Slashdot Mirror
Peek-a-Boo (ty)
Anemophilous Coward writes "Tom's Hardware has a story detailing cDc's new anonymity app, just demonstrated Sunday. Peek-A-Booty is designed to let surfers access sites blocked by government restrictions, and is essentially, a distributed proxy network. It uses a peer-to-peer model, masking the identity of each node. This means the user can route around censorship that blocks citizens' access to specific IP addresses, because the censor doesn't know they're going there. There is also a website dedicated to the project."
FIrst post bitches!
- The BOFH Troll
Will this be vaporware like their last piece of Holy Grail software? Back Orifice made cDc famous, but recently they seem to be irrelevant.
And FP.
woot otototototooto adfgdfg hhihi ihhihi
kekekeke ^^^^_^^^^ winnar fpfpfpffpp !!!
amaeiericia if love americang # ### % $KEKEKEK
kekekeke $^^_^_^_^_^_^^^^___^
hi hih hi
fp
Aside - I first read cDc as 'Center for Disease Control', heh, sure changed the article.
What?
If someone has blocked you from the PrOn sites, you get this device and you still get to peek-a-booty ???
Reports are that he died from complications resulting from "Peek-a-Boo(ty)". Truly a internet icon. He will be missed :(
I can see both the good and bad of this application.
On the good side: China. Folks over there who have to deal with the gigantic "Firewall O' Death" (also known as the "Damn it, Communism works so stop reading about how it doesn't" Firewall) can possibly use this tool to get to the outside information they need to keep spreadin' the news that "Information good."
On the other side, as a Security Manager in a bank who's sometimes asked to go find out if person XYZ has been accessing nakedhairyeyebrowedcheerleaders.com, I can see how this utility might make it impossible for me to do my job.
So I've got mixed feelings on this utility.
52 Weeks, 52 Religions with John Hummel
THe problem is restrictive governments have people on staff to look for stuff like this. This app (while I haven't tested it) pulls from multiple sources. I like the idea a lot. Sorta moving towards a P2P web network where you can browse content like you do now but peer to peer rather than client / server.
Luck favors the prepared, darling.
Mod the l33t parent up!
I wish I'd seen this before I submitted the story on the Great Firewall to kuro5hin. Arrgh.
Best Slashdot Co
Well, the software is still very easy to block.
I assume that they use HTTP as the transport. So it's enough to use firewall that understands HTTP, i.e. any that is advertised as 'application layer' firewall.
And if you don't block per IP you probably already use such an firewall. The only difference is that you will scan for forbidden URL (or a part of thereof) in the POST fields or GET agruments and not in the URL prefix.
Writing a piece of software that monitors all your HTTP connections and blocks any that match the string 'goatse' is very easy (less than 4 hours if you don't care about scalability and configurability).
e-mail: karol at tls-technologies.com
www: http://www.tls-technologies.com
sig: not found
The problem: Say I'm a user who wants to connect to a Peek-A-Booty network. I need to get the address of a node to connect to. How do I get this? The obvious solution, and the one used for Gnutella and other peer-to-peer apps, is to publish a list of nodes (or at least one). But that won't work here -- because then the censors can use the same list to track down the nodes and block and/or disable them. This is especially problematic if you're using Peek-A-Booty as it claims it is meant to be: if you're in a country that filters access (say, China) and the government can track down the users trying to circumvent the filters, they can and will punish/torture/kill those people.
Peek-A-Booty has not solved this problem. Read what Tom's article has to say about it:
That's right -- the only way to connect to a Peek-A-Booty network is word-of-mouth, which is horribly ineffective. Finding a node will be extremely difficult unless you know the right people, and then it's very easy for the censor to ruin it. Trust the wrong person, and your whole network is exposed. Government spies could give out addresses that the claim are Peek-A-Booty networks, then catch anyone who tries to connect to those. Worst of all, they could just offer some huge incentive to people for turning in their friends.I hate to say it, but this system simply isn't ready yet. They have not come up with a technically sound solution.
-- Imagine how much more advanced our technology would be if we had eight fingers per hand.
