Slashdot Mirror
From Slaying Dragons To Dictators
tcd004 writes "In a weekend, programmer Austin Heap transformed from an apathetic MMO player to a world class regime-slayer. When word for Iran's rigged election broke over Twitter, Heap decided to dedicate himself to building a better proxy system for people behind Iran's firewall. Heap's creation, Haystack, conceals someone's real online destinations inside a stream of innocuous traffic. You may be browsing an opposition Web site, but to the censors it will appear you are visiting, say, weather.com. Heap tends to hide users in content that is popular in Tehran, sometimes the regime's own government mouthpieces."
Why is this article being put out now? The Iranian elections were awhile ago
But "looking at porn" wasn't one of the viable alternatives?
No folly is more costly than the folly of intolerant idealism. - Winston Churchill
Security through obscurity is no security at all.
I strongly doubt that the existence of this system is a mystery to the government of Iran, at least not if it is beyond a certain level of popularity.
Palm trees and 8
I don't know if I'd consider setting up a good Proxy server as "Slaying a Dictator".
I think that's actually part of a big chain quest so that you can get keyed along with a large group of people to then slay the dictator.
Wouldn't they just ban anyone connecting to known proxies or any proxy in general that wasn't set up by the authorities?
~S
It is not a dictatorship.
Misguided, dangerous, theocratic, abusive, yes. But not a dictatorship.
I look forward to a 'thinkofthechildren' argument from some congressman in the future about why it should be illegal here.
Absolute power corrupts absolutely. indymedia
As opposed to the laughably juvenile attempts by Iranian intelligence agencies to spam twitter with pro-Iranian-government messages?
Also, please include citations when you make accusations like that. I pulled up a bunch of articles on the Iranian twitspam with no problem but found it harder to dig up reports of US Agencies doing the same (though I wouldn't be shocked if they had, this seems to go both ways).
Hey pal, I've got bad news for you but you are the one who doesn't know what the term means. You should be laughing at yourself for not understanding a term and then looking down upon others who do understand it. I hope you especially laugh at how incompetent Bruce Schneier is to use the term, because you are no doubt more competent than him (ROTFLMAO).
The term has never implied that you can know the keys and still not get in. It specifically refers to a principle in security engineering, which attempts to use secrecy (of design, implementation, etc.) to provide security - [emphasis added]. In other words if you cannot publish the algorithm without rendering the system vulnerable, then that is security through obscurity.
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
I thought this was a new game coming out where you did both: Grand Theft Horse 2 - The Dark Ages.
1331461 is only semiprime *sigh* Alas - I am just short of 1337.
Iran's government sure loves blaming the US doesn't it.
I read the internet for the articles.
Iranian law is pretty tough on smut
http://www.google.com/search?hl=en&safe=off&q=pornography+laws+in+iran&aq=f&aqi=&aql=&oq=&gs_rfai=
Here's one snip from one result
"The AP reports that Iran's parliament on Wednesday voted in favor of a bill that could lead to death penalty for persons convicted of working in the production of pornographic movies. "
"Adnkrnonsinternational reports that under the new law, anyone distributing pornographic material can be sentenced to a fine of up to 16,000 euros while owners of a porn video or film risk up to 76 lashings. "
"Executing Iranians involved in the porn industry isn't a brand new story, unfortunately. "
every day http://en.wikipedia.org/wiki/Special:Random
It must be tricky to hide sensitive data in innocuous data streams. Of course, I'm sure it's possible...
Iran has elections, but doesn't pick the right person, so it's a dictatorship. Same is true for Venezuela and Gaza, and any country over the past sixty years that made the mistake of voting for left-leaning leaders in the Western Hemisphere.
And what about China, Saudi Arabia, Egypt, etc? Well, they make us a shitload of money, or they at least follow our orders, so, you know. It's different.
Bullshit.
Less than a month and many all-nighters later, Heap and a friend had created Haystack. The anti-censorship software is built on a sophisticated mathematical formula that conceals someone's real online destinations inside a stream of innocuous traffic. You may be browsing an opposition Web site, but to the censors it will appear you are visiting, say, weather.com.
This doesn't make sense. It still has to connect to and load the BAD website, too...
Other anti-censorship programs--such as Tor, Psiphon, or Freegate--can successfully hide someone's identity, but censors are able to detect that these programs are being run and then work to disable the communication. With Haystack, the censors aren't even aware the software is in use. "Haystack captures all outgoing connections, encrypts them, and then masquerades the data as something else," explains Heap. "If you want to block Haystack, you are gonna block yourself."
OK, this makes so little sense I can't even figure out how to respond to it.
