Re: gnutella's problems (Re: network topology)

[Ian Goldberg]

In article <[EMAIL PROTECTED]>,
Adam Back  <[EMAIL PROTECTED]> wrote:
>And gnutella is not able to resume a transfer that dies part way
>through which is very bad for download reliability.  FastTrack/Kazza
>(but no longer Morpheus since the Kazza / Morpheus fall-out) on the
>other hand can resume, and in fact do multiple simultaneous downloads
>from multiple nodes having the same content so that it gets the
>content both much faster and much more reliably.  Also helps cope with
>different link speeds as a group of slow nodes or asymmetric bandwidth
>nodes (like cable with fast down but limited up) can satisfy the
>download of cable and other broadband users.

Wait; as far as I know, Fasttrack's and Gnutella's file-transfer
protocols are *identical* (but not their search protocols).  If Gnutella
doesn't support resuming downloads and grabbing from many people at
once, that's just a client-side issue, not a protocol issue.

[That being said, grabbing from multiple people at once requires
you know *who's got* the _very same file_.  The FastTrack protocol
supports "search by hash value", but Gnutella doesn't seem to.
Should be easy to fix, though.]

   - Ian

Re: 1024-bit RSA keys in danger of compromise

[Ian Goldberg]

In article <00e101c1d2d8$c9768080$c33a080a@LUCKYVAIO>,
Lucky Green <[EMAIL PROTECTED]> wrote:
>The panel, consisting of Ian Goldberg and Nicko van Someren, put forth
>the following rough first estimates:

I'd just like to credit the "O(minutes)" calculation to Nicko;
my own opinion was that:

- We have no reason to believe the asymptotic result applies to "real"
  keylengths (2^1024 <<< infinity)
- The physical properties of such a machine (size, power, cooling, etc.)
  seem implausible to me.

I personally don't intend to be revoking my 1024 bit key at this time.

   - Ian

Re: zks freedom websecure trial (now for Linux!)

[Ian Goldberg]

In article <[EMAIL PROTECTED]>,
Adam Back  <[EMAIL PROTECTED]> wrote:
>I noticed some discussion of the SafeWeb cancellation of free
>services here.
>
>ZKS announced yesterday freedom websecure, which is an anonymous web
>browsing system with more robust redirection and script blocking than
>systems that rely on html re-writing.  There is a free trial offered
>for a couple of months.
>
>   http://www.freedom.net/products/websecure/
>
>Unfortunately it only works as shipped with IE on windows in this
>version.

But there's an unofficial, open-source Linux client also available:

http://sourceforge.net/projects/websecure4linux/

An excerpt from the README:

---8<---8<---8<---
WebSecure4Linux

This is a really simple, quick-and-dirty Linux client for the
Freedom(r) WebSecure service from Zero-Knowledge Systems.
(See http://www.freedom.net/products/websecure/ for more info.)

Note that you will need to sign up for the service by obtaining a
WebSecure activation code and creating a user account and password before
this client will operate.  Trial activation codes, available until the
end of January 2002, can be obtained from:

   http://www.freedom.net/trial.html

Activation codes are sent to your e-mail address. (Once your account has
been created, you might want to skip the client download.  Unless, of
course, you also run Windows.)


*** IMPORTANT ***
This is not supported by Zero-Knowledge Systems AT ALL; it's completely
unofficial.  You can try to get support at the SourceForge project
page: http://www.sourceforge.net/projects/websecure4linux/

Right now, it supports http, and on linux 2.4, https as well.  It
shouldn't be hard to get the latter to work on 2.2 as well.

This program is covered by the GPL; see the file "COPYING" for details.


Some extra notes:

It's not feature-complete.  It doesn't manage your cookies, for example.
[The tricky bit is just that this code forks *a lot*, and you'd need to
put all the cookie info in persistent files, and put good locks around
all accesses to them.]

It's not speedy.  Your performance will suck.  It's written in perl,
and forks for each web connection.

It's not supported.  If it breaks, you get to keep both pieces.

---8<---8<---8<---

Have fun!

   - Ian

Re: Peer to Peer Newscasting: Morpheus

[Ian Goldberg]

In article <[EMAIL PROTECTED]>,
Optimizzin Al-gorithm  <[EMAIL PROTECTED]> wrote:
>\begin{cynical}
>This could just be Morpheus folks (ie Music City Inc) trying to document
>"legit"
>"public-good" filesharing uses so as to deter RIAA, MPAA types.
>\end{cynical}

I don't think that's cynical at all; it's pretty clearly exactly what
they're doing.

   - Ian

Re: Congress drafts new "anti-terror" bill -- with expiration date

[Ian Goldberg]

In article <[EMAIL PROTECTED]>,
Bill Stewart  <[EMAIL PROTECTED]> wrote:
>It's nice that the proposal has a sunset clause in it,
>to limit the amount of time that we're subject to the
>various good or bad half-baked suggestions and the various
>agencies' requests for powers they've always wanted.
>Expect that the worst parts will get extended indefinitely over the years :-)

Note that (if I'm reading it right) the sunset only applies to Title I
(the Internet surveillance bits), and not, for example, to the "hacking
is terrorism" bits in Title III (section 309).  The sunset also applies
to the IRS ratting on income generated from terrorist activities in
section 405.

