[liberationtech] Need Help: Water quality monitor for African sensorweb project
Hi everyone. One of the grassroots data journalism projects that our Code for Africahttp://codeforafrica.org and Hacks/Hackers Africa https://www.facebook.com/HacksHackersAfrica teams support urgently needs some help. They're trying to find a cost-efficient digital imaging / microscopy solution for a sensorweb they're building that will use SMS messages to alert rural communities to e-coli and other contamination of local rivers that communities use for drinking water. The projects are in an area that is South Africa's epicenter of the HIV/Aids pandemic (with up to an astounding *46%* of pregnant women in the area testing HIV positive), and where there are regular cholera outbreaks ... which are fatal for anyone with a compromised immune system. The sensorweb idea stems from a Liberation Technology presentation on mobile phone hacks at Stanford in 2008/9, where some students demonstrated a smartphone they'd converted into a microscope using the inbuilt camera flash. The presentation unfortunately wasn't part of the official speaker programme, so we're struggling to track the team. The African project intends using the sensorweb for two purposes: 1.) To create a public SMS alert service for villagers, that warns when rivers are dangerously contaminated so that villagers can go elsewhere for water. 2.) To create the region's 1st real-time database of water quality for journalists, activists, and the authorities to track sewerage and other spills into local rivers. We have a small ($10,000) seed grant from the Bill Melinda Gates Foundation and World Editors Forum to test the idea for citizen-run sensorwebs in impoverished rural communities. The local partner is a grassroots muckraking newspaper, Ziwaphi https://www.facebook.com/ziwaphi, which has dedicated a reporting team to the project for 1yr but doesn't have many other resources. We therefore need really cheap easy-to-deploy solutions! Any ideas or suggestions or leads would be much appreciated. Hope someone on the list can help. Cheers, Justin Justin Arenstein SA Mobile: +27.82.374.0812 US Mobile: +1.650.336.5878 Skype: JustinArenstein Twitter: JustinArenstein http://twitter.com/justinarenstein Web: http://www.linkedin.com/in/JustinArenstein *PGP Key Fingerprint: **8B19 3C53 2B40 453B F48D 9D7A 7346 A3AE DB88 30CD* *Do you want to email me confidentially? See: **http://bit.ly/VLJt1N http://bit.ly/VLJt1N* -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Secure Cloud Computing: Virtualizing the FreedomBox
On 17/04/14 20:29, David Solomonoff wrote: This blog post was inspired by a recent breakthrough in homomorphic encryption at MIT: In 2010 I asked Professor Eben Moglen https://en.wikipedia.org/wiki/Eben_Moglen to speak to the Internet Society of New York http://isoc-ny.org about software freedom, privacy and security in the context of cloud computing and social media. In his Freedom in the Cloud http://isoc-ny.org/?p=1338%20 talk, he proposed the FreedomBox https://freedomboxfoundation.org as a solution [Now] data can be encrypted at every point until it is accessed by its legitimate owner, combining privacy and security with the flexibility and scalability of cloud computing. No longer confined behind a locked down private data center or hidden under the end user's bed, a virtual FreedomBox can finally escape to the clouds. Full article: http://www.davrola.com/2014/04/17/secure-cloud-computing-virtualizing-the-freedombox/ (I am not a cryptographer, but disillusioned former FHE-enthusiast, until I realized was irrelevant to real Cloud policy) Fully homomorphic encryption uses techniques utterly different to conventional encryption and is a ~trillion times slower. Even the integer version ~million times slower Apropos the blog, Mylar is cool, but doesn't use FHE. It sends the Cloud conventionally encrypted blobs to and fro - and the Client does all the work (thus neutralizing main vaunted benefit of Cloud, elastic and parallel CPU power). It also uses an encrypted search technique for indexing (which is also cool) TAHOE is also cool, but doesn't claim to provide confidentiality. A TAHOE service provider would have no choice but to round-up/backdoor the necessary keys under existing US (FISA/PATRIOT) or UK (RIPA Pt.3) legislation [or Indian IT Acts etc. etc.] There are partial homomorphic solutions coming along useful to specific scenarios, but using them will be state-of-the-art crypto engineering research.microsoft.com/pubs/148825/ccs2011_submission_412.pdf for foreseeable future FHE cannot rescue confidentiality in the Cloud. Caspar Bowden -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] FW: Just Net Coalition publication: Delhi declaration and related articles
Moving forward the necessary discussion on a political economy of the Internet the essays pointed to below were compiled for NETmundial http://netmundial.br/ The Global Multistakeholder Meeting on the Future of Internet Governance meeting about to start in São Paulo discussing the future of Internet Governance. http://justnetcoalition.org/sites/default/files/JNC-PUBLICATION.pdf M -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Secure Cloud Computing: Virtualizing the FreedomBox
On 22 April 2014 07:47, Caspar Bowden (lists) li...@casparbowden.net wrote: TAHOE is also cool, but doesn't claim to provide confidentiality. A TAHOE service provider would have no choice but to round-up/backdoor the necessary keys under existing US (FISA/PATRIOT) or UK (RIPA Pt.3) legislation [or Indian IT Acts etc. etc.] I'm pretty sure that TAHOE does provide confidentiality - the keys don't leave your device (more correctly, the gateway running on your device) unless you distribute them. Which you can, you can send the decryption key granting read-capability to anyone, but you don't have to. -tom -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] Just Net Coalition Response to NetMundial Outcome Document
