nice plain english.
I believe that that's what the folks over at the freenet project are attempting to do.
No thanks. I don't smoke anymore.
Whee, another relaying scheme. No seriously, I don't see why anyone would host potentially (more like probably) illegal connections for someone else. In the end someone has to pass the request to the destination server.
And the argument that - "If suspected of originating these requests, simply explain that you were participating in a crowd (regardless of whether you were or not!)" is hardly going to make any difference in a court, or against an ISPs terms of service agreement.
.oO Kaa Oo.
I wish cDc would just go back to writing stories about Debbie Gibson fighting ninjas. Stick to what you're good at.
Is this going to be a client for a web browser, or a server to work as a proxy?
What if we could actually come up with a far more scalable version of the existing 802.11b "ad hoc" wireless networks, which let you connect a whole bunch of laptops w/ wifi cards together without needing a gateway or hub? Getting across oceans and wide-open spaces would still require some dependence on infrastructure (and thus on corps and govs) but in a megalopolis like the northern half of the east coast has become, we could get enough people with wireless access just roaming around to route messages pretty far without ever touching a cable. This is what'll be REALLY uncontrollable, especially once we figure out some anarchic way of bridging the vast distances that's got plenty more bandwidth than packet radio. Still problems here - you're broadcasting stuff, so you're easy to find, plus frequencies can be jammed, also that scalability thing that gnutella seems to still be having some trouble with.
One that would be much harder to filter ... and harder to regulate ...?
I could see this doing wonders for many large countries like China ...
makes you wonder
this program could be used for a lot of things. blah blah china people might be able to get around the censorship blah blah. cDc made that up ahead of time so they had a good excuse built up for when their ass was against the wall. And we believe this? this program is an uberproxy. you cant pin it down because server requests are encrypted and passed between a few different users before they hit the server. puts an anonymous proxy to shame.
possible uses for this software include credit card fraud ("carding")...ok thats all i can think of...but that makes carding on any site completely safe. trace all you want. you cant go through 6 different home computers in time.
______
"Sorry, but I don't there's anything charming about ignorance and carelessness." -LordNimon
i dont know if anybody else had a proxy in school. but i did, and the way to get around it was to use another proxy, to make someone else send you the data through another.proxy.com. you request a page, they go through the usual process, then spit it out to you
I assume cDc did the same thing but with p2p:
First an encrypted request is sent out, a certain number of users take the job of routing it. the person on the far end begins download and encryption. then the data passes downstream to the enduser. (the person who requested the html file in the first place.)
For any reason you might want to be anonymous, you could use this program. carding (credit card fraud), spam, useful for hacking maybe, i dunno, but basicly this is for withholding your IP for any reason.
______
"Sorry, but I don't there's anything charming about ignorance and carelessness." -LordNimon
this is just a hack of microsoft's BackOffice Remote administration tool! they took that program and made it into an embryonic trojan. any smart 13 year old script kiddie could slap that into another program without blinking twice. please show me your legit uses of this program, because im straining to see the light. damn optimists.
______
"Sorry, but I don't there's anything charming about ignorance and carelessness." -LordNimon
While I don't use Gnutella (and agree with you that it's questionable to try and cook up a legitimate use), I could see it being used for something like movie trailers, where it's more or less freely redistributable, but the server serving it could easily get Slashdotted as ever geek with DSL (and even some stubborn ones with modems) rushes over to see what the Matrix 2 is going to look like.
If you've had the software around as long as Gnutella's been around and you're still trying to come up with a legitimate use for it, it's my opinion that you've already lost.
This could be done very much like Crowds, which is also an online privacy tool. It seems to be closed source though, so I havn't tried it. I predict the following extra features in the CDC program:
1) Strong encryption, ideally masquerading as SSL, to stop it being too easily blockable. Or better sill, MSN Messenger format messages.
2) Open source, and availiable on all platforms.
3) Something to allow all your HTTP traffic to be routed through the same machine for one session, so it is possible to access sites like Hotmail that forward you about a lot, and check your IP address.
4) More cow pictures.
Michael
"Goodness me, how unlike the FBI to abuse the trust of the American public." -- The Onion
Stop totalitarian governments? I'm all for freedom of speech; i.e. expressing ideas, criticizing government, etc., but governments that repress this are certain to outlaw this browser. As for the U.S., etc, do we really need more tools to help people hide things like child porn?
Donate background CPU time to fight cancer.
