The Secret Room

EFF Desinger Hugh D’Andrade was recently asked to create mural-sized political cartoon at a show of experimental drawings and cartoons at the Mission Cultural Center in San Francisco.

For his subject, he chose to depict the “secret room” at AT&T’s Folsom Street facility.  This is one of the places where the Bush Administrations illegal domestic spying program was carried out as all of the internet traffic (websites people visited, searches performed, emails sent or received… EVERYTHING!) passing through the facility was copied and sent to the NSA.

While I think it was great that this cartoon got shown at such a high visibility venue, I think it might have more impact if it were to be printed on t-shirts, car covers, billboards and perhaps the front of houses and businesses all over America.  Heck, It ought to be copied by skywriters on a regular basis as well as appear on the front page of every newspaper in the country.

Anyway… Give this a watch and think about it.

Technorati Tags: bush administration, illegal spying, political cartoon, nsa, domestic spying, eff

Blogging In Iran Can Get You The Death Penalty

There’s a bit of news on iafrica.com that should cause every freedom of speech loving blogger to take notice and be thankful that they live in countries where it’s safer to blog that it is in Iran.  Also, if you’re a blogger that’s even thinking about traveling to Iran and doing some blogging while you’re there, you’ll want to double or even triple your travel insurance, particularly your life insurance policies.

Just in case you thought China was the only country doing stuff like this, they’re not.  The Iranian government is working on a law that’s going to “toughen punishment for harming mental security in society” (translation: give the government more license to kill people that openly disagree with it.) They’re already blocking websites that either have sexual content, anything religious that does not agree with Islamic doctrines, and of course, anything that doesn’t agree with government approved politics.

Crimes like murder, rape, armed robbery have been on the death penalty list for a long time along with apostasy which means the act of leaving or turning away from a religion.  In Islam, deciding to quit the religion gets you the death penalty.

The bill they’re working on now is adding more to the list of death penalty crimes.  One of them is “establishing weblogs and sites promoting corruption, prostitution and apostasy”.  This means that if an Iranian puts up a blog or a website and the government decides that it does any of those things, that person can be sentenced to death.

The language leaves them a pretty wide latitude since even if a website doesn’t touch prostitution or apostasy, they can decide to claim that absolutely anything they don’t like or that is critical or in opposition to the government constitutes corruption and again the person responsible gets the death sentence.  Thankfully, there’s ways for people in Iran to continue blogging and speaking out against the government there or even just plain speaking freely without fear of reprisals like the death penalty.

One very effective answer is Anonymous Blogging, writing a blog using anonymity tools so that the blog’s content cannot be traced back to the person writing it.  One very effective tool is to use TorBrowser.  It’s a copy of Firefox that has had it’s settings fine tuned to maximize privacy and anonymity.  It also includes a copy of TOR and all of TorBrowser’s connections are routed through TOR.

One can create an anonymous email address and use TorBrowser to create a blog on free sites such as blogger or WordPress.com.  As long as the blogger only connects to the blogging site with TorBrowser and is careful about what they write, insuring that they don’t give away any information that could be used to identify them, they can safely blog away without fear of reprisals.

Another option, and in my opinion the best option, is to use Freenet.  By publishing within Freenet anyone can be completely anonymous given care about identifying clues in the content.  They can then ask other Freenet users to copy their material and publish it on the regular web where it’s available to the whole world and not traceable back to the one who wrote it.

Either of these methods of anonymous publishing are slower and generally have a higher learning curve but the benefit is a greater degree of anonymity and untraceability.  I admit that The Freenet option is the more involved of the two however it also yields the best overall security for the anonymous publisher.  The TorBrowser option on the other hand does have the advantage that it can be installed on flash drive which can be easily hidden and used on any computer with a USB 2.0 port.

Technorati Tags: anonymous email, freenet, anonymous blogging, censorship, death penalty, anonymity, iran, blogging, torbrowser

Some Changes

I’ve been thinking about some changes to the look and function of the blog and tonight I’ve finally gotten around to actually doing some of it.  I removed the big no-google graphic and the dead monitor donate button that were in the sidebar because, honestly, they were taking up a bunch of space and not doing much, if any, good.

I want to thank my wife for getting me in gear to actually get these things done, particularly the RSS and email subscriptions, which were first put in place on her blog, Off The Cuff.

To make subscription options easier to find, I put in a larger, more noticeable RSS graphic / link and an email subscription box so you can get updates to A Peculiar Blog via email if you wish.  Both RSS and the email links are powered by Feedburner so that you know what you’re dealing with and because I’m not going to try creating and managing something do the job when Feedburner does it all for free.

Technorati Tags: feedburner, rss link, email subscriptions, rss subscriptions, site news

I recently discovered something that I think is going to turn out to be a really popular plugin.  It’s the CommentLuv WordPress plugin.

When enabled, it looks for the most recent post on the RSS feed at the url that the commenter leaves when posting the comment and adds a link to that post at the end of their comment.

This plugin, used in combination with Lucia’s Linky Love, is going to do a lot to encourage comments and therefore build traffic on blogs.  Lucia’s Linky Love already encourages people to comment because after a user definable number of comments from a combination of name, email and url, the link that the comment poster leaves is made ‘Do Follow’ (the default nofollow is removed from it) and after some more posts, the urls they leave in their comments become ‘Do Follow’.  This is to encourage repeat visits and comments.

