ZeroKnowledge to Discontinue Anonymity Service

VulgarBoatman writes: "ZeroKnowledge, providers of Freedom.net and Freedom privacy software, have abruptly decided to stop providing anonymous web browsing and private, encrypted, untraceable email for its customers. They give users 7 days before the system is shut down and all untraceable email addresses are disabled. They also say that your "secret" identity may not remain a secret for long." Well, note that that last link is a warning about using the service during the shutdown period, not a warning that they plan to compromise nyms in general. At least they're offering a refund. Update: 10/04 19:00 GMT by M : ZKS has a statement in the comments below.

the old bait & switch

[jpellino]

in this case, bait & bail

In true .com fashion

[alen]

I bet it was a free service. Or a very low cost one.

Re:In true .com fashion

[VulgarBoatman]

Nope. $59.95 for 5 identities - each good for a maximum of 1 year.

Re:In true .com fashion

Since its plain you don't know anything at all about the service, whatever moved you to share your lack of insight with the rest of us??

Re:In true .com fashion

This is Slashdot. We share useless crap for the sake of it. Take Mr Goatse as an example.

I think it has something to do with the linux gay conspiracy, where we all have a fetish for scatology, or something.

Refunds?

[Telecommando]

Do the paying customers get their money back?

Re:Refunds?

[Chmarr]

The "At least they're offering a refund." in the article body above would imply "Yes".

Re:Refunds?

[weslocke]

Yanked from the release:

REFUND POLICY - FREEDOM PREMIUM SERVICES

Eligibility
All users who have purchased Freedom Premium Services since January 1st, 2001 are eligible for a full or partial refund under the conditions specified below.
As an alternative, all users eligible for the refund can choose to obtain free of charge Freedom Privacy & Security Tools 3.0.
A valid Order Confirmation Number will be requested in order to obtain the refund or free copy of Freedom Privacy & Security Tools 3.0.

Refund conditions
Your purchase date of Freedom Premium Services will determine whether you are eligible for a full or partial refund.
Effective immediately, Zero-Knowledge will be accepting refund requests until November 22nd, 2001.
Purchased Freedom Premium Services on or after July 1st, 2001
Freedom Privacy & Security Tools 3.0
or
Refund at 100% of purchase price
Purchased Freedom Premium Services on or after April 1st, 2001
Freedom Privacy & Security Tools 3.0
or
Refund at 75% of purchase price
Purchased Freedom Premium Services on or after January 1st, 2001
Freedom Privacy & Security Tools 3.0
or
Refund at 25% of purchase price

Purchase price and refund information
Freedom Premium Services was priced at US$ 49.95 prior to June 14th, 2001.
Freedom Premium Services was priced at US$ 59.95 on or after June 14th, 2001.
Zero-Knowledge does not cover fluctuations in currency exchange rates that may have occurred between the date of purchase and the date of refund.

Contact information
All refund requests should be sent to store@zeroknowledge.com before November 22nd, 2001, and contain all the customer information specified below. Please allow 10 to 14 days for the credit to be applied to your credit card.

IMPORTANT:
Please use your regular email address when corresponding with Zero-Knowledge to ensure appropriate follow up from customer service. Please do not send us emails using your nyms to avoid any delays in getting help. Freedom nym mailboxes will not accept any incoming mail as of October 11th, 2001.

Please include the following information:

Specify whether you wish to obtain a refund or the new Freedom Privacy & Security Tools 3.0 as a replacement product.
Order Confirmation Number
First and last name
Your address
Your regular email address (not your nym address)
The last 4 digits of your credit card (used for the purchase of Freedom)

Freedom Privacy & Security Tools 3.0
Our new product includes the following features and improvements:
Improved Personal Firewall
Form Filler / Password Manager
Ad Manager
Cookie Manager
Keyword Alert
A new user interface, designed to improve your Internet experience
More flexibility to set up and configure each feature
A new Privacy & Security Guide to help you increase your understanding of the Internet

Re:Refunds?

[Sawbones]

Quote the news post:

At least they're offering refunds.

Re:Refunds?

[HiThere]

Freedom nym mailboxes will not accept any incoming mail as of October 11th, 2001.

I would say that this makes their reason pretty clear. I don't know whether there was outside pressure or not, but judging by the date, I'd guess not. That's exactly one month.

this blows

[gregclimbs]

this was the best anonymizer that existed. I used it personally as a great tool for testing our site from inside the firewall (while appearing to the site like I was outside).

Not a good day :(

Re:this blows

[AssByte]

Try www.safeweb.com - I use it for this exact purpose.

Uh oh...

Did the NSA threaten them too?

Re:Uh oh...

[bliss]

"Did the NSA threaten them too?"

I would find it interesting that the NSA would ever directly threaten someone might blow their cover. I might feel honored. Kind of like a visit from the devil.

Re:Uh oh...

They're in Canada, so the NSA wouldn't directly have authority.. right?

Re:Uh oh...

I'm Canadian, and take it from me - Canada isn't a real country, anyway.

Re:Uh oh...

Mister Bouchard, it's time for your Demerol.

Re:Uh oh...

First, it's "Canadia". Second, it was ceded to the US by the United Kingdom in 1949, becoming the 49th state. (The 50th and 51st were Alaska and Hawaii, but by arrangement the US flag had no star representing Canada, which has been allowed to keep its charming Maple Leaf logo.)

Re:Uh oh...

Ah yes, sweet Canadia... like no other state in the union!

Just great

[bliss]

Another idiot giving up when they shouldn't.

Re:Just great

Please follow their lead and just die. Not everyone gives a shit about malcontent bandwagon ballerinas like yourself.

Glad i didn't sign up..

[milkme123]

.. but doesn't it seem a little strange that this comes in the wake of september 11th? Who's pressuring them to discontinue annonymity?

Re:Glad i didn't sign up..

[VulgarBoatman]

I made this point in the submission, but Michael took it out. I have also asked ZeroKnowledge the same question, but have not received an answer yet.

Re:Glad i didn't sign up..

It was me.

Re:Glad i didn't sign up..

If he was for a Global Dictatorship.

Wouldn't he also be for Gun Control.
No dictator ever survived long in power with an armed population.

Re:Glad i didn't sign up..

[robogun]

I don't think anyone pressured them. I looked at their service some time ago, bookmarked but didn't sign up. This was back in May or June. At the time they had a free version of privacy 2.something. All I wanted it for was the ability to fil out web forms with fake information for antispam work. I decided to go with it and went back a week later, only to find thiir entire site 404. I checked it again a few days later and the free download was gone. I wasnt going to pay $49 for a prog with a feature I am too lazy to write myself. For all I know their prog justs generated random info without attempting to correlate city, zip and areacode.
My guess is they are on the dot-com ropes and need cashflow.

Not so bad though is it?

[rm-r]

It's a shame sure, but like the article says- it's all down to people finding other ways to do it themselves rather than rely on somebody else. It would be nice if they gave advice to their existing nyms on how they might be able to maintain their privact though

Re:Not so bad though is it?

It is. There is NOTHING remotely close to this in security.

Bad business model

[Quasar1999]

My question is, how did billing for the service work in the first place?

Umm, account #12344234 owes us $300... but we don't know who it is, or where he lives...

I think their business model didn't work... the collections department had nothing to do...

Re:Bad business model

[cd_Csc]

And how are they giving refunds? "Please send my refund check to [home address] or deposit it directly to my credit card [account number]."

Why are they stopping service?

[jgerry]

I'm curious as to whether the motivation is financial or some other reason... Maybe in the wake of all this terrorist bru-ha-ha about encryption and anonymity, someone (or more likely, some government entity) approached them and they, ahem, decided to stop.

I truly hope that's not the reason...

Re:Why are they stopping service?

It seems that the betas of 3.0, which were out before 9/11, didn't include anonymous networking. That would give creedence to the pre-planned theory.

Re:Why are they stopping service?

I'm curious as to whether the motivation is financial or some other reason...

My guess would be liability fears. Justified or not, in the current paranoid environment if it was discovered that the service had been used by terrorists it would be an ambulance chaser's field day. Given that it probably wasn't a very lucrative venture, the legal risks far outweigh the fiscal advantages.

To paraphrase Chris Rock, I'm not saying they should have done it, but I understand.

Sept. 11

[grub]

My money says it's all because of the September 11 attacks. From being a "cool" thing, companies offering anonymity services seem to be less cool in the eyes of the unwashed masses.

Re:Sept. 11

[jazman_777]

My money says it's all because of the September 11 attacks. From being a "cool" thing, companies offering anonymity services seem to be less cool in the eyes of the unwashed masses.

Face it, it's a seething cauldron of terrorist plotting! Well, probably is. OK, could be. Make that: probably isn't but is a convenient devil whom we can slay in the name of (holy cause of the day).

Re:Sept. 11

[FortKnox]

If bullshit was gold, Slashdot would be Fort Knox

I take offense at your signature!


;-)

Re:Sept. 11

Actually, I was told from an employee there that they don't have cash to last through december.

Re:Sept. 11

[Pope]

Well, you may or may not remember anon.penet.fi

Anonymous remailer and mail -> Usenet gateway which I had to use because my University didn't allow non-CS students to post to Usenet directly.

Was shut down in 1996 due to spammers and legal concerns of email privacy in Finland. But while it worked, it was great!

Re:Sept. 11

[4of12]

My money says it's all because of the September 11 attacks. From being a "cool" thing, companies offering anonymity services seem to be less cool in the eyes of the unwashed masses.

Sadly so.

The "unwashed masses" won't find anonymity "cool" until the government becomes overtly repressive, say along the lines of the governments of Afghanistan or Myanmar, for example.

Of course by the time a repressive regime is widely recognized, it will be too late to officially re-introduce anonymity as an effective tool for, and guarantee of, free expression and political dissent. Citizens will have to make do with only those rights embedded in the Constitution two hundred years ago that are practically difficult to rescind.

I'm not surprised, but sad nevertheless, that our leaders are reacting without giving thought and credence to liberties that promote and enhance a free society; proposed legislation seems to me rather more hurried and less thoughtful than, say, the legislation after the American Revolution (except for Alien & Sedition Acts).

Re:Sept. 11

[Caraig]

anon.penet.fi was primarilly shut down as part of the incidents involving a critic of Scientology. Said critic used the anonymous service to post the OTVII materia to alt.religion.scientology, and the Co$ prodded and hounded the guy who ran anon.penent.fi to produce the name of the person responsible. He refused.

The incidents of spammers and child porn allegations (none of which were ever proven) were just nails in the coffin. It would not suprise me if the fellow was subjected to the policy of "fair game" to be set up, battered, and eventually run into the ground.

Re:Sept. 11

[uberdood]

My money says it's all because...

did anyone else read that as: My mommy says...

Re:Sept. 11

[harlows_monkeys]

Back in the anon.penet.fi days, I was looking around for a topic for a paper in law school, and briefly considered something related to porn on usenet, so I spent a couple weeks gathering all the porn that came through my newsreader. I saw quite a bit of child porn from anon.penet.fi posters during that time. I don't see how you can see these things weren't proven.

anon.penet.fi was a perfect example of someone doing something because he thought it would be cool, rather than because it served any real purpose. In nearly 20 years of usenet reading, I don't think I've ever seen something come through an anonymous mail to usenet service that was worth reading.

Re:Sept. 11

[kubrick]

Back in the anon.penet.fi days, I was looking around for a topic for a paper in law school, and briefly considered something related to porn on usenet, so I spent a couple weeks gathering all the porn that came through my newsreader.

Ah, so that's why you did it.

Sure, I might believe you... thousands wouldn't. :)

SAFEWEB is still there.

[bodin]

http://www.safeweb.com/ is still there.

Re:SAFEWEB is still there.

[danielobvt]

Do you recall who one of the big backers of safeweb is?
Somehow I strongly doubt the CIA can't get in there if they want to.

Re:SAFEWEB is still there.

The cool thing about ZeroKnowledge is that they provided complete anonymity over any network connection. I could go on IRC and be completely anonymous -- not true with SAFEWEB :-(

Does anybody know of a company that provides a similar service?

Hushmail...

...but I see that hushmail is still in operation.

Re:Hushmail...

I agree with you here. Not to mention during their "upgrade" my old mail was inaccessible for months. I hate their crappy javascript interface with frames. It's just horrible.

check the math dude....

They give users 7 days

According to the notice it links to, service will dicontinue on Oct 22. That's 18 days, not 7.

Re:check the math dude....

[Red+Aardvark+House]

Yes, according to the article all services shut down by Oct. 22nd.

Incoming e-mail servies shut down Oct. 11th as a result of most of their servers being taken offline. So you have 7 days to notify people you're changing your e-mail address.

Re:check the math dude....

[VulgarBoatman]

On October 11th (seven days from now), mail addressed to an identity/nym will start bouncing, and users will no longer be able to send mail from an identity/nym. That is, all functionality will end on Oct. 11th. Users will still be able to view mail (but neither send nor receive) until the 22nd.

Re:check the math dude....

People always give a margin for these things. Sysadmins will say "system will reboot in 30 minutes, log off now!". 30 minutes later another warning: "system will reboot in 15 minutes, log off now!". 30 minutes later another warning: "system will reboot in 10 minutes, log off now!" etc. When I see the first announcement, I know I have a good 2h left, enough to complete my assignment before the reboot.

Re:check the math dude....

They are probably waiting for you to log out =P

Of course...

[MKalus]

...

whoever would think now that they stop it because of what happened in NYC or the slight possibility that someone actually might have used to plan this has nothing to do with it.

Sorry for the sarcasm, let's see how long it'll take until safweb decideds to shut down as well.

Alternatives?

[broody]

Does anyone have a decent list of potential alternatives? The nym thing was too cool.

Re:Alternatives?

[matrix0040]

as ppl have pointed out .. one is safeweb.com another alternative is idzap.com

A great pity indeed

[tomknight]

A good service, no, a great service ending. I guess it was too good to last.

Tom.

History repeats itself

[CaptainAlbert]

Remember anon.penet.fi?

This is even more depressing, because this time the company running the service has pre-empted the government pressure to shut down, and gone ahead and done it before the lawyers arrive.

Eek. DOes anyone else get the feeling that the terrorists might actually be winning?

Re:History repeats itself

[Flakeloaf]

What happened to them anyway? One minute addresses from that domain seemed to be everywhere (whether you wanted to see them or not) and the next minute poof.

Re:History repeats itself

[mindstrm]

Maybe it's good, and smart.
If they shut down now, and wipe records.. it's legal.
If they wait until lawyers and Feds arrive.... everything would be compromised.

Re:History repeats itself

[ktakki]

What happened to them anyway? One minute addresses from that domain seemed to be everywhere (whether you wanted to see them or not) and the next minute poof.

Collateral damage from the $cientologists' war against the Internet (circa '95 or '96).

The Co$ got Finnish authorities to subpoena anon.penet.fi's records. The operator, Julf Helsingius [sic?] closed up shop, saying he couldn't guarantee the anonymity of his users anymore.

There's probably something about it in WiReD's archives.

k.

Re:History repeats itself

[HiThere]

Does anyone get the feeling that the government might be doing what it wanted to do anyway?

There seem to be a few reasons here, but that just makes it more convenient for them.

I don't know what the terrorists were after, or what they were working. So I can't guess whether or not they are winning. OTOH, what the local authoritarians want is pretty clear. And they are certainly using this to get a lot of what they want. Many of their "protective measures" don't protect anyone. Perhaps it's just to make it look like they are on the job, and make everyone feel good. That's the optomistic viewpoint.

Re:History repeats itself

[Flakeloaf]

Thanks I'll poke around (which I should've done before asking stupid questions but it got you modded up so no all's well :>)

Nuts, that place was a source of some very interesting people. (anon.petnet.fi I mean, not the crutch). I probably won't see Travolta in person, so I'll have to go around to his next movie premiere and kick the paying public in the nads.

Re:History repeats itself

I certainly remember. It was a lot of fun. Especially when used in conjunction with blackmail to forge the address you sent from :)) I remember sending a mail to one of these alt ng saying I was a single asian female looking for a serious companion. The retun adress in anon.penet.fi was my friends email. It was not even funny to see the number of loosers who wanted to meet her (he's a him tough).

Oh well, soon will need to send the email content to NSA for approval before sending. I think we'll return to pigeons.

who am I again???

-Anonymous Coward.

Security Warning

[AndroidCat]

Their security warning is quite good, and explains the problem clearly. I'll give them a point for that at least. (They could have just kept mum about it, since there's only a few weeks to go.)

This is an opportunity

[sting3r]

Certainly, the loss of one more tool in the fight for online privacy is a Bad Thing(tm). But we also need to examine the upside to this event.

First off, when ZeroKnowledge closes, all of its customers will be forced to find another provider. That will make the other providers 1) more profitable (assuming they aren't taking a loss but making it up in volume, like Amazon); and 2) more effective. As mentioned in the warning to their customers, low volume makes it easier to correlate traffic entering their system with traffic leaving their system. When such a system gets sufficiently large, it will be very difficult to correlate input streams and output streams, because of the sheer number of possible matches.

Secondly, the closing of another anonymity service will make it harder for terrorists to operate on the internet. They will have one less place to hide. And that has a positive effect on law-abiding netizens - because when communications are more traceable and less anonymous, the government will have fewer excuses to pass legislation that gives law enforcement more snooping powers. And that benefits us all.

-sting3r

Re:This is an opportunity

[malkavian]

Secondly, the closing of another anonymity service will make it harder for terrorists to operate on the internet.

But, as just about all the security agencies with a clue keep admitting, terrorists don't use the internet because it's just too insecure.
So closing down all the privacy sites does nothing to hinder the Bad Guys(TM), it just bugs the ordinary guy.

Malk

Re:This is an opportunity

[jazman_777]

So closing down all the privacy sites does nothing to hinder the Bad Guys(TM), it just bugs the ordinary guy.

So what else is new? It's all part of Anarcho-tyranny. This is the method of governance by which the State (everyone bow down now!) allows a certain amount of mayhem to go on, cracks down in general on liberty, and in the end the State (bow down!) has more power and more control, but the mayhem just keeps on. Repeat after me: "war on drugs".

Re:This is an opportunity

What about that earthlink account that the FBI kept talking about regarding the 9/11 attacks? I don't buy your theory. Email is a quick, cheap way to communicate from across the globe and there's no reason to believe terrorists wouldn't use it. There's just too much data to sort through for the NSA to catch them in time.

Re:This is an opportunity

But, as just about all the security agencies with a clue keep admitting, terrorists don't use the internet because it's just too insecure.

Don't be too sure about that. These terrorist bozos -- aside from being astoundingly arrogant -- had some staggering lapses of judgment.

They seemed to have walked a very thin tightrope -- some aspects of their so-called "plan" were devised with great care but other aspects were apparently rushed and cobbled together without any real sense or direction.

Don't give these guys more credit than they deserve. They talk is that they're "savvy" or that they're "smart" -- well, maybe. Sometimes. But not all the time. And the proof of that is how quickly the international dragnet is closing in on various sources and secondary sources.

This isn't like gun control where the argument goes: take the guns off the streets, sure, but the criminals will still have the guns. (I agree with that.)

But it's different here. These guys are nuts. Most of these guys are dim bulbs. They're monomaniacs. And, yeah, this monomania will be their undoing. I wouldn't be surprised if the internet -- the mainstream, boring, unencrypted internet -- will play a key role in their undoing -- if it hasn't already.

Re:This is an opportunity

But not all the time. And the proof of that is how quickly the international dragnet is closing in on various sources and secondary sources.

Yes, they are definitely being productive and demonstrating that they are responding to the disaster effectively by finding lots of witches to burn. It seems these witches are EVERYWHERE if you only seek them out!

Re:This is an opportunity

[pslam]

Repeat after me: "war on drugs".

