[liberationtech] Announcing Mobile Martus v1.0

2013-10-02 Thread Collin Sullivan 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Dear LibTech,

Today Benetech is very pleased to announce the release of Mobile
Martus 1.0, a free, open source Android-based mobile documentation
application that prioritizes security.

You can read more here:
http://benetech.org/2013/10/02/introducing-mobile-martus-1-0/

Briefly, some of the app's most important characteristics are:

* It's write-only (no decryption key on the phone)
* Bulletins (records) and their attachments are always encrypted locally
* It works over Tor (Orbot!)
* After initial setup, it's easy to use.

You can find some more detail at the link above. I'm happy to answer
any questions, and we always welcome your feedback.

Cheers,
Collin


- -- 
Collin Sullivan
Human Rights Program Associate
Benetech Human Rights Program

Email:  colli...@benetech.org
GPG:0x35F83A6678657D4D
XMPP:   collin.sulli...@riseup.net
OTR:A0946621 68E641FA 4DFBF9F0 10B20AA9 88601348
11C7957D 5A99DAF7 1D0DD4BC EE243287 943AD67A

https://www.benetech.org - Technology Serving Humanity
https://www.martus.org - Martus Human Rights Bulletin System
-BEGIN PGP SIGNATURE-
Version: GnuPG/MacGPG2 v2.0.20 (Darwin)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJSTIsDAAoJEN3b1xdSAv8hbFcP/1QTG3kSm7fx1ONMwIzJjDj/
2ctFq7ixs7+WwfpbGx//LE6mBCPx1YzFurGsBkfzlxFCTmW432df25YFMT7VKNFR
ZFClToM/sY/sEgMIQaY1z2eG42L57AlOdiGyb4/E1dzmd/jNRnVsWvvd8d84lOHg
6eDwzzQaBsAVWTD3haX5E/dBwBXkVqh+p8bEfFdcWQvkmRAy5/0dL7LGlX0v6x/g
8XmrWisr//x1Tx6/Pij76cknvBp/uei1kJhZVyaiftvW0PXtjvx/+cwct2ZrhtDJ
KdwYkrYN1ZE+tgpWp0L3dJl4DMFrxD82NStZlipuEQATEzmu6XdLegH7Ob3SpQUc
PPW3SBgE38auSlB8C90TDhG3brp0LqTlpVMwdxwJHwL5UDNgextX9+VLqnEQPfIF
j/q2yWnJOpxbAPhAEBqAvKogvfmFZWN4sCZb/XmUDG2PzSpMhOzSxkBH6VJFxxj8
ch6EMel60CSbjsdWPvam3g+KrLpQskqfOV15K2EKzlnQ7Yt8r+EKCs/r0LiteyIY
3I+xrnalztz33bRsGb8dzzAw/DXbnFY6NFHjmWKONo6odHmCjP9xh7zR5BvUuKUl
cXIhLcWy/ngdyqbVcEx0ZNQGQKoHWWzntSWDRXfKsxaURO4ZsC6jZ1NlfNaPgWrL
JGWIbL+pPP8Gm4NYbUWB
=uGLA
-END PGP SIGNATURE-
-- 
Liberationtech is public  archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] Complete GFW Rulebook for Wikipedia

2013-10-02 Thread 夏楚 
Thanks Colin for your nice words!

I just uploaded the rulebook to Google Spreadsheet at http://goo.gl/zKslcu.
It can be used in whatever way, but do read the paper
(http://http://goo.gl/RnMvG1
goo.gl/RnMvG1) first to avoid misinterpretation.

Best,


On Tue, Oct 1, 2013 at 12:45 PM, Collin Anderson
col...@averysmallbird.comwrote:

 Congratulations, this is impressive work. I am also completely jealous --
 a colleague and myself will be releasing a similar report for Iran in the
 next two weeks. This is intended at a broader global project on Wikipedia
 censorship ({{Citation Filtered}}) that I would hope might merge well into
 what you are doing.


 On Mon, Sep 30, 2013 at 7:26 PM, 夏楚 summer.ag...@gmail.com wrote:

 To all,

 I just finished writing up my research on GFW (Great Firewall of China)
 blacklist for Wikipedia. Some of you might find it interesting.

 The paper can be found at goo.gl/RnMvG1 (tweeted 
 herehttps://twitter.com/SummerAgony/status/384820318402920448).
 Here I paste excerpts from the Abstract and Conclusions below.