At any rate, I wish a lot of the focus of peer based projects would shift from simply being Peer to Peer!!! into specific implementations of peer based functionality, like resource discovery, content transfer, etc. -- PureFiction
Good points. Of course, these are the core problems of any network implementation. I'd say that, as an industry and as a science, we've done a poor job at developing robust discovery solutions that are both useful and resistant to degradation -- degredation due to malfunction, overloading, or black hat mischief.
This is another example of a situation where the availability of a flawed but usable solution creates de facto standards that are barriers to better solutions as they appear, and are disincentives to those who might invest effort to develop those better solutions.
JMHO - Trevor
-- We all have enough strength to endure the misfortunes of other people. La Rochefoucauld
The MIT Freehaven site is a similar project and has some interesting articles about problems of current anonymous p2p systems like Gnutella Freenet and Mojo Nation , such as Accountability flexibility and different kinds of anonymity.
~
- an ISP can't possibly feel itself justified in shutting down anyone shoving gigabits through the Gnutella port (you've already heard about this probably...), and
- so the Government can't try to stop Gnutella (company?) from distributing Gnutella software (it wouldn't matter if it did: Gnutella's already out there and since it's P2P the government can't do anything to get gnutella company to shut down the service, but:)
- Or worse, to try to go after the users and to make it illegal to use gnutella! (Which isn't so farfetched...)
The government or RIAA can say today, "Look, there's no justification for using gnutella since it's basically only used for piracy, so anyone that's shoving data over it has every reason to be denied that right."But if we could say: "Uh, actually, it's just a distributed internet surfing system with encryption, which also happens to work as file-sharing as part of its distribution scheme, since it doesn't differentiate between html documents and binary documents, which isn't a meaningful distinction anyway since you can MIME encode anything into html if you want,"
THEN the government will be forced to say: "well hot-damn. We can't have ISPs shutting down distributed information sharing, which is the only thing WEB-SURFING can be construed as, since it would be a denial of freedom of speech (denial of right to know. Freeedom of speech, although IANAL, only is a meaningful right as long as those who want to listen to you have the right to listen to you.)
There's little the Government or any ISP could say against "It must be encrypted so that the information becomes available to users under a totalitarian regime. It must be distributed so that that regime cannot shut down a web server and cause the source of the information to cease."
The upshot: the government, your ISP, the RIAA, etc, etc, will have NO way of keeping the ENCRYPTED, DISTRIBUTED, "stuff" that you share from happening to be pirated. They can shut down Gnutella of today to some extent by making the software illegal to own, since they would be fairly justified in saying that it is used almost exclusively for illegal purposes. If you started doing web surfing over it, there is no such argument.
For this reason alone, all of us should start doing all of our surfing through this new system as soon as it's featurey enough.
Besides, at the very least, if we started doing that, then whatever we do websurf will be hidden from our ISP by being encrypted, and documents will probably come over much faster under a distributed system. Well, static documents would at least. Maybe this system would also serve to route you around faster, mimicking IPV6, so we could still do better to use it than surf straight. There's no limit to how much good we could get from doing all of our surfing through a distributed, encrypted system, and since the fact that it would make piracy easy is an inherent but small side-effect, it would mean that no one could stop it.
Long Live the Freeedom to Rip Artists Off!
(Which I happen to disagree with, but to a far less extent than I do with the RIAA's trying to force us not to share our files. If artists included an address to send money to in the extended descriptions fields of their MP3's [yes, artists should distribute their own mp3s], I know that I for one would take advantage of it and give them their due. As it is, it's far too much trouble and far too much of what I would pay would go straight to the record industry's pocket. That reminds me of a joke, which is actually a good analogy for why we share name-brand artists instead of no-name artists, even though name-brand artists are being whored out by the record industry.)
~
An Anonymous Coward writes "Judging by the Back Orfice encryption i suspect that this encryption will either a)Be terribly slow that no one will want to use it. or B)It will get cracked in a week." Now I'm not sure about the original BO's encryption, but BO2k has the option for plugins that can choose Blowfish, Triple-DES, or other encryption schemes for data. Doubtful that someone will crack that in a week. As for speed, I have yet to use BO2k (I'm currently experimenting with VNC, although BO2k seems to have more features), but I doubt that it is terribly slow. (Btw, if anyone does use BO2k, can you comment on the speed under a decent computer (say anything higher then a P200) with a strong encryption scheme? Thanks.)
the harder you press to stop the free flow of information in any form, the harder people will press back. This is the natural way of things.
Ther harder you try and conform people to a standard the more they will nonconform.
You take away thier books, they will write there stories in the streets.
