Slashdot Mirror
EFF Promotes Freenet-like System Tor
The submitter continues "It also allows you to install Tor-aware apps, such as an HTTP proxy (for private browsing), or maybe private P2P? Unlike Freenet, it doesn't use massive encryption (as far as I can tell) and relies more on something called onion routing to randomly bounce requests between other Tor proxies, thus obfuscating the IP of the original client. So it allows you to browse regular Internet sites! Maybe it should be considered more of an 'open-source' Anonymizer? But I don't know if it's actually Open Source - you can download the source (and compile it yourself) but I don't know if the developers are letting anyone else touch their code. They are, however, looking for contributors and other forms of help. And, finally, they're hoping people will start running Tor servers!" It's open source, however contributions are handled.
Can you really sue someone for violating the DMCA when they decrypt content that is not yours?
Nice idea, but tough in practice.
I bootleg Fizzy Lifting Drinks.
An imperfect plan executed violently is far superior to a perfect plan. -- George Patton
Let me get this straight. As a TOR node, my computer will request information from regular web sites unencrypted. This means that when someone requests e.g. child porn on the network, and my node is chosen to retrieve it, my IP will be the one logged?
You are in for a world of hurt if you run a TOR node. Since you are perfectly aware of all plain HTTP requests your node makes, you are likely to stand trial for contributory copyright infringement, import/export/distribution of child porn, conspiracy to [whatever] and so on. Since I assume by default it doesn't log anything to give you someone to blame it on, they pin it on you.
I would honestly never run a TOR node. If I did, I would firewall it to only allow connections to other TOR nodes, i.e. be a pure leech on the network. Anything else is to expose yourself for a wide range of legal disasters. Freenet had this right. You must not know what you are transmitting. This idea is fundamentally flawed and I'm amazed that the EFF would support it.
And beyond that, from the brief techincal discussion, you have a single point of failure in the directory server. Gather a small botnet, compromise the server and present the botnet as the routing nodes. You control all the keys, you decrypt everything. Or just a simple DDoS attack, so you don't find any nodes to route through. Overall, I'm not impressed.
Kjella
Live today, because you never know what tomorrow brings
Then where do we draw the line between "Omg, technology for terrorists" and real useful software? What about instant messanger systems?
Does AIM and MSN user = Terroist?
No.
But they can very easily use such software can they not?
What about Planes? Maybe we should stop using planes.. I mean terrorists can use them to fly into our buildings.
Why are you drawing the line at this piece of software? Where should this line be? The further it goes into our freedoms...
It's a method for the transportation of data - it in no way encourages any specific type of traffic. I could mention several straw-men arguments about telephones and vehicles that also could be used for horrible child crimes...
Relative anonymity isn't inherently destructive - nor is the anonymity offered here absolute. Conventional methods of online social investigation will still catch the people you imagine, as there is still a source and destination. With child crimes in particular, the investigation should move offline as soon as possible anyway as soon as suspicions arise.
People who attack and cruelly manipulate children deserve punishment - the rest of the world does not need to close entire realms of technology down for the sake of that punishment. The nerds of the world shouldn't be forced to think about punishing criminals when they make their tools any more than car manufacturers.
Ryan Fenton
With Tor, you don't transfer files; you transfer packets. This is analogous to running a TCP/IP router on the internet, you just relay traffic for others. What Tor adds to this is that you have no way to find out what packets you relay contain or where they are ultimately headed. If you are really a civil libertarian, you won't care. If you still care, maybe you should look for another label for yourself :)
"Oppression and harassment is a small price to pay to live in the land of the free." -- Montgomery Burns.
Fine. Then allow the child pornographers to distribute their "product" - and bust them at other phases of their operation.
Tell me this. How many child pornographers are busted when someone trades illegal pictures? Not illegal picture-traders, the actual people who TAKE the pictures?
By blocking the flow of information, you can only bust the picture-traders. And you get a nice excuse to bust anyone else whom you can reasonably define as a "terrorist" or other undesirable.
Bust the guys taking the pictures, at the source. When you get a kid who's been abused in this way, they can lead you to the picture taker.
The excuse of "needing better tools for law enforcement" is very often used as an excuse to abridge civil rights.
Child pornographers are bad. And should be stopped wherever their found. But I'm not ready to accept that we, as a civilization, can afford to eliminate anonymous speech. When we have better rules (that are enforced) to protect whistleblowers and dissidents, then maybe we can do away with anonymity.
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
Ryan,
Thanks for the reasoned reply.
I don't disagree that Freenet is a tool, but I'm not sure all factors are equal in judging tools. We could compare to Kazaa, which does trade legitmate files... but trades scads of pirated material. Kazaa may trade many pirated files, but the relative harm is far less. Copyright infringement isn't in the same ballpark as child molestation... the law recognizes this with the vast difference in their respective penalties. The amount of harm (and type of harm) with Kazaa can be argued either way... I don't find Freenet to be nearly as grey.