I prefer calling it the "war on some drugs" - the drugs the current administration doesn't like for whatever reason. Tea, coffee, beer and cigarettes don't contain drugs apparently.

You could also more accurately call "the war on terrorism and supporters of terrorism" instead "the war on some terrorism and some supporters of terrorism". The US has been and still is a supporter of terrorism. Example 1: funding terrorists in Ireland. Example 2: giving the Taleban (about) $60m to "stop producing opium", which of course they didn't.

So, "the war on some drugs" is partially responsible for "the war on some terrorism and some supporters of terrorism". Evidently the US understands irony better than anyone else.

Re:This is an opportunity

[Gregg+M]

I prefer calling it the "war on some drugs" - the drugs the current administration doesn't like for whatever reason. Tea, coffee, beer and cigarettes don't contain drugs apparently.


<troll> Gee isn't sugar a drug? How come that isn't outlawed? </troll&gt

are you gonna compare coffee with heroin?

Re:This is an opportunity

Your absolutely wrong in your first statement... Privacy and anonymity are completely different. Sending a friend and email or purchasing something online should be private to those involved. At least you know who's sending the email or credit card number. Anonymity is doing something and hiding your identity, that we do not need.

Re:This is an opportunity

[dillon_rinker]

This is either good for anonymity or bad for it. You can't argue both sides.

When Zero Knowledge closes...[that] will make the other providers...more effective.
...the closing of another anonymity service will make it harder for terrorists

These services make no effort to determine who you are or why you use their service. If they're more effective (presumably for the likes of you and me), they'll be more effective for terrorists, too. If it's harder for terrorists, then it's harder for all of us.

Re:This is an opportunity

[Karl+Cocknozzle]

are you gonna compare coffee with heroin?

No, but I will equate pot with coffee. (It's a better analogy anyways since over half the people arrested for "Drug" offenses are arrested for weed.)

The simple truth is that simple regular coffee is more harmful than weed.

The LD 50 for caffeine (amount that would kill 50% of individuals in a test group) is 10g delivered orally. Since a Mt. Dew soda contains 55 mg of caffeine, drinking a case of Mt. Dew could kill some people.

Whereas there is no known lethal dose of THC (the active ingredient in pot)...

But pot is illegal even though coffee is statistically "abused" by more Americans than pot even though pot can't directly be a cause of death, and coffee can.

Yeah, that makes sense.

Re:This is an opportunity

[pslam]

Gee isn't sugar a drug? How come that isn't outlawed?

At least you see the point I'm making, then. Where's the arbitrary line drawn? The list of banned substances has more to do with unrelated historical acts than social issues. For example, hemp was banned primarily because it was competing with the production of paper using pulp - this has translated to a social issue pretty much through misinformation.

And why isn't alcohol banned? Again, it's to do with political agendas - which was the point I was trying to make to emphasise "the war on some terrorism". If it were truely the "war on terrorism" then the US should be cutting links with the IRA and sending troops into Ireland as well as bombing their own country.

As it stands, the "war on terrorism" is yet another example of politicians trampling over graves to further their own agendas. The lack of definitions of "terrorists" and "supporters" means it's pretty much a handy excuse to kick around anyone they don't like for a while.

Re:This is an opportunity

[ichimunki]

um, just what the flipping heck is "anarcho-tyranny"? It's total nonsense, I'm guessing. Anarchy defined means "having no ruler". Tyranny defined is "oppressive power exerted by government". You can't have tyranny without rulers, you can't have rulers with anarchy. If you mean that the government allows certain types of destabilization/terrorism, then just say that. But if you walk down the streets of America, I think you'll find most citizens support the government, i.e. believe the war on drugs is a good idea. So let's not paint this as some conspiracy to contrive absolute power for a few. Let's call it what it is, a culture with certain attitudes-- one of which is that it is apparently better to be "safe" than "free".

Re:This is an opportunity

[Rog7]

This isn't like gun control where the argument goes: take the guns off the streets, sure, but the criminals will still have the guns. (I agree with that.)

Maybe it's my Canadian perspective, but I can't help but think that attitude is completely backwards. IMO there is no such thing as non-violent intent in the use of a firearm, but in contrast the majority of anonymous communication is used without violent intent.

Either would still be available whether or not it were banned to the general public, so why argue in favour of keeping the directly violent tools yet ban the tools used mostly peacefully?

I don't see anything to celebrate in the loss of any anonymous service, for any reason.

Re:This is an opportunity

[jazman_777]

So, "the war on some drugs" is partially responsible for "the war on some terrorism and some supporters of terrorism". Evidently the US understands irony better than anyone else

As I said in my first post about it:

"It's all part of Anarcho-tyranny. This is the method of governance by which the State (everyone bow down now!) allows a certain amount of mayhem to go on, cracks down in general on liberty, and in the end the State (bow down!) has more power and more control, but the mayhem just keeps on."

Essentially, in some ares, there is anarchy (say, inner cities), aka "mayhem".

Re:This is an opportunity

[DCheesi]

The LD 50 isn't really relevant. The issue is long term damage, not immediate death. Something that is lethal in the short-term at high doses may be relatively harmless when taken long-term in smaller doses, or vice versa.

The dosage makes all the difference. Several types of venom and toxic substances are used therapeuticaly in small doses; the best example is botchulinum(sp?) toxin, which I'm sure has an LD 50 *way* below caffeine's, yet is used as a localized muscle relaxant in a number of medical treatments.

Re:This is an opportunity

[mpe]

The list of banned substances has more to do with unrelated historical acts than social issues. For example, hemp was banned primarily because it was competing with the production of paper using pulp - this has translated to a social issue pretty much through misinformation.

Depending which story you believe it could also have been the use of hemp for making rope...

And why isn't alcohol banned?

That's been tried, problem is that the results of prohibition were worst than the "problem" it was intended to address. The same is probably true now, legalise the lot and most of the problems may well disappear.

Re:This is an opportunity

I suggest that you study anarchy--which has nothing to do with "making bombs" or other stupid violent stuff. Anarchy is not mayhem like you say, but rather a simple political perspective, aka anti-authoritarianism. Just like some ignorant peolple think that everyone who uses "drugs" is somehow impulsive, evil, or lazy, you seem to be among the majority of ignorant idiots that think that everyone who is an Anarchist is somehow involved in bomb-making, violence, property damgage, or evil. The real culprit in this case is the media. The last thing our (or any) government wants its citizens to realize is that it(government) is unneccessary.
Therefore, just like it normally does, it slanders and misrepresents what Anarchy really is.

Absolute bullshit like "The Anarchist Cookbook", and so-called "Anarchist" web sites that appeal to violent criminals and terrorists only serve to strengthen this WRONG sterotype of what true Anarchy means.

Anarchy is not chaos.
Anarchy is not violence.
Anarchy is not disorder.
If you mean chaos, violence, or disorder, use that word--NOT ANARCHY!!

Anarcho-tyranny doesn't exist!!--that's like saying Many-few or Giant-small.
Don't just use "Buzz" words that sound cool....

Re:This is an opportunity

[Suidae]

there is no such thing as non-violent intent in the use of a firearm,

I really don't care if gun owners are violent or not, as long as they understand that if they are violent toward another person, with or without their gun, they are likely to get their ass kicked and sent to prison.

The way to make them understand this is to make punisment for crimes harsh and public. I have no problem with public floggings in exchange for prison time (ie, you can trade a years worth of prison time for 50 lashes, which are televised at least at the local level). Executions, if allowed, should ALWAYS be televised nationally. If citizens are going to allow the death penalty, it shouldn't be done in secret, out of sight.

but in contrast the majority of anonymous communication is used without violent intent.

The majority of guns are used without the intent of violence to any person. Some anonymous communication is used with the intent of violence, presumably.

Re:This is an opportunity

[Jaysyn]

It was $43M for "Opium Eradication" in May. Thanks DEA. Looks like our "War on Drugs" cost us more than we ever imagined.

Jaysyn

Re:This is an opportunity

There is no long term physical damage of pot use.
(funny how you probably assume that all pot is smoked, not eaten--anything smoked is likely not good for you lungs, however, smoking in moderation and living healthy(exercise/diet) usually will not result in any harm whatsoever)
(Keep in mind that illegal substances are not regulated and therefore may have quality control issues(purity/cleanliness/kosher) that safe regulated food, medicine, and dietary supplements currently have.)

Cannabis is a herbal medicine that evolved with humans. Just like pre-dog wolf cousins were shown to be in the lives of the Australipithacine (pre-human), all species of pot have been in one human culture or another at one time.

You, like most others brainwashed by government media, have fallen victim to the pharmacutical conspiracy--the REAL drug problem.

Don't take my word for it--study alternative medicine and ethnobotany.

Re:This is an opportunity

[Jaysyn]

:This isn't a joke:

The lethal dose of THC is equvilent to a quarter-ton of high-grade Marijuana smoked in 15 minutes. This of course would be impossible, because you would die of smoke inhalation first. (Quick, lets outlaw fire.) Another fact the Gubmint doesn't want you to know. I do however wish I could remember the URL to back up my words.

Jaysyn

Re:This is an opportunity

[Zeno_1]

Actually, here is the reason:

http://www.jackherer.com/book/ch04.html

Re:This is an opportunity

Get real, you lefty-anarchist-poseur.

The opposite of authoritarianism is libertarianism. Anarchy is just that - chaos, violence, and disorder.

Re:This is an opportunity

The LD 50 for caffeine (amount that would kill 50% of individuals in a test group) is 10g delivered orally. Since a Mt. Dew soda contains 55 mg of caffeine, drinking a case of Mt. Dew could kill some people.