Please find below and attached the Just Net Coalition's response to the draft NetMundial Outcome Document. * Just Net Coalition Response to NetMundial Outcome Document * President Dilma's Speech in the UN General assembly last September, resonated throughout the world. It expressed the outrage of the people on the grave violation of human rights and of civil liberties, the threat of cyberspace being used as a weapon of war and violation sovereign rights of countries including Brazil. She expressed the global discontent in the way the Internet is being currently governed. She called for protection of data as it travels on the web and multilateral mechanisms (or UN mechanisms) for the Internet to ensure democratic governance, cultural diversity, inclusive and non discriminatory societies, and responsible regulation. It is in this context within which the NetMundial conference -- on April 23rd-24th -- is taking place in Sao Paulo for which Brazil has taken the initiative. Unfortunately, all the above issues that President Dilma highlighted in her UN speech, are missing from the current draft that is being placed before the conference. The document fails to mention the word 'democracy' at all - and instead talks only about the multistakeholder model and governance on the basis of consensus. This, even though such systems have failed in protecting the global citizens from drag-net surveillance, the threat of cyber war and the emergence of global monopolies. Such a model also completely ignores the concept of public interest in Internet governance. If we take the pharmaceutical example, a multistakeholder governance would have meant deciding /by consensus/-- between global pharma, AIDS patients in the global south and global governments -- what should be the cost of such lifesaving drugs, without addressing or identifying where public good lies. Brazil and other countries rejected such an approach and that iswhy people in the global south today can afford to buy drugs for their treatment. And who would accept that pharmaceutical companies have equal rights with respect to decisions on safety and effectiveness of their products? A model that gives equal rights for public policy to governments, and corporations, is giving global corporations, a veto to prevent any meaningful reform and regulation. This is a violation of all democratic norms and the rights of the people -- their political, economic, social and cultural rights, essentially surrendering global public interest to private, unelected, rich and powerful global corporations. How could, for instance, network neutrality ever be imposed in such a model? Governments are answerable to their people; corporations to their shareholders. People and profits cannot be equated through a specific model of governance. This is what NetMundial must address; not an endorsement of the status quo but a new beginning in Internet governance; an Internet governance that must place public good over private profit, protect global citizens from mass surveillance and the threat of cyber weapons. This is the leadership role that we would expect President Dilma and Brazil to play in NetMundial. This is what all countries and groups who believe in democracy, advancing human rights and social justice and a peaceful world must strive for in the final outcome document. The Just Net Coalition has submitted a detailed clause-by-clause amendment to the Draft of the NetMundial document. We believe that the draft should be significantly revised to include the following: 1. A democratic and multistakeholder Internet governance model with different roles and responsibilities for different stakeholders; recognising that corporations and governments cannot be placed on an equal footing in governing the Internet. 2. Restoring the reference to the necessary and proportionate principle and therefore countering the continuation of mass surveillance. 3. Restoring reference to the need for a global compact on prohibition of cyberwar and cyber weapons. 4. Adding a clear reference to net neutrality principles (the current reference is too vague and ambiguous, permitting practices such as tiered access and differential pricing). 5. Addressing emerging increased power of monopolies in the Internet space with respect to cultural and language diversity, and profiteering, and the need for regulating such monopolies. 6. Addressing the issue of appropriation and monetisation of data of the people by corporations. 7. Recognizing the concept of global commons or public good in internet governance. 8. Rejecting unilateral preconditions on the IANA transition discussions. We expect that the final outcome document will explicitly foster a decentralized, free and open, non-hierarchical network of networks, and not implicitly favour the current trends of Internet governance which are leading us more and more towards monolithic, centralized walled gardens. NetMundial must dedicate itself to a roadmap
Re: [liberationtech] Secure Cloud Computing: Virtualizing the FreedomBox
