Slashdot Mirror
Zero-Knowledge Ceases Linux Support
My brief experience with Freedom's software - I attempted to run their first version, on Windows. It didn't work on my machine, and totally killed networking when I uninstalled it.
Fine, I said. I'll wait, because the concept here is great, and obviously what they're doing is pretty technically challenging.
So when version 2 came out I tried again, this time on my Debian GNU/Linux system. (I had defenestrated myself in the meantime.) They only offered support and downloads for Red Hat systems. However, if I compiled from source, including a "kernel shim" and some modules and a half-dozen other knick-knacks inserted into the system at various places, it should theoretically work, they said. (Zero Knowledge described the process as "non-trivial", hah-hah.) I tried. I think I almost got it working. I asked for help. Couldn't get any. I gave up.
Oh, and while I'm at it, they never made it easy for broadband users to use their system either - it was (I'm not entirely sure this is still true, so I'm hedging a bit) geared entirely toward dial-up users. Hmmm, they have a product which is attractive to technically-inclined people, and they're limiting it to inferior operating systems and slow internet connections. What is wrong with this picture?
So, that's my story of attempting to use Freedom. The Zero Knowledge people badgered Slashdot for a while, asking if we would do a review of their software. See above for why we never did. Frankly, I'm not at all surprised that the population of Red Hat Linux users is much smaller than the number of Windows users using their service. Linux users probably would have been a bigger chunk if they had ever reached out to people not using Red Hat. I suppose it's a pretty good thing that I didn't end up actually using their system, because they would be cutting me off with this decision - I'm obviously not going to "upgrade" to Windows.
Cryptobox has been in the news recently. They're another project trying to do roughly what Zero Knowledge is trying. Secure, anonymous communications over the internet is obviously a nice target, but just as obviously a very hard one to hit. I'm still waiting. I'm willing to pay. Here's my optimum criteria:
- Easy installation packages for both client and server (apt-get install foo)
- Must not fsck up the the machine upon installation or removal
- Both client and server source available
- Reasonably low service fee, if there's a fee (ideally, the server cloud would be provided by volunteers, I'd be happy to be one)
- Best possible anonymity and security
These are in rough order of priority. A system which offers a significant improvement in anonymity but perhaps has various attacks which could be made against it, BUT is easy to install and meets all the other criteria, is far far better than a system which is theoretically invulnerable but impossible to install, or worse, not deployed at all. Everyone building these types of systems keeps attempting to get it perfect on the first try, and as a result, there is nothing.
It's called a proof because it involves proving you know something. A Zero Knowledge proof means you prove you have certain knowledge without divulging any information about what it is you know (Zero knowledge is what you're giving out).
A good example of this is password verification. To verify a password you only need to provide a hashed value of the password and it can be compared to the correct hash. Thus you can prove to someone you know the password (you could not have generated the hash otherwise) without giving any information (an ideal hash function cannot be reversed to provide the original pw).
The example you gave about the guys in the bar is not really a ZK proof, but it is associated with them because it is a cryptographic problem that uses similar protocols for a solution.
As an aside, true ZK proofs are not known to be possible. Normally they achieve 'proof' with sufficiently high probability, but never absolute. It's sort of like asking yes or no questions: you have a 50% probability of guessing the right answer. But repeating the protocol, say, 10 times, will provide (1/2)^10 chance of guessing all correctly (or 1 in 1024). At that point you can be pretty sure the person really knows. This is, of course, somewhat simplified. Pick your favourite Crypto book for a better explanation (I think the Vanstone, Menezes & Oorschot book, The Handbook of Applied Cryptography, has some good stuff on this).
I would use a cross-platform development enviroment to begin with. "Linux blinders" simply would never be an issue. The possibility of BeOS and MacOS support would be considered from day one, nevermind Win32 support.
Did you know that Chilliware released their shiny happy little Apache configuration tool for Solaris as well? For them, it's probably just another "make" away.
Build it right from the beginning.
A Pirate and a Puritan look the same on a balance sheet.
Sorry - this is blatantly false.
Among its other services, ZK provides a "Freedom Internet Privacy Suite," which is essentially a large VPN. WHen you use their "Freedom Network," you're sending the data through a 128-bit encrypted network prior to hitting the internet at large. All the rest of the Internet can tell is that you're coming from Zero Knowledge.