55 mg = 55 x 10^-3 g = 0.055 g. 0.055 g/can * 24 cans/case = 1.32 g << 10 g. Moral? Don't do arithmetic when you're hopped up on Dew. That is all.

~~~

Re:This is an opportunity

Point 1b: This will make anonymous services more anonymous.
Point 2: This will make anonymous services less anonymous.

Re:This is an opportunity

[mosch]

The thing is it's really fucking easy for terrorists to operate on the internet.

The signal to say go forth with the plans we made in the OsamaCave, and cause armegeddon could just be a slashdot post saying 'I find Jon Katz to be an incredibly intelligent, well-reasoned, thoughtful writer. His exposition is beyond reproach.'

Re:This is an opportunity

[Kanasta]

How can you say in your 2nd paragraph that closing down a provider will give volume to other providers and enhance privacy

Then in the 3rd paragraph say that communications are more traceable and less anonymous?

Re:This is an opportunity

[youreanidiot]

The lethal dose of THC is equvilent to a quarter-ton of high-grade Marijuana smoked in 15 minutes. This of course would be impossible, because you would die of smoke inhalation first. (Quick, lets outlaw fire.) Another fact the Gubmint doesn't want you to know. I do however wish I could remember the URL to back up my words.

Smokedot.org always has a lot of useful information like this. And it's running slashcode. :)

Re:This is an opportunity

[Mister+Attack]

giving the Taleban (about) $60m to "stop producing opium", which of course they didn't.

The Taleban decided to eradicate the poppy crop in Afghanistan because it was "inconsistent with Islamic principles." This year's poppy crop was, in fact, destroyed. The US Government, recognizing that there were plenty of already-poor poppy farmers who would be left with no livelihood, allocated ~40 Million USD in humanitarian aid, _specifically bypassing the Taleban._ Check out Sec. Powell's statement on the aid shipments, if you like; it's been posted on Everything2, and should be pretty easy to find if you poke around a bit.

Re:This is an opportunity

The LD50 is 10g.

This implies there's some people who 1g would kill, and others who could stomach 100g.

Statistics most definitely != arithmetic.

Re:This is an opportunity

But surely that's something that will get lost in the sea of other positive comments about that superb writer?

Re:This is an opportunity

And the lethal dose of nicotine is even higher than THC. So I guess cigarettes really are safe, after all, they're far less lethal than caffeine!

Re:This is an opportunity

Don't confuse me with facts!

Re:This is an opportunity

[pslam]

The Taleban decided to eradicate the poppy crop in Afghanistan because it was "inconsistent with Islamic principles." This year's poppy crop was, in fact, destroyed. The US Government, recognizing that there were plenty of already-poor poppy farmers who would be left with no livelihood, allocated ~40 Million USD in humanitarian aid, _specifically bypassing the Taleban._ Check out Sec. Powell's statement on the aid shipments, if you like; it's been posted on Everything2, and should be pretty easy to find if you poke around a bit.

It was very difficult to find any information regarding this last I looked (about a week ago). For a start, none of it was linked in any way from discussion of "supporters of terrorism".

The facts you bring here are from the "official" version of events. Officially, the US gave aid directly to the farmers who had their livelihood cut off. Officially, the Taleban destroyed their crops.

Unofficially, it's impossible to make sure that funds go to the people you intend. They get intercepted, extorted or otherwise leached out from the actual victims and taken away. This is what happens in Iraq when relief funds and food arrives - shortly after everyone from the UN leaves, all their supplies get snatched by the army, or even while they're still there.

And as for the crops, there were one or two fields which were destroyed for the cameras (cameras are illegal in Afghanistan strangely enough). They kept enough for state sanctioned sales. There's evidence of just how much opium is still grown in Afghanistan in the massive drug problems reported in the cities. The possibility that this is used as a means to control the population makes it all the more worrying.

Re:This is an opportunity

[Mister+Attack]

Unofficially, it's impossible to make sure that funds go to the people you intend.

Naturally - but we did not send that money to the Taleban so that they would eradicate opium; we sent the money to the farmers because the Taleban eradicated opium. That is the point I was trying to make.

And as for the crops, there were one or two fields which were destroyed for the cameras (cameras are illegal in Afghanistan strangely enough).

Fortunately, the cameras on our satellites can easily tell the difference between a field full of poppy and a field whose crop has been destroyed. I believe the destruction of the crop has been verified, but I am not sure.

It was very difficult to find any information regarding this last I looked

Here's a start: http://www.everything2.com/index.pl?node_id=115999 2&lastnode_id=1159948

Re:This is an opportunity

[Jaysyn]

You are very, very wrong....

Jaysyn

Safe Web

[hendridm]

SafeWeb offers annonymous browsing too...

Shaver

[DarkClown]

Didn't Mike Shaver, who took over JWZ's sopt after he left, leave mozilla to work for these people?
Wonder what he thinks about this...

Re:Shaver

[furiousgeorge]

Mike left Zero Knowledge quite some time ago.....

Re:Shaver

[Mike+Shaver]

I think I left ZKS several months back (on good terms, etc., etc.).

I think that Hamnett's message says it all (they couldn't afford to keep operating the network, because of that traditional operating-cost-vs.-revenue balance).

I think that gov't pressure -- should any have actually existed; I don't recall much such pressure from when I was there -- had nothing to do the decision.

I think they picked a very hard market nut to crack, and chose a very high bar for the level of security and privacy they were going to provide.

I think the market didn't share their (our) enthusiasm for that level of service, perhaps unfortunately.

I think a lot of people have talked here and elsewhere about how the Freedom network could have been done better, from technology or marketing or whatever perspectives...

...but I think nobody has done a better job so far of that type of network service.

I think they've learned a _lot_ about protecting privacy and helping other people and organizations protect privacy.

I think there's a market for that knowledge, and good applications of it.

I think they're going to be OK.

I think you shouldn't really care what I think.

(I think Craig's still a dork.)

Looks like more of a business model switch

[Lawmeister]

"Zero-Knowledge is introducing Freedom Privacy & Security Tools 3.0, the next generation of its online security software for consumers. This new software includes a personal firewall, form filler/password manager, ad manager, cookie manager and keyword alert. As a result, we have decided to focus our main development efforts on this product as well as other software solutions providing online security.

As such, I regret to inform you that Freedom Premium Services - Anonymous Web Browsing and Private Encrypted Email - will be discontinued as of October 22nd, 2001. Please refer to the detailed Freedom Network shutdown timetable below"

So basically they are winding down their subscription based business model, leasing nyms (4 minimum as far as I recall) on an annual basis and going with a shrink wrap product.

I'm holding my breath to see what the reviewers have to say about this Tool kit v3.0 - it may provide what most users are looking for.

Re:Looks like more of a business model switch

[sulli]

No more anonymous IPs or email addresses. It sounds like just another personal firewall - I'm happy with ZoneAlarm and probably won't switch. Too bad.

Open Source?

I hope they plan to open source the anonymity product and that folks start to run free servers of their own accord...

Re:Open Source?

[Pituritus+Ani]

Do you want to be the exit server on the private route someone was using when they were doing something on the net that arouses the interest of $THREE_LETTER_AGENCY? I don't, and I doubt many others will, either.

Getting rid of anonymity is not the answer

[sledd_1]

There are always ways to be anonymous on the internet. I can go to the public library, open a hotmail account, and e-mail and browse anonymously.

It's too bad that this business is closing down shop in what appears to be a misguided reaction to the september 11th attacks.

Re:Getting rid of anonymity is not the answer

[coolgeek]

except for the surveillance cams and firewall logs at the library. probably not too big a deal for library to spit images out regularly to biometric systems at FBI offices. next step CIA and NSA "acquire" cybercafes.

and don't forget that thing that looks like an eye on the front of your TiVO... =)

Re:Getting rid of anonymity is not the answer

[josepha48]

"I can go to the public library, open a hotmail account, and e-mail and browse anonymously. "

Yup and that is what spammers do. How many people really tell the truth when they open up hotmail, yahoo, or any other free email account? Not all I can tell you that.

There is also ways of knowing what someone is doing on a web site and doing lots of tracking. When I worked for a web portol, we knew where a user came to our site from, weather it was a search engine, or a link on another site. We knew what pages they viewed. We knew how they navigated through the site, and often how they left the site. I can totally see why the need for anomymous browsing. You are being watched on the net.

In light of sept 11, I think they think that they may have been providing this service to bin laden or some of his people, and this could be true, but it is no reason to stop.

I also wonder if they will get suid by someone if they make the 'secret names' public. I wonder what their user agreement said. Sounds like this could launch a civil action suit against a company that says 'we'll protect your privacy', and then doesn't.

Personally I have nothing to hide. So I just use mozilla and reject the cookies. If you know that I am on a porn site we'll duh, I'm over 18 and it's legal (for now) in this country.

buy the shirt rm -rf /bin/laden
from http://linuxlookup.com/

Re:Getting rid of anonymity is not the answer

Not for long, once public libaries install filtering as required by law under the Children's Protection Internet Act (CIPA) the filtering software logs will log exactly what you do and the log in sheets will be able to identify who used the computer.

whew! when I read that, I thought...

holy smokes, when i read that a zero knowledge system was discontinuing anonymity, I thought
that it meant that slashdot was going to stop
posting by AC's!

Easy, no billing

No collections department, you paid in advance for a year's service. If you wanted to ensure anonymity, you could sign up online, get an account number, and write that on an money order. You could also pay by credit card - they claimed to have an internal system to remove the linkage between the payment and the account.

Re:Easy, no billing

That's true. It was also very difficult to link an anonymous identity a purchase. You purchased a serial number, then you exchanged the serial number for "tokens", which you could then exchange for identities. Since nothing forced you to get tokens right away, ZKS couldn't correlate your purchase to your anonymous identities (the exchange of tokens for nyms was anonymized).

Re:Easy, no billing

[NeMon'ess]

Plus four moderation for an annonymous coward? I think someone is way too concerned about their privacy, or they're at the cap.

Re:Easy, no billing

I think someone is way too concerned about their privacy

Rather ironic comment for an article about ZKS...

Fallout from Sept 11

[wiredog]

I suspect that various governments are bringing pressure to bear. Hotmail et al are probably next. See this article at

Re:Fallout from Sept 11

[Sarsippius]

Did you mean Hushmail?

Re:Fallout from Sept 11

[wiredog]

No. Hotmail. Apparently the terrorists were using free hotmail accounts to exchange info. No indications that they used crypto however.

Re:Fallout from Sept 11

[Noxxus]

No. Hotmail. Apparently the terrorists were using free hotmail accounts to exchange info. No indications that they used crypto however.

There's no anonymity with Hotmail already, dude. It puts the IP address of the sender in the header. Hushmail and ZipLip, however, don't log anything.

Re:Fallout from Sept 11

[Cuthalion]

Hotmail can be used anonymously, so long as you don't establish a link between an IP and your name. Just go to an internet cafe, pay the $5 and there you go.

Re:Fallout from Sept 11

[Tassach]

Hushmail and ZipLip, however, don't log anything.

Or so you hope. It's a matter of trust. They could be logging IP's without disclosing it. One of their employees might have covertly set up a packet sniffer. A programmer "planted" by some third party could have built a covert channel into the software that leaks information to his handlers. There could be a stupid bug somewhere in their system that can be used to recover the dropped logs. There are countless ways that the security can be subverted. Unless you control the channel end-to-end, there's always a risk of it being subverted.

This is the rubish I expected after Sept 11th

it's a pity that they are doing this. As for a business model what is the business model now ?

A crappy firewall for wind0ze and a form filler that mozilla does by default ???

Looks like bin laden continues to affect our lives....

ZKS cans its Freedom network.

[mathieukhor]

Given the current context, that's probably the best thing they could have done. The full anonymity multiple tunnels provided by the freedom servers had a huge cost of upkeep for ZKS, one which the revenues of the freedom product never could reach. Most users of Freedom were hardcore privacy advocates, but ZKS needed to tap into a larger market to make the Freedom net profitable. But in wake Sep11, the case for strong crypto anonymity is even harder to sell to the masses. So no user base = can the network.
I haven't read-up on Freedom 3.0 - yet, but I hope ZKS can still provide a simple http/https anonymous proxy gateway, it wouldn't be nearly as secure as onion-routing but would still provide minimal anonymity versus mundane threats like mass-marketers, identity theft, etc...

Cheers,

Mathieu Khor

Surprise to the staff as well?

[Pituritus+Ani]

Yesterday, I received the following message in response to questions about upcoming changes in services and offshore servers (emphasis mine):

Date: Wed, 3 Oct 2001 09:56:46 -0400 (EDT)
From: InfoReplies@zeroknowledge.com
To: @freedom.net
Subject: Ref: "New anonymous browsing service"

Hello,

Thank you for your interest in Freedom. Currently, we are unable to release specific details about our upcoming privacy services; I wish I could provide you with more information. :(

As for the servers, the upgrades should be completed shortly, and more servers should appear on the network. We apologize for the inconvenience.

Regards,

Freedom Support Team

Have a question? Looking for answers? Visit our Knowledge Center for up-to-date solutions to common problems.
http://www.freedom.net/support/knowledge.html

oh yeah

[WinDoze]

That should stop those pesky terrorists! They'll never think of getting a hotmail account from some public library system!

The really scary thing

[RedCard]

The really scary thing, for me anyways, is that ZeroKnowledge is located in Canada.

Which means - if the US has really pressured them to shut it down - that Canada's economic and social policies are even more influenced by the US than I ever believed them to be...

Right now, free speech is getting it's ass kicked around in the states, and it's starting to leach over into my little country!

I don't like this one bit.

On the other hand, ZeroKnowledge has been struggling financially for some time now, so maybe the events of Sept 11 just provided a good excuse for them to shut down their money-losing anonymizing service without raising too much of a furor.

--R

Re:The really scary thing

[Patrix]

you mean you didn't know Canada was nothing more than a semi-independant bootlickin' province of the US?

under what rock have you been living for the past 50 years?

ah, how I long for the days (circa 1812) when we actually kicked the US's butt and kindly gave them their land back after they agreed to stop trying to take over ours.

Re:The really scary thing

[azizlumiere]

HAHA Didn't you know that if the world was the Simpsons the US would be Mr. Burns and Canada would be Smithers.

Re:The really scary thing

oh, just shut the hell up.

you damn canadian.

with yer beady eyes and flapping heads.

Time for these to disapear

[zarathustra93]

I don't think these services will be around for much longer. With the legislation going through congress at the moment as a startingpoint, I don't see how anonymizers in general are going to be able to survive. Anon.penet.fi crumbled under much less pressure than the current political climate provides.

I may just be paranoid, but I have a feeling that NSA spooks are knocking on a lot of anonymizer doors.

Re:Time for these to disapear

[AnonymousEponymous]

Several reports exist saying that the NSA isn't able to process what data they already have in Echelon.

I would be more concerned that Ashcroft's Army of Clones aka the FBI were knocking then the NSA

One such report: www.infowar.com

Re:Time for these to disapear

[Doomdark]

Just a small comment; even though US administration certainly has lots of indirect influence on other countries' jurisdictions, it's not all that straight-forward to shut down foreign companies/websites. If I'm not mistaken, ZK is a canadian company, and like IP-name says, anon.penet.fi was a finnish site (a hobby of a finnish Internet pioneer who got lots of unfair shit because of a few uninforment news articles back then).

And no, it's not a co-incidence that practically all anonymity-enhancing services have been located outside US of A for years now.

Re:Time for these to disapear

[TheTomcat]

Yeah, they're located here in Montreal.

The firm I currently work for did design and branding for them back when they were a startup.

Sometimes anonymous is fun

HowGoodInBed.com is anonymous and serves a purpose and has NO business model.

Well, at least there are *options*

[Majik]

For those of you left out in the cold by this, Hushmail provides secure e-mail at a reasonable fee (I forget what I paid) or free accounts. Although if today's message is anything, supporting privacy services with money should be considered if you're going to use the service often!

Re:Well, at least there are *options*

[jes94]

Another option for encrypted email is https://mail.lokmail.net.

They do PGP for in and out email, and SSL between the webserver and the client. You can also have them do a domain for you at USD 30 per year.

Having used them for awhile, the only complaint I have is that they do not have a nice integrated email directory, so I have to manually key in addresses. They do have a directory so that I can put the addresses in the account, and I can cut and paste if I want to go that route.

Hope this helps someone in keeping their privacy.

Please Bail Me Out

[Haxx]

If I send one of you a signed blank check can you bail me out when they come for me?

-Im standing next to a mountain, Chop it down with the edge of my hand -Jimi

Lets have a US government anonymizing service

[DumbSwede]

I will probably get flamed for this one, and I must admit my views on privacy and security are in flux right now.

It seems to me the government should offer a free anonymizer service, with the proviso that detection of verifiable illegal activities transacted through same would lead to the immediate disclosure of the sender's identity (or at least location) to the appropriate legal agency. Private anonymizer services should not be allowed (at least within US borders).

This would then be a way for whistle blowers and others not engaged in illegal activities to easily, and with better legal shielding, submit their disclosures or air their personal political views. Mailing death threats, circulating child pornography, arranging for killings, or setting up drug drops shouldn't have any kind of guarantee of hiding the sender's identity.

I can already hear the big sucking sound from civil libertarians -- "HOW CAN YOU POSSIBLY TRUST THE GOVERNMENT WITH THIS?"

It would seem trusting private individuals with this isn't much better (and the government gets what they want eventually anyway). Perhaps using a private anonymizing service shouldn't imply that someone has something to hide, but in the minds of many, it does.

Being intractable on this issue will hurt the IT community more in the long run, because it closely associates it with the ability to conduct illicit and untraceable activities. I am more worried about being being prevented from using cryptography, or being forced to register the keys with a government agencies. Here is where the battle should be fought, because it will lead to the real government oversight of the flow of sensitive information.

Yes this probably comes as result of 9-11-2001. Stop burying your heads in the sand and telling yourselves the world isn't any different now.

Re:Lets have a US government anonymizing service

[swordgeek]

"Stop burying your heads in the sand and telling yourselves the world isn't any different now."

I take offense to this remark. The world isn't really any different now than it was a month ago, and my saying that isn't an indication of me "burying my head in the sand." The only real difference is that some of you (mostly in the US) have pulled your heads _out_ of the sand and started to realise what's going on in the world.

As for your idea of a government run anonymizer service, there's just one problem: It won't work! It's exactly like banning secure encryption in the US now--the genie is already out of the bottle, and you can't put it back in. Criminals will always find ways around security, surveillance, and general watchfulness. By forcing bcakdoors on systems, you're only affecting (persecuting, in fact) the law-abiding citizens who will use them.

Re:Lets have a US government anonymizing service

[tshak]

Boy do I have to be reundant these days:

"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety."

Even every point of technical communication was plain text and traceable, the "security" you recieve is more of a myth. Your philosphy is a slap in the face to the thousands that died for our freedom.

Re:Lets have a US government anonymizing service

[Daniel+Dvorkin]

Yes, it is a different world. The threat of terrorism is exactly the same as it was, of course, and so is the need to protect civil liberties (the latter being one of the few eternal constants in society, I'd say -- not civil liberties themselves, regrettably, but the need to protect them.) But two important things have changed:

1) The forces in government which would like to take away our rights in the name of national security now feel they have the perfect excuse, and

2) Otherwise intelligent people are so convinced that "the world is different now" that they'll let these would-be tyrants get away with it.

Can you spell "Reichstag?" I knew you could ...

Re:Lets have a US government anonymizing service

[DumbSwede]

What a load of crap.

I am tired of seeing this quote trotted out on every privacy issue.

I doubt Franklin would have considered being able to use an electronic anonymizing service an "essential liberty"

I care about being able to speak my mind, not whether the government can monitor my activities if I come under justifiable suspicion.

Re:Lets have a US government anonymizing service

[AnonymousEponymous]

A strong government enforced identity system would certainly be a good idea for our general online safety. Such a system, if established, could be protected by law from search, seizure, monitoring, etc. just like our telephones are.

With such a system we would not have to have a thousand different registrations for every website or online purchase.

It would also not take that much effort to put in place a privacy feature that would allow you participate anonymously with specific rules for breaking the privacy provision.

The key would be to ensure that a strong oversight was put in place, given the current climate (and Justice Dept. powergrab) I doubt that Congress would have the good sense to implement any online initiative sensibly.

Re:Lets have a US government anonymizing service

[sulli]

Sorry, that is just a really stupid idea. Ask the family of Martin Luther King, who was monitored for years by J. Edgar Hoover's COINTELPRO.

Ask yourself: would you ever use it? With Ashcroft (or Janet Reno) as AG? Neither of these two have a strong record in favor of liberty or privacy.

Re:Lets have a US government anonymizing service

[DumbSwede]

The threat of terrorism is not the same now as it has always been, it has escalated in severity and consequences since 1993, both from sources internal and abroad.

When we loose a million citizens in a nuclear blast someday, they will have lost the most essential liberty of all, the right to life.

Choices will have to be made as to how best to prevent the free, unobserved activity of evil men. Quit inventing rights that didn't exist 200 years ago, and then pretending we are turning into Nazis if we have to modify them.

Re:Lets have a US government anonymizing service

[DumbSwede]

That was then, this is now.
Government oversite has improved. [insert inane cynical comment here]

Last time I checked it wasn't J. Edgar that shot Martin Luther King Jr.

While I don't approve of what the government did in the the sixties, apparently this monitoring didn't greatly curtail the civil rights movement.

Re:Lets have a US government anonymizing service

[metis]

The only real difference is that some of you (mostly in the US) have pulled your heads _out_ of the sand and started to realise what's going on in the world.

Oh so TRUE!!!!

I wish I had mod points for you.

If the FBI announces that terrorists had a hotmail account, there will be a clamour to ban anonymous hotmail accounts. But we know the terrorists used boxcutters and jets and nobody says we should stop using boxcutters or jets.

THe problem with privacy is that it is a issue of principle that has little mainstream appeal. Most people are too damn boring to care about anybody reading their correspondence. It is the odd one out, the "perverse", the non-conformist, the politically marginal, etc. that will be hurt most.

The change of mood after September 11 just enhances a fundamental problem: marginal concerns are marginal. To those who cared about privacy, the attack should make no difference. If privacy is really important, it cannot be surrendered any more than air-travel can be surrendered.