On 22/04/14 14:05, Tom Ritter wrote: On 22 April 2014 07:47, Caspar Bowden (lists) li...@casparbowden.net wrote: TAHOE is also cool, but doesn't claim to provide confidentiality. A TAHOE service provider would have no choice but to round-up/backdoor the necessary keys under existing US (FISA/PATRIOT) or UK (RIPA Pt.3) legislation [or Indian IT Acts etc. etc.] I'm pretty sure that TAHOE does provide confidentiality - the keys don't leave your device (more correctly, the gateway running on your device) unless you distribute them. Which you can, you can send the decryption key granting read-capability to anyone, but you don't have to. Yes, the fragments of data are brought together on your device (or a gateway someplace), in that sense it is no different from a pure storage Cloud (do it yourself crypto) but with better availability * Users do not rely on storage servers to provide */confidentiality/* nor */integrity/* for their data -- instead all of the data is encrypted and integrity-checked by the gateway, so that the servers can neither read nor modify the contents of the files. (https://tahoe-lafs.org/trac/tahoe-lafs/browser/trunk/docs/about.rst) It's a storage solution, and therefore not what actually Cloud is about in a business/industry sense, who want Cloud compute power to crunch usefully on encrypted data. CB -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Programming language for anonymity network
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi Stevens, I think it would be irresponsible to start a new project in C or C++ given the enormous number of security issues caused by memory handling bugs in C and C++ code. Here's a quote from a Debian security advisory I just received, which is typical of these advisories: Multiple memory safety errors, out of bound reads, use-after-frees and other implementation errors may lead to the execution of arbitrary code, information disclosure or denial of service. These are entire classes of bugs that don't exist in safer languages. Avoidable bugs like this are found every day in widely used, open source software. Software that isn't widely used and open source presumably has a similar density of bugs, but they're undiscovered or undisclosed. C and C++ programmers seem to think that memory handling bugs are something that happens to other people. They're not. Every programmer in every language makes mistakes, but in C and C++ simple mistakes can have subtle and disproportionately serious consequences. Cheers, Michael On 18/04/14 09:26, Stevens Le Blond wrote: Hello, We are a team of researchers working on the design and implementation of a traffic-analysis resistant anonymity network and we would like to request your opinion regarding the choice of a programming language / environment. Here are the criteria: 1) Familiarity: The language should be familiar or easy to learn for most potential contributors, as we hope to build a diverse community that builds on and contributes to the code. 2) Maturity: The language implementation, tool chain and libraries should be mature enough to support a production system. 3) Language security: The language should minimize the risk of security relevant bugs like buffer overflows. 4) Security of runtime / tool chain: It should be hard to inconspicuously backdoor the tool chain and, if applicable, runtime environments. To give two concrete examples: Using the C language + deterministic builds is an attractive option with respect to 1), 2) and 4), but doesn’t provide much regarding 3). Java does better with respect to 3), however, it trades some of 3) and 4) as compared to C. Specifically, we are concerned that large runtimes may be difficult to audit. A similar argument may apply to other interpreted languages. Given these criteria, what language would you choose and for what reasons? We would also appreciate feedback regarding our criteria. All the best, David, Nick, Peter, Stevens, and William -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBCAAGBQJTVp7DAAoJEBEET9GfxSfMQMAIAL/P3WfYgLeNe9oa5SQhtTEO JXdP41q7UNS1ZznRMY+gsKLNZr3bjaSfJiLqALVkNl8XpHQCAbMwFowxtmkcvah/ 7ZwXhT2Y2OT3DwobnT/173T611I3+w6QG4AJULmVt02mU01XeUuN23UPVYNjOZ/M ZQrbZ6E45kes7Qq2TAG8FwK4tTnmjzzEyr9W0VOH/x9j1+oes4t2BHAM8cpb7+cr E0aJLAJCth0ICt0nK2Ms6R1T7NyrgdzQLI+YJ3PGiyz5ajxyEfohrvfPkfPPeAEW nmLly6GSga/gmQzx7yLNgUj7h4tD1IMkC5CTWu4Yd1kd2LLF8kEto03rPf6+Au0= =GMPw -END PGP SIGNATURE- -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Programming language for anonymity network
Michael- You have a point C++ in the raw would be a big mistake, Then I was suggesting a Safe, compiler enforced subset. of C++... (still to be determined)... -Peter On Tue, Apr 22, 2014 at 9:54 AM, Michael Rogers mich...@briarproject.orgwrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi Stevens, I think it would be irresponsible to start a new project in C or C++ given the enormous number of security issues caused by memory handling bugs in C and C++ code. Here's a quote from a Debian security advisory I just received, which is typical of these advisories: Multiple memory safety errors, out of bound reads, use-after-frees and other implementation errors may lead to the execution of arbitrary code, information disclosure or denial of service. These are entire classes of bugs that don't exist in safer languages. Avoidable bugs like this are found every day in widely used, open source software. Software that isn't widely used and open source presumably has a similar density of bugs, but they're undiscovered or undisclosed. C and C++ programmers seem to think that memory handling bugs are something that happens to other people. They're not. Every programmer in every language makes mistakes, but in C and C++ simple mistakes can have subtle and disproportionately serious consequences. Cheers, Michael On 18/04/14 09:26, Stevens Le Blond wrote: Hello, We are a team of researchers working on the design and implementation of a traffic-analysis resistant anonymity network and we would like to request your opinion regarding the choice of a programming language / environment. Here are the criteria: 1) Familiarity: The language should be familiar or easy to learn for most potential contributors, as we hope to build a diverse community that builds on and contributes to the code. 2) Maturity: The language implementation, tool chain and libraries should be mature enough to support a production system. 