Larry Y*p is a person that I came across quite by accident. I normally wouldn't associate with someone like him, but there was some financial motivation that helped me endure his sociopathic bent. Y*p, as you may have guessed from his name, is born of Chinese ancestry. Larry's mom and Dad came to the U.S. from Peking in the late 50's and sullied our American soil with him soon after. I am sure the Y*ps meant well when they raised Larry, but they were unaware that things considered normal in China... are sometimes a crime in the U.S. of A. Larry's wife, Linda is a Mexican-African-American woman with 3 children, all from different fathers (none of them Larry's): a criminal, a lesbian, and one that turned out ok. The only way this child could have ended up ok was from parental neglect. Linda is hideously ugly; she has a heart shaped ass. This is normally a good thing... but hers is upside down. She has many tiny moles on her nose and cheeks. They look like freckles, but they have height. She looks like Howdy Doody would after closely examining an ass that blew a damp fart. She is a kleptomaniac and a pathological liar. I call her Yap. Larry calls her "live in" Larry is a 280 lb, out-of-shape curmudgeon. He specializes in one-upmanship and backstabbing. Larry could be talking to you as if you were his only friend (which would probably be true) and if somebody else walked into the room, he would immediately say something demeaning about you like, "Where did you get your shoes... Payless?". Any retort would initiate an onslaught of "Yo Mamma" jokes. Larry would purposely run into the room to display his latest fart... grunting extra hard to make sure you were impressed. This is probably why his drawers were constantly smeared with intestinal rice. Larry is a sex and car part addict... it is not an exaggeration to state that he screws a prostitute everyday. He finances his hobbies by exacting kickbacks out of the salivating vendors that supply his company with parts. Larry is the purchasing agent from hell. He particularly liked picking on Vietnamese machinists for some reason. Vendors could be treated to General Chau's chicken one day, and be jacked up against a milling machine the next... Larry viewed himself as the Chinese godfather. He had one hooker that he saw repeatedly. She was an above-the-knee amputee (no shit) and by the look of her apartment was successful. I have to admit she was pretty. On the way to a meeting, Larry just had to get a nut, so we stopped off at her apartment... I watched TV with her 4-year-old daughter while Y*p boned her. Once, Larry jokingly mentioned the large size of his rottweilers penis, he grabbed the relaxing dogs cock and yanked it a couple of times. The dogs' eyes opened as wide as a strangled Chihuahuas'. I'm sure Larry thought I would laugh... but I didn't, this was not funny, especially when the dog rolled onto his back expecting more (this had been done before). I generally avoided going out with Larry and Linda together. It was a source of embarrassment for me to be seen with these two freaks. I didn't want people to think I was out walking two incredibly fucked up pets. Linda's laugh reminded me of an asthmatic pig snorting a 1Ú2 lb of cocaine. Larry's was like listening to a rhesus monkey kick heroin. Both should have been drowned at birth. One Memorial Day weekend, they asked if I wanted to go to the San Jose car show with them. The show featured motorcycles (my fav.) and was something I thought might be fun, even with Y*p and Yap. The hellish venture started immediately with the car ride to the fairgrounds. 102 degrees and 75 mph ensured Larry an escape proof, rolling chamber of horrors. His jonesing monkey laugh combined with the sound of the master door and window controls locking alerted me that something horrifying was about to take place. The treatment began with a few inaudible, rancid pooftees. I couldn't begin to describe the stench. Larry's colon, fueled by Linda's ghetto-bean, multi-ethnic rice cooking, served up an aroma that a perverted maggot would flee from. Linda seemed unaffected, as if these nasty wafts of funk could have been hers. She sat there wheezing with this gummy, tartar-toothed smile, blurting out an occasional "Larrrrry". I became convinced that she was as twisted as Y*p; no one could find anything humorous about this situation unless they were as sick as him. Larry was in all his glory...like he learned a new song and you just had to hear it. He began to blast out this succession of farts that sounded like he was sitting in a half inch of water. He would occasionally let the windows down, I imagine because the stench was too much, even for him. I must have looked like a car accident victim going down in a pond, my nose pressed up against the window, clawing frantically for air. My jaundiced friend was on a roll, there was nothing short of an ass whoopin' that could have stopped him. I had already decided to take a bus on the return trip... so all I had to do was make it there and everything would be OK. Larry continued his attack on my sensitive nostrils, all the time laughing maniacally and playing with the electric windows. Arriving at the fairgrounds, I was as happy as the settlers must have been seeing the Pacific. I was out of matches and at the end of my rope when we pulled into the parking lot. Y*ps golf clubs were sitting next to me and I seriously considered taking a divot out of his empty, balding skull. My anger turned to quiet satisfaction however, when I noticed a CD-sized yellow patch on Larry's khakis (Larry didn't wear underwear). His wet monkey farts had cost him a pair of shorts. There was no way in hell I was going to alert this torturous bastard to his plight. I was more than happy to see this through to the end. I walked a short distance behind them, trying not to let on that Larry may need a diaper. He kept slowing up to attempt some male bonding, but I would bob, weave, speed up, slow down... anything to keep our distance. I'm sure Larry was thinking something like, ÔHe's avoiding me like I shit my pants'. The looks and snickers Y*p and Yap were receiving convinced me I was doing the right thing. I prayed for a swarm of poo-sniffing insects to start buzzing him, but I wasn't that lucky. This was an