Slashdot Mirror
Secure Internet Live Conferencing
An Anonymous Coward writes: "Newsforge has an article about new generation secure chat protocol called SILC (Secure Internet Live Conferencing). The article features the protocol and its features like secure file transfer. Interesting article and very interesting protocol." We posted a story about SILC last year; looks like they've come a long way since then.
I claim this first post for Adolf Hitler, whose enlightening policies set examples for us all. Sieg Heil!
This weekend I had a hole drilled through my skull. I read that this increased one's consciousness permanently. I read about the supposed de-conditioning properties. I read about more parts of the brain working simultaneously as there would be more blood up there to help this happen. The arguments for it all seemed to be quite lengthy, quite detailed, thought out and researched, and very intelligent. The arguments against it were based solely on the opinion that it is 'crazy' and talk like, "What's more conscious than conscious?". I heard from an acquaintance on telephone that she was glad she had done it, felt more mental energy, and had days of brilliance. I came to believe that the key to a permanent consciousness increase was a hole in the skull, to restore the full brain pulsation of infancy. After several months of research, discussion, speculation, watching surgical videos and trepanation documentaries, and even an actual viewing of a trepanation, I decided I certainly did want to be trepanned, and sought a way to do it.
My girlfriend and I met a friend at the airport and took him out to dinner first, and then went home to discuss how things would go. We made a list of some things we needed that we didn't have yet. List in hand, we went out over the next two days to home medical supply stores, hardware stores, to autoclave our bits and get smocks, to a pharmacy, and some hobby shops. We picked up the drill, the gloves, sterile gauze, sheets of plastic, sodium chloride, hypodermic syringes, sterile wipes, irrigation syringe, etc. etc. After acquiring all that we needed, we set up my best friend's bedroom as the operating room and prepared to perform the operation. After talking about it at length, two of my friends who were to be present during the operation were expressing extreme apprehension due to the overall lack of experience, and one of them was really concerned that a suture was necessary and none of us were equipped or knowledgeable enough to do a good one. Not suturing could potentially cause a rather hefty amount of scarring and possibly complicate the healing process. Since we were both hesitant to proceed without my friends', and since they were scaring us a bit, we didn't do it that night.
I awoke the next morning still very much wanting to move forward with the operation. I thought to myself, "The key to more consciousness is sitting in the next room over. How can I know this and not unlock the door?" I explained my sincere desire to my girlfriend, and though she was still apprehensive, she agreed to try to be there for me if it was really what I wanted to do.
We had coated every wall of a room in plastic sheeting, had a placement tray ready (a sterilized tray to set the instruments on), had the drill sterilized and ready to go, autoclaved bits set out, etc and proceeded to trepan me. One person was to do the drilling and another was to help by passing instruments, turning the drill off and on, by holding a light in the right place at the right time, and by irrigating the wound every so often. (Irrigating is rinsing, with Sodium Chloride in this case, the blood away so the doctor can see what he/she is cutting) All was finally ready to go.
Everyone put on smocks and masks and entered the room. I had already shaved the cutting area (and two or three inches around it in every direction) with a razor and washed it w/nutri-biotic soap (kills many germs and combined with the sterile wipes we used would've even killed TB). I put on a shower cap (that had been washed with sterile wipes) and cut a square hole in it where the cutting and drilling would be done. I made the blood rush up to my head by choking myself so we could see the veins, and using a sterile pen we marked the major veins so they would be more noticeable and avoidable. We drew up 1cc of a Lidocaine/Epinephrine mix and injected it all around the area to be cut. This was done to numb my skin and nerves for the incision (the Lidocaine) and to constrict all the blood vessels in the area to decrease bleeding since head wounds bleed a lot (the Epinephrine). We waited a few minutes for the numbing action to occur, and then proceeded. My friend, using a sterile scalpel, pushed the blade in all the way to my skull and made the incision in the shape of a half-circle a little bit bigger than a nickel's size in diameter. The plan was to pull that flap back and tape it down while drilling. We just thought it'd peel away from the skull like chicken skin or something, but it did actually adhere to the skull though, so one person held the tip of the flap with forceps and another cut away the adhering tissue from below and pulled the flap back. It laid back on it's own and did not require tape. Then one person irrigated, the other applied pressure with sterile gauze, dripped a few drops of the Epinephrine on a few of the bleeder veins, and the bleeding quickly subsided to a workable level. Then we turned on the drill to speed 4.
