I2P (the Invisible Internet Project) works well as a secure Internet. You can have whatever kind of traffic on it, and choose the number of hops from 0 to 4 (merely encrypted to very anonymous). They have bittorrent, and a decentralized email system running on it that works pretty good.
I2P is way beyond IPv6 in terms of addressing: Your address is not only unique but it actually follows you and serves as a pseudonymous identity. It encrypts everything end-to-end, and you can set the number of hops (default is 3) to choose the level of anonymity.
So, I just checked the I2P encryption page and it says they use 2048 ElGammal (which is log-based, as Schneier mentioned) for public key crypto. I think this means I2P could be safer from the NSA than Tor.
There is a problem with your, urm, political philosophy: If the government is even a tiny bit short of being perfectly rational and fair, the net effect of all that desire to store information from absolutely all communications will become monstrous. Before long, it will resemble a kind of absolute power and so will attract the most corrupt.
No, the NSA can't afford to 'go after' everone at the same time. But like some perfect archetype of the fishing expedition, they can go after anyone at any given time.
You've gotta understand that security is not an absolute;
Thanks for the litany of excuses, but at least half of the problems (like the swapping and mouse pointer problems) encountered on Linux desktops have nothing to do with drivers. Its mainly due to software architecture that's poorly suited to desktop environments.
Sorry, no hardware issues. Everything works perfectly in diagnostics and Windows 7...and by "everything" I also mean all the other hardware functions I can't even try to use under Linux.
Its a worse problem than that. The soil in poleward locations may not be suitable, tending to turn into desert instead (at least in the geologic near term). Land area is also less abundant near the poles, especially when you consider that Antarctica will remain ice-covered deep into the arable land crisis. Most plants and animals that help keep a temperate zone healthy probably won't be able to migrate quickly enough to the unprecedented rate of warming we have unleashead.
Then there is the tiny little question of how human bodies themselves can cope, being only adapted to live in interglacial and glacial periods--We've never adapted to the global hothouse type of climate. We couldn't even manage to do agriculture for 150,000 years in the past because the global climate made frequent 1C shifts. Our brains are especially susceptable to frequent heat extremes, curbing their energy use (and thinking ability) when heat-stressed... or otherwise causing us to croak. Our immune systems are not adapted to warm environments (however pleasant) that are steeped in dampness during 6-month long periods of darkness.
This is not the temperate zones moving poleward. Its the temperate zones disappearing and a part of the arctic likely turning into something different that hasn't existed for over 40 million years.
Remember that not only do they have a large number of exit nodes, they also have carte blanche to capture ALL traffic coming out of them, as they have no foreknowledge of whether or not it came from a US citizen. Tor helps them get around the entire PRISM issue be legitimizing their storage of the data.
I wonder if the same goes for I2P... I haven't heard much about that lately (probably people trying to keep it out of the spotlight).
I think the whole question of simple exit node monitoring is moot: What they access is either encrypted or in the clear, and the latter case means that the user doesn't consider the info to be sensitive and in the former case the eavesdropper doesn't have much of anything. (OTOH, unencrypted traffic does give evil exit nodes the ability to attempt breaking into Tor users' systems with malware.)
I2P is different because access is mostly in-network, so it implements security (and psuedonymous identity) for each party end-to-end... each address works like a public key. Another difference is that most every I2P user is essentially an onion-relay router, so finding the physical location of specific sites/users (e.g.i to take them offline as with TorMail) is much harder.
Think of I2P as an anonymized IP stack. Its general purpose and therefore has the potential to spread to many more machines, providing greater anonymity. I2P has a distributed filesystem called Tahoe-LAFS in addition to bittorrent and iMule programs.
OneSwarm is specific to a single application--file sharing--so its potential for anonymizing traffic is more limited.
5. Protect against remote exploits with an OS like Qubes. Use its TorVM and DisposableVM features to isolate different communication domains from each other. (Certain late-model hardware configurations are best used with Qubes.)
6. Go one better than Tor and use I2P. It uses routing that is more decentralized than Tor, and since everyone shares routing bandwith by default there is bandwidth to handle virtually all kinds of traffic... even bulk transfers and bittorrent. Security is also enhanced by having more users route traffic, and by communicating only with other I2P users by default. I2P have so far been successfully testing a distributed email system (I2P-Bote) which is far less vulnerable to attack than what you find on Tor (e.g. TorMail).