Re:Lets have a US government anonymizing service

[Daniel+Dvorkin]

"The threat of terrorism is not the same now as it has always been, it has escalated in severity and consequences since 1993, both from sources internal and abroad."

Silly me; I thought we were talking about how the world has changed since Sept. 11, 2001, not since 1993. (And why did you pick 1993, particularly?)

"Quit inventing rights that didn't exist 200 years ago, and then pretending we are turning into Nazis if we have to modify them."

We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the pursuit of Happiness.--That to secure these rights, Governments are instituted among Men, deriving their just powers from the consent of the governed, --That whenever any Form of Government becomes destructive of these ends, it is the Right of the People to alter or to abolish it, and to institute new Government, laying its foundation on such principles and organizing its powers in such form, as to them shall seem most likely to effect their Safety and Happiness.

The Nazis, of course, did not hold these truths to be self-evident at all. Neither did the Communists. Neither, apparently, does John Ashcroft. Neither, apparently, do you. I still have enough faith in my fellow Americans to hope that, once the current panic dies down a bit, these will prove to be exceptions to the rule.

Re:Lets have a US government anonymizing service

[DumbSwede]

I support strong private cryptography. But the world has become a very dangerous place (or we Americans have just awakened to this fact), so reasonably choices have to be made about how to monitor and police illegal activities, or perhaps more importantly, monitor and police dealings with those abroad.

If I choose to voluntarily use a governmantal anonymizer services, then scrutiny rightly falls on others that use some other means of anonymizing their activities.

Re:Lets have a US government anonymizing service

[Tackhead]

> When we lose a million citizens [...] someday, they will have lost the most essential liberty of all, the right to life.

Last time I checked, it didn't say "Life, Liberty, Pursuit of Happiness. Choose any two."

For some of us, any two are meaningless unless accompanied by the third.

Re:Lets have a US government anonymizing service

[DumbSwede]

Well the flow of responses is as predicted, I expected this would be flamebait.

The general consensus seems to be
GOVERNMENT == BAD
Personal rights to do anything electronically and have it hidden and undecipherable == GOOD

Wake up.
You people are not helping. If you want to hold onto reasonable rights, you have to offer reasonable, effective alternatives that still allow us stop and catch the bad guys.

I choose not to believe the US government is essentially evil. I choose to believe the US government has improved its stance on human rights in general, effectively and steadily over the last 200 years. I choose to believe there are truly evil men out there that would do America harm. I believe the majority of you online rights complainers are spoiled pampered brats that have never had to sacrifice the least little thing in your lives, and don't understand that we have to help find solutions to the problems caused by unintended side-effect our electronic age has brought us.

Re:Lets have a US government anonymizing service

[Boomerang+Fish]

What about government monitoring if you're *not* under justifiable suspicion?

I'm not saying that government == bad; they do provide usefull and necessary services. But like any entity, they can suffer from various levels of corruption... improperly served warrants, evidence tampering, "lost" fbi background check documentation, blacklisting (circa 1930's?), etc. Sure, these aren't the norm (well, we hope ;-), but they happen.

The way I see it, encryption and privacy tools aren't *intended* to aid me in comitting a crime. They are *intended* to prevent a crime from being commited against me. This applies to web server SSL certificates for secure on-line ordering, just as much as it applies to personal e-mail and web browsing.

Can they be abused? Sure. But I can also think of a million uses for a fork that probably aren't on the *intended* list for kitchen utensils... and some would probably land me in jail for committing a crime. Not because I used a fork to commit the crime, but because I committed the crime.

Let the government set up an anonymizing service. They are, in theory, there for our protection. Just don't make it illegal for private companies to do the same. I mean, even though the police can offer me protection if I receive threatening mail, I also have the option of hiring a private bodyguard. I see no reason on-line privacy services have to be an either-or proposition. Allow both and choose the type of service you are most comfortable with.

Re:Lets have a US government anonymizing service

you have got to be fucking kidding. the gov't is a thousand times more corrupt today than in the 60s.

and they're less likely to be subtle about it. if they wanted to assassinate MLK today they'd just send the hostage rescue team (aka, fbi death squad) or the atf to burn him to death-- all with the complicity of the korporate media.

Re:Lets have a US government anonymizing service

[DumbSwede]

I chose 1993, because that was the fist WTC bombing.
2-26-1993, World Trade Center bombing -- 6 dead
4-19-1995, Alfred P. Murrah Federal Building bombing -- 168 dead

Please, please, please quit quoting the constitution to me, and explain exactly how and under what circumstances it protects private anonymizer services.

You can't have every right under the sun.
If I think is is fun to kill people, I don't get to have this right as protected under the pursuit of happiness.

Re:Lets have a US government anonymizing service

Us Americans have been repeatedly awakened to that fact. Unibomber, school shootings, riots, and now terrorist attacks. Why do choices all the sudden need to be made now? Because previous attacks required less planning? Because fewer lives were lost in individual events? (Tell the victims that, "Well, because there were only 60 people killed, we won't work very hard to try to stop what happened to your son in the future.")

Re:Lets have a US government anonymizing service

[Tassach]

I doubt Franklin would have considered being able to use an electronic anonymizing service an "essential liberty"

I think Franklin, Jefferson, et al. would be aghast to think that the government agents could secretly and undetectably evesdrop on the public en mass, without a court order. This simply wasn't possible in their day -- the only way of communicating over distance was via a letter.

Even if all the mail of the day had been carried by the USPS (of which Franklin was the first Postmaster General), it would have been impossible for the gvt. to open and read every letter. Considering that sealing wax was used (in combination with distinctive seals) to close the letters, it was very difficult to open a letter without the intrusion being detected.

One of the biggest grievances the Colonists had with England was the fact that the Redcoats used general searches -- anyone & anyplace could be searched at any time for any reason. Our founding fathers considered this to be unacceptable conduct for a fair and just government. In response to this abuse of power, they established the principles set out in the 4th amendment: that a warrant is required for a search to take place, and that the warrant must explicitly list who and what is to be searched, and what the object of the search is. There's a world of diffence between being monitored because the Gvt. has probable cause (or, to use your own words, justifiable suspicion) and being monitored because you "fit the profile" or just because you happen to use the same ISP as somebody else who's under suspicion for somthing.

The wholesale monitoring of electronic communications is the moral equivilent of opening and reading every postal letter. It is unacceptable, immoral, and unconstituitonal. The government has no Constitutional authority to do so, and is explicitly BARRED from doing so without a warrant by the 4th amendment.

As a practical matter, the gvt. can and will monitor electronic communications, the Constitution be damned. It is a limitation of the technology that it is easy to monitor. However, we have the absolute right to use any and all technological measures available to us in order to guard the privacy of our communications against prying eyes and ears. Furthermore, while the Government may be able to COLLECT information via illicit/illegal means, there MUST be SEVERE restrictions on how that information can be used. Comunications intercepted without a warrant should NEVER be admissible in court, under any circumstances whatsoever. This is fine for anti-terrorism purposes.

A Terrorist (or any other covert operative) requires total secrecy in order to do his job. If his "cover" is blown, his operational effectiveness drops almost to nil. You don't even necessarily need to arrest a suspected terrorist in order to stop him - you just need to let him know that you know who & what he is and that he's being watched. If he's well-trained (as bin Laden's people are), his response will to cut all contact with his handlers in order to minimize the damage to the organization. You don't get the viceral satisfaction of sending his butt to jail, but that is really unimportant next to the fact that you've prevented a tragedy.

Re:Lets have a US government anonymizing service

[tobylyn]

For what it's worth that's a quote from the Declaration of Independence, not the U.S. Constitution. As such, it's also not binding on U.S. law, though it's obviously quite influential.

Re:Lets have a US government anonymizing service

[DumbSwede]

Glad you guys are all so patriotic. When the end comes for millions of innocents it will great comfort for those left behind (yes, I'm way over the top here, but so are you guy).

I keep saying it over and over and no one responds. Will you give up anything to the government that will allow some reasonable means of assuring security? What are the alternatives?

I offer one possible piece to a solution and get dumped on by people wrapped in the flag. I getted modded a 2, when I have obviously sparked a lively debate. And yet not one of you has offered any ideas on how to prevent anonymity from being being put to bad uses.

If you will cede nothing, you will loose everything.

Re:Lets have a US government anonymizing service

[mpe]

A Terrorist (or any other covert operative) requires total secrecy in order to do his job.

An atmosphere of suspecting anyone might actually make it easier for someone to act covertly. Let alone it's proven not to work, the government of the GDR had no idea that their whole country was about to cease to exist, dispite having files on something like 25% of the population.

If his "cover" is blown, his operational effectiveness drops almost to nil.

You first need to identify the terrorist. Mass interception (and machine scanning) isn't likely to help you much.

Re:Lets have a US government anonymizing service

[Tassach]

I agree with you on both points, that an atmosphere of general suspicion makes it harder to single out the genuinely suspicious people, and that mass surveillance isn't going to be effective. All of which means that Dubya and the Congresscritters are peddling snake oil; shitcanning the Constitution in order to advance their own political agendas.

Re:Lets have a US government anonymizing service

[WNight]

Just for reference, I'm Canadian.

I will (voluntarily) cede NOTHING to the government, unless I am convinced that it will help.

If the government banned strong crypto, it wouldn't help, at all. Strong crypto already exists. When used with stegonagraphy, strong crypto can produce essentially invisible messages. This means criminals could continue to use strong crypto, but ordinary law-abiding citizens couldn't.

Thus, if I give up my right to crypto, I haven't actually helped to make the world any safer. In fact, by putting all my communications in plain-text (trusting DMCA-type laws to prevent evesdropping) I'd have made life even easier for the criminals.

There's a good article on Counterpane (www.counterpane.com/labs.html) about this very thing. He says that it makes sense to be inconvenienced by some security measures, but only if they actually provide security. If they don't make anything more secure, they're just a placebo (at best) and might be harmful.

Do you care to suggest some rights that I might choose to give up?

Re:Lets have a US government anonymizing service

Please, please, please quit quoting the constitution to me, and explain exactly how and under what circumstances it protects private anonymizer services.

Amendment IX

The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people.

Re:Lets have a US government anonymizing service

[BinxBolling]

I keep saying it over and over and no one responds. Will you give up anything to the government that will allow some reasonable means of assuring security?

Maybe. But only when I'm presented with convincing evidence that restricting these rights will actually help to maintain security. There's been no evidence published that these services are being used by terrorists (in fact, they used ordinary Hotmail accounts). So maybe you should can the hysterical posturing.

Re:Lets have a US government anonymizing service

[Kanasta]

You know, the reason whistle blowers need an anonymizing service is that some self proclaimed 'religious organisations' have lots of lawyers that they send out to destroy the lives of the said whistle blowers. When the said organisation can convince the judge that their 'religious text' is copyrighted, the mere act of discussing the text is then a copyrighted infringement and may be viewed as illegal.

The government can't protect you.

Re:Lets have a US government anonymizing service

[Suicyco]

What I dont understand is you are willing to give up rights to catch the "bad guys" when the "bad guys" did not use the medium you are willing to compromise! There is no proof that web browsing or email played any part in any terrorist activities. If I were a terrorist I certainly wouldn't trust any software I didn't personally write, because it would mean my life on the slight chance these things were compromised by the NSA, CIA, etc. etc. All you are proposing is giving up your rights because you feel you need to give something up, not because it will help in any way. Big Brother loves you and the way your mind seems to work.

Re:Lets have a US government anonymizing service

[DumbSwede]

I am not worried greatly about terrorists using these services at the moment (though I have exaggerated some responses to further a lively debate). But terrorism has brought IT and illegal activities associated with it to the political debate scene. There are many illegal activities being done through anonymizing services (I will not re-enumerate them here).

By refusing to give up this easy to use cover for criminal activity, we, the IT community, are being labeled guilty by association. I have said it in postings to other discussions, and I'll say it again here. If the IT community refuses to cooperate with the government in at least some small ways, we, the IT community will be demonized by the Government and Press, we will be branded outlaws, and we will loose all other rights and privileges we have. Joe-Six-Pack doesn't know nor care what the difference is between cryptography and anonymizing.

Once the public turns on the IT community due to negative press, you'll be lucky to be able to use a word processor without asking the government for permission first.

Re:Lets have a US government anonymizing service

[spoon42]

Well the flow of responses is as predicted, I expected this would be flamebait.
...less flamebait than ignorant troll. Regardless, I felt the need to respond to a few of your statements throughout this thread.

Starting with this post:
The general consensus seems to be
GOVERNMENT == BAD
Personal rights to do anything electronically and have it hidden and undecipherable == GOOD

This country was founded on distrust of government. There was much debate over the ordering of the first few amendments, ie. the importance of unrestricted speech, etc. vs. right to bear arms - to allow the people to defend themselves against any entity, including their own government, if deemed necessary. The Bill of Rights has this distrust as a common theme, since its authors were fighting to escape government gone bad, and recognized that that is, unfortunately, what happens.

Related statements from two posts:
Wake up.
You people are not helping. If you want to hold onto reasonable rights, you have to offer reasonable, effective alternatives that still allow us stop and catch the bad guys.

I keep saying it over and over and no one responds. Will you give up anything to the government that will allow some reasonable means of assuring security? What are the alternatives?

Everyone else keeps saying it over and over, and you're just not paying attention. The liberties (which you refuse to even recognize) you're asking people to give up have not been shown to be a reasonable means of assuring security. Once that's been established, then the issue of giving up essential liberties can be addressed. I doubt that you could convince me that making encryption (or much else) illegal, or restricted so as to be useless, will deter the "bad guys" in the least.

More drivel, in case anyone missed it:
Quit inventing rights that didn't exist 200 years ago, and then pretending we are turning into Nazis if we have to modify them.

One AC appropriately posted the 9th Amendment:

The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people.

Basically, I think there's a crucial point here that you're missing. People have rights by default, governments (ours at least, as defined by the Constitution) do not. I'll try to make this simple: Anonymity- and anything else that's been brought up- is a right, because there's no reason for it not to be. Terrorists, Communists, or any other Boogeyman du jour are not now, never were, and never will be enough reason to trump that.

Crap, the sequel:
I choose not to believe the US government is essentially evil. I choose to believe the US government has improved its stance on human rights in general, effectively and steadily over the last 200 years. I choose to believe there are truly evil men out there that would do America harm.

... and I choose to believe you're wrong, as I hope anyone else would too. The US government is not essentially evil, if you define its essentials to be the Constitution, Bill of Rights, Declaration of Independence, and other such things. There are evil men seeking to do the US harm, and they are those in our government that are opportunistically using the events of the 11th of September as an excuse to push their agenda of taking away the rights of the people and giving unnecessary and excessive rights to the government. Power corrupts. Hence the distrust of government in the Bill of Rights. Speaking of human rights, it may be interesting to read things like this instead of USA Today.

Bah. I probably had more to say that slipped my mind while writing this. Oh well. I think I got across the point that I strongly oppose any attempts to undermine what this country was founded on (not necessarily what it's become) and those who defend them. It's been said often enough, but it bears repeating: If the attacks were an attack on freedom, then restricting the rights of the people is the worst course of action as it represents an attack on freedom from within.

Re:Lets have a US government anonymizing service

Last time I checked it wasn't J. Edgar that shot Martin Luther King Jr.

check a little harder.

Re:Lets have a US government anonymizing service

[DumbSwede]

Wow, you convinced me - not!
Blah, blah, blah, Rights, blah, blah, blah, Rights.

Not one refutation that anonymizing services are routinely used to engage in illegal activities. Not one other suggestion of how to deal with this. I have routinely defended encryption (reread the original post). I'm suggesting we make intelligent decisions here, before everything (like encryption) is taken away from us.

Lets just all get wrapped up in the flag, and pretend we are doing the public a service. Sorry you spent so much time on your response, maybe you can recycle it to get an A+ in a college civics course from a liberal professor.

Re:Lets have a US government anonymizing service

[spoon42]

Not one refutation that anonymizing services are routinely used to engage in illegal activities. Not one other suggestion of how to deal with this.

Not one bit of evidence that they are. I don't see the point in justifying myself further when you haven't said what "this" is that needs to be dealt with, apart from reactionary power grabs by unethical politicians using tragedy as an excuse to push their agenda, legislating things that haven't been shown to be relevant to the situation they claim to want to prevent or take revenge for. er, justice. That's what they call it.

Actually, I tend to stay away from civics classes and the like. Can't stand the stuff. :p

Re:Lets have a US government anonymizing service

[AbsoluteRelativity]

isnt safeweb owned or some how associated with the CIA?

Re:Lets have a US government anonymizing service

[DumbSwede]

As was posted earlier by someone else, when anonymizing services were first created, they were probably, by and large, used for the right reasons. Now they have been co-opted, by people using them for the wrong reasons. I am not proposing that anonymizing services be eliminated, just altered in such a way that prevents abuse.

If I go get concrete facts and statistics to prove my claim they are used in large part to support illegal activities, will you alter your stance?

This isn't all about terrorism, but recent terrorist events have overturned a large rock in the IT community, and not everything under there is pretty.

Re:Lets have a US government anonymizing service

[BinxBolling]

There are many illegal activities being done through anonymizing services (I will not re-enumerate them here).

Troll. You never enumerated any illegal activites being carried out through anonymizers in the first place.

From another of your comments:

I have challenged over and over again others to come up with alternatives to keeping anonymizing services from being used to support illegal activities, so far none have been proffered.

No. The burden is on you to demonstrate
that these services are being used for significant criminal activity. Until you do so, there's no burden on anyone to defend the existence and use of anonymizers.

Re:Lets have a US government anonymizing service

"I care about being able to speak my mind, not whether the government can monitor my activities if I come under justifiable suspicion"

Here's the problem with your idea: if what you speak is politically unpopular, that's all the justification the government needs to suspect you.

Remember McCarthyism, Nixon's enemies list, Hoover's files on everyone from M.L. King to Mother Teresa.

Re:Lets have a US government anonymizing service

"And yet not one of you has offered any ideas on how to prevent anonymity from being being put to bad uses"

There are no ways to prevent liberty from being put to bad uses, but liberty is still valuable. It's given you a standard of living and a degree of security unknown in most of the world. You should not be so quick to spit on the values so many Americans have died to preserve.

Every freedom can be abused. Name any freedom-- it can be put to bad uses. Freedom of speech, for example, lets people like you call for the destruction of essential liberties. This is a bad use in my book, but I won't call for the suppression of free speech in order to shut you up, because it would shut me up too.

Re:Lets have a US government anonymizing service

[spoon42]

If I go get concrete facts and statistics to prove my claim they are used in large part to support illegal activities, will you alter your stance?

Not likely, because that's only part of the issue. You'd also have to convince me that restricting it would have any actual effect. Arguably, everything's been "co-opted, by people using them for the wrong reasons." Most recently,- and dramatically, and tragically,- box cutters, but I doubt there's any rock-overturning going on in the commercial box-opening community.
However, I don't think we'd even get that far, since I don't see how an anonymizing service would be much good for anyone plotting something. Anonymous means that noone knows who the other person is, including the alleged persons involved in illegal activities. So to use the service to any effect, they would have to have some other system in place to identify eachother, which renders the service pointless, or at the least not critical to the operation. Plus you've said, as far as I could tell, that you don't have a problem with encryption, which I can't make sense of in the context of your seemingly fanatical opposition to anonymity, for the same reasons and others I'd go into if I wasn't already barely making sense. Tired. If tomorrow I feel any more needs be said, I'll try to make this make a bit more sense. Or not.

Re:Lets have a US government anonymizing service

"Not one refutation that anonymizing services are routinely used to engage in illegal activities."

Logic is not your forte. Have you ever heard that it's very difficult to prove a negative? For example, I challenge you to conclusively refute my assertion that you frequently have sex with underage goats.

But I concede without argument that anonymity is used for nefarious purposes. That does not mean that it should be taken away from law-abiding citizens. Cars are frequently used for nefarious purposes-- should we confiscate all cars?

Please try to think about this. You are not making sense.

Re:Lets have a US government anonymizing service

[G-funk]

That's the dumbest idea I've ever heard. The reason we need an anonymous service is that the government, and laws are for sale to the highest bidder. And anything can be made illegal if someone in the FBI or a company with enough friends on the hill decide they want your details.

Re:Lets have a US government anonymizing service

[DumbSwede]

Box cutters are now restricted on airline flights, and no one is complaining about the restriction of their box cutter rights. This is much the same thing, not a proposal to do away with anonymizers, only restricting the circumstances where they can do harm.

As for proving a government run anonymizer would be effective, there is a catch 22 in effect. I can't prove what isn't being done.

I guess we will never convince one another, especially since you admit you don't care if proof can be offered that harm is being done.

Re:Lets have a US government anonymizing service

[DumbSwede]

I enumerated several in several previous posts to this thread prior to yours, so you've obviously skipped ahead in your zeal to confront me. Child pornography rings, death threats, drug drop arrangements, organized crime activities, frauds and hoaxes of various sorts, and while not entirely illegal (yet) certain types of spamming.