We were using a flex-shaft Dremmel with a ball burr and a flame-shaped burr. The process would turn the bone and marrow to dust which would be rinsed away as we went, down to the meninges, at which point the brain would be pulsating visibly as our sign of success. We began drilling and the sound was resonating extremely loud through my skull. He was calm as was I, and one of was very noticeably uncomfortable, but not about to pass out or anything. We drilled and rinsed, drilled and rinsed, occasionally wiping with sterile gauze to keep it very visible. The first layer of skull was through in about 20 minutes, the marrow in about another 20 to 30, and it took about an hour to get through the final layer because of more concern then.
We slowed the drill speed to 2 or 3 and began with extreme caution, the final layer of skull between me and full pulsation. I was feeling no pain and was doing fine. The person drilling for me was sitting Indian style on the floor with my head in his lap for more control (plastic over everything including his lap, and wiped with medical hard-surface disinfectant wipes from the medical supply stores). A friend asked me to follow his finger and tested my eyes for focus, twitches, etc. He said I seemed to be fine and normal.
As it got closer, we drilled more and more slowly. At one point he hit what we thought might be meninges because it squirted a bit of blood but quickly subsided. We were still doing OK. It was just a bone vessel and we knew that it might happen once or twice more. Luckily it did not. We drilled more and more, slow and careful and eventually saw what we were fairly certain was meninges. As he said he was seeing it, I felt a shivering tingle of energy up my back and up the back of my neck. We told him how to probe to be sure.
He turned one of the bits over and tapped around in the hole. Most of it went click click, because it was hitting bone still, but one part did not make sound. He had made it through to the meninges! I saw a video of this moment, and yes, you can see the brain pulsating!
Now we just had to widen the hole. As it was being widened I felt another shiver in the same way. Minutes later, they were sure the hole could be opened no more before risking cutting scalp with the drill, so we were done. Then I sat up and had it sutured and discussed what to watch for during healing. We discussed how to clean and not to clean too much till it was healed. The follow-up cleansing has been minimal to be certain, but enough to do the trick. We are still using Sodium Chloride to clean it.
I was overjoyed. I would attribute most of the joy at being done with the whole affair, as it was months in the coming, and it was about a 3 ½ hour procedure overall. I immediately went to the bathroom after, 'cause I'd been holding it in the whole time, and then went to my place to hang out, chill, and feel the effects. The room seemed taken on an intense clarity and I was able to pay attention to my thoughts and the world around a little more simultaneously. I thought at the time that by having multiple parts of the brain starting to work a little more simultaneously, since they would have enough blood to do so, it was enabling a different faster thought process and more quickly assimilating somatic sensations my perceptions of them. I that's what was giving a clearer picture. That night I was fairly blissed and weirded out, glad to be alive and well, and out of the hospital. My major fear, even more so than a mistake happening, was that I might have to rush to the hospital and they might've committed me if I told them how the hole got there. All went smoothly though, and I was successfully trepanned! I went to bed about 5 hours later with a bandage on my head. I paid very close attention to the sensations of the veins in my head and neck. They were pulsing in an effort to establish a new equilibrium between the cerebral spinal fluid and the brain blood volume. I had achieved a return to full pulsation, rallied together with several good friends to safely pull off an ancient medical procedure, in my own home. Much like the many millions of tribes before us, we worked together to get what was needed to do the deed and do it well. I fell into a contented series of dreams. I awoke the next morning feeling even better, and still in great spirits. I attributed the growing pleasure sensations to two things: it may take varying degrees of time from body to body for the Cerebro-spinal Fluid
I had read that it increased dream memory recall, and so far this has proven to be true. I have remembered my dreams in some detail every morning since. I've also read however, that if you smoke marijuana regularly, and suddenly stop, that you begin to remember your dreams more. I stopped smoking so I could be clear on the trepanning effect. I have mostly noticed a general increase in mental energy and alertness. I haven't been drinking coffee every morning like I used to. I just wake up, and moments later I am ready to go and in good spirits. I have continued to notice an increase in clarity of thoughts, more rapid thought processes in general, and a higher degree of focus. Everything has taken on a new glow of sorts, and I feel great. I have also noticed an increase in sensitivity to somatic sensation of all kinds. I generally feel more alive, more awake, closer to the now.