You take thier pens and paint, and they will write there stories in thier music.
You take thier voices and they will write there stories with thier blood.
This will never stop, as it is the natural order of things.
RA7
-
"Consistency is the hobgoblin of small minds" - RWE
We have spent millions of dollars creating a new copyright law to protect authors and musicians, in Australia,
You're a liar. If you really protected artists they wouldn't be so thoroughly exploited by corporations-subsidized by your policies I might add. Copyright law is for business', not artists.
and you guys come along and simply slap up circumvention devices like there never was a problem.
There wasn't a problem until greedy morons like Bill Gates came along and made the Internet a commercial battleground. A battleground where your government gives money and infrastructure to businesses like Microsoft so they may succeed in this endeavor and control the entire Internet much like they already control the 'computers-sold' market worldwide. It's all about the market.
Why don't you government wogs ever give millions to artists every year? Answer: they don't pay for your campaigns.
Tell me this Smart arses:
BTW, impersonating a government official is a federal and international crime.
How do you think my corporate benefactors are going to treat me now that you've (in theory) stepped straight around the provisions in my new laws?? Don't you realize I'm going to have to send some Australians to jail for five years once they use this now illegal circumvention device.
That's right. Use the Internet and you could go to jail. Didn't take long for the powers that be to threaten the Net using public at large. How about this? You go to jail for misuse of the peoples funds and are banded from public service for being a brainless jerk!
______
jeff13
The internet is the main weapon freedom fighters have against increasingly Orwellian governments. We must keep it free (as in freedom) at all costs. We must block all intrusions by those who would spy on us.
Demand liberty. Always
good luck and god speed to them in their quest to defeat the totalitarian regimes out there. Maybe they'll have a better record along those lines than the U.S. government.
Sure, the functionality it provides IS useful, but you can't call a program which DELIBERATLY hides itself from users a "legit admin tool". It's a trojan, and it was meant to be a trojan.
The folks over at cDc really are the freadom fighters of the information age. Makes me think of the original Star Wars movie. The world is full of oppressive governments (the USA included aka carnivore) and monopolistic corperations like M$ and AOL. Some one has to fight for freedom of thought.
* Carthago Delenda Est *
Does that mean they are implementing something like crowds? I just hope they do it right, because making anonymity work is a bit more complex than just shipping stuff through a bunch of intermediaries.
The cDc is a great organization, but we need it to either grow or for more groups like this to form so as to take on more projects. Think about the problems with censorship from governments and organizations like the RIAA and the Video Watermarking Group that need to be dealt with. The digital watermarking of cds and dvds, filters in public institutions, the amount of data that big corporations can collect about us, etc... I find it worrisome that there is virtually no public outrage about these things. The cDc is the perfect kind of group to take care of business.
"A witty saying proves nothing." - Voltaire
This might initially seem to apply to only those nations under strict regimes and which limit access to information, but it seems that it could be fought in other nations, too. Consider that it would allow French citizens to get around the ban on Nazi memorabilia. If we make it more difficult for them to comply with the court order, we'd better hope the French government doesn't hear of it because it might put more restrictive limitations on Yahoo. To be honest, I couldn't care the least about Yahoo, and I think it's excellent that something like this be created, but if governments which we respect and recognize find out about this and they start putting more restrictive orders on censorship, we set a dangerous precedent.
If it's not due until July, they really shouldn't have leaked it. This gives the Dark Forces a chance to make a preemptive move against them and try to prevent its release.
"CDC of course is famous for tools like Back Orifice, which is mostly controversial because its a perfectly legit admin tool with a really scary sounding name,"
Um... scary sounding name? Okay it's weird but is it really scary? I mean Black Widow sounds scary. Carnivore sounds scary. Back Orifice doesn't really sound all that scary. Unless you're in prison I suppose.
We have spent millions of dollars creating a new copyright law to protect authors and musicians, in Australia, and you guys come along and simply slap up circumvention devices like there never was a problem.
Tell me this Smart arses: How do you think my corporate benefactors are going to treat me now that you've (in theory) stepped straight around the provisions in my new laws?? Don't you realise I'm goiung to have to send some Australians to jail for five years once they use this now illegal circumvention device.
Sen. Hon. Richard K R Alston
Sen. Hon. Richard K R Alston
Australian Federal Minister for Communications, Information Technology
What's wrong with Freenet? Wouldn't it be smarter to assist an ongoing anonymous, decentralized p2p network (which sounds substantially more advanced than Peekabooty) rather than spawn off another one? --Greg