When you start with a programming staff that is clueless about making a product portable from the outset, and then try to retrofit it to a single distribution of Linux, instead of trying to make it portable to all of Unix during the Unix porting, or even during the original development, then I can fully understand why the product must have been crap (even for Windows).
By the way, their marketing must have sucked, too, because I never heard of them. I'm not opposed to buying software for Linux, even if it is binary only. I have done so in the past. The only exception is I won't load a binary only module into my kernel. But these guys simply missed the boat, in both development and marketing, it seems.
This is often the problem with products which start out for Windows and later get retrofitted to Linux. The original developer(s) only know Windows and probably never wrote portable code in their lives. And then when they think Linux might be something to market for, they make the second mistake of choosing a particular distribution, and again screw up the whole idea of portable software, making something that doesn't work on other distributions, or other Unix(-like) systems which lots of people do use.
Of course, there is also one issue to consider. Competition in the open source free software community is tough. The price can't be beat, the quality of a lot of it is superior to anything you can get commercially (usually because it's not released until it's really ready, after lots of smart people beta test it), and the support comes from people who in the community who are real programmers and actually use it, instead of someone who couldn't get a job doing programming.
So I say "bye bye" to FREEDOM Internet Privacy Suite. Obviously I didn't need ya, and you've finally realized that yourselves.
now we need to go OSS in diesel cars
None of this is true for the Linux community!
Rather than spending our time and effort whining to one or another closed-minded, short-sighted, software vendor "that there are also preferences for other operating systems," we should be working to either make the products from those vendors irrelevant (as this product already seems to be, for the most part) or to duplicate the functionality in an open or free product.
In the few cases where some piece of software can't be duplicated, and where you really like or need the product, go out and plunk down some cash: you'll have slightly more influence with most companies as a paying client than as joe-random-whiner who is just has an axe to grind, and, by increasing the income stream for the Linux version, you'll make it more likely that the company will see the Linux market as profitable.
Rememeber, we don't need their products, they need our business. If they don't want to let us play ball in their little yard, we can go play in the public park, without them. By the time these bozo's wake up and realize which way the wind is blowing, it will be too late.
They don't want your email, idiot. They want you to buy their stupid software. I never heard of Zero*, and from what it sounds like, Linux users think that their software is crap.
Someone you trust is one of us.
Linux does not (and cannot) address the single most important (and non-free) feature of Freedom: the ability to access the Internet anonymously.
The Freedom Network provides this by allowing your system to cryptographically and transparently communicate with its network, having your requests "pop out" of their network at a random point to reach its destination.
This makes your use of the Internet untraceable, unless you identify yourself and allow session management facilities to take hold.
I too tried to get Freedom client to work on my Debian GNU/Linux system, to no avail. I had hoped that it would work someday.
Freedom is a service I would paid for, if it were to work on my platform (which now seems more doubtful than ever).
My car gets 40 rods to the hogshead, and that's the way I likes it!
Users that previously used the free Linux version will need to purchase Freedom and upgrade their operating system to Windows 98, 2000, or ME...
I tried to upgrade but I couldnt find a Windows.rpm anywhere. Pity, I really wanted an OS that's stable flexible powerful and free instead of this Linux crap....
-he who laughs last, is a bit slow.
journal
Freedom is no longer available for free.
I need more coffee to fully comprehend that.
The phrase "zero knowledge" will no longer be associated in any way with the Linux community. So, what's the problem?
There's an awful lot of counterspin and uninformed opinions being shot around here. I feel ZeroKnowledge doesn't deserve some of this off-topic criticism. Criticise for dropping linux, which is tragic, but please don't start making assumptions about the software, the network, or the system without understanding it. firstly the name ZeroKnoledge is a play-on-words on both zero-knowledge proofs in math, and the fact that the company feels you should never have to trust them with your privacy (the system is impervious to subpeona because it has zero-knowledge of your activties). It's a trust-no-one system. the Freedom network is more than just a proxy tunnel. It's a blind proxy tunnel in that ZKS itself can't tell who you are, where you're coming from, and where you're going. It's also not under ZKS control alone, a huge portion of the nodes are run by idependent operators, who control their own private keys. thus a paranoid individual can even select to make routes entirely through these if they still don't trust ZKS to be doing their job. It's much harder to compromise systems and the network that way. While michael's experience installing the software on linux was a disaster, I have to point out that he tried it on debian, not redhat, which was the supported linux platform. the zkshim is a kernel module with very kernel-specific requirements. What was described as non-trivial was installing from source, and oddly enouhg there's probably a good techincal reason redhat was used, otherwise the company would have packaged it for other distros as well. BTW some ignoratus writes that it would be nice to open-source the client-code late... It already is, or did you think your could compile without it? this is the only privacy-company with the integrity to have released code to both the client and the anonymizing shim, and their white papers include protocol and crypto specs for review. Most importantly they provide a threat-model which clearly explains what the system is designed to counter. personally I have used Freedom both on windows and linux daily, both at the office an at home from behind a linux firewall with DSL hookup, without any major glitches. While it really sucks that linux is being abandonned, the product was quite functional, so this is probably a result of a business decision. The loss for the linux comunity is great; the loss for ZKS could be greater. But please remember that all is not dead for linux. the source-code still lives, should anyone want to re-implement it.