extremely visible patch Larry displayed on his khakis and I could barely contain myself. The payback for the car ride was big on this one and I was going to make sure diaper-boy paid in full. It was obvious that I was with Y*p and Yap, so I had to weigh my embarrassment tolerance with theirs. I decided to get them a little further from the car before enlightening them. Following the septic duo was too much; I almost had to twist my knob to keep from peeing my pants. There was Larry, walking around like an urban commando; beeper, cell phone and PDA strapped to his belt. His expensive waistline served no real purpose other than to call attention to the yellow peril that had seeped from his ass. I sensed Linda was starting to feel like she had a barking duck perched on her shoulder. She was looking around nervously and since she was sort of a victim herself, I let her in on the joke. Being the dutiful wife she was, she decided to keep Larry's little accident a secret too and started to distance herself from his leaking sphincter. Y*p realizing something was wrong, looked around and glanced at the bottom of his sandals... he looked like one of those poor fuckers on Candid Camera that knew something was wrong, but wasn't sure. My face was bright red from holding back laughter. Y*p kept asking, "What's going on? Come on you guys..." We just kept ignoring him until Linda couldn't take anymore, she finally told him that he had a giant shit stain on his ass and should get back to the car and change into his long pants. I would have rather drank tea made from Larry's shorts (Poolong?) than be seen with Linda alone, so I decided to walk back to the car with him. He was going to depend on me to shield his little yellow lunch-box from the public. I was going to do no such thing. I pointed and laughed at every turn. Larry walked like he was in handcuffs as he tried to cover the ugly mess from the crowd. He was starting to get angry with me, I reminded him of the car ride and that he was being paid back. Larry is the kind of person that loves to dish it out, but when he's the butt of a joke, he turns into a rabid animal that would kill you if he could. I sat in the passenger seat as Larry dropped his shorts. He handed me his beeper and stuff, using the car door to shield his now half naked yellow ass. Larry asked me to quick hand him his pants, I slammed the door shut, leaving him knock kneed and cursing. I locked and unlocked the door, shooting him a "Remember this... hmmm?" look... Larry was beside himself... I was in heaven.
unless it's done the same way as the *tella style p2p.
It's just so annoying that when I wanted something from the *tella network, the server isn't even on. Or I kept seeing people probing my computer for a *tella server.
Then again if it's done similar to the central location way, it can be easily blocked too. Hrm. Guess there'll be more traffic hammering my firewall. *sigh*
And naturally our wonderful corporate wwwproxy kicks in and leaves me unable to see the peekabooty site...
Well, I guess it is good for me since it could rupture my fragile little mind..
For a while I've been browsing the web from work without my employer knowing which sites I go to. I've been doing this using Teraterm secure shell to redirect a port from my work machine to a linux machine at home. At home I have linux running squid, a proxy server. I change my work browser's proxy settings to localhost and the redirected port number. Anyone sniffing my traffic at work will just see encrypted packets flying by with no idea what they mean.
I would block the download site right now. Are sites like /. also censored? I'm not taking the pessimistic view, but I bet they are some really anal geeks working for the chinesse government. Probably looking for projects like PB and then banning them.
My university has an agonizingly frustrating download limit of 500 megs per week. Could this program possibly circumvent my limit? I'd try it now, but I'm at home (reading week).
Actually, those bastards also block out morpheus. Could this program get around that, too?
--
These aren't the droids you're looking for.
Defecation Imagery in American Science Fiction: The Dark Conspiracy
Among the various literary genres, perhaps none proves such a fertile dumping ground for fecal imagery as science fiction.
From Asimov to Zelazny, nearly every work of science fiction squeezes in its own often subtle (and, often, not-so-subtle) breed of excretory metaphors.
An example of toilet imagery plain to even the dullest mind is present throughout Larry Niven's award-winning novel Ringworld. On the most fundamental level, even the setting of the story stinks of the water closet. Specifically, the Ringworld itself is a hundred million mile diameter "ring" of material, on which various species live out their regimented lives.
Surely, the Ringworld is the most transparent kind of metaphor -- clearly representing a galactic-sized toilet seat (or, "ass-toroid", as any ass-trophysicist might conjecture). The various species living out their miniature lives are intended to represent the various intestinal flora that live and breed on your own toilet seats. The metaphor could not be clearer.
As an exercise, I leave it up to the gentle reader to log other fecal imagery throughout the plot, setting, and characters in this important work. Any reasonable person will admit that Niven's usage of such imagery was intentional, and adds particular punch to the force of his story.
In fact, one of the two sequels to this famous novel is entitled The Ringworld Throne -- providing incontrovertible validation of this observation. Mr. Niven maintains the parallel of the Ringworld to the toilet throughout, going so far as to name the book after a euphemism for a commode.
Examples of subtler variations on this theme may be found in Isaac Asimov's work, for Asimov always appreciated decorum and cleverness -- he'd never leave a steamy pile in plain view.
For instance, in his celebrated and Hugo award-winning novel Foundation's Edge (note: edge), one of the two strong female characters is named Harla Branno. Harla Branno is a cunning, portentous, quasi-masculine firebrand who is able to smoothly manipulate her underling (Golan Trevize) into undertaking a dangerous journey.