Since I am not in law enforcement and don't have available files at my disposal tonight, let's phrase this another way. Do you deny that these activities occur through anonymizer services, and probably are significant portion of the flow through anonymizers?

Get real, exercise some common sense, instead of screaming the sky is falling. The onus is on me? No the onus is on the IT community to keep from being branded a bunch of cyber bandits, when the government and a public enflamed by popular press labels us all criminals for defending viscously channels for criminals to evade the law.

You can label the politicians ignorant on Internet issues, but that won't stop them from passing laws at the general publics urging. Think I'm wrong here? Hacking has now been defined as a terrorist activity, and IT's press isn't going to get any better from here, with our side being so intransigent on these issues.

Re:Lets have a US government anonymizing service

[DumbSwede]

There are all sorts of laws regulating the use of cars, posted speed limits come to mind as just one. I have not proposed taking anonymizers away, only having them regulated -- hey, just like owning a car ;-)

BTW, how did you know I have sex with goats???

Re:Lets have a US government anonymizing service

[DumbSwede]

My suggestions was to regulate anonymizers (not do away with them). One thing I strongly stated in the original post that started this thread was that I was far more worried about loosing strong cryptography tools, which is likely to happen, and happen soon with the take-no-prisoners attitude the majority of the IT community seems to have adopted. The reason I dislike government agencies holding onto all our cryptography keys, is the target those keys would make to be stolen, almost exclusively for economic gain (yes, not all government employees are honest). No demonstrably large financial motive exists for cracking into a US government anonymizer service.

Everybody seems to be in denial that either significant criminal activities are conducted through anonymizers, or that regulating them would hinder criminal activities conducted through them, or even if so, well, that's the price society must pay in order to support freedom in its most broad sense. Other than the OH-MY-GOD-you-can't-trust-the-government argument, I don't see the harm or the abuse of privacy rights this suggestion entails.

I'm sure if landline phones had just been invented in the nineties, you would be arguing just as strongly that court orders must not ever be issued under any circumstances to allow phone taps. The fact that phones can be tapped when there is sufficient evidence of criminal activity has helped crack many criminal cases that could never have otherwise been solved. Phones with out the ability to be tapped or traced could be seen as an earlier anonymizing service. Many forms of lawlessness would be rampant in a no-taps possible world, but you probably think society would be better off.

Re:Lets have a US government anonymizing service

[spoon42]

Box cutters are now restricted on airline flights, and no one is complaining about the restriction of their box cutter rights. This is much the same thing, not a proposal to do away with anonymizers, only restricting the circumstances where they can do harm.

(I'll get to this with the last part.)

As for proving a government run anonymizer would be effective, there is a catch 22 in effect. I can't prove what isn't being done.

Heh. Much the same as I can't reasonably be asked to defend actual use of the services when only possibilities are given. And seemingly any possibility at that. :)

I guess we will never convince one another, especially since you admit you don't care if proof can be offered that harm is being done.

That's not quite what I meant, although I proably sounded that way. More accurate would be: If you offered proof, then I'd have to give your point more consideration, but I doubt that such proof exists. (And not just some tangentially related, partially hypothetical proof either.)

That said, I've read over the whole thread again and concluded mainly that slashdot is a terrible place for any meaningful discussion. :) I can see your point about everyone overreacting and screaming about rights; All that seems to have overpowered what I think was your original point, so much so that I got a bit carried away with my original post. :) I think your point was something like: Americans are, by and large, ignorant, including those in power, so we can expect a backlash against technology in the name of protecting (the children, freedom, whatever); So we may have to be prepared to accept restrictions on some activities or risk losing many more altogether.
If that was your meaning (I hope I got that close to being right), I can agree with most, even all of it. I think the main difference is that I'd like to think we don't have to give up just yet. And I think a lot of the other trolls^Wposters would agree with that if they hadn't felt the need to get your idea completely overblown and present their similarly exaggerated response in essay form. ;)

eh. Peace out. I think I'm done here. I've spent far longer time on slashdot these past couple days than I'd have liked, but I don't think it's been a total waste. :)

Re:Lets have a US government anonymizing service

[spoon42]

... in case I didn't make things clear, and to muddy things a bit more: ;)

If you gave proof, I'd have to consider things further.

Then, if someone came up with a way to prevent abuse while preserving "legitimate" usefulness, then I nor anyone else would have an easy task of arguing against its implementation.

But that's the hard part: restricting the use of something that is just a tool to only allow it to be used for good, not evil. Finding a way to do that just seems to me to be something that can't be done. But you're welcome to try. :)

Re:Lets have a US government anonymizing service

[WNight]

You only assume that lawlessness would run rampant with the control measure of the week.

If phones were just invented and police weren't allowed to tap them, criminals would use them, but police would bug or tap something else. If they wanted to know what a criminal was doing, they'd follow him around and use a directional mic.

What would happen if someone invented a quantum communicator, so-called because it involves instantaneous communication between two points with no in-between signal. It would be untappable by nature. Would you advocate crippling it by either covering up the technology, or requiring every communicator to have a second communications channel that recorded everything at a government monitoring station?

My main problem with phone tapping and key escrow is that they allow automated tapping. Automated tapping is where you get your abuses. It's so easy, so why don't they simply record everything and scan it at their leisure. Voice recognition means that keyword scanning is a possibility, and text can trivially be scanned.

In the days when tapping a phone meant that you had to leave a reel-to-reel tape recorder on it, and then have an agent listen to it you couldn't do it indiscriminately.

Today's technology raises the scary spectre of McCarthy-ism. Imagine when all your communications in the last twenty years can be quickly perused and used against you. However, by keeping evesdropping hard, the government (or anyone who could potentially crack their databases) would have to suspect you of a crime instead of just going on a fishing expedition.

There are many ways now that criminals can communicate safely, including over the telephone, and crime isn't rampant. I think you're grasping at straws.

Re:Lets have a US government anonymizing service

[DumbSwede]

Once again I favor strong cryptography with no public registration of keys. Private information should be private (please read my original post).

Practical quantum communication has yet to be achieved, so that can of worms hasn't been opened yet, but even when it is, it isn't the contents I'm worried about protecting, but the ability to delivery untraceable messages. If someone sends me a message, why should they be able to completely disguise who sends it or from where? Why is this protected as Free Speech? Which is the argument I'm seeing over and over. I'm not restricting your right to say anything you want to who ever you want, only restricting your right to do it anonymously under circumstances where it is proven to be part of criminal activity.

If phones were untraceable, there would be an explosion of abuses. Women would never be free from obscene phone calls, because tracing back the callers would be impossible in a truly anonymous system. Death threats would be common. Hoaxes and bomb threats common. Drug deals greatly facilitated (although I am not actually pro most of our drug laws). Crimes of all sorts made much easier. Despite your assertion that police would just find other avenues to monitor criminal activity, It is unlikely to be effective without vastly restricting our rights to unreasonable search and seizer in some other fashion. Another trouble with, just monitoring the criminals by other means, is that without a means to backtrack, after proof a crime, someone without a criminal record, or a prior criminal not currently being monitored will never be caught. So you will have to monitor 24-7 all prior criminals, and most likely everyone you suspect could ever become a criminal. Talk about a police state!

Just because the majority of the /. community doesn't think guaranteed anonymity facilitates criminal activity doesn't make it so, and there have been no reasonable explanations of how to keep this from occurring. When I first started this thread, I was not has convinced that I was on to something as I am now, having defended my position from repeated attacks, some shrill, some personal.

The argument that crime is not rampant seems a bit specious. Do we wait for it to become rampant as criminals become more technically savvy, then implement what I'm suggesting?

It could be that you are confusing my position, as been the case in half the posting to this thread. I am not for the government reading your postings and transactions, only being able to identity the source of anonymous posting when there is proof of abuse.

Re:Lets have a US government anonymizing service

[DumbSwede]

I like your modified stance, and will agree to reconsider mine as well. You make many good points, and I appreciate you see some merits to my idea, instead of engaging in a knee jerk reaction. You especially read correctly, my worry about loosing all privileges, if we in IT are inflexible on all points.

Re:Lets have a US government anonymizing service

[WNight]

"Women would never be free from obscene phone calls, because tracing back the callers would be impossible in a truly anonymous system. [...]"

If there was a problem with a system accepting connections from unknown hosts, people could choose to accept anonymous calls or make callers authenticate with a code.

"without a means to backtrack, after proof a crime, someone without a criminal record, or a prior criminal not currently being monitored will never be caught. So you will have to monitor 24-7 all prior criminals, and most likely everyone you suspect could ever become a criminal. Talk about a police state!"

That's exactly what keeping a log of phone calls does. It assumes that law enforcement will need to monitor everyone and keeps a record now, for them to refer to later. That's not really much different than recording all the calls and only listening to them if you suspect the person. It's still assuming guilt.

"Just because the majority of the /. community doesn?t think guaranteed anonymity facilitates criminal activity doesn?t make it so, and there have been no reasonable explanations of how to keep this from occurring."

Guaranteed anonymity might make things easier for criminals, but it'd also give non-criminals something they couldn't have achieved before without criminal acts (false ID, etc). Criminals can work around the identifiers in the system, non-criminals by definition, can't. Just because something CAN be used in a crime doesn't mean that it should be banned. This is where you get stuck.

" The argument that crime is not rampant seems a bit specious. Do we wait for it to become rampant as criminals become more technically savvy, then implement what I?m suggesting?"

Do we ban or neuter any technology that might be of use to a criminal someday?

"If someone sends me a message, why should they be able to completely disguise who sends it or from where? Why is this protected as Free Speech?"

It's protected because unless you have the ability to say something without fear of attacks. Thanks to this, Afghanis have been able (for years) to tell the free world about the atrocities of the Taliban. Imagine if their 'anonymous' communications could be logged by the government. Whistleblowers also tell of government corruption and coverups.

Also, if the government can tell who said something, so can a determined criminal. Think of the informant who wants to give evidence against a mafia member. The only way to guarantee anonimity is to not log the identity in the first place, because protecting it in the future is impossible to guarantee.

"I am not for the government reading your postings and transactions, only being able to identity the source of anonymous posting when there is proof of abuse."

This assumes the government isn't who you're trying to hide your identity from. There have been a lot of cases of corruption where the last people you'd want to be able to find you aree the law enforcement.

And any system that has a backdoor built in (either logging, or weaker encryption, or key escrow) is vulnerable to attack at that point.

Look at cell phones, for example. People didn't want evesdroppers, so it was made illegal to buy a scanner that would listen on those frequencies even though the law is essentially unenforceable. This to prevent people from using encryption, because the government didn't want untappable calls.

So what happens? Criminals, who for the most part are the only ones who stand to gain, still listen in on calls.

Now digital cell phones are encrypted, but with a weak encryption, that evidence shows the governments weakened, so that they wouldn't be untappable.

And we're again back to where criminals (by definition, with anti-scanner and DMCA type laws) are the only ones who can break the law, but they can do it with relative impunity. It's a passive attack, so all it's good for is a harsher charge if you catch them doing something else, it can't be used to actually prevent the evesdropping.

"It could be that you are confusing my position, as been the case in half the posting to this thread."

I could be, but you could also be missing some implications. By taking something (anything) away from non-criminals, you're just widening the gap between haves and have-nots. Sometimes this is worth it (I wouldn't want to see everyone with tac-nukes) and sometimes is isn't. I think the fact that anonymous posting is essential for free speech (whistle-blowing, unpopular speech) means that we can't jeapordize it just because it may, at some unspecified point in the future, help law enforcement. Especially when there are other ways to catch people.

Grab it while it's still there

[Pituritus+Ani]

The open sourced client and routers are here.

Thank you ....you are sooooo right.

The majority of /. posters are "experts" at everything and are actually ignorant enough to believe the net will remain a lawless entity. Meanwhile they are over 30, jobless, and sitting at their parents house in their underwear.

NBC knows how to do it:

[pacc]

Make sure that the users cannot change their registred e-mail adress, then sell their aliases to spammers.

Xoom pages still held hostage...

+1 Ironic on the MQR standard

[MarkusQ]

An AC writes: Anonymity sucks. Nobody should ever do anything anonymously. Ever.

Cute. I strongly agree with what I presume was your point; that anonymity is in fact ubiquitous.

--MarkusQ

you can take our...

homes and our lives... but you'll never take our FREEDOM (networks).

hehe..guess we know

what side you're on then eh? I'm not gonna provide any counterargument to yours, as I've watched you trolling this line for weeks already, and you've heard it all already. You make me laugh though. Btw, I'm about to be deployed (some of us put our money where our loud anonymous online chicken shit mouths should be putting it...that means you coward).

Can you read?

It takes considerably less time to click on the link and read for yourself that there is a refund than it does to type the question.

Re:Can you read?

But then you don't get f1r$7 p0$7

dont forget about Sneakemail

Sneakemail is an email anonymizing and anti spam service that is determined to outlive the competition.

So far so good.

Sneakemail.com

Really Anonymous???

[jsonic]

Anyone else have the idea that anonymizers are just fronts for whatever agency is interested in your surfing habits?

Think about it, what better way is there to keep track of people than to have everybody surf through one specific bottleneck where their activities can be easily monitored.

The traffic might be anonymous to the website you are going to, but it sure ain't anonymous to the anonymizer itself.

Just a thought.

Re:Really Anonymous???

[p0nderous]

Hmmm.

Read the whitepaper on how Freedom works (er, used to work...) and then realize why what you just posted is idiotic.

Re:Really Anonymous???

[zaniahh]

Listen you little jsonic paranoid freak: When you don't know what you are talking about you're better off not talking at all.

Re:Really Anonymous???

[jsonic]

I'm not saying this IS the case with Freedom, but come on, someone gives you a piece of software and a paper explaining how it works and you trust them immediately with you privacy?

yeah, i'm the idiot.

Re:Really Anonymous???

[jsonic]

I've read the whitepaper for Freedom and I was interested in using the service, but how do you prove that the software you are running functions exactly as the white paper says it does.

If you trust something simply because the person selling it wrote a paper saying its secure then good for you.

Re:Really Anonymous???

[zaniahh]

what's in it for them to know your identity? They don't care about that, they have the most secure tool out there and they spend their time working on their things, not its customers.. THere are still good guys out there.. _not everybody is out to get you_. We're all in this together man, so a little trust in the good guys will help overcome the bad ones..

Re:Really Anonymous???

[jsonic]

I agree, but the only problem is the "bad guys" are probably going to try really hard to look like "good guys".

I guess the real solution is to open source this stuff ( I think ZKS might actually be doing this ), analyze the code, and then compile it yourself. But then setting up the network which Freedom uses to create anonymity might raise further issues.

The whole point of this is that anonymity is not easy, and relying on an outside service to create anonymity for you raises (potential) problems. But if all you're worried about is marketers tracking your surfing, then Freedom was overkill in the first place.

Re:Good.

[mathieukhor]

I am an ex-ZKS employee, and you - are a troll.

Do you really think you can stop people from developping or using encryption or anonymity? There a rumours Ben Laden uses steganography - should we ban all .GIF's and JPEG's on the web?

Most employeess at ZKS believe in protecting our rights, and in preserving privacy versus what is perceived by many as intrusions of a police state future into what was otherwise a "free" internet. As Phil Zimmerman said:, "if you ban strong crypto only the terrorists and criminals will have access to it."

Zero Knowledge

[depth_13]

These guys had a pretty cool product running there for a little while, but since they dropped Linux support I didn't really feel like sticking with them any more anyway. Of course now Metallica will be able to ban me from concerts or something when I download their damn MP3s.

Well...

[Pope+Slackman]

That certainly sucks ass, but I can't say I didn't see this coming.

They've been showing signs of titsup.com-ness for months now...discontinuning free services, raising prices, etc.
Wonder if FuckedCompany has gotten word of this yet...

C-X C-S

Now What?

[DebianDog]

I have been a customer for over two years, starting when it was beta and real slow. I happen to actually like the ability to be able to send anonymous e-mail once in a while and enjoyed the warm and fuzzy feeling I got while visiting questionable sites. In fact it was one of the few reasons I still keep a Windows box around, since Freedom dropped support for Linux 6-8 months ago.

Now what have they got? A $50 Ad blocker and personal firewall? For Windows only?! I do not envision this company staying in business for much longer.

My REAL question is now: " What are the good alternatives for both Linux, OSX, and Windows?" Cost? How secure is it?" I know I can go to a web re-mailer and shoot out e-mail but that does not keep the website from logging my address. Tacking me etc...

Anyone?

Re:Now What?

[gorillasoft]

DebianDog said: "Now what have they got? A $50 Ad blocker and personal firewall? For Windows only?! I do not envision this company staying in business for much longer. "

You mean like all those other companies that will go out of business shortly because they support Windows only? Oh, good, see you later MS.

I agree they may go out of business soon, but not because they are supporting Windows only.

As the saying goes...

If you outlaw anonymity, only outlaws will be anonymous...

Web surveillance and the new anti-terror law

[Everyman]

The liberals in Congress think they're sounding like civil
libertarians with their new, modified stand on Internet
surveillance. They say that the authorities should be allowed
warrantless taps to find out where you surfed, but not what you did
once you got there. The FBI has a right to know that you went to
Amazon, for example, but without a warrant they don't have a right
to know what books you bought. The legal distinction here is from
the old days: a "pen register" would record the number you dialed,
but not the conversation itself, and therefore qualified for a
looser legal standard.

But pundits don't realize that 99 percent of your Web activity can
be reconstructed from the Web's equivalent of "pen register"
information. The search terms you enter into search engines are
attached to the address itself. Do you believe that the FBI will
want this portion of the URL excluded simply because they don't
have probable cause? If and when the NSA is authorized to monitor
the backbone, do you expect that they will chop off the URL at the
question mark, so that this information is kept out of their
keyword-analysis supercomputers? Not likely.

My reading of the provisions of the new Anti-Terrorism Act of 2001
suggests that a single, one-time certification by a federal
law-enforcement official that such information is needed in a
criminal investigation, without any showing of probable cause, is
enough to require a court to issue an order allowing a pen-register
tap on any Internet service provider presented with the order,
throughout the entire U.S. The definition of this "pen-register or
trap and trace device" information has been expanded for the
Internet. It now includes "other dialing, routing, addressing, and
signaling information reasonably likely to identify the source of a
wire or electronic communication (but not including the contents of
such communication)."

For example, some federal official could conceivably serve Google,
or any other search engine, with a court order demanding log
information for all those who searched for particular persons or
particular combinations of search terms. The "query strings"
consisting of the users' search terms are, in all standard HTTP
server logs, included along with the user's domain or IP number.

One hopes that search engines would be inclined to challenge such
an order. But we may never know, because if they decide to
cooperate with the new law, their public relations office won't be
announcing this. The bottom line is that the phrase, "but not
including the contents of such communication," might be useful for
excluding the body of e-mail messages, but is mostly irrelevant for
Web surfing. This poor wording in the new law may mean that search
engines can no longer claim privacy at any level.

If someone wanted to redesign the entire Web for the express
purpose of surveillance, they couldn't do a better job than what we
already have. The profile that could be compiled if one had a list
of all the Web sites you visited, or all the search terms you've
used on Google, would be very revealing. The latter scenario is
more worrisome, because the former scenario, short of a
comprehensive backbone tap, would imply an order served locally at
your own ISP. You'd almost have to be pre-targeted by the
authorities. But a tap on a general search engine would amount to a
global sweep for information. Google currently gets about 110
million searches every day, most of which are from outside the U.S.
It would be tempting for the feds to monitor this traffic.

Re:Web surveillance and the new anti-terror law

[vinnythenose]

Oh come one, they seem to assume that the Internet is only comprised of the web. There's a lot of ways to transfer information that doesn't involve the http protocol, and if they want to snoop on people they'd need to know this.

This is bad

[DangerElf01]

I beta tested the first version of this system and it is legit. The crew at zeroknowledge have very serious privacy concerns, and if they have pulled the plug they are probably being leaned on...

Yah right...

If by "operation" you mean "runs slow as molasses and only on Internet Exploder" then yeah, I guess it's in operation.

Hush 2.0 is total crap. It no longer runs under any browser I've tried under Linux (even with the SUN JDK plugin), and it -barely- runs with IE under windows--and very slowly, at that. The new login procedure is heavily laden with Javascript (why?!) that only seems to work properly on IE.

I no longer recommend Hushmail to anyone. It's pretty much unusable, even under Windows.

Re:Yah right...

they fixed it. netscape 4.78 on linux (debian in my case) works fine.

Makes me sick

The passing of this terrific service
makes me sick. It was such a wonderful
service! Are people too stooopid to pay
a bit for their privacy?!

The first couple versions had some annoying bugs
but they debugged them - and now its dying ;_(

Maybe there is a market for a very-premium
service for movie stars and CEOs at $100 a month.

I hope a rich person (Angel) steps in and saves
this services!!!

very sad.

SAFEWEB has Javascript, CIA problems. Cool though

[billstewart]