Your email has been returned due to insufficient voltage.
I will pay for a given piece of software with money. I will pay for a given piece of software with time and effort. Very rarely will I do both.
Although KDE has no download managers, it does a greater range of religious software than is available for another platform, including a handy bible study program and a biblical quote generator. Therefore, rather than being the OS of "1337 h4x0rs", Linux is the OS of all good, honest God-fearing people. Rather than being a "strange anomoly", Linux is an operating system with impeccable moral credentials and is the obvious choice for all good citizens. And, as we all know, the only people who need privacy and products such as Zero-Knowledge are those evil scoundrels who have something to hide. Therefore, the fact that the Linux community, with its inherent honesty and strong belief in the teachings of Christ, shunned Zero-Knowledge is no real surprise.
--
--
Donald "Don Juan" Kerr
Just to show it, My Linux UPC is 761480502506 and it's ISBN number is 0-9672852-3-2. My office suite UPC is 614647624897 and it's ISBN number is 1-892488-06-X. My Linux Manual is UPC 783254035027 and it's ISBN number is 0-07-212940-9. Many Slashdot users are not leeches. Don't stereotype us. We are individuals, not a collective. I know I could have downloaded all of that for free. My desk at work is tied into an OC38 line. (I checked a DSL speed check site and clocked 40 MEG at my desk) It wouldn't have taken long to download, but I support getting this stuff on the shelf out to the masses, hence supporting the retail distro's.
The truth shall set you free!
So to those in the know, it's a pretty good name. When a user doesn't need to disclose their personal information, they don't have to.
Commercial software is supplied with manuals. Those manuals normally have screen shots. A company can't release a manual showing screen shots if they don't know what the GUI will look like. Tech support can't walk people through troubleshooting if they aren't familiar with the GUI on the person's machine.
Imagine the average tech support session:
support: "Click on the Start button"
user: "The what?"
support: "It should be a button in the corner of your screen."
user: "In the lower left?"
support: "Yes."
user: "Mine has a picture of a penguin in that corner."
support: "Try pressing that."
user: "Now the bar at the bottom of the screen went away"
support: "What GUI are you running?"
user: "I'm not running Gooey. I'm running Linux."
support: "The GUI is what controls the windows on your screen."
user: "I'm not running Windows..."
support: "What version of Linux are you running?"
user: "I don't know. My boss installed it and he's at a meeting."
Welcome to the real world.
Face it: Linux is harder to support than Windows. Moderate this down if you want, but it won't change that fact. How many times have you seen a product released for one distribution of Linux that won't run on some other? Your support staff has to be familiar with Gnome, KDE, IceWM, and every other GUI that's been pasted on Linux.
There is a Linux contingent that gleefully proclaims that the various distributions and the flexibility of Linux makes it superior to the one-size-fits-all installations of Windows. Well, those choices and the flexibility are what makes it so expensive and difficult for companies to support.
You want companies to support Linux? Then there has to be standardization:
1. Pick KDE, Gnome, or some other GUI and cease development and inclusion of the others.
2. Standardize where files go, a minimum file set in any standard install, and so forth.
3. Stop releasing distros that break things. If company X produced a product for Windows 95, six years later, it probably runs on Windows Me and probably ran on every version in-between (Windows 95 OSR2, Windows 98, Windows 98 Second Edition). There's a very good chance that it runs on Windows NT and Windows 2000, too. Compare that to the dismal compatability between different versions and distributions of Linux.
4. Stop competing with every company that releases a commercial linux product. If a company invests 5 man-years creating an innovative commercial product for Linux, within six months of its release, there will be a GPL copycat program to perform the same function for free.