Heap intends to gradually develop Haystack's presence in the country. He has started to share it with select activists and trusted individuals on an invitation-only basis. They will then be asked to share it with their friends. It is the same model that was originally followed by Google's Gmail. The targeted approach is smarter from a security standpoint. Also, he doesn't want the software to collapse from low-value demand.
SAY WHAT?
Yeah, there's one word for this whole article. BULLSHIT. It stinks.
Given that the regime in question is still very much in control, and that the only slaying that was done was by the regime, I find the term "regime slayer" to be laughable at best and really offensive at worst for those that hoped for better for the Iranian people.
That was an extreme case showing that sometimes, mere communication is not enough to evoke change.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Astroturfing on the internet? Well I never!
I read the internet for the articles.
Well, we do have an extensive history of meddling. Okay, it's actually freaking huge. Whether or not we actually did anything or not, I wouldn't blame Iran for believing that the US played some role in the recent turmoil.
As this article in Foreign Policy explains, the Internet, especially Twitter, didn't contribute nearly as much to the protests in Iran as has been reported: Misreading Tehran: The Twitter Devolution. "Word of mouth was by far the most influential medium used to shape the postelection opposition activity." Other major media included text messages and email, which this software wouldn't help much with.
Efforts to counter censorship and intrusive government monitoring should be applauded, but it's a bit premature to call this "world class regime-slaying."
All I see is a bunch of "Donate Now!" buttons/links, no actual software. http://www.haystacknetwork.com/
"Regime change isn't very effective when you have the Keystone Kops trying to carry it out for you."
Regime change isn't going to happen due to a few protesting students, and the mullocracy can choose to kill them off if they threaten Islamic control of government.
The people who want to change Iran will have to display a greater will to power than the Islamocracy. That's a very tough act to follow. It would require a Maoist level of ruthlessness, not the trifling discontent of a few young people.
"This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."
Living in a remote area would be security. The remoteness is the barrier to entry.
Security through obscurity is more like leaving your door unlocked, but living in a building where all the other doors are locked. Or having a locked door but leaving the window unlocked and using the fire escape. Or leaving the key under the mat. It's not security, it just keeps people from believing they're looking at something unsecured.
And the reason it's a major fail is that it is defeated by random actions that are far simpler than the randomness needed to defeat the security you're not implementing. Kids trying every doorknob, for instance, or the guy who vacuums the hall knowing all of the doormats that have keys under them.
As for keys and obscurity; if you have 10,000 doors to lock, and use a key system that only allows for 1,000 keys, you're counting on obscurity to keep people from trying their keys in other locks. But if you use a system that allows for 1,000,000 keys, that's actual security. Because none of the locks has to take a key used in another, and someone making a random key will have to make at least a hundred to get even a 50-50 chance of findng one that unlocks just one of the 10,000 doors, and potentially he could make 990,000 and still not find one.
As for codes, any code that gets used for more than one message reduces the security of the code. So anything other than One-Time Pad is slightly relying on security through obscurity, but you're talking about having 2048-bit security instead of infinite-bit security and thinking that's insufficient? It's not really security through obscurity until you start using rot-13 instead, and hope nobody notices.
Correct in principle, if not in detail (It's the supreme leader, not the guardians of the revolution, who has the power.)
So why does the US get all twisted about what the "president", Ahmadinejad, who has no control over foreign policy says and does?
Watch this Heartland Institute video
There's nothing obscure about how a lock works. I think you misunderstand what the word 'obscure' means.
The revolution will not be televised... but it will have a page on Wikipedia
Everyone else.
Seriously, Americans, your country is unique in the amount of evil it produces. Deal with it.
Contrary to the popular belief, there indeed is no God.
Spoken like someone who doesn't have a clue about Iran, Iranian demographics (more specifically age and racial demographics) or the current Iranian government.
Frankly I dont think you used enough made up scare words based around Islam, I'm surprised you didn't slip islamofacsist in there. To be frank, this kind of propaganda is weak, easy to see through and insult the intelligence of anyone who reads it.
But I'll hit you with the cluebat. Iran's population is primarily comprised of Persians, the government is primarily Arab. Due to the Iraq-Iran war in the 80's the 30-50 yr age bracket is severely depleted so the current theocracy has never had to deal with 20 somethings that don't remember the brutality of the Shah.
There are two armed forces in Iran, first the Iranian army which makes up the bulk of the forces and is almost exclusively ethnic Persian. Next is the Republican Guard, which is far smaller and almost exclusively Arab (Palestinian and Lebanese). The Republican Guard is used mainly as a police force. Arabs and Persians only have about 6000 years of recorded racial conflict so if a shooting war actually starts (which it wont) it will be over in a matter of days as the Persian army outnumbers the Republican Guard 10 to 1, has superior equipment and the support of the Persian people. Due to the fact that a large portion of the army will rebel if anyone gives the order to kill civilians en masse the Iranian government will not do this (they are theocratic, not stupid).