Remember Skype's blackout? Six weeks later on 2/6/2011 they joined NSA's PRISM program. And given the P2P nature of Skype, I'm sure it was a more difficult conversion than the other services.
"Another should be that if a novice user decides to try programming lots of high-level features using tools that came with the OS, they should be able to create a single executable file or appfolder that can be easily run on another system running the same platform without gotchas... ie a predictable runtime environment."
People should be able to look at a list of their apps without having to wade through data files and a ton of OS-supplied components. We often don't remember apps by name until we have used them many, many times; OTOH infrequently used apps can still be very important, so its vexing when Unity effectively 'loses' them.
But we might not have that choice in front of us today if MS had done its Windows (software, not hardware) security push a decade earlier. They allowed criminal organizations to become well established and resourceful.
Linux has also lowered the usability bar. With Unix, one was stuck with Bourne Shell or C Shell, and could only enjoy GUIs like OpenLook or Motif if one was at a company or university that had installed workstations from Sun, DEC, SGI, et al. With Linux, GUIs like KDE had been the default from day 1, and now there's a bonanza of them - GNOME, LXDE/Razor-qt, XFCE, Unity, Cinnamon, et al.
Your slip is showing. The Linux fans, apparently, don't even realize that OS X is the most popular Unix (a certified one, at that). That segue from "Sun, DEC, SGI" straight to Linux was a sight to behold. That you had to list 6 GUIs for Linux tells us that none of them are very good (despite the thickly caked-on makeup), and the Linux fans who normally promote and critique them scarcely know what they even are.
Think that's a bizarre thing to say? Here's why it isn't: You all deprecate the meaning of the "Interface" part of "GUI" such that it no longer conforms to the usual standards of computer engineering. Every computer expert wants good interfaces--whether they be in software or hardware--and its a constant concern for us. But by definition, a computer interface (in an API, machined metal, etc.) must remain consistent... the definition of an interface is that of a "contract"----- a PROMISE to maintain a certain form!
Linux fans insist on good contract-like interfaces for the technically adept, even though this is the demographic that can most comfortably deal with system changes. But when it comes to user interfaces, all bets are off. Then the fans change their tune, berating users for not embracing "freedom" when they question the lack of consistency in and among so-called "Desktop Linux" distros.
Furthermore, who can say if there is any Desktop Linux that rates as a real OS? I am sometimes reminded by the fans that the textbook description of an operating system doesn't even include a user interface. That's fine. However, the defacto definition of a desktop OS was laid down by Apple and Microsoft and I don't think any FOSS project has managed to honor that. If such a definition were expressed in English, one aspect of it should be that programs are neatly divided between OS components and applications (apps). Another should be that if a novice user decides to try programming lots of high-level features using tools that came with the OS, they should be able to create a single executable file or appfolder that can be easily run without gotchas... ie a predictable runtime environment.
What are the chances of this happening successfully?
Isn't that why other OSes have so few grey areas between OS and apps... to create a predictable runtime environment?
Now, tell me why people aren't lining up to write great apps for "Desktop Linux". Tell me why we (former advocate here) can't even give this sh#t away.
As for having "lowered" the usability bar... *chuckle* One raises the bar when something is made better. You confused the metaphor with a similar-sounding one, lowering the bar to entry. It almost sounds like lowering ones' standards. We all know what you meant but the choice in phrasing is, I think, indicative of a certain attitude that looks at GUIs as peripheral and something to be tacked-on noncommittally later.
For about 1/10th the cost, one other FOSS phone was able to get off the ground. Actually, even though the main page says 66%, they reached their minimum goal months ago so the startup threshold is much lower than that.
Their initial market is EU-only, but I would still consider getting a FairPhone if only to have a mini-tablet with the most open hardware that's feasible at this point.
One thing I like about FairPhone is the emphasis on open hardware in addition to software. Can anyone explain the relative strengths of Ubuntu Edge on the open source front?
Slashdot Mirror
I2P (the Invisible Internet Project) works well as a secure Internet. You can have whatever kind of traffic on it, and choose the number of hops from 0 to 4 (merely encrypted to very anonymous). They have bittorrent, and a decentralized email system running on it that works pretty good.
I2P is way beyond IPv6 in terms of addressing: Your address is not only unique but it actually follows you and serves as a pseudonymous identity. It encrypts everything end-to-end, and you can set the number of hops (default is 3) to choose the level of anonymity.