 *Abstract*

 In this report, we detail the *complete* and *exact* rulebook that the
 Great Firewall of China (GFW) exerts on Wikipedia. We call it rulebook''
 (instead of the common term blacklist'') because we not only identify the
 blacklisted terms, but also the exact string matching rules deployed by
 GFW. An efficient probing methodology makes this possible.

 ...
 Wikipedia contains millions of pages, e.g. more than 700,000 articles for
 the Chinese version, and more than 4,240,000 articles for the English
 version. It seems a daunting and unfeasible task to test these pages
 exhaustively, hence there has been no well known attempt to gather the
 complete blacklist.

 While a small sample of the blacklist is useful, the complete picture
 can be much more powerful in revealing the underlying works of GFW and
 its operators. In this study, we devised a methodology which efficiently
 examines the entire Wikipedia corpus, hence exposing to the world the
 complete GFW rulebook for Wikipedia the first time. In total, there are 919
 rules (excluding URL terms) which are applicable to Wikipedia, affecting
 5336 pages in Chinese Wikipedia and 67 English Wikipedia pages.

 The revealed rulebook also demonstrates that the GFW operation is
 haphazard and ill-maintained. At the same time, Chinese
 censorship bureaucracy *intends* to be thorough and extensive.

 To be precise, the findings in this report are on two Wikipedia
 snapshots: 2013-09-08 for the Chinese version and 2013-09-04 for the
 English version.

 *Conclusion Remarks*

 In this study, we examined the entire Wikipedia corpus (Chinese version
 and English version) and revealed the complete and exact GFW rulebook for
 Wikipedia (with caveats described in Section 6).

 A sample of notable findings are:

- There are 78 terms for which GFW blocks a non-standard variant but
not the canonical path. These are cases the censors intend to block but 
 the
block does not really happen, suggesting the censors have poor
understanding of Wikipedia's serving system.
- Many obscure non-article pages are blocked, which raises suspicion
that these pages were provided to the censorship bureaucrats by Wikipedia
editors who are very familiar with the content (e.g. those who 
 participated
in the edit wars and/or discussions regarding self-censorship proposals).
- GFW string matching rules have a 64-byte hard limit of size.

 The biggest learning out of this study, in my opinion, is that GFW
 operation
 is haphazard and ill-maintained. Also, there are many indications that the
 GFW operators are somewhat disconnected from the censorship bureaucrats.

 We hope the revealing can be of interest to internet censorship watchers,
 Wikipedia researchers, China observers, and ordinary Chinese citizens.


 --
 Xia Chu (Twitter: @summer.agony)

 --
 Liberationtech is public  archives are searchable on Google. Violations
 of list guidelines will get you moderated:
 https://mailman.stanford.edu/mailman/listinfo/liberationtech.
 Unsubscribe, change to digest, or change password by emailing moderator at
 compa...@stanford.edu.




 --
 *Collin David Anderson*
 averysmallbird.com | @cda | Washington, D.C.

 --
 Liberationtech is public  archives are searchable on Google. Violations
 of list guidelines will get you moderated:
 https://mailman.stanford.edu/mailman/listinfo/liberationtech.
 Unsubscribe, change to digest, or change password by emailing moderator at
 compa...@stanford.edu.




-- 
--
Xia Chu (Twitter: @summer.agony; Google+: gplus.to/summer.agony)
-- 
Liberationtech is public  archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] RNG in Raspberry Pi

2013-10-02 Thread Paul Elliott 

What is the quality of the Hardware RNG in the Raspberry Pi?

I have heard about the controversy about the intel chip
and wondered if there were any parallel questions about
the Raspberry Pi.

Near as I can figure out if an Hardware RNG does not
come automaticly with your desktop or laptop, the Raspberry Pi
seems to be about the cheapest source of random numbers you
can get.

Entropy key are only 36 pounds, but they seem to have a long
backlog.

What about using and Raspberry Pi for hard random number 
generation?


Question 2:

What effect did Quantum World Corporation v. Atmel Corporation et
al have on the availablity of Hardware RNGs in PCs?

Thank you for considering my questions.



-- 
Paul Elliott   1(512)837-1096
pelli...@blackpatchpanel.com   PMB 181, 11900 Metric Blvd Suite J
http://www.free.blackpatchpanel.com/pme/   Austin TX 78758-3117
---
Encryption works. Properly implemented strong crypto systems are one
of the few things that you can rely on. Unfortunately, endpoint
security is so terrifically weak that NSA can frequently find ways
around it. Edward Snowden
-- 
Liberationtech is public  archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.