   - Ian

Re: Open 802.11b wireless access points and remailers

[Ian Goldberg]

In article <3B5E66E7.19729.1368F157@localhost>,
Roy M. Silvernail <[EMAIL PROTECTED]> wrote:
>With an adapter, I can run a 802.11 
>card from the CF socket, I think.  (drivers might be tricky)

You don't need an adapter:

http://www.symbol.com/products/wireless/la4137.html

It's an 802.11 card in a Compact Flash socket.

   - Ian

Re: Vengeance Against Adobe

[Ian Goldberg]

In article ,
Petro  <[EMAIL PROTECTED]> wrote:
>At 9:56 PM -0700 7/23/01, Eric Cordian wrote:
>>Tim writes:
>>
>>> Adobe's use of police state measures to have a minor critic (by their 
>>> own later admission) yanked out of a conference is not likely to be 
>>> forgotten quickly. I expect this will have consequences when they 
>>> eventually resume college recruiting. Adobe will likely face sneers 
>>> and derisive laughter when it shows up on college campuses next 
>>> spring to recruit.
>>
>>Adobe's pulling back on Dmitry doesn't change the fact that the company
>>lied in saying what was being distributed was "copyrighted Adobe
>>software."
>>
>>Despite the EFF's effusive praise of Adobe, I don't plan to use any Adobe
>>software in the future.
>
>   Is there a workable freeware alternative to Distiller? 

I've never used Distiller; is it more than a Postscript-to-PDF
converter?  The free ps2pdf is part of ghostscript.

   - Ian

Re: Janet Reno speaking at UC Berkeley Graduation, 9 May 01.

[Ian Goldberg]

In article <[EMAIL PROTECTED]>,
Bill Stewart  <[EMAIL PROTECTED]> wrote:
>The San Francisco Chronicle reports that the University of
>California at Berkeley has selected Janet Reno to speak at graduation.
>The ceremony will be held at the Greek Theater on 9 May,
>and is only open to graduating students and their families (oh, well :-)

Oddly enough, I *am* a graduating student at UCB, but I'm not going to
the (unviersity-wide) ceremony on the 9th (I won't even be in the US at
the time).

I guess I'll have to miss it.  Darn the luck.

   - Ian

Re: Musings on the Economics of ZKS

[Ian Goldberg]

In article ,
petro  <[EMAIL PROTECTED]> wrote:
>Mr May:
>
>>Will they sign up tens of millions?
>>
>>Myself, I'm wondering if they'll sign up a fraction of the 300,000
>>they need at minimum. Ever, not just per year.

[Oddly, I didn't seem to get the original message from which the
 above is quoted.  But others tell me the calculation done was based
 on a $50/ever figure, instead of $50/year (which is the actual case).]

>   "Freedom 1.1 is currently available for Windows 95 or 98 only."
>
>   It's been what, a year now? No Unix/Linux/Solaris client. No 
>NT/Win2k Client. No Mac Client. No one who is worried about security 
>runs Windows 95/98.

It's been half a year since the first release, and we've certainly
been working on ports to other platforms.  If you think it's not
going fast enough, you're welcome to hop on over to
jobs.zeroknowledge.com and help out...

   - Ian

Re: Zero-Knowledge Sells Out

[Ian Goldberg]

In article <[EMAIL PROTECTED]>,
Eric Cordian  <[EMAIL PROTECTED]> wrote:
>Ian Goldberg's reputation capital is all that is holding up ZKS.  He's
>never fucked anything up before, and has performed many stunning
>cryptographic feats in the past.
>
>Had he not been on board, no one would have given ZKS more than a cursory
>glance, and the obvious criticisms would have been taken much more
>seriously.

I would dispute that.  We've got stellar people all over the company, in
all manner of areas, technical and non-technical.  I might have been the
first Zero-Knowledge employee whose name you recognized, but we've now
got a good number of them.  Adam Shostack, Adam Back, and Stefan Brands
are obvious examples.

That having been said, Open Source is clearly a goal for us.  We've got
a number of people (headed by Mike Shaver, recently of Mozilla) working
on it, but if we had more, it'd go faster.  Maybe instead of the
anonymous poster complaining that we're moving too slowly, he could move
himself over to jobs.zeroknowledge.com, and help things along?

But even before the source gets opened up (and honestly, *I* have no
idea what the timetable is; I'm not in management (thank God), and
keeping up with the timetables of 200+ employees is not what I spend my
time doing (what I *do* spend my time doing nowadays is writing up my
thesis (on the design of the Freedom network, natch) so that I can
finish up at Berkeley and move the last of my stuff out of your DMCA'ed
up country)), we've put out whitepapers describing the protocol (in
detail), as well as outlining a whole bunch of attacks on our own
system.  That's pretty open; you don't see a lot of companies doing
that.  We've gotten some good feedback from cypherpunks and others, and
more is encouraged.

We want to build a system that doesn't centralize trust, with us, or
with anyone else.  There are many, many steps to take to get there, and
we *won't* be able to do it completely (Lucky can take up the issue of
things like back doors in the ROMs of ethernet cards).  You *can't* open
source it all the way down to the quantum mechanics.  But we'll do what
we can do, and since most people's threat model doesn't include spooks
0wning their machines by sending a special packet to their NIC, it'll
likely be good enough for them.

[Oh, and about the "moving in the opposite direction" by acquiring
patents.  That's clearly baloney.  The patents existed.  Would you
rather they sit around unused, with no one able to deploy effecient
minimal-disclosure private certificates and offline elecronic cash,
or that some company with a non-trivial cypherpunk contingent grab
them, and actually get some stuff *out there*?  And again, if you're
complaining it's taking too long, get thee to jobs.zeroknowledge.com.]

   - Ian