There's an awful lot of counterspin and uninformed opinions being shot around here.
I feel ZeroKnowledge doesn't deserve some of this off-topic criticism. Criticise for dropping linux, which is tragic, but please don't start making assumptions about the software, the network, or the system without understanding it.
firstly the name ZeroKnoledge is a play-on-words on both zero-knowledge proofs in math, and the fact that the company feels you should never have to trust them with your privacy (the system is impervious to subpeona because it has zero-knowledge of your activties). It's a trust-no-one system.
the Freedom network is more than just a proxy tunnel. It's a blind proxy tunnel in that ZKS itself can't tell who you are, where you're coming from, and where you're going. It's also not under ZKS control alone, a huge portion of the nodes are run by idependent operators, who control their own private keys. thus a paranoid individual can even select to make routes entirely through these if they still don't trust ZKS to be doing their job. It's much harder to compromise systems and the network that way.
While michael's experience installing the software
on linux was a disaster, I have to point out that he tried it on debian, not redhat, which was the supported linux platform.
the zkshim is a kernel module with very kernel-specific requirements. What was described
as non-trivial was installing from source, and oddly enouhg there's probably a good techincal reason redhat was used, otherwise the company would have packaged it for other distros as well.
BTW some ignoratus writes that it would be nice to open-source the client-code late... It already is,
or did you think your could compile without it?
this is the only privacy-company with the integrity to have released code to both the client and the anonymizing shim, and their white papers include protocol and crypto specs for review. Most importantly they provide a threat-model which clearly explains what the system is designed to counter.
personally I have used Freedom both on windows and linux daily, both at the office an at home from behind a linux firewall with DSL hookup, without any major glitches.
While it really sucks that linux is being abandonned, the product was quite functional,
so this is probably a result of a business decision.
The loss for the linux comunity is great; the loss for ZKS could be greater. But please remember that all is not dead for linux. the source-code still lives, should anyone want to re-implement it.
no sweat.
We should all use encryption plus a pseudonymous mix-master such as ZeroKnowledge's Freedom.
That way both the contents and your location/identity are masked.
not only can the NSA not decrypt the mail,
but they have no clue whom to subpeona
for keys.
Obviously some of you don't read the white-papers.
As the blurb pointed out, the efforts were started
by Zero Knowledge Systems (http://www.zeroknowledge.com), creators of the
Freedom(tm) pseudonimous software.
If you check out the site and read the whitepapers, you'll see how the software anoymises your ip by going through the freedom network through 3 encrypted hops, and hav eyour packaets
coming out from a freedom network node's wormhole.
Thus all that someone else sees is the ip of the
last freedom node's wormhole.
Freedom is the proof of concept that ip's can be
anonymized. I'm not suggesting that NymIP will
work in the same way, indeed, its mandate is to
arrive at independent and open-standard solutions
that may very well be alternatives to this concept, but rest assured that it can and will be
done.
The problem here is that the emphasis is only on public figures, which are theoretically already accountable to the public. The 'strong media', because it is media-owned, does not scrutinize the lives of its coroporate leaders, people who manipulate speech, ideas, markets, and our daily lives to a much greater extent and far less restraint than politicians and have no accountability towards the people. Maybe what you meant was: a strong, idependant media...
Thanks for pointing that out.
But the point is: if you were being
security-concious in the first place,
you shouldn't be trusting or running
any executable that is linked to some
untrusted static libc.a.
Without bashing Pinkerton, whose change in direction if sincere is to be applauded, I'm not sure anything short of canning the project would suffice. What was Pinkerton and Wave initially trying to accomplish ? any kind of project classifying or tagging indivuduals is a complete disregard for basic liberties. Add in the part that it is in part backed by private-enterprise, and that evaluation criteria are based on anonymous informants, 'headhunting' cash rewards, and that the results are non-public and completely obscure to the targeted individuals and the public at large. And what with the Baseball caps and T-shirts ? - "Do you want them with or without swastikas ?" If this some misguided attempt at positive-PR, these people have a lot to lear about schoolkids. Fact is, no kid would ever dare wear any kind of paraphenalia that would so 'geeky', if you pardon the irony. Any kind of profiling violates the "innocent until proven guilty" axiom of justice. In criminal law a person is only supsect if a crime has been committed. Why should it be, that for a potential threat, normal procedure be more repressive than in the event of real crime ? If a kid posesses a firearm, sure he/she should be denounced. But that is a criminal offense, and we already have mechanisms to deal with this. If somebody gets bullied or threatened, similarly, pressing charges is always an option. That is the way the adult world functions, and we need a system for children that mirrors this civilized process. Children learn by example and abhor hypocrisy: let's not confuse them with a system that preaches bigotry and witchhunts. As in most problems in America, we just need to follow the greens to get to the root of the evil. The real bug in the system is usually at the institution level, where shools ignore or suppress kid problems in order to protect their reputation. What is needed is more money to school counsellors, educators, legal aid, and independant ombudsmen who will be capable of pushing these issues and work with appropriate authorities despite a sometimes non-cooperative schoolboard.