Safeweb is one of several anonymizing services, of which the first well-known one was www.anonymizer.com. There are a couple of serious problems with it, one technical, one trust-related. On the other hand, Triangle Boy is really cool.

The technical problem is that their service uses Javascript, and doesn't work if you're not running Javascript. That means that any time you're using the system, you're vulnerable to any other JS problems on any other web page your browser encounters, until you turn JS back off. IIRC, Safeweb does attempt to clean up JS and other dangerous stuff from pages it displays to you, but it's still a risk. Also, I'm not that impressed with their Javascript, though I'm not an expert on the stuff - my problem was that under Mozilla ~0.91, they pop up windows to do the secure browsing in, and they're not really quite the shape of my screen, though that could have been Mozilla's fault. I sent email to the Safeweb folks about the fundamental "You're using Javascript" problem, and got a really prompt reply from their technical management, which was good, but they fundamentally didn't get it, which bothered me.

The other problem is trust - in general, you always need to be concerned about whether a service like this is trustable, both because of the intent of the people running it (are they ratting you out to somebody) and the security of their systems (if their server is 0wned by CrackerZ, you're not secure.) As I mentioned, Triangle Boy is really cool - it's a sort of distributed set of volunteer-run anonymizing servers, which keep moving around to prevent blocking services from blocking them, and Safeweb announced that they were going to be using this to provide censorship-free web access for people in China, the Middle East, and other places with censorship problems. The catch - they've got funding from In-Q-Tel, the CIA venture fund. It's probably entirely legit, and certainly good enough for most purposes - but how paranoid you need to be depends on who's really out to get you. ZeroKnowledge was very upfront about what their trustability levels were (plus I knew the folks there, and they were well-connected to the cypherpunks community.)

refund offer is not enough

As I recall, premium service came with the ability to generate either 4 or 5 nyms, each good for a year. If someone has used only 1 of those nyms, I figure they're due at least an 80% refund. Instead, ZKS has calculated pro-rata amounts that take into consideration only the amount of time elapsed since the original purchase date, and even then they're only going back as far as January 1, 2001--completely screwing any early adopters.

As for the offer of a free "Freedom Privacy & Security Tools 3.0", if someone has seen or used this product could you post your impressions of it? Would you ever pay the $ they're asking for it?

Re:Safe Web - see comments on other thread

[billstewart]

http://slashdot.org/comments.pl?sid=22261&cid=2388 370 is another thread of this same discussion - see comments there.

Re:Yes it is.

By "pillow", do you mean that colossal wad of fat that hangs off your gut? If so, way to improvise!

SAFEWEB is not trustworthy

[ben_tarval]

Sorry, but safeweb is a joke. First of all, the CIA is one of their investors ( see this link )

Secondly, just go to their site. You won't get very far unless you have javascript turned on. Javascript is such an insecure technology, it makes MS Windows look secure.

Anybody trusting Safeweb is just itching to get burned. All IMHO of course.

Re:SAFEWEB is not trustworthy

[harangutan]

Quite often, this shouldn't matter. Assuming for the moment that safeweb is compromised by the CIA, that hardly eliminates its utility. Not everyone's purpose is to avoid detection by the US Govermnent. For many people the only reason to anonymize is so that the owners of the site cannot trace your visit. Generally this has nothing whatsoever to do with government.

Re:SAFEWEB is not trustworthy

Not everyone's purpose is to avoid detection by the US Govermnent.

It's not an issue of whether one's purpose is to avoid the government, it's an issue about whether it's legal or ethical for a company to claim to give you privacy and then sacrifice your information to their investors. And for that matter the fact that the CIA doesn't have the right to intrude on the privacy of citizens is also of concern, yes. Believe it or not, we are supposed to have some freedoms.

Re:SAFEWEB is not trustworthy

[ben_tarval]

One is either secure, or one isn't. There's a word for partial security; it's called "broken".

Unfortunately, your argument goes out the window when applied to legitimate political protests. The loss of true anonymous service weakens those movements who either want or require such anonymity.

It also lends itself to abuse; and the CIA (and other government institutions) have historically demonstrated that their powers are subject (I daresay prone) to abuse by the people we employ to work in those agencies.

I trust you are aware that the U.S. and Britian have had a long agreement to spy upon each others citizens - and to turn that information over to the government of the citizen being spied upon?

In any case, your basic premise is false. The reason why people go to anonymizing services is that they feel they have the need to conduct their own affairs in private. If they didn't have this desire, they wouldn't be going there.

So what you are suggesting is that there's a market for people who want to be partly anonymous. Perhaps there is - but there are cheaper solutions than what SafeWeb and the other companies the CIA has investments in are peddling.

It remains to be seen whether Safeweb can build a business when technies view the company as untrustworthy. Perhaps they can; I for one certainly wouldn't invest in it.

Re:SAFEWEB is not trustworthy

[harangutan]

Nothing you've said actually contradicts my posting. You say, "your argument goes out the window when applied to political protests". What I said was "Not everyone's purpose is to avoid detection by the US Govermnent." Clearly I wasn't talking about political protesters, whose purpose in using anonymity services almost certainly does include avoiding detection by the US government.

You don't appear to have really read my posting. That's fine, you're not obliged to. But why take the trouble to reply to a message you clearly haven't taken the trouble to read?

Re:SAFEWEB is not trustworthy

[ben_tarval]

Oh please. If you're going to try to make a defense of an invalid point, spare us the "you didn't read my posting" defense.

If you're now making the point that politics and government abuse (which were some of the points which you seem to be trying to duck) don't impact everyone, perhaps you could explain why these issues are of such interest to the news media?

And could you also please give us one example where a broken security model on the internet didn't cause problems later on? Thanks.

Ian Goldberg, Bruce Schneier & Whitfield Diffi

[fnthawar]

The only thing that scares me about this is that the the top names in crypo work at Zero Knowledge.

How could such advocates of privacy let this happen?

Since when was the web anonymous?

[Nitroshock]

Ever since the web began, there have been marketing people trying to find out information on us and our surfing habits. The only way to remain anonymous on the web is to not give your real name out.

--Lionel Hutz no longer exists, say hello to Miguel Sanchez

Re:Let me get this striaght...

How much does Microsoft pay you to post this idiotic drivel?

This has been in the works for a while, I think

[Phillip+Birmingham]

They've been making the transition from subscription-based services to packaged software for a while, if I remember correctly. I'm not sure of the date on the messages, but when they announced Freedom 3.0, the writing was on the wall for Premium Services, just based on the fact that Premium Services wouldn't work with 3.0.

I don't think this has to do with 9/11, although it might have nade the decision easier.

Anonymity disappears with refunds...

[Goldenhawk]

Because if you want a refund, you gotta give them a return address - even if you paid anonymously up front (with a money order).

Of course, anyone who REALLY wants to remain anonymous will just give up on any refund for unused time... This may be a good way to spot possible illicit activity, after which the FBI may request their records. Seems like a good ploy to me. But then IANAFBISpy.

Re:Let me get this striaght...

fu*k off you brainwashed flag waving moron.

What a gyp!

[p0nderous]

So I started beta-testing Freedom a while back... probably August or Sept. of 1999. I purchased the product in Dec. of 99 as soon as it was available. Hell, I was one of the first 100 to buy it since I got my free stinking t-shirt. The way they described licensing back then was "you can either use five nyms for one year, one nym for five years, or any combination in between." At this point, I have not yet used all of my nyms, meaning I have not fully used the product, meaning I should get a refund. Especially because I helped beta test and submitted bug reports left and right. But no! I don't fall within the "on or before Jan. 1, 2001" time frame, so I'm SOL. Perfect example of a good company gone bad. I wonder if Ian Goldberg is going to jump ship now that their product does Zer0 Cryptography.

Oh well. Another fantastic product down the drain. Nice job, upper management! That's what happens when you let guys from the stone age manage a cool new company with something real to offer.

Re:What a gyp!

What a load of presumptive nonsense. What do you actually know about the reasons for the demise of the ZKS Premium Services? Who do you know in upper management? What do you know about "upper management" in general?

I'm actually inclined to believe "upper management's" claim that service revenues never justified the cost of the network and routing/tunnelling/encryption gear. (I offer this opinion as "upper management" in a global network company. I'm writing this with a chisel on a stone tablet, trembling with the fear that I'll be castigated by a young coder with a wispy moustache).

One of the things that continually amazes me is people's willingness to post completely unqualified bilge on sites like Slashdot. In the (stone-age) days of Usenet, the dictum was "read much, post little"; something we could use a lot more of around here.

Re:What a gyp!

[p0nderous]

Heh. Don't get your six-figure knickers in a twist, old man. Who made the decision not to refund my money or at least give me a free upgrade? I can guarantee it was some C-level executive new to the company, and not one of the co-founders who undoubtedly appreciated the work the Freedom beta testers put in to make it a successful product. I mean, just look at the CEO and CFO:

http://www.zeroknowledge.com/company/profiles.as p

Their profiles alone say they're all about dollars and not users. They forget who helped them build their company. You're right, the Freedom network shutdown was most likely all about revenue. But that doesn't mean they should forget about the people who helped test and strengthen the product that spawned the company.

Now get in your foot-powered vehicle and go home to Dino and Wilma before my whispy moustache takes a run at you.

Re:What a gyp!

[twalton]

I just can't help it. I'm the old man from above.

Like the man said in "The Right Stuff", "No bucks, no Buck Rogers".

We all wish that being "righteous" held the world up; it hasn't, doesn't, and won't. Being a beta tester entitles you to precisely nothing, save an early look at the product.

Its the responsibility of the CEO and CFO to make the numbers, make the payroll, satisfy the investors. Their job is, among other things, to isolate the folks nearer your end of the cube-farm from the realities of the cruel world. Would you prefer a shit-hot coder at the helm? After all, any good programmer can run a company, right? Messrs. Hevizi and Hammie seem to have excellent credentials.

Again, you're free with the presumption. How do you know that "they" (whom you don't know) forgot anyone? How do you know what the (presumably righteous) co-founders think? You don't.

I'll give you a hint; you haven't a clue about operating a business. Hide and watch about 15 years, then post again.

Re:What a gyp!

[p0nderous]

*sigh* This is getting older than you.

I'm not asking for something for free simply because I beta tested. I have used three Freedom nyms that I paid $50 for so far, and I have two left. Under their own licensing terms, that means I've only used 60% of my license. The same as someone who may have bought it in January 2001. The same as someone who may have bought it two days ago. Therefore, I deserve the same treatment as they do: a software upgrade. I'm not asking for money. I'm asking for software that I purchased and helped test.

You're right. I don't know what anyone at Zero Knowledge thinks. But I can assume, by their treatment of myself and other users in light of their announcement, that they are more interested in money than they are the people who are giving it to them.

That's what I like to call "poor customer service". And while I may not know how to run a multi-million dollar business (although, given my past experience with multiple shmoes in upper management, it can't be *THAT* hard), I do know that treating your customers right gets you more customers.

C-level MBAs who have nothing but pure business experience know how to slash jobs, screw customers, tinker with org charts, and raise their own salaries.

Coders should run companies because coders know what real debugging is. Fix the things that are broken instead of dancing around problems and catering to the Good Ol' Boys club.

Hallelujah and amen. Don't bother telling me that I'm being self-rightous again. I know. It's fun.

My wispy moustache is en route, and it's not happy.

Re:What a gyp!

[twalton]

I'll ready the Lysol.

Pornolizer is still there TOO!!!

[JohnDenver]

If you're really despirate for free anon web browsing and are not offended by endless references to Clam Lapping...

Moderating Pornolized Slashdot comments is always fun too...

Slashdot: News for charvers, stuff that titty fucks

Instant paranoia doesn't solve problems...

[Sonicboom]

Closing an anon remailer or anon web proxy is not going to stop terrorism. Neither is putting backdoors into encryption schemes, or making National ID cards that people will be required to carry. They are great deterrents tho.

Before the internet there was terrorism... and unfortunately terrorism will continue.

A step in the right direction would be tighter immigration laws. Better security on flights, and letting the millitary do their job (no more bullshit police actions).

But closing down a remailer or web proxy won't stop anything. It's paranoia. Why can't the terrorists set up their OWN anon remailers or proxies. Hell they could revert to using RFC1149 technology with a Honeycomb Cereal invisible ink pen....

Paranoia does not solve problems...

No Great Loss (Spam, Piracy, Harassment, etc.)

[Nova+Express]

There was once a time when anonymous remailers served a purpose on the net, and where the people using them were as or more likely to contribute something to the online community as any others.

Sadly, I think that time has now passed.

On most of the Usenet groups I frequent (which, of course, is merely the tiniest fraction of those available), the people using anonymous remailers seem to be overwhelmingly: A.) Spammers, B.) Jerks who contribute nothing to the group and who cower behind anonymity for the sole purpose of flaming others free of consequences, and C.) People who not not only pirate intellectual property, but who spam newsgroups with it to show everyone how big their virtual Warezzz penis is. For example, a couple of months ago, someone spammed rec.arts.sf.written with hundreds of badly OCRed SF novels and stories, including some by people who are by no means rich.

Frankly, the people with the most urgent need for legitimate use of anonymous remailers (i.e., those in communist or otherwise oppressive countries where there is no freedom of the press) are the ones who either can't get to them anyway, or whose governments have so much of the system tapped that it would be easy to track them down.

While there are still some legitimate uses for anonymous remailers (Scientology whistle-blowers, for example), the jerks and spammers seem to outweigh legitimate uses about 100 to 1. Thus I see no real cause to mourn their passing. I wish that it were otherwise, but we must deal with the world as it is, not as we wish it were.

Re:No Great Loss (Spam, Piracy, Harassment, etc.)

whaaa whaaa whaaa, intellectual property, blah blah blah

you're a fuckin broken record, shut up

Re:No Great Loss (Spam, Piracy, Harassment, etc.)

I like to think that I add worthwhile content to the usenet groups I follow, and I only post using anonymizing services, if I can offer evidence so anecdotal as that.

Naturally, I post this comment anonymously since I accidentally linked my primary slashdot account to my real name about two years ago.

As to the fellow who spammed rasfw, it was easy enough to killfile the six or seven pseudonyms he used. The problem ended there, provided we ignore the damage he may have done to retention.

Re:Ian Goldberg, Bruce Schneier & Whitfield Di

[sulli]

Sounds like they couldn't make enough $ to make it work. Too bad.

Too Bad

I listened to the speach the one guy gave at DefCon, and it was a real interesting lecture. One of the more enlightening, thought provoking discussions, and a real treat.

I got the feeling it (anonymity) was real important to him. I suppose something like this is a real blow to his ideals and work.

A little privacy humour in a depressing discussion

[Glytch]

Straight from Three Dead Trolls In A Baggie.

they don't?

[repoman44]

It was reported here a while back that the internet, particularly chat rooms were possibly used to coordinate terrorist activity.

Re:they don't?

[maxpublic]

chat rooms? The internet doesn't have 'chat rooms' - those exist only on AOL.

The internet has IRC channels, IM, ICQ, etc., but not 'chat rooms'.

So I'm curious: did these guys use the internet to coordinate their activities, or AOL? The two are *not* one and the same.

Max

Re:they don't?

$ fgrep -3i room draft-pfenning-irc-extensions-04.txt

Server A server is a single machine.

Channel A channel (sometimes called a room or
conference) is a conversation between one or
more users.

Re:they don't?

[maxpublic]

The fact that AOL lingo made it into a draft irc terminology document doesn't change the fact that 'chat rooms' belongs to AOL and should be left with that horrific POS 'service'.

But that still doesn't answer my question. Is AOL the home of terrorists as much as it's the home of pedophiles?

Max

Re:they don't?

Is AOL the home of terrorists as much as it's the home of pedophiles?

For some reason, I felt compelled to add: And weed-crazed negroes? And communist homosexuals?

This is kind of turning into a witch hunt, isn't it? It's a good thing I sink when placed in the water.

Who needs anonymous services...

[Corgha]

...when you've got wireless?

Just find your local wide-open corporate or university wireless network, and hack away! Maybe even buy yourself a nice directional antenna... w00t!

Re:Who needs anonymous services...

Bzzzt. Wrong. It is required that the next generation of wireless networks have technology that will allow for someone to pinpoint your location.

Business model was always a gamble

[billstewart]

ZKS's business model was always a gamble, but it was the critical thing they had to offer. There are a number of people in the cypherpunks community who've developed remailers, but the critical problem was how to keep enough of them running to provide security, diversity, and reliability. (The typical problem remailers have is keeping their ISPs from getting upset by complaints from recipients of unwanted anonymous mail, and running a faster-response-time system like ZKS requires comsuming more upstream bandwidth as well.) What their business model had to offer, besides a good enough friendly user interface to make it easy for the general public to use, was a financial incentive for ISPs to want to run remailers, because they're paying customers rather than problem users. We were never sure whether they'd succeed, but it would be a great thing if they did. Oh, well....

Their software is GNU, could rebuild the network

Since their server software is linux and GNU, this opens the door for others to rebuild the freedom network, yes?

If someone started to do this, i would donate bandwidth off my dsl. maybe we could make a freedom co-op?

Re:Those things *are* drugs

[algae]

You ever see someone with a four-cup/day habit go cold turkey? Sure, it's not heroin, but you can bet that if caffeine were made illegal tomorrow, there would be people begging and stealing to get their next fix of Folger's Crystals, at $5/gram.

Looks like at least 2 terrorosts used NetZero...

[Lawmeister]

according to a Washington Post article

"In Hollywood, Fla., the FBI last weekend quizzed Paul Dragomir, manager at the Longshore Motel, about a visit in late August from two men he believes were hijackers Atta and Ziad Samir Jarrah, who demanded 24-hour Internet access.

Loaded down with baggage and laptops, the men signed in at the small pink beachfront motel using apparent aliases. They claimed to be computer engineers from Iran, Dragomir said, and said they were down from Canada to find jobs.

They booted up a laptop, showing Dragomir that they had NetZero Internet accounts. For the next few hours, Dragomir unsuccessfully tried to accommodate the men."

Makes one wonder just what or who 'motivated' NetZero to pull the plug on this product.

Re:Those things *are* drugs

[DCheesi]

I hate to play devil's advocate here, but addiction and dependence are not the same thing. Caffeine dependence is pretty common, but true caffeine addiction (where the user keeps increasing the dose until death or illness stops them) is fairly rare. Most of the so-called 'hard' drugs are the ones that cause high rates of addiction; they may not even produce that strong of a dependence, but the craving and build-up of tolerance are always there. This is part of the reason for the confusion between different definitions of 'addictive' substances.

I'll agree that THC products shouldn't be classified in the way as narcotics, but some drugs really are dangerous.

quitting coffee.

[hawk]

>You ever see someone with a four-cup/day habit go cold turkey?

I've quit a two or three *pot* a day habit cold turkey. Of course, the fact that I didn't know just *how far* past two a day I was was part of the reason.

Then again, caffeeine doesn't faze me. It doesn't keep me awake or alert, or make me jittery (OK, a grand total of twice I got jittery, but that's from the multiple pots in a sitting thing :).

When I dumped the multi-pot a day habit in grad school, I wnet over to decaff without a problem. OK, a little problem; I had to change to flavored beans to mask the funny taste from the lack of caffination.

Add a few more years, and there's some difficulty. I make decaff in my office, but my wife makes the regular stuff at home. So with decaff all week and then real stuff on the weekends, I did start getting mild headaches on monday or tuesday (this didn't used to happen), so now I have a cup of my wife's at home before I leave.

hawk

Re:quitting coffee.

I also admit to being unaffected by caffeine. I read some (no doubt Mormon) propoganda and stopped consuming caffeine only to find, um, no difference. I can easily drink coffee just before bed. Just goes to show you that everyone's different.

Re:Looks like at least 2 terrorosts used NetZero..

[chromatic]

Or exactly what right NetZero had to shutdown ZeroKnowledge... If you'll pardon the pun, "zero".

Mostlikely not the US Government...

since ZKS is located in Canada, where the government has traditionally had a more lenient view towards crypto.

Re:Ian Goldberg, Bruce Schneier & Whitfield Di

[Ian+Goldberg]

Believe me, no one is more disappointed about this than I am, but right now there simply isn't enough market buy-in on the premium services to justify the network's operating costs. :-(

As a business, we are focusing on the product that customers and partners want. Here's an official Zero-Knowledge Systems statement on the matter:

With the release of Freedom 3.0 and the discontinuation of the Freedom Network (our anonymous browsing and encrypted pseudonym service) there have been a number of questions for more details about the decision to stop offering the Freedom Network services. Hopefully this will help clarify things.

When we released Freedom 1.0 close to 2 years ago we saw a significant percentage of our users subscribe to the premium Freedom Network services. This was anticipated as our early adopters were very privacy and technology aware and had expressed strong interest in the Freedom Network offering.

As we began to increase the distribution of Freedom into the mass market with the release of Freedom 2.0 & 2.2, we saw a disproportionately high percentage of users who subscribed to the standard features (and not Freedom Network services). The initial interest in the premium (FN) services amongst our early adopters simply didn't carry over to the mainstream and as our user numbers grew, we began to realize that the market was looking for the kind of features we are now offering in Freedom 3.0.

As we began our feature triage for Freedom 3.0 (almost 9 months ago) we heard from customers and focus groups of users, as well as channel partners, and reflected on the statistics from our existing user base, and decided that there was not enough mass market demand for the premium services to justify continuing the service.

This was entirely a market related decision. The market demand for consumer Internet security and safety tools has grown considerably in the 4 years our company has been in business. Freedom 3.0 is a strong competitor to security offerings from companies such as Symantec and McAfee and we have gotten very positive market support and a warm reception from channel partners to this new version of our suite of privacy and security tools.

There has been speculation that this decision was somehow related to government pressure or was made in the wake of the tragedies of September 11. This is simply untrue. For the past 3 months we have been beta-testing this version with partners, getting certification from Microsoft for our drivers and completing our Alpha and Beta cycles with our beta users. Support for the Freedom network offering was removed from the client code base well before the recent tragedies of September 11.

Our research team is continuing work in the area of privacy enhanced network protocols, and we are open to any suggestions the research community offers on how we can leverage the work that went into the Freedom Network design and operation to advance this area of computer science. If you have suggestions or interest in this, please contact us at corporate@zeroknowledge.com.