3) Language security: The language should minimize the risk of security relevant bugs like buffer overflows. 4) Security of runtime / tool chain: It should be hard to inconspicuously backdoor the tool chain and, if applicable, runtime environments. To give two concrete examples: Using the C language + deterministic builds is an attractive option with respect to 1), 2) and 4), but doesn’t provide much regarding 3). Java does better with respect to 3), however, it trades some of 3) and 4) as compared to C. Specifically, we are concerned that large runtimes may be difficult to audit. A similar argument may apply to other interpreted languages. Given these criteria, what language would you choose and for what reasons? We would also appreciate feedback regarding our criteria. All the best, David, Nick, Peter, Stevens, and William -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBCAAGBQJTVp7DAAoJEBEET9GfxSfMQMAIAL/P3WfYgLeNe9oa5SQhtTEO JXdP41q7UNS1ZznRMY+gsKLNZr3bjaSfJiLqALVkNl8XpHQCAbMwFowxtmkcvah/ 7ZwXhT2Y2OT3DwobnT/173T611I3+w6QG4AJULmVt02mU01XeUuN23UPVYNjOZ/M ZQrbZ6E45kes7Qq2TAG8FwK4tTnmjzzEyr9W0VOH/x9j1+oes4t2BHAM8cpb7+cr E0aJLAJCth0ICt0nK2Ms6R1T7NyrgdzQLI+YJ3PGiyz5ajxyEfohrvfPkfPPeAEW nmLly6GSga/gmQzx7yLNgUj7h4tD1IMkC5CTWu4Yd1kd2LLF8kEto03rPf6+Au0= =GMPw -END PGP SIGNATURE- -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] [cryptography] The next gen P2P secure email solution
This thread pertains specifically to the use of P2P/DHT models to replace traditional email as we know it today. *Anonymous Email based on virtual institutions* What about this model? In a network you send your public email encryption key to an virtual institution. The institution is defined by a name (e.g. AES string) and postal address (e.g. hash key). Having this information added to your node, all your email to you or from you will be stored in the virtual email provider institution. This detaches your nodes IP and encrpytion key from the institution. That means, care-off (c/o) institutions will be able to house 3rd-party e-mail without needing to distribute their own public keys. To create a post office for your friends, two methods exist: 1) Define a common neighbor (e.g Alice and Bob connect to a common webserver as node, and all three have email encryption keys shared), then the webserver stores the emails, even if Alice or Bob are offline. 2) Or/additionally: Create an virtual institution and add the email key of a friend to your node. In case your friend adds the magnet link (which contains name and address of the virtual institution, aka AES key and Hash key) for the institution as well to his node, the institution will save all emails for him (as well from senders, which are not registered at the virtual institution). A Magnet Link allows to share the virtual institution easily. The magnet Uri would look like: *magnet:?in=Gmailct=aes256pa=dotcomht=sha512xt=urn:institution* With this method an email provider can be build without data retention and with the advantage of detached email encrpytion keys from node´s IP addresses. Next to TCP, you can use as well UDP and SCTP as protocol. Virtual Institutions (VI) have been - due to the homepage - introduced by the lib-version 0.9.04 of http://goldbug.sf.net email and chat application. If we understand this right, now everyone can create an email provider without data retention just as a service for friends. In case in a network of connected nodes everyone uses gmail as VI-name and dotcom as VI-address, everyone will host everyone for email, while all remains encrypted.. could be a nice net or p2p model in a testing. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Secure (but Hackable) Cloud Computing:
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Computing on a device you have full control over is not necessarily secure, and offloading everything onto a machine (or set of machines) that you have no real control over probably won't improve your security. There's a lot of money to be made by people who want to convince you otherwise. Caveat lector. Incidentally, a new set of attacks (and related vulnerabilities) was released today: Abstract: http://eprint.iacr.org/2014/248 Paper: http://eprint.iacr.org/2014/248.pdf Here we show that AES in a number popular cryptographic libraries including OpenSSL, PolarSSL and Libgcrypt are vulnerable to Bernstein’s correlation attack when run in Xen and VMware (bare metal version) VMs, the most popular VMs used by cloud service providers (CSP) such as Amazon and Rackspace. We also show that the vulnerability persists even if the VMs are placed on different cores in the same machine. The results of this study shows that there is a great security risk to AES and (data encrypted under AES) on popular cloud services. A quick search for [xen vps hosting] leads to 364,000 results. And of course most of these are pages from service providers, not the websites they host. Think of all the sites that are hosted on these thousands of service providers (or even just Amazon/Rackspace/Linode/Gandi) and you start to scratch