EFF Says 'Stop Using Haystack'

tenco writes "Based on a blog post by the CRC today, EFF warns against using Haystack for circumventing censorship firewalls in Iran. Jacob Appelbaum states on twitter: 'Haystack is the worst piece of software I have ever had the displeasure of ripping apart.'"

In other words

[Pojut]

EFF says: "Stop using this program you've never heard of to circumvent national firewalls. And don't you DARE consider checking it out since you've heard about it now!"

Streisand effect, anyone?

Re:In other words

[Mr.+Slippery]

EFF says: "Stop using this program you've never heard of to circumvent national firewalls.

Haystack and its author Austin Heap have been getting a lot of press lately, with stories in Newsweek, The Guardian, and the Washington Post among other venues. If you're concerned with national firewalls, you've heard of it.

Re:In other words

[Chrisq]

EFF says: "Stop using this program you've never heard of to circumvent national firewalls. And don't you DARE consider checking it out since you've heard about it now!"

Streisand effect, anyone?

I would like more details but I expect it is something like "if you use this it has flaws that may well reveal who you are, that you are avoiding the firewall and what you are viewing to the authorities". For someone in the USA trying to get to Facebook at work this might mean it is still worth a try ... their network guys may not have herd of it. For someone in Iran where the project has been suggested as a way of avoiding state censorship it probably isn't worth the risk.

How about a link

[rudy_wayne]

How about a link to something that actually contains some information

Why?

[abigsmurf]

None of the sources give any clear reason why people should not use this program.

If you're going to systematically try to destroy the user base of someone's piece of software you should at least have the decency to explain why in clear terms, regardless of the reasons behind this kind of alert.

Re:Why?

[Meneth]

I've got one: A security program that's not free software? Any slashdotter should know better. :)

Re:Ok you've got my attention

[Corporate+Troll]

Yes, where is the meat actually... Not in the linked "articles". So there is a problem? Sure, very possible, but I'd like some explanations.

Re:Destroy "someone's" piece of software?

[abigsmurf]

All information that would be ever so helpful in the summary or any of the linked articles.

Re:Ok you've got my attention

[rolando2424]

I checked to see if parent's post had 140 characters.
I was not dissapointed.

Re:Ok you've got my attention

ugh, that's about 10 times longer that it ought to be and full of useless filler, like a "chicken" mcnugget or a high school essay with 5 sentences of actual content buried in 2 pages of bullshit. Oh wait, is he demonstrating haystack?

Re:Ok you've got my attention

[abigsmurf]

tldr version:

There's no way of tracking or disabling unauthorised users.

I kinda thought that was half the point of this system. Afterall, if the haystack admins can track users, it's probably possible for someone else to as well.

Re:Ok you've got my attention

[Rogerborg]

Counterpoint: the only evidence that Haystack worked was pure assertion.

The audience for this warning is Haystack users in Iran, not you and me. It's not a game to them. We're not discussing pwning some boxen, we're talking about bullets in the head.

M'kay? Grown ups are talking. Shush now.

Re:I am Daniel Colascione

[m50d]

Signing a message that refers to the "link to my resignation letter below", but not including the actual link? Guess the guy really doesn't understand security.