So, I just checked the I2P encryption page and it says they use 2048 ElGammal (which is log-based, as Schneier mentioned) for public key crypto. I think this means I2P could be safer from the NSA than Tor.
So you work in pharmaceuticals?
There is a problem with your, urm, political philosophy: If the government is even a tiny bit short of being perfectly rational and fair, the net effect of all that desire to store information from absolutely all communications will become monstrous. Before long, it will resemble a kind of absolute power and so will attract the most corrupt.
No, the NSA can't afford to 'go after' everone at the same time. But like some perfect archetype of the fishing expedition, they can go after anyone at any given time.
You've gotta understand that security is not an absolute;
Then tell that to your secret police idols.
There are a lot of reasons to use it over Tor.
Thanks for the litany of excuses, but at least half of the problems (like the swapping and mouse pointer problems) encountered on Linux desktops have nothing to do with drivers. Its mainly due to software architecture that's poorly suited to desktop environments.
I'm sure someone has already said this, but the fact that this is Linux 3.11 means that the next version will be Linux NT.
And it really should be.
Sorry, no hardware issues. Everything works perfectly in diagnostics and Windows 7...and by "everything" I also mean all the other hardware functions I can't even try to use under Linux.
* Kernel panic when I set my sleeping Thinkpad on my desk and plug in USB hub, displayport and power.
* Bluetooth audio freaking out pretty much anytime
* As soon as desktop apps start to push into swap memory, system freezes in endless swap loop (great way to wear out my SSD).
* Any time the system is taxed more than 70%, mouse pointer gets jumpy
Android would be a similar mess if Google had not laid down the law as to what kernel changes were necessary for mobile.
Its a worse problem than that. The soil in poleward locations may not be suitable, tending to turn into desert instead (at least in the geologic near term). Land area is also less abundant near the poles, especially when you consider that Antarctica will remain ice-covered deep into the arable land crisis. Most plants and animals that help keep a temperate zone healthy probably won't be able to migrate quickly enough to the unprecedented rate of warming we have unleashead.
Then there is the tiny little question of how human bodies themselves can cope, being only adapted to live in interglacial and glacial periods--We've never adapted to the global hothouse type of climate. We couldn't even manage to do agriculture for 150,000 years in the past because the global climate made frequent 1C shifts. Our brains are especially susceptable to frequent heat extremes, curbing their energy use (and thinking ability) when heat-stressed... or otherwise causing us to croak. Our immune systems are not adapted to warm environments (however pleasant) that are steeped in dampness during 6-month long periods of darkness.
This is not the temperate zones moving poleward. Its the temperate zones disappearing and a part of the arctic likely turning into something different that hasn't existed for over 40 million years.
That's how Venus is today.
The sun used to be significantly dimmer billions years ago, maybe putting Venus firmly within the Goldilocks zone of habitability.
Remember that not only do they have a large number of exit nodes, they also have carte blanche to capture ALL traffic coming out of them, as they have no foreknowledge of whether or not it came from a US citizen. Tor helps them get around the entire PRISM issue be legitimizing their storage of the data.
I wonder if the same goes for I2P... I haven't heard much about that lately (probably people trying to keep it out of the spotlight).
I think the whole question of simple exit node monitoring is moot: What they access is either encrypted or in the clear, and the latter case means that the user doesn't consider the info to be sensitive and in the former case the eavesdropper doesn't have much of anything. (OTOH, unencrypted traffic does give evil exit nodes the ability to attempt breaking into Tor users' systems with malware.)
I2P is different because access is mostly in-network, so it implements security (and psuedonymous identity) for each party end-to-end... each address works like a public key. Another difference is that most every I2P user is essentially an onion-relay router, so finding the physical location of specific sites/users (e.g.i to take them offline as with TorMail) is much harder.
There is an email subforum at forum.i2p (within I2P) and an IRC server you can get to from www.postman.i2p.
Think of I2P as an anonymized IP stack. Its general purpose and therefore has the potential to spread to many more machines, providing greater anonymity. I2P has a distributed filesystem called Tahoe-LAFS in addition to bittorrent and iMule programs.
OneSwarm is specific to a single application--file sharing--so its potential for anonymizing traffic is more limited.
5. Protect against remote exploits with an OS like Qubes. Use its TorVM and DisposableVM features to isolate different communication domains from each other. (Certain late-model hardware configurations are best used with Qubes.)