The suspense and tension are maintained until the very last moment, when all is released in a sudden and surprising way. And that completes the picture. From the title, to the character names (Branno = bran, Golan = Colon), to the sudden-release structure of the plot, all is feces. Bravo, Isaac!
Also lost on many of today's readers is the constipation imagery in The Moon is a Harsh Mistress, by Robert Heinlein. Once the title itself is considered in the context of bathroom ritual, the previously elusive interpretation is brightly revealed. Possibly the "moon" is in one sense Earth's satellite -- but the literary analyst with sufficient acumen will surely appreciate the simultaneity in interpreting this as meaning "ass".
That the "moon" is a "harsh mistress" means, in the former sense, that man's invasion of the Moon as a home for humanity, complete with its unique social, political, and economic ramifications provides a rich and nearly insurmountable physical and mental challenge. In the latter sense, however, surely Heinlein intends to liken this sociological struggle to the physiological battle of defecation with bowels slightly obstructed. In fact, the parallels are irresistible, once brought into the light of day.
Some authors confine their fecal imagery to the title alone, as L. Sprague de Camp with the obvious Lest Darkness Fall, and Robin Hobb's much more subtle Assassin's Quest. Some manage to split it among a book and its sequel, as was done with Conflict and Resolution by Hamilton. Yet others have apparently toilet-free titles, and restrict their coprophilic allusions to character names, as with "Jonnie" in Battlefield Earth by L. Ron Hubbard. In any case, a sufficiently probing search will reveal the offending mass of bathroom-based alchemy subliminally inserted into our consciousness by American science fiction authors.
Surely a fecal conspiracy is afloat in the sea of science fiction, and try as we might, never can we flush all traces of such imagery away. We are left little choice but to wipe it out of our minds as we read, enjoying the yarn itself without succumbing to its darker tendency.
Hmmm... gangs act in funny ways. They often think if they conduct illegal activites en masse they are somehow shielded from the law.
I certainly would not want to use an anonymous network where some sicko could be using your computer to conduct their crimes. Do you think the cops would really understand or care how those files got onto your computer? No. Off to jail you go.
The "download" page on www.peek-a-booty.org doesn't have anything.
Has anyone been able to download it?
Hopefully the good will outweigh the bad, to that end I imagine that the test of time will tell.
-- Dan
The Great Rogerborgio will make a spooky prediction. When Peek-a-Booty 1.0 reaches 100,000 downloads, a story will break that the client contains a hostile trojan that lets "evil hackers" take control of your machine, impersonate you, steal your credit card details, and screw your shrieking girlfriend in the ass while you watch helplessly, tears of frustration streaming down your shocked, betrayed face.
The story will be submitted by a "credible group of anonymous white hat hackers" and run - unquestioned - by BBC Online and - slightly questioned, at best - by Reuturs, and every other online news source will pick it up from there and spread it as gospel truth.
It will not be true. It will be Fear, Uncertainty and Doubt, pure and simple. Many interested parties will want Peek-a-Booty to fail. In fact, there are so many - governmental and industrial - that even the Great Rogerborgio cannot peer through the mists of time sharply enough to determine the culprit.
But it will happen. And remember, you read it here first.
If you were blocking sigs, you wouldn't have to read this.
So you mean I can go to any website out there, even if my websurfing is blocked? Great! How do I get this software? Oh go to this website. Hey. It's blocked.
While the aims and goals of this project are commendable, I can't help but think that this program will be utilized moreso by old men wanting to look at kiddie porn safely, than those in oppressed countries.
One can simply see this trend with the GNUtella network, and monitoring the search strings people send out. They're full of stuff such as "hairless pre-teen sex" and "dogs fucking women".
I'd be much more interested in running Peek-A-Booty if it had some sort of information-type limiting, but this would go against the whole basic concept of the program. I'd be glad to assist those who are oppressed, but WILL NOT help sexual predators and the like.
Maybe people who want to help those in oppressive countries should throw up rogue squid proxy servers with bandwidth rate limiting and perhaps some client access limiting (*.cn, *.ru, and soon, *.us). This is what I do and it works quite well.
I don't even advertise it, but quite a few people find it and use it (mostly people in southeast asia, actually)
this supposdly "non vaporware" still isn't downloadable from the peekabooty website.
Just because people have seen it run, doesn't make it non vaporware, it has to be distributed.
So where's the Beef? ([lame joke]or should that be dead cow?[/lame joke])
(n/t)
Say no to software patents.
Never on Slashdot did I think I'd see a story title with the word 'booty' in it.
AnonyCoward
Doen't this system remind anyone of the media network in Neal Stephenson's The Diamond Age? Information gets passed from one place to another by different people, so that no one can tell where the person on the other end is. Looks like another one of Stephenson's ideas has become a reality.
... some cracker will set up a node that, when asked for a web page, issues spam instead.
... or worse yet the web page requested with spam interspearsed.
That will be the end of that.
The End. (uggh) Nice idea though!