I've not had a moment to ponder intense intellectual or philosophical matters, as my friend is still in town and hanging out has mostly consisted of going from one place to another, but I will keep notes of everything I notice. I believe it will take quite some time for all the changes that this will cause to actually happen and make themselves noticeable. For now, it is a mild trip, a permanent one. I will give it a week's time to see which effects remain, and which may be placebo. At present, I am glad I did it, and look forward to the rest of this life, with all eyes open.
Khaled, please save us from Carnivore.
phirst post baby
hi how you doing just saying hi hope you get this me and the guys are going out for coffee later on if you wanna come with...
anyway i guess thats all ill catch you later if now then see you there bye
---james marison
If you weren't too busy swindling old ladies for pennies you might have made the first post.
Isn't any phrase that starts with "Secure Internet" an oxymoron?
The fucking database crashed again! Who would have thought linux could ever crash. Maybe you need to use a real OS like win2k datacenter. Ebay seems to get by fine with IIS.
Only the State obtains its revenue by coercion. - Murray Rothbard
Somehow, it is quite hard to _really_ initiate a secure communication without much work. You can ofcourse:
... but since no certificates are used during instantiation, it could still be hijacked
... hardly to call userfriendly
- send e-mail signed with PgP, but that doesn't really fall under 'instant-messaging' or 'conferencing'
- run a SSL-enabled IRC client and connect to a secure IRC network (lot's of compiling and patching here)
- use Licq's OpenSSL features
- using 'talk' on a machine that is accessed through SSH
I must note that I haven't read the article, but a standarized, easy, and secure (meaning that Man-In-The-Middle attacks are not possible due to strict certificate-based identity checking) conferencing programs could be the next Big Thing
--
If code was hard to write, it should be hard to read
Is it true that you will be running for president in 2004? If so, what's your stance on Italians and homosexuals?
root> man -k lunix heterosexuality hygiene
nothing appropriate
root>
Hey Gabe - thanks for the mtn. dew.
Lovingly,
Your apartment-mate, Mark.
No more AOL chat rooms for Biff the big hairy trucker pretending to be Buffy the sweet little virgin. Now he can securely coerce little kiddies to visit without worrying about being traced.
I'm gonna be called a troll for this...
But do we really have to cross post everything that gets posted on Newsforge? It is already sydicated everywhere else (linux.com, and others I'm sure).
Hire me...
...to bad that the popular services like AIM and ICQ probably won't support this protocol. Unfortunately, I'm stuck using crappy IM systems because that's what everybody I know uses.
This is great to see this get some coverage. I'e used this in the past, and it is excellent.
The best I can say for encryption over IM's is the blaim plugin for GAIM. The only problem being that both sides must be using gaim + blaim.
I've got my own ircd which I require the clients to use stunnel or an ssl-enabled client to connect. Soon, I can limit access purely by accepted certs, thereby keeping lusers out.
Of course the same can be done with OpenSSH. I use that at work to bypass my office firewall and use my home cable connection for a proxy to usenet, email, and other service. The best part of this is I can bypass my ofice proxy so they don't record where I netsurf. it looks a lot like a bunch of ftp and telnet to them.
Jabber is an openly-developed, XML-based messaging platform. As anyone might expect, it has built-in security features, from SSL server connections, to PGP signatures/encryption. A number of clients is available for various platforms.
A better marketing department would have called it 'SLIC'.
Or, to more accurately portray the likely discussion, 'SICK'.
While this is a legitimate issue, I think its a negligible one for two reasons: 1) most people like Biff get caught in sting operations, or when the kid has second thoughts and tells their parents. 2) At my office, I know our network admins sometimes get bored and grab packets from people's computers to see what they're up to. I'd rather not have someone in a filthy Doctor Who T-Shirt reading my Instant Messages. To me, this application of said protocol far outweighs the chance a child molestor will be able to cover his tracks a little bit better.
Last night I shot an elephant in my pajamas. How he got in my pajamas I'll never know.
The reason why this project is so good is that it just works. you install the client and you can connect securely without screweing around with configuring a dozen different programs, etc. I had it up and running in the time it took to download the .rpm and install it.
Remember Lexington Green!
http://uptime.netcraft.com/up/graph/?mode_u=off&mo de_w=on&site=ebay.com
The site ebay.com is running Apache/1.3.6 (Unix) on Solaris.