the surface of why cloud security is still so tricky. best, Griffin PGP: 879B DA5B F6B2 7B61 2745 0A25 03CF 4A0A B3C7 9A63 emoji: ᕕ(ᐛ)ᕗ On 2014-04-22 07:47, Caspar Bowden (lists) wrote: On 17/04/14 20:29, David Solomonoff wrote: No longer confined behind a locked down private data center or hidden under the end user's bed, a virtual FreedomBox can finally escape to the clouds. Apropos the blog, Mylar is cool, but doesn't use FHE. It sends the Cloud conventionally encrypted blobs to and fro - and the Client does all the work (thus neutralizing main vaunted benefit of Cloud, elastic and parallel CPU power). It also uses an encrypted search technique for indexing (which is also cool) -BEGIN PGP SIGNATURE- Version: OpenPGP.js v0.5.1 Comment: http://openpgpjs.org wsBcBAEBCAAQBQJTVq69CRADz0oKs8eaYwAAbnkH/0HbKOWo5yo/j/ViHTV4 Q0k4cs0I6qIXBmIP3KNXkE9BdEjpXQg05hfvgQYbmw2P4YIbphB2YMrEH43l fVth5HMdfDiRll1TzPoQrnGcREZVch0oITwiUwaKpg/j3wyFndZg+FvMI2Wm 651BF5xKQQaD2sBlAq4foYLCyEsJ33P3Vl84hs4UyutJVLRkId5iMFANrey6 qIpCrbT15ImG1/YQXSerzsD/bWC38HJrOZqvOCvJxmSEJidDWeqdZQvd8Dfp +VSs2Y+XxedlVFzPjla2IssgdFtcSfFvX09O0GJJn22ruYKV+quoraqwjaaU rAaqh4b5nVUTe/JCkesJgec= =rwxf -END PGP SIGNATURE- -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] [p2p-hackers] Programming language for anonymity network
You could also try using some of the great tools out there to reduce the security risks. Look at Veracode for their Analysis Center. There are some open source tools you can use as well. C. On Tue, Apr 22, 2014 at 12:54 PM, Michael Rogers mich...@briarproject.orgwrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi Stevens, I think it would be irresponsible to start a new project in C or C++ given the enormous number of security issues caused by memory handling bugs in C and C++ code. Here's a quote from a Debian security advisory I just received, which is typical of these advisories: Multiple memory safety errors, out of bound reads, use-after-frees and other implementation errors may lead to the execution of arbitrary code, information disclosure or denial of service. These are entire classes of bugs that don't exist in safer languages. Avoidable bugs like this are found every day in widely used, open source software. Software that isn't widely used and open source presumably has a similar density of bugs, but they're undiscovered or undisclosed. C and C++ programmers seem to think that memory handling bugs are something that happens to other people. They're not. Every programmer in every language makes mistakes, but in C and C++ simple mistakes can have subtle and disproportionately serious consequences. Cheers, Michael On 18/04/14 09:26, Stevens Le Blond wrote: Hello, We are a team of researchers working on the design and implementation of a traffic-analysis resistant anonymity network and we would like to request your opinion regarding the choice of a programming language / environment. Here are the criteria: 1) Familiarity: The language should be familiar or easy to learn for most potential contributors, as we hope to build a diverse community that builds on and contributes to the code. 2) Maturity: The language implementation, tool chain and libraries should be mature enough to support a production system. 3) Language security: The language should minimize the risk of security relevant bugs like buffer overflows. 4) Security of runtime / tool chain: It should be hard to inconspicuously backdoor the tool chain and, if applicable, runtime environments. To give two concrete examples: Using the C language + deterministic builds is an attractive option with respect to 1), 2) and 4), but doesn’t provide much regarding 3). Java does better with respect to 3), however, it trades some of 3) and 4) as compared to C. Specifically, we are concerned that large runtimes may be difficult to audit. A similar argument may apply to other interpreted languages. Given these criteria, what language would you choose and for what reasons? We would also appreciate feedback regarding our criteria. All the best, David, Nick, Peter, Stevens, and William -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBCAAGBQJTVp7DAAoJEBEET9GfxSfMQMAIAL/P3WfYgLeNe9oa5SQhtTEO JXdP41q7UNS1ZznRMY+gsKLNZr3bjaSfJiLqALVkNl8XpHQCAbMwFowxtmkcvah/ 7ZwXhT2Y2OT3DwobnT/173T611I3+w6QG4AJULmVt02mU01XeUuN23UPVYNjOZ/M ZQrbZ6E45kes7Qq2TAG8FwK4tTnmjzzEyr9W0VOH/x9j1+oes4t2BHAM8cpb7+cr E0aJLAJCth0ICt0nK2Ms6R1T7NyrgdzQLI+YJ3PGiyz5ajxyEfohrvfPkfPPeAEW nmLly6GSga/gmQzx7yLNgUj7h4tD1IMkC5CTWu4Yd1kd2LLF8kEto03rPf6+Au0= =GMPw -END PGP SIGNATURE- ___ p2p-hackers mailing list p2p-hack...@lists.zooko.com http://lists.zooko.com/mailman/listinfo/p2p-hackers -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Programming language for anonymity network
-BEGIN PGP SIGNED MESSAGE- Hash: SHA384 Hey, On 04/18/2014 10:26, Stevens Le Blond wrote: We are a team of researchers working on the design and implementation of a traffic-analysis resistant anonymity network and we would like to request your opinion regarding the choice of a programming language / environment. Here are the criteria: I'm a researcher with some experience in formal methods (http://itu.dk/people/hame) and also software development (https://github.com/hannesm) in different kinds of programming languages. 1) Familiarity: The language should be familiar or easy to learn for most potential contributors, as we hope to build a diverse community that builds on and contributes to the code. 2) Maturity: The language implementation, tool chain and libraries should be mature enough to support a production system. 3) Language security: The language should minimize the risk of security relevant bugs like buffer overflows. 