-"The early bird catches the worm, but the late bird sleeps the most"
If I'm a Evil Opressive Government (TM), does this really do anything to circumvent my ability to oppress the masses? Great, so a bunch of dissidents decide to go out and get their information on-line through this system. I, as the Evil Oppressive Government use my intelligence networks and eventually discover this system. So what I do is find several of these proxies and begin logging their activity.
A few months later after I've seen a lot of people going to these systems I begin sending out visitors in the wee hours of the night to "educate" these people. Really these systems may actually make it EASIER to find incorrect thinking individuals. I don't have to compromise an entire network of dissidents, I just have to find a couple proxy sites and let the proxy logs do my work for me.
I've spent a lot of spare brain cycles thinking about this stuff and it seems like you really need a way to obfuscate that nature of your communication over multiple channels. You need legitimate looking sites to act as proxies and to limit the frequency and size of transmissions to reduce their visibility. Anything that can make connection profiling possible rules it out as a viable solution.
Now, this system does have a host of possible uses, don't get me wrong. It will make it possible for somebody at the library to work around net nanny software, etc. It will make it easier to avoid the snoopy firewalls at the office who want to keep track of how many times I visited Ebay today. But I don't think this will do dissidents much good.
This sig has been temporarily disconnected or is no longer in service
If the user can't install it, they can't use it.
In a bank, a user shouldn't be able to install anything at all.
Don't answer me. Moderate. Slashdot is about moderation, not discussion.
So in other words, I can put the full use of my internet pipe to a distributed and proxied "load test" of slashdot, or whatever site annoys me today. For the non-techy monkeys out there that's a denial of service attack...convieniently anonymized and distributed for me. Slashdot has some moderately big pipes, but a handful of people doing this, and your gonna see some problems. Especially if they intentionally keep hitting lots of database intensive, non-static html screens.
FREEEEEDOM! Thanks cDc! And thank YOU slashdot, for telling me about it!
Hey guys, this ain't released yet, and for good reason. There's still work to do. If you have an attack which you think is probable of success, you would do good to let them know so they can design countermeasures.
"Let him go, Ralph. He knows what he's doing." --Otto Mann (simpsons)
Its easy, just block the proxy network, and boom... its blocked again. That was easy!
It isn't a lie if you belive it.
Couldn't you (as a net admin) block the IP to the peekaboo(ty) site?
... done.
Lesseee, according to my monitor Jimmy in accounting has used 1.8 gigs of bandwidth on our t1 in the last 4 hours all from one IP. Hm, IP doesn't show up on my list of naughty sites, and it's not stileproject.com. OK, I'll just ban that IP, copy the contents of his temp file to my admin machine
In that circumstance what has peekabooty done except given poor Jimmy a false sense of security. In that respect, it's a Machiavellian netadmin's dream.
-Styopa
I'd like to use this, but my company has blocked access to the site.
Finally a way around Norways oppressive censorship :P
HAHAHAHAHAHA!
SysAdmins are such a joke. You flunk out of community college, then act like the people around you, whom you serve, whom make more than you, are slight. Much like serving fries at McDonald's, no?
In addition, programmers are your Daddy.
Get my box online, I'll be in around noon.
Those who use these technologies to bypass governmental restrictions are merely jealous of those who are able to grab control of governments and use them to their advantage.
Seastead this.
'Look! Neal Stephenson was right in !' He's not that great people, nor all that presicent. Most of the science in the Diamond Age was bad or ill-concieved, and even the media system is somewhat mangled and unworkable. It involves a really major paradigm shift that he never bothers to explain. That said, I like most of his books, except for the constant and irritating moralizing that he's doing more and more with each book. The Diamond age is stuffed to the ears with 'magic', not tech, so I wish that people would stop crowing that the man is right all the time. He's basically a conservative commentator that writes Sci-Fi. That doesn't make him bad, but it also doesn't make him a futurologist (which wouldn't make him nessecarily more correct anyway, looking at some of the lastest stories here.).
Sig: What Happened To The Censorware Project (censorware.org)
It will never end, and there will never be a winner. The game just goes on and on and on...move and counter move, move and counter move...
It certainly is fun to make the other team (whoever they may be) squirm, though.
Got Rhinos?
Information-type limiting works against the very idea of the system.
I don't mind helping everyone equally. Even sexual predators- there are other ways to catch them.
Sorry, kiddie porn is not a trump card with me.
What we call folk wisdom is often no more than a kind of expedient stupidity.-Edward Abbey
Wait a minute...those aren't pom-poms! Ewww, gross!
Got Rhinos?
Already, we have the "Internet 2" project for researchers, so they can have their own Internet, free of commercial traffic and home users clogging things up with streaming video/audio and file downloads.
I see more of this coming. In the future, I predict businesses will get together and pay in to some sort of entity that builds (or promises to build) an independent Internet type network just for business purposes. If you're a porn provider or warez site, you simply won't qualify to be a part of this private network. The only question remaining is how many ties to the rest of the Internet will it have? It seems it has to have at least a few, because employees working from home will want to tunnel in via VPN to the workplace.