Admitted, the Freenet choice is binary; install it and tolerate the content, or not. However, I don't find free speech as an issue to be so black-and-white (that'll bring on the flamewar). Like most things, one needs to apply the doctrine of competing harms.
Everyone makes choices for themselves based on their own risk/benefit analysis. Cars and firearms inarguably cause thousands of spectacular deaths every year... yet if you really crunch the statistics, most guns are used to punch holes in pieces of paper, and most cars are tranportation devices rather than deathmobiles. My feeling is that the positive balance of content on Freenet is far less clear. If there's one legitimate persecuted speech document on Freenet, does that mean we tolerate 10000 pieces of child porn? That scale doesn't balance for me... but that's me, particularly when there are other ways to distribute that content without the baggage.
I don't disagree with the existence of the tool... just one particular use of the tool. The choice being all-or-none, I couldn't justify a node for myself... I'm not saying those who set up those nodes are evil or amoral... just that their scales balance a little differently than mine.
Even if a man chops off your hand with a sword, you still have two nice, sharp bones to stick in his eyes.
By this argument, you could never own an apartment, rental house or hotel, because child abuse could be committed on your property.
The notion of a packet of similar size existing on both ends of an encrypted or obfuscated path can't be used if one or both ends is -part- of the encrypted or obfuscated path.
Incorrect, although it can be challenging. For the sake of argument assume the NSA (our hypthetical attacker) has a Carnvore logging activity into and out of every ISP. They can therefore observe the existance, and perhaps size, of every packet between every node in the network, even if they cannot decrypt them. It also means they can observe the timing and pattern of such packets.
It can be possible to correlate existance, timing, patterns, and perhapse sizes, of (unknown encrypted) packets at one point with the existance, timing, patterns, and perhapse sizes, of packets (possibly unencrypted) at some other point.
Perhaps you check your anonymous Hotmail account every morning at roughly 9-something AM. Perhaps some morings you download really large attachments resulting in particularly large traffic. On some other morning you've gote the flu and don't use the network at all. They take the pattern of known traffic to the Hotmail website and run a pettern match against traffic patterns recorded at every single node in the network. And with each cluster of activity they manage to match up with a source, the smaller the unknown dataset becomes and the easier it becomes to match up each other outbound plaintext with a source internal node.
And if an ISP happens to be down for a day, well that gets them tons of info. For every data group that is active that day (for example various Hotmail accounts), they can exclude every user of that ISP as candidates for matching each of those datasets. And if you personally are connecting and disconnecting from the network then your connection patterns can easily be correlated with patterns of observable activity coming out of the network.
The main defense against such attacks is that you must remain connected pretty much constantly, and that the network must keep the flow at each link in the network at a constant, by padding real packets with dummy packets to keep the pipelines "full" and constant. Unfortunately it's rather costly to keep every single link running at max capacity with tons of garbage packets.
And if the NSA can meddle in the ISPs then they can twiddle the latancy for various nodes to potentially probe which encrypted nodes are responsible for which observable activity.
And the NSA can join the network themselves, running a signifigant number of servers. If your data happens to route completely through their trojan servers then you're sunk. And even without that total compromise, they get tons of information for narrowing down the possibilites and teasing out the consealed connections.
It's just one giant puzzle, and each peice and each clue helps fit the other peices into place.
The good news is that a well designed TOR network will be pretty damn secure against all but the most resourcefull attackers like the NSA who could conceivably log and analize data from a thousand covert points. On the otherhand if you are a casual user routinely connecting and disconnecting from the network, and you are already specifically under suspicion of specific visible activity, then your encrypted accesses can probably be trivially matched against the dates and times of the target activity.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
I didn't say that. But, ethically speaking, free-as-in-beer is better than giving-money-to-child-abusers.
Put yourself in the place of the child, her guardians, her counselors, and ask if you would want still photos and videos of her rape to be broadcast over the net
Of course not. But this is Freenet. 99-to-1 odds the child is never going to know. As such, he/she isn't harmed by their presence.
You haven't considered the possibility that the child might be identifiable and still at risk. You view her anonymously but do nothing to help
What exactly would you suggest one do if they saw a child porn pic? Go running to the nearest police station? "Hi, officer, I was browsing child porn and I found this one kid. Can you locate her/him?" Not only is it quite unlikely that the kid (probably in a different country) could be identified, you'd probably wind up in jail in the process.
I'm not claiming that distributing child porn on Freenet is ethically squeaky-clean. But I can think of a million things that would concern me more about running a Freenet node, such as the potential for illegal activities (such as terrorist plotting) that actually do tangible harm to people.
It's hard to be religious when certain people are never incinerated by bolts of lightning.