Finally we have multiple examples of how non-violent revolutions can be effective and lead to more stable states. India, Philippines (EDSA rebellion), Much of Eastern Europe in 1989 (czech, poland, east germany). New forms of communications have been able to organise non-violent revolutions more effectively then violent ones, SMS's were used during the EDSA II rebellion. Violent revolution often has the effect of not working (Ireland tried for how many hundreds of years) or placing a dictator in power (Palestine, Cambodia, Cuba). Since the end of WWII, more stable democracies have been formed by non-violent means then violent ones. So you're desire to incite violence in the Iranian people is misguided at best but I'd describe it as retarded.
Iran's (the government of Iran) problem is that it's never had to deal with a large population of 20 yr olds, now it does and the 20 yr olds are disaffected. They dont know how bad the Shah was and only know that the current government is oppressive. Violent revolutions often have the opposite effect of what the instigator intends, so if the Iranian youth start fire-bombing government buildings then it has just as much chance of backfiring and forcing people to rally around the government. Take the recent unrest in Thailand. Initially the red shirts were garnering support from much of Thailand and around the world as they were painting themselves as the oppressed, well until they started bombing BTS stations. In the end, people said the Thai government was right to take military actions and that the Thai military was very restrained as only 40 people killed, on the other hand the red shirts torched one of Bangkok's largest shopping centres further eroding support and strengthening the Thai government.
Calling someone a "hater" only means you can not rationally rebut their argument.
I'm obviously responding to a troll here, but I'm not a person who hates this country. There are some things I don't like about this country, but I can't say that there's any other country where I'd prefer to live. Well, maybe Switzerland.
If some entity has a long history of doing X, it's pretty damn stupid not to expect them to do X. It has nothing to do with whether or not it's right or wrong, the US has a history of involving itself in foreign politics. There's no need to pass moral judgement on it, but it's a fact that the US has attempted to influence foreign politics with great frequency in the past.
And the amount of evil it has combated. (ie, Nazis, Soviets, etc)
And in the Aid in which is gives
And the amount of technological achievements (Modern Assembly Line, Computers, Synthetic Life?)
I mean really.... Give it a rest.
Comprehensive solutions via a competition of ideas like no other.
It would be simply fucking glorious!
You're an idiot
Comprehensive solutions via a competition of ideas like no other.
Everyone else.
Everyone else doesn't have an extensive history of meddling? So Russia, England, Germany, France, and on and on, don't have such histories? Name a big country, there's a good chance they have a history of meddling.
While we have undoubtedly exported some nasty results with our foreign policy, the US is also unique in the amount of good it has produced - you know, little things that better the world like computers, the internet, and a large amount of modern medical technology. Whether that has, overall, outweighed the evil we have produced, I'm just not sure and I doubt anybody can easily answer that question.
And I'm not really sure that the stuff done in the name of fighting communism was truly evil though some of the results were very nasty. Communism and the threat of nuclear war were scary and were perceived as existential threats by many at the time. It sounds completely ludicrous now that we know that the Soviet economy was overextended and straining to keep up during the Cold War era, but it's unfair to judge the past with full knowledge of the outcomes.
Neither is Iran, they are no more religious then the Filipino government (except they are the "right" religion for you) but the Filipino's did it, twice. Yes the PNP (Philipino National Police) will lock you up if you upset the religious leaders, having been there, you dont state you're anti-Christian as almost every native Filipino is very devout, especially the ones in power. It's the only time in my life I've ever said, God is Great (note, the Filipino's are great people, just avoid the topic of religion).
I never said that you were inciting, I said you were retarded for thinking that violent revolution was the best way to get rid of a theocracy, let alone the only way.
Comfortable lives often lead to greater revolutions when freedoms are being visibly curtailed. The American Colonies did this (things weren't that bad under the King, you just wanted more freedom), same with India and lets not get started on Ireland, using your logic The Troubles should never have happened. I'll remind my Irish friend (who grew up in Belfast during the 70's and 80's) of that next time the subject comes up.
Here's where you show your true face in this argument. You dont give two hoots about the Iranian people, you just want to slag off Islam. Well I live near the two largest Islamic democracies, Malaysia and Indonesia and we aren't threatened at all. I can go to Kuala Lumpur, drink a beer, have extra-marital relations with a woman (who doesn't wear a hijab). Hell, Surabaya in Indonesia is a sex tourism destination. Sounds like Islamic democracies are nothing but badness.
Or you're full of shit.
Calling someone a "hater" only means you can not rationally rebut their argument.