What your forgetting here is all i need is a start node to connect to the network. From there I'll know the location of more and more nodes. So ip address 10.9.0.1 is the first node and I'm able to connect. After I know where that node is I know where the other 1000 nodes connected to it are. Then if someone blocks access to that node I connect to one of the others. Then anyone I know can initially connect to me. The idea is the network will have a spider web effect similar to how the internet works now. So if one route goes down there are other routes to go through. And the spider web just gets bigger and bigger where it's impossible to take it down without totally disconnecting you from the internet. It's not a hard concept the network just needs to be created.
If your not cheating your not trying. If your not trying your not winning and if your not winning why play?
The biggest problem I see is management content to drop the whole Internet surfing problem in the lap of the I.T. department. What most I.T. workers are saying is "Hey, I want to spend my time taking care of the computer systems and network -- not becoming the Internet police."
It's the job of a manager to oversee his/her employees and make sure they're using their time efficiently. As I've always said, employees who want to waste time will find a million ways to do it. If you restrict them from surfing the net, they'll just talk to friends on the phone, or bring in a newspaper to read, or walk the halls with a cup of coffee and try to look busy.
I have no problem with putting the basics of an automated system in place to block known porn sites and other blatantly illegal sites. Just by doing that, you're showing you took measures to prevent sexual harassment in the workplace. I think most companies would like to be in a position to say they did that, if it ever came up in court.
Beyond that, I think it's wrong for managers of other departments to request/expect I.T. to "fill them in on what so-and-so is doing on the web", or to complain that something's not "locked down tight enough". If you know you have employees surfing where you don't want them surfing, take care of it yourself!
Here's the question I have.
Let's say someone where I work (NASA) decides to install this to get around the proxy. It allows them to connect to blocked sites through other peek-a-booty clients, right? Does this in turn punch a hole through our firewall and allow others to access our intranet that they are blocked from accessing?
It sounds like this is can be used as a voluntarily installed cracking tool.
I'm sure that getting upset at people for how they refer to employees probably hasn't helped you get a job.
Instead of saying "I resent that you call employees drones!", you should try, "Who should I talk to about becoming one of your drones?"
Got Rhinos?
I see a lot of posts which seem to imply that employee surfing should be ignored. Why is it a big deal if an employee does some personal surfing? Why not measure an employee's productivity and leave it at that?
I used to work at a company that had a very liberal internet use policy. We were pretty early adopters as far as the corporate world goes. We wanted people to use the Internet as a tool and didn't want to micromanage or scrutinize its usage.
Over the years we had to tighten our policy as abuses started to mount. The final straw was an idiot who was collecting kiddie porn and saving it on our network server! We immediately notified the police and he has arrested and prosecuted. The guy literally had hundreds of pictures carefully organized into directories to categorize them. It was obvious (1) that he had been doing it for a while, (2) he had invested a great deal of thought and time in these activities.
The company was dragged into the employee's defense trial. We spent a lot of time and money on attorneys, depositions, etc. It was a nightmare. We were forced to implement a system to control and monitor access to the Internet to insure that this type of thing did not happen again. It is one thing to get caught in that type of situation once but it can't happen again.
So we spent a lot of time and money watching and controlling Internet access. It sucks but it only takes one idiot to mess things up for everyone and there are a lot of idiots out there.
I still think that ideally Internet usage should be the employees' responsibility but in the real world things often get much more complicated.
If the user can't install it, they can't use it. In a bank, a user shouldn't be able to install anything at all.
Some software doesn't need to write to the registry to be installed; it can run from a simple unzipped folder. The only way to disallow installing software is not to let the user write to storage at all.
Will I retire or break 10K?
It's not going to be a big a deal as you think, because of the way it's set up.
(Note: I've never seen the software, all this is based on how I *think* it would have to work. YMMV.)
(Note: I'm probably going to hell, because you know the Commies are reading this, and they'll use this stuff just the same as your company will.)
The system does no initial discovery, you have to know the address of an upstream node. Presumably, any folks using this within your company are probably going to know each other, and they're going to have one, maybe two upstream nodes that they're connecting to.
Syslog your firewall port 443 (or whatever port this thing ends us using - - if it's not port 443, even easier!), and every so often, check the destination addresses. You'll find your PaB users soon enough.
If, once the inital connection is made to a known node, the system jumps around from node to node, then scan for single machines making large numbers of SSL connections to different addresses.
If it *is* truely P2P, then the machines inside your organization are also nodes. Portscan your machines for the incoming port(s), and they'll show up easily.
Also, if you have an intranet, chances are the proxy's going to try to contact an external peer for your own internal web offerings. You'll be getting help desk calls that your people can't see your intranet soon after this thing's put in place.
*evil bofh grin*
I think it's going to be easy to pick out inside any network.