There is such a thing: it's called the GPL. It's a license, not a patent, but since it governs intellectual property rights it's basically the same. How about Gnu Public Patents held by the FSF for the greater good ?
That's dead on. The assumption of guilt here is absurd & unbelievable. The state could arguably enforce a survey, assuming it was somewhat less bogus than this one, and compile statistics, but only as aggregates and totals in numbers of students, etc. Never should the state be allowed to associate the results to the individuals's names, as that violates this principle: It's also even more abberant in the fact that these are also the identities of minors, which should be confidential and undisclosed to begin with according to youth-protection acts. For the system to work, the state must abide by its own rules and charters. Also the assumption that hanging in a clique is dangerous! All groups are by definition exclusive from other groups or the masses, this is how we establish the bounds of a group. And what happenned to the right to assembly: to gather with other individuals for various cooperative social or political functions? This is one of the cornerstones of liberty.
Java is a very serious language, and is starting to be used in profitable production systems. Our company use Java for E-commerce applications: communcations brokers, database agents, and a few front-ends. Our products are used for electronic distribution of Airline and travel reservation systems and are high-volume. However, these are fairly new components in our application systems. At lot of parts work in C and will continue to do so for quite a while. The back-end legacy is too immense to port in a quick-delay. There is an on-going re-engineering task force, but it will be a very slow process. As someone else responded later on: the poll is far from fair: a sample of 150 programmers is too small a sample to be representative. take slash-dot for example. The people posting on this thread are a very good random sample of programmers: I'm sure compounding statistics of the use of programming languages here would yield very different, and probably more conclusive results. Then again, you could argue that only *certain* types of programmers subscribe to slashdot, and that these are more likely to favour certain paradigms over others. In any case, you have garantee of random population sample, and a much larger sample group.
Slashdot Mirror
There's an awful lot of counterspin and uninformed opinions being shot around here. I feel ZeroKnowledge doesn't deserve some of this off-topic criticism. Criticise for dropping linux, which is tragic, but please don't start making assumptions about the software, the network, or the system without understanding it. firstly the name ZeroKnoledge is a play-on-words on both zero-knowledge proofs in math, and the fact that the company feels you should never have to trust them with your privacy (the system is impervious to subpeona because it has zero-knowledge of your activties). It's a trust-no-one system. the Freedom network is more than just a proxy tunnel. It's a blind proxy tunnel in that ZKS itself can't tell who you are, where you're coming from, and where you're going. It's also not under ZKS control alone, a huge portion of the nodes are run by idependent operators, who control their own private keys. thus a paranoid individual can even select to make routes entirely through these if they still don't trust ZKS to be doing their job. It's much harder to compromise systems and the network that way. While michael's experience installing the software on linux was a disaster, I have to point out that he tried it on debian, not redhat, which was the supported linux platform. the zkshim is a kernel module with very kernel-specific requirements. What was described as non-trivial was installing from source, and oddly enouhg there's probably a good techincal reason redhat was used, otherwise the company would have packaged it for other distros as well. BTW some ignoratus writes that it would be nice to open-source the client-code late... It already is, or did you think your could compile without it? this is the only privacy-company with the integrity to have released code to both the client and the anonymizing shim, and their white papers include protocol and crypto specs for review. Most importantly they provide a threat-model which clearly explains what the system is designed to counter. personally I have used Freedom both on windows and linux daily, both at the office an at home from behind a linux firewall with DSL hookup, without any major glitches. While it really sucks that linux is being abandonned, the product was quite functional, so this is probably a result of a business decision. The loss for the linux comunity is great; the loss for ZKS could be greater. But please remember that all is not dead for linux. the source-code still lives, should anyone want to re-implement it.
no sweat. We should all use encryption plus a pseudonymous mix-master such as ZeroKnowledge's Freedom. That way both the contents and your location/identity are masked. not only can the NSA not decrypt the mail, but they have no clue whom to subpeona for keys.