From the first time I used SILC about a year ago, I told people to use this. It's great, I just wish more people used it.
I've got a server I can run if anyone is interested in screwing around.
-- Note: If you don't agree with me, don't bother replying. I won't read it.
I must step back and look at this from another point of view. What, precisely is the original purpose of this? Certainly I'm all for it -- the concept is incredibly cool -- but it somehow doesn't seem like something to replace IRC with. Frankly, nickname wars should be stopped with the nickserv/chanserv. You can't have the nickname blah? Try blah-, or ` or _ or whatever suits you. Get over it, or go to another network. Its not that big a deal. It seems to me that these clients will require a bit more power to them, and the protocol will as well. The encryption will make packets larger, and thus easier to use in a war style. Because I have been exposed to the not-so-nice part of IRC, it occurs to me to consider the possibilities here. Though anti-flood features can easily be implimented into the client, this is not the end of the possibilities. Another possibility to be considerred in the line of security is ip publicity. They seem to indicate that hostmasks will be available, which thus allows people to get at the ip address and use them for DoS attacks. Of course a masking procedure utilizing wildcards could be implimented as many smaller IRC servers have done. This provokes the possibility of multiple people on the same ISP from the same area with the same nickname showing up. These public keys are most likely obnoxious-to-remember alpha-numeric codes. Who wants that? Then again, if the client has a decent friends list, that, too, can be rectified. The next question I have regards forgery and trust. The server admins, who I will call opers for my convenience, will now have more reason to trust peoples' claims against others regarding abuse because there are now so few ways to perform abuse, and so much added security. But how easy will it be for someone to forge records of someone performing some sort of abuse? It seems to me that all of the information necessary will be provided in the /whois query for the purpose of identification. Will legitimate users be able to use opers as an effective means of cutting back on the inevitable abuse, or will it be too easy to forge offenses and thus make opers far too skeptical to help out in many ways?
That's all I'll type for now, but these are certainly (in my opinion) issues for consideration.
Wrath "Arguing on the internet is much like the special olympics -- whether you win or lose, you're still retarded!"
I wouldn't mind to have simplified H.323, but who the hell needs reinvented wheel, when there is ESP for IPv6 and there is IPv6 with all buil=in goodies ?
3.243F6A8885A308D313
This is slightly offtopic, but are there any free voice conferncing programs for Linux and windows? I've tried Gnomemeeting, but it uses a flawed system that doesn't work with NAT easily. I'd like to find a program that could do this, and use GPG keys for encryption for an added coolness feature. Any coming soon? Thanks,
David
We (some friends) have built up a VPN via FreeS/WAN and use a private ircd on one of our VPN-boxes. A little perl script helps us to keep the VPN consistent due to our dynamic IP's.
This is one of the more secure ways of doing secure communication i guess, and very comfortable, as dcc works too etc (as long as no box is getting hijacked security is almost perfect).
BTW, for those who already haven't seen Gabber has GPG support. This should surely make some ppl happier, full-blown GPG in IM. -Pk
I've been using Trillian for a while. It's a free (like beer) mult-medium chat client for Windows. The newest version supports 128-bit blowfish encryption for chatting over AIM and ICQ networks with other Trillian clients. This is achieved by using a key exchange method like Openssh. It is far from mature. As the newsforge article notes about other such systems, it lacks the authentication and key management aspects, so it is not really very secure yet; however, those could be achieved with relative ease, I beleive, and the general method might be a lot more viable for a transition from current insecure systems.
The point is that the way Trillian does it, all messages are encrypted into ascii-armored "messages" that are sent through preexisting messging protocols. A new protocol would probably be better, but it will be hard to get people to switch. Plus you need servers, and you will likely run into the same problems of the big companies working against interoperability. With Trillian, I can talk securely to those who care and have the client, and still talk to everybody else, and it doesn't take special servers, so we don't have to start our own or wait for AOL to finally think that security might be a good thing.
My point is not, "Hey everybody, switch to Trillian," but rather that the system of changing the client operation and leaving the protocol the same may not be as good as a completely redesigned protocol, but it may be more workable. ...However, if you use Windows, do check Trillian out!
"You call it a new way of thinking; I call it regression to ignorance!" -- Operation Ivy
Nobody here's used the PGP plugin for ICQ? i personally can be sure they my 4096 bit encrypted msg is as secure as the person i'm sending to.