6. Go one better than Tor and use I2P. It uses routing that is more decentralized than Tor, and since everyone shares routing bandwith by default there is bandwidth to handle virtually all kinds of traffic... even bulk transfers and bittorrent. Security is also enhanced by having more users route traffic, and by communicating only with other I2P users by default. I2P have so far been successfully testing a distributed email system (I2P-Bote) which is far less vulnerable to attack than what you find on Tor (e.g. TorMail).
Six weeks between the Skype blackout (Dec. 22, 2010) and the day Skype came online with NSA PRISM (Feb. 6, 2011).
Remember Skype's blackout? Six weeks later on 2/6/2011 they joined NSA's PRISM program. And given the P2P nature of Skype, I'm sure it was a more difficult conversion than the other services.
"Another should be that if a novice user decides to try programming lots of high-level features using tools that came with the OS, they should be able to create a single executable file or appfolder that can be easily run on another system running the same platform without gotchas... ie a predictable runtime environment."
People should be able to look at a list of their apps without having to wade through data files and a ton of OS-supplied components. We often don't remember apps by name until we have used them many, many times; OTOH infrequently used apps can still be very important, so its vexing when Unity effectively 'loses' them.
But we might not have that choice in front of us today if MS had done its Windows (software, not hardware) security push a decade earlier. They allowed criminal organizations to become well established and resourceful.
Linux has also lowered the usability bar. With Unix, one was stuck with Bourne Shell or C Shell, and could only enjoy GUIs like OpenLook or Motif if one was at a company or university that had installed workstations from Sun, DEC, SGI, et al. With Linux, GUIs like KDE had been the default from day 1, and now there's a bonanza of them - GNOME, LXDE/Razor-qt, XFCE, Unity, Cinnamon, et al.
Your slip is showing. The Linux fans, apparently, don't even realize that OS X is the most popular Unix (a certified one, at that). That segue from "Sun, DEC, SGI" straight to Linux was a sight to behold. That you had to list 6 GUIs for Linux tells us that none of them are very good (despite the thickly caked-on makeup), and the Linux fans who normally promote and critique them scarcely know what they even are.
Think that's a bizarre thing to say? Here's why it isn't: You all deprecate the meaning of the "Interface" part of "GUI" such that it no longer conforms to the usual standards of computer engineering. Every computer expert wants good interfaces--whether they be in software or hardware--and its a constant concern for us. But by definition, a computer interface (in an API, machined metal, etc.) must remain consistent... the definition of an interface is that of a "contract"----- a PROMISE to maintain a certain form!
Linux fans insist on good contract-like interfaces for the technically adept, even though this is the demographic that can most comfortably deal with system changes. But when it comes to user interfaces, all bets are off. Then the fans change their tune, berating users for not embracing "freedom" when they question the lack of consistency in and among so-called "Desktop Linux" distros.
Furthermore, who can say if there is any Desktop Linux that rates as a real OS? I am sometimes reminded by the fans that the textbook description of an operating system doesn't even include a user interface. That's fine. However, the defacto definition of a desktop OS was laid down by Apple and Microsoft and I don't think any FOSS project has managed to honor that. If such a definition were expressed in English, one aspect of it should be that programs are neatly divided between OS components and applications (apps). Another should be that if a novice user decides to try programming lots of high-level features using tools that came with the OS, they should be able to create a single executable file or appfolder that can be easily run without gotchas... ie a predictable runtime environment.
What are the chances of this happening successfully?
Isn't that why other OSes have so few grey areas between OS and apps... to create a predictable runtime environment?
Now, tell me why people aren't lining up to write great apps for "Desktop Linux". Tell me why we (former advocate here) can't even give this sh#t away.
As for having "lowered" the usability bar... *chuckle* One raises the bar when something is made better. You confused the metaphor with a similar-sounding one, lowering the bar to entry. It almost sounds like lowering ones' standards. We all know what you meant but the choice in phrasing is, I think, indicative of a certain attitude that looks at GUIs as peripheral and something to be tacked-on noncommittally later.
For about 1/10th the cost, one other FOSS phone was able to get off the ground. Actually, even though the main page says 66%, they reached their minimum goal months ago so the startup threshold is much lower than that.
Their initial market is EU-only, but I would still consider getting a FairPhone if only to have a mini-tablet with the most open hardware that's feasible at this point.
One thing I like about FairPhone is the emphasis on open hardware in addition to software. Can anyone explain the relative strengths of Ubuntu Edge on the open source front?