Slashdot Mirror
Software to Support Human Rights
An anonymous reader writes "Some software rollouts have lives hanging in the balance. Human rights workers in massacre zones from El Salvador to Kosovo face prying eyes peering into their address books and logs, who follow up with bullets and poison gas. One project, Martus, takes these hostile environments into account: a leak can get whole families killed. They use encryption, distributed backup, and other techniques designed to survive the ultimate corrosive environment: vindictive armies in countrysides in the throes of war. The source code is open, to allow meaningful contributions from anyone willing to help. These people bet their lives on open source and private data. The sponsor organization, Benetech in Silicon Valley, funds projects that arm global rights workers, and people under siege, with communications tools that counterbalance the overwhelming force used to exterminate everything "Free"."
Boycott Redhat, never ever use or install Redhat personally or in your work.
Redhat supported tyrannic mainland China against democratic Taiwan and gladly removed Taiwans status as independant in their latest distributions. The only reason is to make more dollars from China.
It should be notet that companies like HP and Microsoft has refused to remove Taiwans status as independant despite pressure and fines from the dictatorship in China.
There is plenty of really good distributions, there is simply no need to support tyranny.
if the setting is so dangerous and THEY use truncheon keys aint this java based thing pointless.
from the website--
"Martus bulletins are created and saved locally on your personal computer. Whenever an Internet connection is available, saved bulletins are automatically sent to a Martus server."
It is not easier to decrypt a good encryption even if you know every little detail of the encryption algorithm. Actually the consensus in the cryptography community is that if an algorithm is not published openly for everybody to poke at it cannot be trusted.
Just think how many different DSA/SSL/etc. implementations there are out there and several of these in opensource.
If most people (or atleast a majority of people) started using freenet, it would change the internet in a fundamental way: it would be no longer possible to outlaw freenet. I don't see this happening anytime soon, because most people still enjoy freedom of speech. But if there were to arise a global dictator, technology has given us a way to fight back.
People interested in this might also be interested in the rubberhose project.
From the homepage:
"Rubberhose transparently and deniably encrypts disk data, minimising the effectiveness of warrants, coersive interrogations and other compulsive mechanisms, such as U.K RIP legislation. Rubberhose differs from conventional disk encryption systems in that it has an advanced modular architecture, self-test suite, is more secure, portable, utilises information hiding (steganography / deniable cryptography), works with any file system and has source freely available. Currently supported ciphers are DES, 3DES, IDEA, RC5, RC6, Blowfish, Twofish and CAST."
Ubi dubium ibi libertas: Where there is doubt, there is freedom.
Phil Zimmermann has faced this issue for a lot longer than most of us. Read his thoughts here and the thoughts of some of the beneficiaries of PGP here. Restricting technology because it has the capacity to be used for evil is a slippery slope.
--- Hot Shot City is particularly good.
They look over it very carefully - Patches can create security problems as well as stability issues. Maintainers aren't stupid enough to include untested patches from unknown persons. Their reputations are at stake, as is the reputation of the entire project.
The poor example from above is pulling words from the comments - and those contain the foulest language imaginable. There was a Slashdot article a while back about this.
is not that it uses cryptography. It basicly uses pgp, which you or any terrorist or human rights (HR) activist could download. But the software isn't about just sending encrypted messages, which is all terrorists would want.
The point is that in Martus, the crypto is integrated into a package that allows HR groups to a) send the data to a secure server, where there is b) a central database, and c) allow other, approved groups to view the data. This allows HR groups to get the info out from problematic areas to a place where the international community can see what's going on. Sure, terrorists could use the software to send messages, but what the heck do they need a database for? For HR groups, the problematic gov't could come cart off every computer and piece of paper in their office, and the data would still be secure and accessible. And as soon as they got access to another computer, they could start adding to it again.
The Economics of Website Security
Forget the rest of this. I don't think you grasp what Martus is really about.
It's about whisking incriminating data out of the reach of the powerful and into the hands of the rest of the world.
The more easily this data slips through their hands, the more circumspect the fascists will be about harming people (at the very least).
This is for use by people who will not be tortured for the keys, ie the UN workers who will be kicked out of the country after their equipment is confiscated. With this that equipment will not give the evil army information that they want.
Please remember that Java can be compiled. When it is, it can run ok even on older systems. We did a stock exchange client in Uzbekistan in Java on a 32MB 66MHz 486 under Win98SE because that was all they had available for the dealers at the exchange.
See my journal, I write things there
Redhat supported tyrannic mainland China
Oh please, if you all feel so strongly about tyrannic China, then why don't we see a boycott of Chinese products? Take a look around you and see how many products you use all the time that were "made in China". My Microsoft mouse, my Logitech mouse, my keyboard at work, some of the parts inside my computer, my Microcom modem etc, all made or assembled in China. Americans don't want to support China's tyranny, but they don't feel so strongly about it that they will stop buying China's cheaper products as a protest.
Your count is slightly misleading. For example:
;)
Documentation/filesystems/proc.txt: echo ':DEXE:M::\x0eDEX::/usr/bin/dosexec:' > register
drivers/sound/dev_table.h: int (*send_sysex)(int dev, unsigned char *bytes, int len);
arch/i386/kernel/setup.c: * misexecution of code under Linux. Owners of such processors should
and lots of @bytesex.org e-mail addresses.
Assorted stuff I do sometimes: Lemuria.org