4) Security of runtime / tool chain: It should be hard to inconspicuously backdoor the tool chain and, if applicable, runtime environments. I actually question whether your criteria is extensive enough. Especially from crypto systems and anonymity systems, I'd want to have a proper specification of the protocol, either by writing it in a logic system or by using a declarative programming language. In my experience, code with lots of shared mutable data (such as object-oriented and imperative programming) tends to produce usable applications quickly, but once you want to go multi-core/multi-threaded or extend at points not thought upfront, the code becomes messy and really hard to maintain. Thus I'd go for some functional programming language where you write most of the time code which does not mutate the heap. Another piece of thought is this static typing vs dynamic typing. While the latter produces prototypes quickly, the former results in much more confidence that the application will actually do the right thing (again, static typing is not a replacement for testing). Your fourth point can be mitigated by a) two compilers to cross-bootstrap [http://cm.bell-labs.com/who/ken/trust.html] and/or b) formalised and small runtimes. At the time being I'd suggest to look into OCaml/Haskell/Erlang or Idris (if you need a really expressive type system), maybe write specifications upfront in Coq/HOL/Lem. I don't see any reason these days to use C/C++ or another unsafe macro-assembly language (and currently develop a TLS stack in pure OCaml to run with openmirage.org / be used by nymote.org). Happy hacking, Hannes -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (FreeBSD) iQIcBAEBCQAGBQJTVrl7AAoJELyJZYjffCjuxi8P/3jyRJ6nTVbypBQUZ/dH/F28 tx3LTzAAsULtaA6FK+0udRyAVRc/EH3vX6gSjm3lqEayVHg5BSQNfye6mT0efAMX i3/ZUh+JfJ4E8sbgBiaMzqXTvYQGHPyhP3swq3vjwrQCrYn3jeISWAJd2x800KzO pxOU9W1vpx93fVHig5CfvL1EEoLOLDCQ9yWnRJJaNwy1cDncFb8sg7QmjsMpFHus q9w2sQRE6UEdC3Os217uN1OzgylMo8vrbFxbbg4JMGAs08jaovhbMJCucci5q0Zk xrv/903v3hAiprZGnvxMOX45F5JVgAiySbW7M+5Ph0j2xIk7dKs4ceNcem9iLTbJ rewv4MOkmPnYlepCdkdepRDwV2bcWyzN/efeMZpOg4Yg7w4HW4rD7csuvRkX19NM znnLXLRx3VH2UrK1hO9wGjv9RBzGj+eSR/3UxAgPwJ8oZppxMinZgNV+bWmDEgmP XI/Z2RDMGMyyEg6FBK8ArVuEmcND6hSFp8df5kzdOfyXnPK1JQ7w58Vf76hAceSN MVaJ7eEnIvBBYHY6V61ZHs5ix2I2q6b7MYhiE1ku28K6enRCGsW6FcfR2I2rMyyk 5P8zCEhMIG+q4Hy3ri1UO8yPBGmNzI7fo3r0t5WLrEldaUyruLpEHjLvBZnNJa9M PuMhWbd5ETMetRBKtv2V =eO1g -END PGP SIGNATURE- -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] [p2p-hackers] Programming language for anonymity network
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 22.04.14 11:48, Hannes Mehnert wrote: At the time being I'd suggest to look into OCaml/Haskell/Erlang or Idris (if you need a really expressive type system), maybe write specifications upfront in Coq/HOL/Lem. I don't see any reason these days to use C/C++ or another unsafe macro-assembly language (and currently develop a TLS stack in pure OCaml to run with openmirage.org / be used by nymote.org). I was very happy with Standard ML (non-object-oriented 'predecessor' of OCAML) for writing complex P2P systems and even user-land transport protocols. Functional programming and static typing helps to discover subtle bugs that go unnoticed in imperative languages (and I'm not talking about something as ridiculous as buffer overruns). Unfortunately, Stevens requirement of familiarity still speaks against functional programming languages, even for something as popular (and watered-down) as Scala. It's very hard to find code contributors who know the language or are willing to learn it. I think it's a trade-off between the code quality you want to achieve and the accessibility for a larger coder community. There is no golden standard right now. Stevens: If you want to look into Standard ML, I think you have some in-house experts at MPI SWS. Cheers, Christof -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJTVr/XAAoJECloHL5dRDpuScYIAKvG6UG6O3l22ZcKuKxbxaFw oSGdZ5gcYcPqFsOKx+KI4eb0Yf6v/+aFR3cgJEJR18wTU6Z050kvdZMYKzn/cvjF sSPI9ZzZYy5croVh+x75gpWuIwuMcem3/UFnv+U5D59KwN6U85JJQkfq7yy6looF abiPOS+EkAxX6EmG7lbNGeIdHWA7gwlkHqeLBLw4S3nbGKWGqZ+ZKOXQE3dnuLES fcCVYukaQslvsZdDH02Wc1mBjBqL1s0oSNn1J79mlXTolxYzq/OJs+P7t1S/O7ux q+0ibDLuv64ARzW6wa51CRszT6x36/bHssot3hxM6i22TtzTgGz+PAeDIa8XIX0= =NJR2 -END PGP SIGNATURE- -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] Rift Recon Presents At The 2014 Oslo Freedom Forum
Hi Everyone, Long time lurker, seldom poster. I don't know if everyone here caught the press release (which I'll re-post below) this week but I thought this to be highly relevant to the interests of many members on this mailing list. If anyone is going to make it to OFF please say hi :) or has any questions the Rift Recon team is happy to answer them to the best of our ability. Best Regards, Eric Michaud CEO/Founder Rift Recon e...