Obviously some of you don't read the white-papers. As the blurb pointed out, the efforts were started by Zero Knowledge Systems (http://www.zeroknowledge.com), creators of the Freedom(tm) pseudonimous software. If you check out the site and read the whitepapers, you'll see how the software anoymises your ip by going through the freedom network through 3 encrypted hops, and hav eyour packaets coming out from a freedom network node's wormhole. Thus all that someone else sees is the ip of the last freedom node's wormhole. Freedom is the proof of concept that ip's can be anonymized. I'm not suggesting that NymIP will work in the same way, indeed, its mandate is to arrive at independent and open-standard solutions that may very well be alternatives to this concept, but rest assured that it can and will be done.
moderate this up!
The problem here is that the emphasis is only on public figures, which are theoretically already accountable to the public. The 'strong media', because it is media-owned, does not scrutinize the lives of its coroporate leaders, people who manipulate speech, ideas, markets, and our daily lives to a much greater extent and far less restraint than politicians and have no accountability towards the people. Maybe what you meant was: a strong, idependant media...
Thanks for pointing that out. But the point is: if you were being security-concious in the first place, you shouldn't be trusting or running any executable that is linked to some untrusted static libc.a.
Without bashing Pinkerton, whose change in direction if sincere is to be applauded, I'm not sure anything short of canning the project would suffice. What was Pinkerton and Wave initially trying to accomplish ? any kind of project classifying or tagging indivuduals is a complete disregard for basic liberties. Add in the part that it is in part backed by private-enterprise, and that evaluation criteria are based on anonymous informants, 'headhunting' cash rewards, and that the results are non-public and completely obscure to the targeted individuals and the public at large. And what with the Baseball caps and T-shirts ? - "Do you want them with or without swastikas ?" If this some misguided attempt at positive-PR, these people have a lot to lear about schoolkids. Fact is, no kid would ever dare wear any kind of paraphenalia that would so 'geeky', if you pardon the irony. Any kind of profiling violates the "innocent until proven guilty" axiom of justice. In criminal law a person is only supsect if a crime has been committed. Why should it be, that for a potential threat, normal procedure be more repressive than in the event of real crime ? If a kid posesses a firearm, sure he/she should be denounced. But that is a criminal offense, and we already have mechanisms to deal with this. If somebody gets bullied or threatened, similarly, pressing charges is always an option. That is the way the adult world functions, and we need a system for children that mirrors this civilized process. Children learn by example and abhor hypocrisy: let's not confuse them with a system that preaches bigotry and witchhunts. As in most problems in America, we just need to follow the greens to get to the root of the evil. The real bug in the system is usually at the institution level, where shools ignore or suppress kid problems in order to protect their reputation. What is needed is more money to school counsellors, educators, legal aid, and independant ombudsmen who will be capable of pushing these issues and work with appropriate authorities despite a sometimes non-cooperative schoolboard.
There is such a thing: it's called the GPL. It's a license, not a patent, but since it governs intellectual property rights it's basically the same. How about Gnu Public Patents held by the FSF for the greater good ?
That's dead on. The assumption of guilt here is absurd & unbelievable. The state could arguably enforce a survey, assuming it was somewhat less bogus than this one, and compile statistics, but only as aggregates and totals in numbers of students, etc. Never should the state be allowed to associate the results to the individuals's names, as that violates this principle: It's also even more abberant in the fact that these are also the identities of minors, which should be confidential and undisclosed to begin with according to youth-protection acts. For the system to work, the state must abide by its own rules and charters. Also the assumption that hanging in a clique is dangerous! All groups are by definition exclusive from other groups or the masses, this is how we establish the bounds of a group. And what happenned to the right to assembly: to gather with other individuals for various cooperative social or political functions? This is one of the cornerstones of liberty.
Java is a very serious language, and is starting to be used in profitable production systems. Our company use Java for E-commerce applications: communcations brokers, database agents, and a few front-ends. Our products are used for electronic distribution of Airline and travel reservation systems and are high-volume. However, these are fairly new components in our application systems. At lot of parts work in C and will continue to do so for quite a while. The back-end legacy is too immense to port in a quick-delay. There is an on-going re-engineering task force, but it will be a very slow process. As someone else responded later on: the poll is far from fair: a sample of 150 programmers is too small a sample to be representative. take slash-dot for example. The people posting on this thread are a very good random sample of programmers: I'm sure compounding statistics of the use of programming languages here would yield very different, and probably more conclusive results. Then again, you could argue that only *certain* types of programmers subscribe to slashdot, and that these are more likely to favour certain paradigms over others. In any case, you have garantee of random population sample, and a much larger sample group.