Adding CommentLuv to it gives even more reason to return to a blog and comment because now not only will your blog url become ‘Do Follow’ but CL will reach out and give you a free ‘deep link’ to your most recent post.

All in all, this is an everybody wins situation.  Blogs with these plugins get more traffic and comments, and people visiting and commenting on these blogs end up with more inbound links to more urls on their site.

Technorati Tags: build+traffic, traffic+strategies, blog+comments, commentluv, Lucias+Linky+Love, wordpress, plugin, wordpress+plugin

Answer To A Freenet Question

I recently received an email asking about something I said on my unofficial freenet 0.5 download page.  After answering, I decided that it’d be worthwhile to share that answer for anyone else who might have any passing interest in my opinions.  (with the addition of fixing a few typos and a broken sentence or two that were in the original.)

Note that I’m not against 0.7 so much as I prefer 0.5 for the reasons stated below.  I’m also aware that freenet in whatever flavor is still a work in progress and that in time things such as my opinion may change.  At the very least I think this is food for thought.

on the freenet 0.5 part of your website (http://peculiarplace.com/freenet/) you state:

“I personally believe that this is not a good idea because 0.7 still lacks features that many feel it should have.”

Could you please point out some of these features for me, that 0.7 seems to be missing? Does the 0.5 version provide these features instead of 0.7?

You also state “[…]the stable version (0.5) that a lot of freenet users consider to still be better and more anonymous than 0.7”, without giving any reasons. Why do people think that 0.7 is less anonymous?

One of the reasons I had for that was the lack of a functioning opennet capability.  Of course when I wrote that, opennet was still a far off concept that many on 0.7 were arguing strongly against.  Now that opennet is available on new installs 0.7 is scoring better in that regard.

Darknet is still something of a crap shoot in my opinion.  Making trustworthy darknet connections requires that you actually know the person whose node you’re exchanged darknet refs with and have reason to trust them.  For most people, that’s just not going to happen.

I’ve made the mistake of casually mentioning freenet to people in the past, only to watch their eyes glaze over as I then have to explain what it is and why it’s important enough to get involved with. Now I’m a lot slower to even mention freenet to anyone, let alone trust them enough to exchange darkenet refs with.

Even though there are somewhat secure means (encrypted frost msgs, etc.), there still remains the fact that most of the time, people are forced to exchange refs with people they don’t know and have no reason to trust in order to make darknet connections. There’s GOT to be a better way to deal with this. No, I don’t presently have any ideas, if I do come up with any I’ll be sure to publish them.

Another reason is embodied in this warning generated when the node starts up:

==
Note that this version of Freenet is still a very early alpha, and may well have numerous bugs and design flaws. In particular: YOU ARE WIDE OPEN TO YOUR IMMEDIATE PEERS! They can eavesdrop on your requests with relatively little difficulty at present (correlation attacks etc).
==

I realize that this vulnerability exists for 0.5 as well, however in 0.5 there is a much greater “plausible denyability” because 0.5’s opennet has a much larger number of open connections creates a greater level of transient requests than 0.7

0.7 however, doesn’t have nearly the number of open connections since it’s hard-coded to limit the total number of opennet connections to 20 and the maximum recommended number of darknet connections is 15 or so.  This, combined with the potential eavesdropping means that 0.7 nodes have less “plausible denyability”. Darknet only nodes having even less than opennet or hybrid nodes

As I understand what Toad has said about it, the only real cure for this is premix routing which would make it impossible (or as nearly so as is practical) for immediate peers to eavesdrop on requests or to attempt to snoop the contents of any given node’s datastore.  He has said that implementation of premix routing isn’t planned until 0.8

Yes, 0.5 would benefit just as much as 0.7 from the inclusion of premix routing, but because of the differences in how the two opennets work I think that 0.5 comes out with a greater anonymity and security, not only of the contents of a node’s datastore, but also in the anonymity of who is inserting or requesting what.

There’s also the matter of the node now handling inserts and requests to the degree that once the individual app initially hands it to the node, the app no longer has much say in how the transfers are handled because the node is processing everything.  I think that while there are benefits in being able to have the node handle everything like that, there’s times when it’d be better to do it the old way with the app handling things.

The final thing that a lot of 0.5 users don’t like one bit about 0.7 is the fact that while 0.7 is just great at moving small files or frost messages, it has turned out to be a lumbering dinosaur when it comes to inserting or requesting large splitfiles.


To illustrate the point about the number of connections, my 0.5 node currently has 172 connections to other nodes, some initiated by my node, others initiated by other nodes.  These connections persist for varying amounts of time and then new connections are made automatically.  No one node can really make even a good guess whether a request or insert that it receives from my node is coming from my node or is actually just being forwarded from another node or where it is in a chain that could be as long as twenty hops.

I also have an 0.7 node that I run periodically for a few days a week.  It has four darknet connections and sixteen opennet connections.  That’s not much of a crowd to hide in.


Technorati Tags: Anonymity, anonymous+network, anonymous+p2p, connections, darknet, file+sharing, freenet, freenet+0.5, freenet+0.7, freenet+project, hide+in+the+crowd, network, opennet, opinion, p2p, plausible+denyability, premix+routing, Security, toad

 Page 3 of 9 « 1  2  3  4  5 » ...  Last »