@riftrecon.com PGP Key at the bottom ### Rift Recon LLC and the Human Rights Foundation (HRF) join forces to present a comprehensive security workshop at the 2014 Oslo Freedom Forum (OFF) next month. The workshop will be geared toward protecting high-risk individuals in possession of sensitive information. The sixth annual OFF will take place on May 12-14th. Former Russian political prisoner Mikhail Khodorkovsky, Harvard cognitive scientist Steven Pinker, Cuban blogger Yoani Sánchez, Wikipedia founder Jimmy Wales, American actor Jeffrey Wright, and iconic Turkish protester Erdem Gunduz will join 25 other remarkable speakers. OFF will bring together a diverse and global audience to share experiences and discuss how to best promote free and open societies. Rift Recon CEO Eric Michaud and Senior Intelligence Advisor Brian O’Shea will be joining the ranks of some of the world’s finest minds and bringing their security talents within easy reach of the people that need them most. You can’t help being a target, but you can help what kind of target you are, advises O’Shea. Our workshop in Oslo will provide a remarkable opportunity for Rift Recon to aid at-risk individuals who we wouldn’t normally have access to. Michaud and O’Shea are facilitating the workshop in collaboration with representatives from HRF, whose team members reached out to Rift Recon after hearing about their cyber and physical security intensives. OFF workshop attendees can expect a fast-paced, in-depth security training that focuses on identifying when you are being targeted by hostile entities, introducing premeditated protocols you can practice to lessen your risk, and how to swiftly minimize damage should your security be compromised. The training will draw largely from Rift’s Two-Day Employee Physical Security Intensive and the soon to be available Social Engineering course. Dictators have access to billions of dollars and the world’s most advanced surveillance and spying tools, said HRF president Thor Halvorssen. We have to acknowledge that challenge, and the first step is to connect communities of human rights defenders and at-risk journalists with experts who can show them how to keep their communications and actions private. In this workshop, the instructors will focus on protecting sensitive information through examining the flaws and benefits of various communication devices and attacks by various offensive entry tools, as well as how to strategically react to a security breach. Social engineering techniques will also be examined, including reading body language and establishing stranger intent to better protect participants. Participants lastly will also learn how to tell if their workspaces have been intruded upon, how to deploy tamper-evident devices to sensitive equipment and work spaces, and many more invaluable skills. For more information, and to view a complete list of this year’s speakers, visit http://www.oslofreedomforum.com. About Rift Recon Founded in 2013, Rift Recon is a premiere physical security agency comprised of researchers, former military and private security detail contractors, and computer and hardware hackers that equips its clients from a suite of exclusive services including specialized trainings, hardware tampering and forensics work, assessment reports, tool creation and team outfitting. Visit http://www.riftrecon.com or follow @RiftRecon on Twitter for more information. About Human Rights Foundation (HRF) Founded in 2006, HRF is a nonpartisan nonprofit organization that promotes and protects human rights globally, with a focus on closed societies. HRF unites people in the common cause of defending human rights and promoting liberal democracy. Our mission is to ensure that freedom is both preserved and promoted around the world. Visit http://www.humanrightsfoundation.org or follow @HRF on Twitter for more information. ### My work related PGP key: -BEGIN PGP PUBLIC KEY BLOCK- Version: GnuPG v1.4.11 (GNU/Linux) mQINBFGG4oMBEACymsDeckLrNkCgZD5SI8xze+cWxRy6X9vLtoc7Qd0WmKEdBK46 wQyvWJhjGv0VhU2f5BTolOgH1AXafGDcuWV43nLLbb25obJA5mCana+EheNXc6x3 DCw6muDzDfb+nHmr8IE19dysv2tv+aKcRcKK2/G4shZ/nvCOkUosXHeOrNVdEllv uflSZgrHIFjTGEiiEv5RPKlsryMay6OvqqkI2qQCvQHyhuLNE6VZobQq/yNScVkp ER/eRnKUT80fW9G26NzY7GEUAUC87/ZdZqDIGdhHsc8BUgxuxcper+qNXSdGh27Y q5y5wvy358eEnGJ8UOH7clThwo2x1l4TiAEDS3rnh+bsi6NKa2nQRfCb0R8M7Zgo tZRhh31TWhFmt512C7LRfCa4t1Gm7piQ+NLTwk/1nLjnU/qHaaSNFBG7wMAH007p 9ovFe/9BHu0yOEEFJ9XieY9O3p+wjnSfvOFBjgdX+YrKxZEaSDetPa0c6oskWjRS
Re: [liberationtech] [p2p-hackers] Programming language for anonymity network
-BEGIN PGP SIGNED MESSAGE- Hash: SHA384 On 04/22/2014 21:15, Christof Leng wrote: I was very happy with Standard ML (non-object-oriented 'predecessor' of OCAML) for writing complex P2P systems and even user-land transport protocols. Agreed. I use the Caml part of OCaml. :) Functional programming and static typing helps to discover subtle bugs that go unnoticed in imperative languages (and I'm not talking about something as ridiculous as buffer overruns). Unfortunately, Stevens requirement of familiarity still speaks against functional programming languages, even for something as popular (and watered-down) as Scala. It's very hard to find code contributors who know the language or are willing to learn it. But if you have a chance to start from scratch, you should look at possible solutions and use a viable one. Especially the readability and maintainability of a programming language should be considered. Otherwise you end up with a piece of code which is not maintainable once the PhDs have graduated. You have to pay the technical debt at some point. And I'm not sure how to hand over a research project to 'the open source community'... Are there best practices/guidelines availble? I think the OCaml community is rather larger compared to other functional programming languages, and it is very helpful. Both the real world ocaml book, available online https://realworldocaml.org/, and their package management system OPAM, are awesome contributions over the last years to easily start with OCaml and to get more people involved. Cheers, Hannes -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (FreeBSD) iQIcBAEBCQAGBQJTVstHAAoJELyJZYjffCjuUqcQAKFUvtAfbLu2yU3EEkR5Mjsv N9f19Ao0tIvmU6PmQAEfrdXNhs1e19xFSseaLPEQibxWBbYXTzx+J0es+/H6a116 CcrZ8N51kM/aOydnRTk2NmoP1BYh9X+S3bQRLPu/lYipgYVyuV7ohzZMqmrguARu 15uWjqmvaDahYZhuu4tnfksggveL59pF/08UA5xd8wZ3I+XMiXB7JviN3Mii2rbk 8BjWFFXW66xQGSxg+nsIp+rGiX6r12gCNZZHJHSoQGcmbalGPVF+o2r7+j+D2ZcC n/tXVVgIy2TO+7mxp+ueX+OK5p+YDqOzFTPDKQhARVP+EjEqZXPRKY4YkgMno8ug 7CT4yCuV84gdrNfudOFKTOx4G0k/4OSZzPVn/g1i9vmqAUU8z6UUBr9tjSR1jZq6 iZqDBGkz34550DlPhxE3mwdFh/woBv2ExgrOvM3iSX/dtKBa7p/fCGNHX17dEIgW 0d1DKQatRjuIGIdAjowy8CuJ4rPceoqoObPutLYVw+PeMfSencjDmf9bmXgFI3jB WU6Jo+akCd/BlvABnV2qLnJXqbo3ixM0B7WbI+c5EyQaPapS5J4Im+b66EE9o57Y Ab5Vf7h0GLVovA+VFXbnNCjoiawQo8rKU276Lwid7i8ZByQhm7iX/obMPTQchyKU z5MCXzwWyXnFRt8MbI+G =N6Jn -END PGP SIGNATURE- -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Open source HW/SW for Distance Learning Telemedicine