When you consider the limited market share that Linux has combined with the aforementioned problems and "herding cats" lack of standardization and it's no wonder that it does not enjoy a wealth of commercial titles.
Ha. This is my favorite phrase coming from most Linux users, because it is so typical of the predominate attitude in the community. Linux users never pay for anything -- they complain when a company goes pay-for-play with support, they complain about difficult to find cvs systems or when a download is too big (but available on CD for $30), they complain if an O'reilly book doesn't have a web parellel. And yet, whenever one of these "mostly for free" service goes under, somebody pulls out that line..."I would have paid."
Then goddamn it, why didn't you? Because the software was beta? Because it required a little hacking? This never would have stopped you if it was GNU licensed software with a Makefile or an rpm and available on every street corner distro ftp.
I'm an OS-X user, and I have to fight for nearly every piece of software I use -- fight x86 only binaries, Linux makefiles that are unfriendly to BSD at times and unfriendly to the G4 at others, and I have to fight against companies who think that, since Classic will run their software with 75% functionality and very slowly, they don't need to devote time to a rebuild. And though I complain, I never really let it bother me -- in the Mac world, I'm still in a very elite minority. I don't scream that I would pay for a version of AppleWorks, or a good build of instant messenger. I'm used to Apple getting the shaft from every company out there whose decision makers don't realise that though the market share is small, Apple users buy software like nobody's business. That's right, buy -- not compile or extend or pay for service. And yet, we get shafted by everybody...IBM (and they make our bloody processor, man), Corel, Microsoft, and even Adobe sometimes. It's a way of life for the mac user...you feel everything about your platform is superior, and yet nobody in the computer world will share your joy.
I guess what I'm saying is, if your platform prides itself on the freedom (as in beer) and hackability of most of its applications, you can't complain when a company decides that maybe this platform isn't the right space for them to devote their limited resources on a product which should be unhackable by design. It's more work with very low return, and ain't a CFO alive who will fight for that philosophy -- even if it does mean a free (as in love) society.
Hey freaks: now you're ju
I'm a mac user, dummy, did you read the rest of the post?
Either way, i apologize for being so general as to use the term "Linux users never pay for anything"...but I was trying to be a bit reactive to what is essentially a complaint beyond the scope of Linux development. The OS is made free, and users -- at least, the class of users most vocal in the realm of Slashdot -- often complain when any development for their OS is closed, made available for fee only or stops production entirely. This is, you have to admit, a little silly under the paradigm that programmers should release everything free for modification and manipulation; if an app is closed, it was never GNU-Linux to begin with (the old Straight Edge philosophy that, if you aren't now, you never were). Freedom is a perfect example of a software company not understanding what Linux is -- a tremulous entity with no reliable reference installation and no absolute commonality of libraries. A windows company tried to bring their software, designed by programmers used to unhacked, straightforward platforms (so straightforward they apparently didn't account for advanced settings, advanced connections or advanced users), to a platform that is neither stragihtforward nor unhacked. And they gave up on it -- just like so many others have given up on the idea that Linux is a viable commercial platform, because it is so difficult to be sure what goes into it. Part of this is due to the lack of common libraries and APIs, something Linux users are proud of, and to a certain extent should be. Part of it is also that Linux users are too well informed to pay for a product that's already been built, for free, and requiring only a moderate amount of monkey wrenching before it works better than a commercial product with set abilities, set preferences and set failings.
If you buy commercial distros and don't hack them, if you rely on RedHat out of the box and never use Make or rpm or vi, you're a different type of user entirely (and, consequently, one who has no right to 'dis the windows crowd because you're essentially no different...same mindset, different OS).
Hey freaks: now you're ju
Suppose you came up with a novel product/service for Linux. It turns out to be so good that Linux users are actually buying it. It runs on most distros. You're making making good money and a name for yourself in the community. People like you.
Now, you decide that you're going to branch off and do a Windows port. Hey, its a big market, right? So you hire on some Windows programmers and start up a Windows version...
What would you do? Simple - ditch the Windows product, and tell your existing Windows customers that if they want to keep using your product/service, you recommend they switch to Linux.
ZeroKnowledge is simply focusing on profits, and they'd be remiss as a company if they didn't. There is no conspiracy. They simply had the intelligence to realize that, "Hey - our Linux product sucks and we're losing money on it," and act accordingly.