Zero-Knowledge continues to offer our consumer protection utility Freedom 3.0 and we are very excited by the prospects for this product. We also have a division that is addressing the market need of enterprise privacy technologies that stem from managing consumer data that require strong security and policy frameworks to adhere to privacy regulations and customer preference management (Healthcare; Financial and other consumer data that is subject to new security, privacy restrictions relating to legislation like HIPAA, GLB, PIPEDA, EU privacy directive).

Our company continues to evolve and focus our efforts on market needs and customer demands and we remain very confident of our prospects in these markets.

Doesn't sound like it...

[Bilbo]

Obviously, they can blame it on whatever they want, but it sounds like it's a simple matter of economics. They aren't making enough money from subscription services to pay for expenses (servers, etc.), so they are cutting back. They are still selling their personal firewall software.

Never attribute to malice what can be adequately explained by stupidity (or in this case, money).

Zero Knowledge a Canadian company

[nano-second]

I don't know how much pressure there is from the gov't on businesses in Canada regarding crypto. I doubt they are responsible for this service being shut down, though.

Re:Those things *are* drugs

[mpe]

Most of the so-called 'hard' drugs are the ones that cause high rates of addiction; they may not even produce that strong of a dependence, but the craving and build-up of tolerance are always there. This is part of the reason for the confusion between different definitions of 'addictive' substances.

Also definitions get corrupted by politics. Leading to nicotine products being called "soft drugs" when calling them "legal hard drugs" actually makes more sense.

I'll agree that THC products shouldn't be classified in the way as narcotics, but some drugs really are dangerous.

Except that banning drugs has nothing to do with danger. One of the most dangerous drugs is paracetamol, but you can buy this easily.
Most of the danger from illegal drugs actually comes from their being outside of the kind of standards which would otherwise apply to them. i.e. known dosage free from contamination.

I dissagree

[Nf1nk]

Once upon a time I used to use usenet a decent bit and after abscent mindedly posting to alt.drunken.bastards with my real email address and no anonymity at all, I was hit with the most god-awful flood of spam you could possibly imagine.

After that I started to use anonomizers whenever I posted or at least a throw away email address

Re:I dissagree

[DumbSwede]

In an earlier post to this article, I suggested a government run free anonymizer. Flames ensued.
Lets have a US government anonymizing service
This would still work for your needs.

The flag is a great fit, when it fits your needs. -- an original DumbSwede-ism

That's how they used it

[wiredog]

Logons from libraries, cafe's, etc.

WTC victims sue?

[snarfer]

I wonder if the families of the WTC victims can sue them if it is found they helped the terrorists plan the attack?

Try TPF

[BLKMGK]

www.tinysoftware.com It's not got the whistles that ZA has but it's a pretty darned nice personal firewall and it's free too.

Too big too fast

[chamoru16]

I followed these guys for a while and all I can say is that they went too big too fast. Not that they are alone or anything. Their service was robust and cool, but a bit too confusing for non-techies to grab a hold of. They ran through their $100 million or so quite fast. I remember seeing these guys running around in their self printed tshirts at RSA 2000 in San Jose - then when they got their funds, that all changed and it seems they played the .com spending game.

That's just great...

[delta0]

Another privacy service down the tubes! This one even had a sound amount of research and testing behind it and a well thought out protocol. I think the ZKS team was a good team with a good concept and a nobel cause.

The Internet is no better for this loss!

I was testing it in the early stages, and found it worked well, even through NATed firewalls (with a few tweaks to allowed ports). I was going to subscribe, but I didn't get to it yet. Just as well. We need more privacy tools, not less. Freedom wasn't helping terrorists -- it was helping each and every one of us who are law abidding and value our privacy!

It was a solution to us who have to go over a less than trusted backbone and we didn't have to worry about the costs of tunelling to an expensive co-located server. It was much better than that, as it provided a somewhat effective level of anonymity. It was good in situations where you are posting something that someone could use against you, like controversial views for example. It allowed you to keep a seperation from your personal life, and what your employer could link to you for instance.

The only comperable service that I see coming even close is anonymizer. Freedom was way better than anonymizer in some ways as far as the level of anonymity it would provide. But also anonymizer has some advantages that Freedom didn't.

Sealand will be next

[Zeinfeld]

I posted a story to slashdot predicting this would happen a couple of weeks ago.

The whole cryptographic anonymity area was likely to take a massive hit in the wake of the WTC attack.

Even if ZeroKnowledge had kept going the increased scrutiny and surveillance would render the scheme pointless. Having a FreedomNet account or connecting to the server would get you put on a watch list the minute the NSA found out - and find out they would.

I suspect that the number of hosting facilities willing to run the service servers declined substantially after the WTC attack.

I would not give the Sealand folk much chance of lasting very much longer. For all the riddiculous libberprattle the platform is now inside UK territorial waters and the UK government does not recognise sealand as a state. Since the sealand employees are mainly from the US that would make them illegal workers subject to arrest when they set foot on the mainland.

Re:Sealand will be next

Its quite possible that this was part of their decision making right now. But I used it an the number of servers has been shrinking for some time. They also released a version without anonymity (3.0) witnout releasing the other (still at 2.2) some time before sept 11.

Re:Sealand will be next

[rdl]

ZKS ended Freedom because it doesn't make money for them; they rightly have shifted their focus to a somewhat better business model. I think ZKS was from the beginning a bit overly cypherpunk and not enough pragmatic business; it's widely known end-users DO NOT pay for privacy or anonymity and usually not for security. They are rightly focusing on what their major clients want. If the markets were doing better, ZKS could have continued subsidizing the Freedom network, and maybe more applications could have been built on top of it, but this is commercial reality -- they need to turn a profit ASAP.

HavenCo (the datacenter on Sealand) has *always* been focused on business clients, and selling services to people who receive bottom line benefits from HavenCo hosting -- a lot of our clients are chosing us at USD 1500/month where the only alternative is traditional central american offshore at USD 15k/month. That's why we have been profitable since 4 months after we started general sales. We're on-track with expansion plans, both in terms of physical sites, and related business offerings.We don't even offer a consumer web hosting or mail option because it just doesn't make money. You can feel free to criticize us for being mercenary, but that's why we'll be in business in 10 years, and companies which in effect subsidize consumer security offerings will probably not. In a recessionary market, products which can provide 1 for 1 substitution at a dramatic and immediate cost savings do well; we've had if anything an uptick since the summer.

(interestingly, at least one member of the press also claimed HavenCo would be out of business; this was in December 2000 if I recall correctly.)

Regardless of people of questionable impartiality or competence from cyberia-l, the fact is Sealand's legal claims have withstood more than 30 years of challenge by other governments; every lawyer who has written an opinion, including numerous professors of law, has recognized this, and there is substantial documentation from various government agencies, in the UK and other nations, to support.
It has always been clear that the true threat to security and privacy companies is market demand; followed perhaps by internal execution. Any threat of government action is so remote that if a company gets to the point where the government DOES shut them down, they've already won. The majority of the p2p systems in the US were forced to shut for commercial reasons (scour, aimster, etc.). Only a few of the most successful were challenged in court, and their failings were after the initial challenge primarily due to execution and lack of a real way to extract revenue, not action by the MPAA or RIAA.

That being said, I'm more than happy to run a Freedom server; I already run a mixmaster remailer (which is fairly similar technology), and there have been absolutely no serious complaints or difficulties. I know several of the executives at ZKS, and I'm sure they'll do the right thing. ZKS has always had a lot of support within the security and privacy community; they were started by and hired some of the best people, and developed technology which made no compromises on security. I'm sure their business and consulting offerings, as well as their remaining optimized client software, will do well.

Re:Sealand will be next

Regardless of people of questionable impartiality or competence from cyberia-l,

I read the exchange on Cyberia-L.

It is odd that people who are setting out to evade the law should set such store by it.

You appear to have made some enemies there.

Even TirangleBoy has been blocked, so go here...

Sysadmins and governments have wisened up and have started to block triangleboy, as well.

So in that case, try these sites to get into
a Triangle boy:

https://www.unsucky.org
http://www.sigpipe.com

sigpipe.com updates its links every so often everytime a site goes down, or finds a new triangleboy site.

Re:SAFEWEB has Javascript, CIA problems. Cool thou

[jsm]

IIRC, Safeweb does attempt to clean up JS and other dangerous stuff from pages it displays to you, but it's still a risk.

They do a pretty good job of sanitizing JS, but not perfect. In about an hour, I found a couple ways for a malicious server to compromise anonymity through SafeWeb, using JS. I'll grant that it's a tough job to sanitize all JS, but SafeWeb should provide a way for users to browse without JS. In my opinion, this is the single biggest problem with using SafeWeb.

I sent email to the Safeweb folks about the fundamental "You're using Javascript" problem, and got a really prompt reply from their technical management, which was good, but they fundamentally didn't get it, which bothered me.

Their FAQ indicates they don't get it-- they dismiss the notion that JS is a privacy concern, and discredit those who say it is. However, I think they realize it internally. I know someone who used to work there. He says they get emails complaining about JS every day, but they don't want to do away with their current UI.

As I mentioned, Triangle Boy is really cool - it's a sort of distributed set of volunteer-run anonymizing servers, which keep moving around to prevent blocking services from blocking them...

The concept is old... some people (*cough*) have been doing this since at least 1996. All it takes is an anonymizing proxy script that is released for distribution. I wrote one called CGIProxy, and there are others out there. Triangle Boy has pros and cons compared to these-- it puts the bandwidth load on SafeWeb's machines rather than the volunteer Triangle Boy servers, but then it won't work at all if the SafeWeb server ever has a problem (the other scripts run independently).

Feel free to ask more questions; this particular topic is a specialty of mine.

Re:Their software is GNU, could rebuild the networ

[Pituritus+Ani]

That's a cool idea, but I don't think we users

a) Have sufficient bandwidth to make such a service usable.

or

b) are prepared to go to prison when someone we can't identify grabs $ILLEGAL_MATERIAL from somewhere with our own machine as the exit server.

I admire the spirit, nonetheless.

Price and platform issues

[delta0]

One thing that slowed me down to subscribing was the large price tag (in the big bucks). Another issue was that Freedom didn't integrate well with my BSD machines or provide a single point of network integration. It was client software by nature.

I think people didn't ever give Freedom enough credit for what it could do. I remember talking to some people on various unamed IRC channels and they basically didn't buy the concept and discounted it's level of anonymity equating it with digital certificates and their problems. But I am sure half of them didn't even read what it was all about. Most people in the know, could have attested that the concept was fairly sound for what it was meant to do. It wasn't for secret government communication.

This sucks... but then again there were some features that would have made it easier to use. Such as a model to make it more of a network service, than simply a client software package. The client end could have communicated back to a site server (not to be confused with a freedom AIP servers.) Something like that. Maybe we can make the non-client side Open Source and setup some servers to create the infrastructure?

Re:Price and platform issues

[delta0]

In hind-sight the pricing was quite reasonable and I would have subscribed much earlier. I think part of the problem is that since I was holding off on it and many other things, I just opted to not post anything controversial. For instance: Say I wanted to publish my critism of IBMs DMCA stance in Canada. What if by chance I worked at a contractor that does work for IBM?

What if I wanted to critize a political party, but then I would be on record as supporting another party?

That is what ZKS Freedom was for!

It was ahead of it's time technically and more people should have used it while they could have.

Re:Ian Goldberg, Bruce Schneier & Whitfield Di

[Zeinfeld]

Bruce is CTO at counterpane. Whit is a Fellow at Sun. Sure they might be on an advisory board, but that type of work is not exactly onerous. ZeroKnowledge has several well known names but they are only 4 or 5 out of the top 100.

It is not unusual for well financed startup companies to crash and burn despite top people. There have been several that have crashed and burned because they had too many. Its the same in crypto, DigiCash and Cybercash both went under, PGP burned through cash so fast it had to be rescued even before the dotcom bubble burst. Baltimore and Entrust are both looking wobbly.

time to trim log files?

[Lawrence_Bird]

What is the standard period of time that services
such as google or yahoo keep logs? 1 day? 1 week?
Archived to tape forever?

seems to me its time to purge the logs as quickly
as feasible - make sure you clip the info for
anybody hacking your site, and burn the rest. They
can't actually *force* you to keep logs can they?

Freedom Network Replacement?

[cyberops0]

I think it's safe to say that we are all saddened by the recently announced shutdown of the Freedom Network.

I signed up for Zero Knowledge Systems' premium services not too long ago, that is, when I was moving into a university where I am connected on a non-switched network that is extremely easy to sniff traffic off of. I found freedom to be very useful.

I was about to set up another node on the Freedom Network as well. At this very moment I have a server setting in a data center, idling. Now I am hit with this news.

I will be brief. I am interested in setting up a secure SOCKS proxy server, and want to know how many people would pay for this kind of a service. It would be different than the Freedom Network, in that its main focus would be on privacy instead of anonymity. Of course your connection would be pseudo-anonymous, but not subpoena resistant like freedom was. However it would support any program which supports SOCKS proxies, for example AOL Instant Messenger, ICQ, file sharing programs, etc, in addition to regular web browsing. It would use either IPSec or some other strong cryptography to secure all traffic between the client and the proxy.

There would have to be some kind of bandwidth based billing system, however, for example either a bandwidth cap or a cost based on the amount of bandwidth used. I am not in this to make tons of money, but then again I couldn't afford the bandwidth if users paying $10/month are downloading numerous movies and MP3s through the proxy.

Please email me at feedback@senseofsecurity.com to express any interest or provide any ideas or suggestions.

Thank you,
Adam Smith

List of alternatives

[lmd]

Alternatives to Zero Knowledge include

Anonymizer,
Rewebber,
Siegesoft, and
Orangatango.

Re:Looks like at least 2 terrorosts used NetZero..

Makes one wonder just what or who 'motivated' NetZero to pull the plug on this product.

+2 Informative for this? Get a brain, moderators. NetZero is just a cheesy little ISP with a "free" option option. It has nothing to do with ZeroKnowlege.

You said it ...

[GreenEggsAndHam]

I think the market didn't share their (our) enthusiasm for that level of service, perhaps unfortunately. It's quite possible that for 99% of internet users privacy is really *not* a prime concern. Most people have mundane lives and therefore mundane communications, making privacy totally pointless. Privacy is only a concern for those who are under the illusion that anyone else would care to know what they write in their emails.

Re:You said it ...

[Rick+the+Red]

Privacy is only a concern for those who are under the illusion that anyone else would care to know what they write in their emails.

As a victim of identity theft I can assure you the threat of other people reading your email is no illusion. So far they've managed to charge over $10,000 to our credit cards in three months, and I suspect the sum is that low only because they maxed them out. We know our email is compromised because we got an email confirmation for one of the bogus orders.

Those of you who guard your email address to ward off spam are doing the right thing for the wrong reason, and I pray you never learn what can happen when you truely lose your privacy. If my wife knew I posted here she'd kill me, she's become so paranoid over this.

How about this perspective ?

[GreenEggsAndHam]

By forcing bcakdoors on systems, you're only affecting (persecuting, in fact) the law-abiding citizens who will use them

That's just "When guns will have been outlawed, only outlaws will own guns" paraphrased yet again.

The difference here is that when the govt wants to read an email and sees that the official backdoors aren't working this will be a reasonable indication that the contents of the email are illegal.

If you think this is an unacceptable assumption by any govt in the "western" world, rest assured that there are plenty of govts in the world which need less to persecute people. Consider this : one of the claimed reasons encryption was brought to the masses was that it would protect the freedom of opinion of people living under totalitarian regimes. Nice idea but an idea that would only make sense to a western scholar. Under a totalitarian regime, the mere fact that an intercepted email is encrypted is in itself a banner that says "I AM A DISSIDENT !!!". The govt's heavies then go and blow the guy's door in and drag him off for "interviewing" then "reeducation" if not worse.

So what exactly has encryption done for the repressed voice of liberty in the world ? I'm still waiting to see statistics on the amount of freedom gained by the use of encrypted communication.

Re:How about this perspective ?

[swordgeek]

"That's just "When guns will have been outlawed, only outlaws will own guns" paraphrased yet again."

You're right--it is, and I HATE that argument. And yet, still I made it...

There is one fundamental difference between using the argument for guns vs. encryption: Guns are designed for the sole purpose of killing. They are a destructive weapon. Encryption is a means of enforcing privacy, and privacy can be used as an aid to a weapon.
Encryption isn't fundamentally a weapon and shouldn't be treated like one. What your post suggests is that if I don't want to play nice and give all of my correspondence to the government, I'm going to be treated like a criminal. Yes this happens in totalitarian states. That doesn't mean that it's a good thing, or that we should be trying to emulate it. In fact, we should be holding on tightly to the fact that we _can_ safely dissent and maintain our privacy.

There's another problem that no one in this thread has mentioned yet: Corruption. If the government has the ability to break your email encryption, rest assurred that someone will, sometime. If you're having an affair, expect to see blackmail letters sooner or later. Or possibly you're a schoolteacher who likes to dress in drag on the weekends, in a different town. No harm, no laws broken, but the school boards probably don't want you teaching, and you might pay to have them not find out.

The two problems with a government escrow are that it won't work for it's intended purpose, and it will be abused by corrupt individuals. You can count on that.

Re:How about this perspective ?

[Crimplene+Prakman]

The difference here is that when the govt wants to read an email and sees that the official backdoors aren't working this will be a reasonable indication that the contents of the email are illegal.

I fail to see how this holds - The European Parliament issued a report (see this Irish Times article for a discussion) in response to Echelon encouraging citizens to use Encryption. Remember, we are not all US citizens. Some of us in the "western world" still adhere to Article 12 of the United Nations Universal Declaration of Human Rights which I reproduce here:

Article 12.

• 
  

  No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.

  
  

So if I, as a law-abiding European citizen, use Encryption as a means of supporting my human rights according to the United Nations, and in direct response to a recommendation by my extended government (in the EU), the US government can assume I am a criminal?

It has been said here before, and I'll say it again. Many US citizens need to take their heads out of the sand and realise that there is a whole other (civilised!) world out there that doesn't "pledge allegiance to the flag of the United States of America."

Zero Knowledge's version of Cyber-Patrol....

I knew that wouldn't last.. Most people are just too dumb to use FN anyhow... Now Zero Knowledge is going to make the newest version of Cyber-Patrol, LOL... I see right through that.... The feds just hired them to establish a goverment VPN and they will be so busy with that that they are dropping FN. Plus if they are going to develop a classified VPN then you can't have the general public using the product too...

That's what I see...

The Troll Needeth a History Lesson

[Carter+Butts]

Wow, what a troll. But I'll bite....

I choose not to believe the US government is essentially evil. I choose to believe the US government has improved its stance on human rights in general, effectively and steadily over the last 200 years.

You can "choose to believe" anything you wish, but reality is not obligated to agree with you. While it is certainly true that the US government has substantially improved its stance (from a libertarian point of view) on domestic human rights for women, racial minorities, and laborers in the workplace over the past 200 years, you seem to be unware of the fact that these gains were the result (at least in part) of persistent struggle by those who faced oppression. It is simply not the case that things just "got better" on their own, as anyone who participated in the fight for civil rights would tell you. Furthermore, the US has continued to commit acts of political repression right up to the present day; I've cited it here before, but It Did Happen Here: Recollections of Political Repression in America by Bud and Ruth Schultz is an excellent (and chilling) reference on the subject. I would suggest doing some reading from this or other relevant history texts before holding forth on the US human rights record.

In any event, if the present trend towards the expansion of government surveillance, unaccountability in law enforcement (e.g., secret evidence, detention without charge or trial, etc.), and military/law enforcement collaboration continues, the historical record strongly suggests that we will see substantial abuse of this power by government officials (corrupt or otherwise). I am aware of no evidence whatsoever to support the assertion that things will be different this time around.

I believe the majority of you online rights complainers are spoiled pampered brats that have never had to sacrifice the least little thing in your lives, and don't understand that we have to help find solutions to the problems caused by unintended side-effect our electronic age has brought us.

In the past, it has been precisely this sort of "rights complaining" which has kept authoritarian interests in check. Perhaps, when you or a loved one is hauled off due to having spoken out against state policy, having angered an official, having been the victim of a beauracratic mistake, or simply having been in the wrong place at the wrong time, you will reconsider your assessment of us. It has happened before, and -- if you have your way -- it will happen again.

Of course, by then it will be too late. Let's just hope that there are enough "spoiled brats" out there to keep this from happening.

-Carter

Re:The Troll Needeth a History Lesson

[DumbSwede]

If you have read this entire thread you will see that I have challenged over and over again others to come up with alternatives to keeping anonymizing services from being used to support illegal activities, so far none have been proffered.

It may be the case that anonymizing services have not been used much by terrorists (to date), but this matters little. They are used for activities like; child porn rings, death threats, spamming, coordinating organized crime activities - probably use far more for these than they are used for legitimate reasons. Legitimate uses would still be well served by a government run service, one requiring a legal search document to investigate any shady goings on (of which there would be few by nature of it being a government service).

I doubt much if say Libya should complain about human rights posting though a US government anonymizing service, that the state department will release the names and internet addresses. In fact let every government set up a service, and see who gets the most traffic. It will make it easier to sort out friendly governments from hostile, when they won't release names of radicals making death threats on Americans.