Ed R.Zahurak
You know, oblivion keeps looking better every day.
On the other side, as a Security Manager in a bank who's sometimes asked to go find out if person XYZ has been accessing nakedhairyeyebrowedcheerleaders.com, I can see how this utility might make it impossible for me to do my job.
So tell them, "its no longer possible"
you might also suggest; if this person is doing his job, what does it matter if he watches po*n - and if he doesn't do his job... fire him. Simple.
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
Millions of drug users use this model quite happily.
My Karma: ran over your Dogma
StrawberryFrog
http://cultdeadcow.com/details.php3?listing_id=426
PEEKABOOTY UPDATE
FOR IMMEDIATE RELEASE
LUBBOCK, TX, February 7 -- The CULT OF THE DEAD COW (cDc) would like to clarify a few matters in relation to Peekabooty, an anti-censorship software application currently under development.
Peekabooty was originally the brainchild of the Hacktivismo group, an international cadre of hackers founded by the cDc's Oxblood Ruffin. Hacktivismo's mandate was and is to develop technology in the service of human rights. Peekabooty was its first project; others are in various stages of planning and development.
The CULT OF THE DEAD COW has supported this work from its conception, because we view censorship of the Internet as a cancer that must be excised. However, it should be noted that the cDc membership have not been contributing code or driving the development schedule for Peekabooty. This project was entirely the concern of Hacktivismo group.
Two years ago, Bronc Buster and Mr. Pink wrote the proto-code for the current iteration of Peekabooty. Paul Baranowski (who until recently used the handle "Drunken Master") later became its chief architect and took charge of the Peekabooty programming effort. Some months ago, Paul chose to dedicate himself full-time to refactoring the codebase and finish implementing the remaining functionality.
Paul has recently decided to sever ties with the Hacktivismo group but he will continue to develop the Peekabooty app. Occasionally developers can't find the environment they need to do their best work and now is one such time.
Paul will be leaving Hacktivismo and taking on full responsibility for his work and all future development of his software. So from now on, Paul is directing all aspects of the Peekabooty project. It is no longer a Hacktivismo production. The Hacktivismo group will shift its main focus back to other projects in the pipeline.
We continue to wish Paul the best of luck. We believe that Peekabooty will prove itself to be a liberating force on the Net. Although Hacktivismo has severed formal ties with the project, some members intend to informally contribute their testing skills, etc. to the ongoing effort.
Paul will be presenting a recent snapshot at CodeCon, February 15 - 17, in San Francisco. Go check it out. But please be aware that this is not a launch; Peekabooty is still a work in progress.
Could this thing give you the ability to run a ddos attack completely anonymously? So much so that it would be impossible to shut down. If you can't detect who is sending it or it keeps sending different IPs, it would be impossible to stop the attack. Also it could shut down everyone on peek-a-booty. They may have made that impossible to do but since I can't find anything on it I have to leave it open as a possiblity. If it is possible, once the peek-a-booty network was going the whole web could be taken down. I like the idea of this thing but it was developed by hackers for hackers so I am a little warey.
If your not cheating your not trying. If your not trying your not winning and if your not winning why play?
Isn't this project illegal since the DMCA doesn't allow people to make software that "cracks" the "security" (and I'm sure thats what the chinese goverment call it.... protecting their people from all bad stuff on the net.)
I think this is a great idea. Lots of posts have already raised the issues that always arise with free speech. When people are free to speak (and more importantly hear) what they like, then sometimes they use that freedom to say and hear unpleasant things. Personally I think that this price is trivial compared to the benefits that flow from freedom.
However, I do have another concern. We all know how hollow claims of security often turn out to be. This project invites people to commit crimes which, in some countries, carry severe penalties including (in a few countries) the death penalty. So I hope that this system really is secure, and that if it isn't entirely secure, I hope that the people running it are honest about the risks.
It would be a pity if someone were to encourage people in (lets say) China to seek the truth, and then left them exposed to the Chinese government.
The people who are working on this project ought to think long and hard about any promises or assurances of security that they make.
Praksys
Most of the comments I've seen for this story talk about how it will be good (or bad) for employee surfing. It occurs to me that this will also be a way to defeat the websites that try to lock out certain regions from being able to access them, for matters of national licensing and such. (I saw a story about that sort of thing on /. a while back, but I'm too lazy to go look it up. :)
Editor Emeritus and Senior Writer, TeleRead.org
Technology merits aside, why did they have to choose the name 'peek a booty' ?? This really isn't helping us getting rid of the 'pron-fiend-p2p-user' stereotype. I can't imagine the company or technology being recognized by corporate types, either.
-Linux was for the masses, who spoke, and everything was crystal clear.
I wonder if a program like Quick Browse - http://www.quickbrowse.com - might also do the trick?
How come it is whenever I see the vast majority screencaps on a *nix machine, it is ALWAYS running these two apps:
XEYES
XLOGO
It really makes me wonder if *nix is all it's cracked up to be if this is all I ever see?