Stop waiting. http://www.bunniestudios.com/blog/?p=3750 http://www.crowdsupply.com/kosagi/novena-open-laptop On 2/26/14 9:45 PM, Al Billings wrote: I’d wait a few months since Bunnie says they’ll make an announcement when they’re ready for people to do so. From: Blibbet Blibbet Reply: liberationtech liberationtech@lists.stanford.edu Date: February 26, 2014 at 9:44:26 PM To: a...@acm.org a...@acm.org, liberationtech liberationtech@lists.stanford.edu Subject: Re: [liberationtech] Open source HW/SW for Distance Learning Telemedicine Buy commodity parts and build the 3D printed parts and assemble your own Novenas. -- Al Billings http://makehacklearn.org -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Open source HW/SW for Distance Learning Telemedicine
Yeah, I backed it about two weeks ago when it hit the Internet. Been on vacation? :-) -- Al Billings http://makehacklearn.org On April 22, 2014 at 4:53:57 PM, Blibbet (blib...@gmail.com) wrote: Stop waiting. http://www.bunniestudios.com/blog/?p=3750 http://www.crowdsupply.com/kosagi/novena-open-laptop On 2/26/14 9:45 PM, Al Billings wrote: I’d wait a few months since Bunnie says they’ll make an announcement when they’re ready for people to do so. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Open source HW/SW for Distance Learning Telemedicine
Been on vacation? :-) I wish. It was news to me, sorry if this was old news to everyone. But, as of today, they still need funding, so is not over yet, perhaps re-visit site and fund at a higher level. :-) Thanks. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Open source HW/SW for Distance Learning Telemedicine
Sorry, the sarcasm was meant gently! I do think it is a cool project and, yes, they do need more funding so it is good to keep mentioning it. Al -- Al Billings http://makehacklearn.org On April 22, 2014 at 5:00:08 PM, Blibbet (blib...@gmail.com) wrote: Been on vacation? :-) I wish. It was news to me, sorry if this was old news to everyone. But, as of today, they still need funding, so is not over yet, perhaps re-visit site and fund at a higher level. :-) Thanks. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] Saravá Collective protests against data surveillance
Saravá Collective protests against data surveillance Brazil - April 22th 2014 - We from Saravá Group are worried about arbitrary and reckless action of the Public Prosecutor's Office. The Office is requesting access to content we host. Saravá is a group offering technological infrastructure and political reflection to civil society for ten years[0]. Our main research topic is the construction of safe autonomous communication systems respecting the privacy of our users and the democratization of this knowledge[1]. Earlier this year, we became aware of repeated requests from the Public Prosecutor's Office for access to our server hosted at Campinas State University (Unicamp). The Federal Police made these requests to Unicamp without a court order, supposedly to investigate alleged misconduct. Despite the intervention of the Unicamp Rector to avoid a new server seizure as occurred on the past[2], the police insistence leaves us apprehensive about the security of the websites and mailing lists we host. This week, Brazil provides an example to the world by organizing and leading a meeting to discuss the future of internet governance[3]. But these actions show that our country is in fact behind other nations in the development of freedom of expression and privacy on digital media. Ironically, the State that approves the Marco Civil Internet bill to protect Brazilian users against police state measures is the same that in practice does the opposite of their own policies. We reiterate that our server is used for legitimate social activities. There is no justification for compromising the privacy of all our users to get specific information that is allegedly stored in our server. A huge part of this content is, by its nature, online and publicly available. It is unnecessary to request a copy of content that is already supplied automatically. Additionally, to respect to the privacy of our users we don't record acess information of users connection. We demand an immediate halt of this police attack against our server and our users's data. More than ever, it is time for the Brazilian Government to give an clear example that it respects and protects the privacy of Internet users. The whole world is watching. Saravá Collective contato AT sarava.org https://www.sarava.org/en/node/99 [0] Saravá principles: https://www.sarava.org/en/principles [1] As an example, see the initiative: https://policy.sarava.org/ [2] Seizure of Saravá server on 2008: https://www.sarava.org/en/node/46 [3] NETmundial: http://netmundial.br -- rhatto at riseup.net pubkey 66CA01CE2BF2C9B7E8D64E340546823964E39FCA please bring your fingerprint when meeting me -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.