Mistakes do happen, lives are ruined, our justice system is flawed, but self-correcting. There are going to be judgment calls in which addresses to release, not every call will be clearly right or wrong. But if we elect the right people and put the right safeguards in place, these mistakes will be very few, especially in comparison to the amount of criminal activity that can be halted. I do not support the death penalty, mistakes here cannot be corrected. To carry the mistakes argument to extreme, and ensure maximum possible rights, let's do away with the police departments and FBI. Never an innocent American ever jailed again!

I support everyone's right to have and express any view they have, but I fail to see the harm here, or how your rights are greatly diminished. All I see is a bunch of carping about how you can't trust the government, and how government storm troopers are going to be talking away your computers next. Many of those posting here sound just like the broken record complaining of Gun Rights advocates.

You'll have to pry my private anonymizer from my cold dead fingers.

Re:Ian Goldberg, Bruce Schneier & Whitfield Di

[friday2k]

This is really sad to hear. We have seen to many good, anonymous services go down. It all started with DigiCash and Chaum, a payment system utilizing blind signatures. True(!) anonymous payments. And ZKS also had the right tools at hand to create anonymity. Maybe you will move ahead and do something in the private credential arena. Brands' patents should work fine for that ... Readers interested in some level of anonymity for the masses should check out Hushmail and Zendit for anonymous, encrypted email services. And the other usual suspects like Anonymizer.com (BAH!). Good luck to Zeroknowledge!

Re:Ian Goldberg, Bruce Schneier & Whitfield Di

[btempleton]

Ian speaks the truth. As much as we would like there to be a market for services like FN, there isn't one. People won't go out of their way to protect their privacy in the face of vague threats or unease. They need a specific threat before they will spend real money on protecting their privacy.

Which is, of course, what the people who invade privacy want.

I'm not surprised FN died, I'm surprised it lasted this long. ZKS got funded for Freedom Network in the heady days of the dotcom boom, when you could find a few VCs who had read Crytonomicon and get them to fork over money on faith. Their new plan, HIPPA compliance software, is a much sounder business proposition.

To get privacy into the network, you have to get it in with literally zero effort. It needs to be built in to the other tools, and considered a checklist feature. Unfortunately, for now, privacy protection is a feature, not a product

I am shocked, I tell you. Shocked.

[dfetter]

Did it not occur to anybody else that using a
service like this is just screaming, "I am a [participle] criminal in the sense of child molester or murderer?"

Trying to make yourself anonymous and untraceable is nothing remotely like civil disobedience. It's criminal, plain and simple, and it's long past time we stopped pretending it was anything else.

MoF

[ninjalex]

Played any I76 lately d00d?

Privacy not 100% guaranteed at ZKS

[Dark+Coder]

Perhaps the failing aspect of ZKS business model is the lack of privacy regarding forking over a credit card to pay for the premium service.

Some people won't even part with that information to guard their privacy. For this, they go to hushmail.com.

Re:Uptime

My dick stays up longer than this site. It's gotten to where I don't bother writing informative, interesting, or funny comments because I don't have time before the whole thing shits itself sideways and stays down for one, two, four, six hours. By the time I get back to it a whole day has passed and the comment I spent all that time writing is not going to get read by anyone. So who gives a fuck? I'm reduced to posting tactless, abrasive one-line insults anonymously because that's all I have time for. And even when I do post under my own name there's some cock out here who has apparently infinite mod points and mods anything he doesn't agree with as Offtopic. Either that or it's "Give mod points to hemrrhoidal assholes" week.

Re:Ian Goldberg, Bruce Schneier & Whitfield Di

I'm not surprised that FN died either, but probably not for the same reasons. I sent in $50 because I wanted to send Zero Knowledge a vote of confidence. However, I was sorely disappointed in their product itself, and it is my belief that their product design was a contributing factor in ZKS's woes.

I could not recommend the Freedom application to any of my friends because it wasn't good software. Freedom attempted to intercept every outbound connection, which meant that it would also have to know about more protocols - and do all the right stuff with them - than it would ever be able to. They got mired in the expensive development of an overly complex networking application for Windows sockets, which can be expensive indeed. That was too bad, because their business model didn't actually require it.

What people want is anonymized HTTP, SMTP, and POP. What they got with Freedom included an attempt to anonymize things like SSH, but broke it. They also got periodic notices that their current version was inoperable and that they had to download a new one. Their downloads were not authenticated. Overall, I just wasn't that impressed with their product, and went on to buy anonymity elsewhere.

Is there any kind of Open Source Project ...

... that has the same level of functionality as Freedom? I know I would still use something like this.

posted by an ac.

how fitting. but why isn't every post in this thread from interested people by acs...

Re:Yeah sure.

We can DEFINITELY trust the US govt with our info (insert heavy sarcasm here)! And the world is the same as Sept 1st for that matter. The US just finally had to admit vulnerability. This is a normal fact of life in foreign countries. The US was very quickly forced to open its eyes to this unfortunately. But bombing the hell out of everyone and treating everyone who wants privacy like a criminal won't solve a damned thing.

That is called a lie.

(though I have exaggerated some responses to further a lively debate)

That is called a lie.

Re:That is called a lie.

[DumbSwede]

I can look back and say this with all sincerity that this is not a lie. I can also add that many well reasoned responses have softened my stance on some minor aspects of my proposal, but not the main points. Most responses however, like yours, are just jerks trying to wrap themselves in a cloak of moral superiority.

Sealand won't be next...

My last visit to http://www.havenco.com (today) reveals nothing new -- except that they're now hosting a remailer.

The assertion that the UK doesn't recognize Sealand as a state is unfounded. The UK has, de facto, done so by refusing to intervene during the period when Sealand held a German national prisoner after an attempted takeover of the platform. The German government was obliged to negotiate directly with Sealand when the UK informed them that Sealand was (then) in international waters and hence beyond their jurisdiction.

That the UK does not currently recognize Sealand is irrelevant under international law. That Sealand is now inside UK territorial waters is likewise irrelevant under international law. Failure of one state to recognize another (such as the US refusing to recognize mainland China before Nixon) is an obvious example of the former principle.

Once a state exercises sovereign power (such as by taking a prisoner and negotiating for release with another sovereign power as above) a claim for recognition under international law has been made. That the UK subseqently extended territorial waters to include Sealand is not a claim on Sealand as a territory, just as a US claim to extend territorial waters to include Cuba does not make Cuba a US territory.

These are well-established legal precepts. I find it curious that the UK says it exercises jurisdicion over Sealand, but makes no effort to shut them down or even attempt to confiscate the small cache of firearms held (in violation of UK law)on the platform.

I submit that the UK legal system realizes they have a very weak claim on Sealand and does not wish to engage in a legal battle they can easily lose (with attendant international embarassment.) For now and the foreseeable future, they will continue to tolerate Sealand and the operations of Havenco. If Havenco or Sealand ever posed a credible threat to the UK, the issue would be settled in an instant with whatever force might be necessary. The operation of a data haven, remailers or even a FN-like system on Havenco does not meet this criterion.

As to the NSA watching those who obtain Freedom accounts -- who cares? Given an agency with those kinds of resources, does anyone seriously suppose that Freedom or any other service could be truly anonymous? If "they" want you badly enough, "they" will find you. If you don't generate that sort of attention, no one will care. Using Freedom for illegal purposes is beyond stupid, since traffic analysis will likely give you away and subject you to "real" surveillance, like "black bag" entry, password grabbers or even just a simple review of your bank accounts and purchases.

Freedom died because the "privacy nuts" like me didn't spend enough to keep it alive, pure and simple. That being said, Freedom (or something like it) will rise again. My guess is that it will be located on Sealand with the security afforded by that facility. Even if Sealand is assailed successfully, the data on the servers will be gone before a single bit is recovered. While I'm as upset as anyone about the death of Freedom (from which I'm posting this message) it may pave the way for an even better system with both cryptographic and physical data security.

I maintain that the events of September 11 are not going to cripple the use of cryptography or anonymity. Terrorists are smart enough to realize that the veil can be pierced with enough resources, and hence avoid using them for critical communications. (bin-Laden's congratulatory cell phone conversations nonwithstanding.) Over 70% of the American public feels that crypto restrictions would have been helpful, but I doubt that they would withstand a 1st or 4th Amendment challenge, and Sealand is not subject to US law.

The demand is there, the technology is there and the location is for rent. What remains is for an affordable system to be built.

BTW, I have no financial interest in Freedom or Sealand.

Re:Sealand won't be next...

[Zeinfeld]

The assertion that the UK doesn't recognize Sealand as a state is unfounded. The UK has, de facto, done so by refusing to intervene during the period when Sealand held a German national prisoner after an attempted takeover of the platform

Untrue. At the time of the incident the platform was outside UK waters. Now it is inside.

The point you attempt to make about 'international law' is utterly bogus. No country recognises Sealand. Under UK law any ship that is not registered with what UK law determines to be a national government may be considered a pirate vessel.

The failure to close down Sealand does not mean that the UK government recognises it. That will not stop the Libbertarian Taleban from arguing the theology of the case at inordinate length.

If as alleged Sealand was a sovereign teritory then the UK government could under accepted international law serve it a notice insisting that it cease aiding and abetting criminals. If Sealand declined it could under international law issue an ultimatum and commence hostilities.

Given the measures likely to be agreed by the UN security council in the comming weeks the chances are that the UK would even be able to state it was operating under a UN mandate.

Re:Sealand won't be next...

Sternlight... is that you?

The Tweakdom project might be able to fill the gap

[willdye]

I used to run a SourceForge project called Tweakdom, which was for tweaks to Freedom's old open-source Linux client. Several months ago, ZKS dropped support of Linux clients, so the project was shut down. We still have the client source code, but in order for the system to work, we needed a network of running servers.

Since ZKS will no longer be in the business, several existing Freedom users have asked ZKS if they would make their old server code available to the open-source community. If that happens, I'll be happy to start up the Tweakdom project again. Here's hopin'...

If you're interested, check the web page for updates, or join the mailing list. Here's the URL's:

The Tweakdom web page: http://tweakdom.sourceforge.net

The Tweakdom mailing list: http://sourceforge.net/mail/?group_id=23929

--willdye

MODERATION screwup

[h2odragon]

Offtopic? Really.

Don't editorialize out our paranoia, it has served well so far.

Re:MODERATION screwup

[Tyrall]

Well, I just metamoderated him (unfair, obviously), so hopefully next time he'll think twice when moderating.

It was a statement by the AUTHOR OF THE ARTICLE, pointing out the fact the /. editors had removed part of his submission that someone then suggested.

How the hell can that possibly be 'Off-topic'?

ditto - mod parent of parent Insightful

The only real difference is that some of you (mostly in the US) have pulled your heads _out_ of the sand and started to realise what's going on in the world.

Oh so TRUE!!!!

I wish I had mod points for you.

Me too!

Finally some in the US have stopped patting themselves on the back and taking a good look at the actions of their government.

In a country where around a third of the people choose who governs, it's not surprising that bad choices are made from time to time.

Being a citizen has responsibilities as well as rights, so start voting, start paying attention to world affairs, don't just read US news... open your eyes, they filter your news because they think you're stupid.

The US press isn't as free as you might think.

Where it goes wrong...

[Chasing+Amy]

What makes people question whether the Freedom Network's shutdown is collateral damage from Sept. 11 is not just the uncanny timing, but the exceedingly short notice and the fact that just recently ZKS was promising the rollout of more servers.

The exceedingly short notice is perhaps the most troubling. I'm sorry, but no matter how much you protest that it's unrelated to Sept. 11, most people are not going to believe you. You couldn't reasonably admit folding the network due to Sept. 11, because that would garner a huge backlash from the sort of customers you want to buy your future "privacy" products. That creates a very real motive for denying that the network's shutdown has something to do with Sept. 11.

As it is, you cannibalized your own market by offering the cheap Freedom product without nyms and access to the Freedom Network, anyway. You started trying to target a more mainstream audience--an audience which doesn't know the difference between Freedom the run-of-the-mill "privacy" utility and Freedom with access to the anonymizing network. You should not have given them a choice in the matter, and doing so naturally cannibalized the market for the Premium product--which was the only unique thing your company offered in the first place. There are so many other packages that do the same thing, some by big-name vendors like Norton and McAfee, that you can't reasonably survive very long selling a virtually identical product with the same features but without the name recognition and without the added distribution these products get through inclusion in general-purpose utility syuites such as those offered by both Symantec and McAfee.

I know I'll likely get flamed and modded down for second-guessing this and playing armchair CEO, but the fact is you never should have offered people a cheaper product which the mainstream audience couldn't be expected to reasonably distinguish from your network anonymity enabled product. Your webpages didn't even give a good explanation that "normal" people would understand about why they should buy your more expensive product. Your less expensive option was more appealing to people merely because of the cost difference and the lack of knowledge of the "average" guy.

When it became apparent that you couldn't keep doing things the way you were doing them, what you should have done is drop the cheap option and support only those people also willing to support the Freedom Network-enabled version of the software. To do otherwise is removing the only thing which made you unique, the only thing which distinguished you from Symantec and McAffee and countless smaller companies and freeware offerings. You cannot and will not survive in such an environment with so many competitors, not to mention the people who are pissed at you for dropping the Freedom network to concentrate on Just Another Cookie Management/Firewall/Etc. Suite and who consequently would never buy your "Freedom 3.0" product even though they used to be supporters. I know I don't need Just Another Firewall/Cookie Suite--too many to choose from already, and if Freedom 3.0 is anything like your current "lite" suite lacking the Freedom Network, it's just too "heavy" and resource-intensive an app. I could tolerate that when I got to access the snonymity of the Freedom Network, but without it I'd rather just run ZoneAlarm's free firewall and get my cookie management free with Mozilla.

Good luck. You're going to need it. And I still don't believe this timing has nothing to do with Sept. 11--and if it doesn't, you had a responsibility to give your users more notice, and shame shame shame on you for not doing so.

Oh, Bollocks!

[Chasing+Amy]

There are no side-effects of the electronic age except one: that the government finds it easier and easier to invade our rights as new technologies are developed, since people keep "interpreting" how our Constitutional rights should apply in a new medium instead of just doing what the Framers intended--reading our rights as literally as possible and applying them everywhere, without regard to medium, without regard to the changing temper of the times.

"The mushrooming of surveillance has been explained by the sense of panic
and crisis felt throughout the government during this period of extremely
vocal dissent, large demonstrations, political and campus violence, and
what at the time seemed the inauguration of a period of wide- spread
anarchy. While officials... suggested that these crises justified the
surveillance, they failed to recognize that the rights guaranteed by the
constitution are constant and unbending to the temper of the times..."
--Senate Subcommittee on Constitutional Rights, 1973

Terrorist attacks do not justify concurrent attacks by government on our freedoms--not even if the "tyranny of the majority," the large part of the populace that's most easily mislead by Ashcroft's smooth-talk and the like instead of thinking for themselves and reflecting on the future impact decisions we make now will have on us and our children and our childrens' children, is willing to go along out of Fear, Uncertainty, Doubt, and Ignorance.

If we have no freedoms, there's nothing to fight the terrorists for.

"Implicit in the term 'national defense' is the notion of defending those
values and ideals which set this Nation apart... It would indeed be
ironic if, in the name of national defense, we would sanction the
subversion of one of those liberties... which makes the defense of the
Nation worthwhile."
--Chief Justice Earl Warren, U.S. Supreme Court, US v Robel

"Man did not enter into society to become worse than he was before, nor
to have fewer rights than he had before, but to have those rights better
secured."
--Thomas Paine, 1791

"Experience should teach us to be most on our guard to protect liberty
when the government's purposes are beneficient... the greatest dangers to liberty lurk in insidious encroachment by men of zeal, well meaning but without understanding."
--Justice Louis Brandeis, U.S. Supreme Court

"An elective despotism was not the government we fought for."
-- Thomas Jefferson

"Contemplate the mangled bodies of your countrymen, and then say, What should be the reward of such sacrifices? ... If ye love wealth better than liberty, the tranquillity of servitude than the animating contest of freedom--go from us in peace. Crouch down and lick the hands which feed you. May your chains sit lightly upon you."
--Samuel Adams

"Necessity is the plea for every infringement of human freedom. It is the
argument of tyrants; it is the creed of slaves."
--William Pitt to the House of Commons, November 18, 1783

Anyone who has an historical awareness realizes that we have lost, rather than gained, rights over the last two centuries. We give rights to more people, such as women and blacks, and that's great. But we give fewer rights than our ancestors had. When Ben Franklin was postmaster-general, he wasn't going to let anyone touch your mail without a warrant. Many decades later the Court ruled that you don't have to have a warrant to get the data on the outside of the envelope--reasonable. E-mail and Web traffic is substantially the same thing and should be protected as much as regular mail--yet it isn't. There is no legislation to give your e-mail and packets the same legal protection your snail mail has. Even worse, Sept. 11 is being used as an excuse to pass legislation that would consider ALL fields in packets except for the actual data being shuffled, as ftree for the government to examine without warrant. Disastrous because where e-mail and Web traffic diverges from snail mail is that the FBI can't scan all envelopes and record who's sending what to whom, but they CAN do so with e-mail and Web traffic if only thay can get backbones or local ISPs to install a little equipment. Is that what the Founders would have wanted to happen to mail? For all the information on the envelope to recorded for posterity so that they can know exactly whom you're corresponding with, and monitor you if they don't like who you write to? No? Then we shouldn't allow it.

It's as simple as that.

I can go down a whole list of such rights that our forefathers instituted that we have lost. Most of them are rights people don't even realize used to exist, because they weren't codified into the Bill of Rights so clearly. In fact, the principal objection that many of the Founders, including Jefferson, had to creating the Bill of Rights is that it may create the misconception that those are the only absolute rights--which is what it's done. That's why a clause was inserted to reinforce the fact that the listing of rights does not disparage or deny all other rights held by the people, and that it is not a complete list of our inalienable rights. In fact, at the time, our rights were more defined by the Common Law than by the Constitution. Yet today's legal system treats the Common Law and all the rights it gives us as a doormat. The most famous example is probably the elimination, without any legislation to support the move, of the right of juries to nullify the application of a law in given circumstances, so that all common sense and fairness are lost at trial today.

Wake up yourself. Our rights are a tiny shadow of what Jefferson and Washington and Madison and Franklin and the Adams' and all the citizens of their age had. I'm beginning to think that Jefferson was right, and that each generation should have a revolution against the last, to ensure its rights. One thing's for sure: none of the principal Founders would like the government we live under today. Thay'd recognize it as oppressing us and denying our natural rights and our rights under Common Law.

Re:SAFEWEB has Javascript, CIA problems. Cool thou

[kubrick]

(plus I knew the folks there, and they were well-connected to the cypherpunks community.)

Not to argue with the other points in your (well-written) post... but surely a certain percentage of the 'cypherpunk' community is going to be undercover stooges for the FBI/CIA/NSA? Sort of like COINTELPRO in the Nixon years -- strong encryption is perceived as a strong enough threat to warrant this sort of spying on your citizens, according to that mindset.

I'm not saying this is fact, but merely that it's probably a factor that should be considered... the easiest way to break this sort of encryption is to already have someone on the inside, or to get someone to talk.

Re:SAFEWEB has Javascript, CIA problems. Cool thou

Personally- I have no need for anonymity when emailing. I mean what possible use would it have but spam? and I relaly hate spam. Spam blocking services shoudl be stepped up BIG TIME. Now as for censorship, and the likes of the chinese government problems, I could possibly see the use of it- but lets be honest- anonymous, and port 25 hacked email is 99.9999% used for sending "Filthy Sluts take it from behind" emails...
And personally- I say close em down....

Canada may as well be Puerto Rico

The timing of this shutdown is very suspicious.
Although they won`t admit it, I`m willing to bet
the REAL reason they shut down was due to pressure
from the US gov`t on the gov`t of Canada. Just as
with drug policy, when America says "Jump!", Canada jumps. When the US gov`t says "Sit!", Canada sits. Canada may as well be simply another
crown colony of US Empire. If it really WAS due
to economic pressure that ZKS shut the Freedom
network, they should have sought funding and let
it be known they were seeking investors. Freedom
net was a vert worthy and useful service of great
benefit to people the world over. Just because a
few terrorists MAY have also used it, doesn`t mean
that the entire system should now be made unavailable to the vast majority of law-abiding
people that had good, legitimate reasons for need-
ing to remain anonymous. Surely George Soros, EFF
and others concerned with privacy and freedom of speech could have drafted a plan to save the net
work IF that was the REAL reason for the sudden shutdown. I doubt that it is. Sad. Looks like the
terrorists have won another victory.

Re:Ian Goldberg, Bruce Schneier & Whitfield Di

> Believe me, no one is more disappointed about > this than I am, but right now there simply isn't > enough market buy-in on the premium services to > justify the network's operating costs. :-(

If you are sooo much disappointed, why don't
you provide it for free although the networks
operating costs aren't justified?

http://@nonymouse.com/ provides Anonymity for
free since 1997!

Regards,
Alex

Re:Ian Goldberg, Bruce Schneier & Whitfield Di

I loved this product, especially when it got stable in 2.2 It was only just starting to mature, and now they will focus on YET ANOTHER LOUSY firewall!

There are TONS of MUCH BETTER products out there.

I suggest to ZKS: Release the server software for free, like safeweb does with triangle boy.

Opensource the client, and let the net take care of it.

Maybe then it will be supported. I'm sure tons of Linux servers would love to help the web privacy world by running the daemon.