At my last admin gig, I refused to provide managers with info on what sites were being accessed, what email was being rec'd, and what personal files were on hard drives. If a direct order didn't come from an executive or the IT Director, then it was not my place to rat out employees.
Talk about liability! I have no way of knowing/proving that John Doe accessed this site. I only know that John Doe's PC accessed xxx.com. But PHB's won't understand the difference.
Managers wouldn't ask someone in a cube famr what the guy next to him was surfing, why should I be put in that position? The other employees are my colleagues, and I refuse to disrespect them simply because I control the servers.
I heard about this program a year ago. Back then I wasn't sure what to think about it, because cDc isn't one of the "software producers" I trust. Personally, I would never install anyhing written by them on my computer.
Peek-a-booty appears to be a valid program, and may even be really useful for people who have governments blocking them from freely accessing the internet. However, I do think that they should get rid of the cDc name, mainly because cDc is associated with lame backdoor trojans by a lot of people. Also, if it ever got mainstream media attention, it is likely that they would start the article by saying something like: "cDC, the makers of the infamous backdoor trojan program Backorifice...". This is likely to scare people from installing it.
Just my two cents...
Since when is porn "Blatantly Illegal?"
People in Soviet Russia, however, appear to be afflicted with amusing juxtapositions of the aforementioned situation
Do any of you seriously trust this tool, or cDc at all? What's the last big "product" that they dumped on the Internet? Back Orifice. And we all know how respectable a "remote administration tool" that was, don't we? Especially the part where all the positive results for server scans made by the old GUI client were sent to a cDc affiliate's website, that was REAL trustworthy on their part. I'm sure as hell not going to put my privacy, my machine, my connection and my LEGAL STATUS in the hands of people that don't even respect the community they claim to be a part of. If you want to do something constructive for free speech on the Internet, do the following:
Visit http://freenet.sourceforge.net and download their client. Run it. Submit bug reports, feature requests..anything you can think of to improve the TRUSTWORTHY privacy software already in the making.
Visit http://www.eff.org and do whatever you can to support them.
Lobby your local officials in government, talk to representatives..try to get things done. Don't support a program made by a bunch of underhanded blackhats, because in the end, what's going to happen? Within a week CNN will be televising the first White House briefing about how Peek-a-Booty is yet more proof that encryption and privacy software in general are supportive of terrorism.
Remember, the proxies get discovered by word of mouth or perhaps off a website. The oppressive government has the same resources if not more to find these proxies. I don't need to know what you actually transmit over the proxy, as long as I know what the proxy could be used for I can do what I want with you.
This sig has been temporarily disconnected or is no longer in service
I believe that Peek-a-Booty will be GPL'd, or at least open-sourced.. in that case, one would simply distrust the binaries and compile (or DL from trusted site) the program locally. .. it's a neat piece of code. Assuming the widely-heralded P-a-Booty is coded to the same high standards, I would very much like to get ahold of it.
As far as it goes, however, Back Orifice is notable as one of the trickier trojays to ferret out
An even geater problem than finding the first node address would be actually finding the program. Wouldn't china(or any other censoring country) have any sites that provide this software blocked? and if they didnt, are they really that censored?
So, are you telling that the cult of the dead cow is behind all this?
You conspirance theorist. :)
...because someone decided to use peek-a-booty to try to crack whitehouse.gov, and the luck of the draw gives him *my* machine to use as a proxy, so when the Secret Service traces the attack back, they find just lil old me. This has happened to me in the past (not through a proxy, I got back orificed)stupid windows user!!)), and my ISP shut down my account for 2 days until I managed to convince them that I'm not a cracker.
But as long as that can't happen, then I'm all for this project!
If all the world's a stage, anyone who says they want better lighting spends far too much time in a dark theatre.
For example, consider that you are currently in an environment that you have connectivity out to the world, but it is monitored. Once you connect, won't some fraction of the "anonomized" traffic come through you?
At some point, if you are trying to view a website with potentially objectionable material, a clear connection has to come from somewhere, and if someone else's connection comes from you, the gestapo could come looking for you.
Once I started looking at Snort, I became very afraid of what is possible. NIDS is a wonderful thing, but if used in the wrong way it could become a good tool for someone wanting to be big brother....
-Jeff
Good Fast Cheap. Pick any two.
The problem is, some of it is very illegal. Your average user may just be surfing for cheerleaders or whatever, but a small minority of people are looking for exploitative or paedophile sites. This isn't necessarily an argument for keeping everyone under observation at all times, but if it becomes impossible to watch what's coming in and out even on those rare occasions when you want to, then there is a legitimate concern.
Then you're obviously an employee, and thus a luser.
Or are you unemployed? Well, then you're obviously a luser who can't even get a job.
Either way, your ridiculously high uid marks you as a luser.
Christian R. Conrad
mail me at iki.fi ; same user ID as here