Anonym.OS a Boon for Privacy Geeks? 403
The Hosting Guy writes "Wired is running an article about a live CD that makes anonymous browsing easy enough for everyone. 'So easy to use you can hand it to your grandmother and send her off on her own to the local Starbucks.' Anonym.OS makes extensive use of Tor, the onion routing network that relies on an array of servers passing encrypted traffic to permit untraceable surfing."
Too bad no one using it can comment (Score:5, Insightful)
Re:Anonymous and suspicious (Score:4, Insightful)
Re:Anonymous and suspicious (Score:2, Insightful)
Re:Anonymous and suspicious (Score:5, Insightful)
In police states, someone who wants to be anonymous deviates from the norm and automatically becomes suspicious, as The Man considers that if you're not guilty, you have nothing to hide.
In US-PATRIOT USA, I'm not sure I'd want to participate in the Tor network. I'm definitely not the only one. Perhaps I'm a coward, but that should tell you something of what this country is slowly turning into...
Re:Privacy Geek (Score:5, Insightful)
There's a big difference between not wanting the government to tap your phone and not wanting web sites to put a cookie on your PC. The latter is a "privacy geek" thing, and yes, that level of privacy is fringe.
Kinda' (Score:2, Insightful)
Re:Maybe it's a newbie question (Score:3, Insightful)
Re:Anonymous developments? (Score:3, Insightful)
The only way I see to guarantee anonymous receiving is some kind of broadcast - for example as exists with satellite downloading systems: the information is always broadcast by the satellite to a really wide area, in which any party can receive it (and discard it if it's not meant for them to have it) without the abbility to detect who and where has received it. The reason this scheme works is because satellite receiving is a "read only" system - the receivers are passive and don't send information to satellites, they only filter the received content (i.e. channels or download streams). This could be useful with a public key encryption scheme.
(btw. the way satellite downloads currently works is that the receiver must have a separate "ground" line to a regular ISP that's used to send requests to the satellite company to broadcast the desired information, so there's still a traceable line, but in one direction only)
Anonymity is your constitutional right (Score:5, Insightful)
The fact that a bunch of sickos use this technology to be perverted does not mean that the rest of us should not use it. If you care about your freedom and you don't like what is going on then you can use it to safely make your complaints heard.
Re:Maybe it's a newbie question (Score:2, Insightful)
Think about it this way:
HTTPS etc encrypt your data before it is sent to the wireless card
WPA/WEP encrypts the data as its recieved on the wireless card, then transmits it
not quite right but basicly, HTTPS encrypts data before it would be encrypted for WPA wireless.
Re:Too bad no one using it can comment (Score:2, Insightful)
Re:Privacy Geek (Score:4, Insightful)
Funny you should mention "molestation", because guess what behavior Big Brother is going to cite when they crack down on anonymous Internet proxying?
I value my privacy and will fight tooth and nail to preserve it. However, "privacy" and "anonymity" are not the same thing.
My home is private. My computer is private.
Anything I do outside of my home, whether I travel via foot or via wire, is public and there's a possibility that I may be seen or even recognized.
un-molestation (Score:5, Insightful)
The idea that one might live one's life in private and without fear of molestation is a *very* recent phenomenon. It's not passing out of the mainstream, it never quite arrived there.
The right to privacy is a post-war interpolation from the set of Constitutional rights. It was hardly a consideration before single-family households became common beyond the elite classes consequent to industrialisation. The very idea of private life took meaning from the distinction to be drawn between the public and private duties of the landed gentry, whether he was acting as public judge or administrator of his chattel. The idea that citizens required more privacy than that demanded by Christian modesty simply did not occur. It is only in the last generation that anyone became actually interested in the details of your private life. Before the information age, such trivia had no value beyond the prurient, of interest only to busibodies and the beat cop; again, unless you were a name.
Re:Speaking of anonymous.... (Score:5, Insightful)
All of it?
I'm looking for hard statistics cause most "normal" people don't get it when I refer to my connection as a "porn pipe".
Have you tried wearing pants?
Re:Too bad no one using it can comment (Score:2, Insightful)
Anonym.OS: the OS of choice for privacy geeks and serious assholes.
<ironic>If only we could implement some compulsory registration for Tor, everything would be fine!</ironic>
To my mind, that's the problem that all of these anonymous computing efforts fail to solve: a lot of people use anonymity to be jerks. When I look at the traffic my sites get from open proxies, a vanishingly small percentage is from political dissidents; most of it is from turd-in-the-punchbowl fuckheads.
Re:Privacy Geek (Score:3, Insightful)
Re:Anonymous developments? (Score:3, Insightful)
I don't know what your personal odds of pulling that off are, maybe you are more 31337 than I, but I'm estimating that the probability is, say, Planck's constant (scalarized, of course.) For the government, we'll give them about 15 orders of magnitude greater... inverse of Avogadro's number, perhaps. Or maybe the Hartree energy constant, if I'm feeling really generous.
Re:Anonymous and suspicious (Score:5, Insightful)
So true. In fact, I would suggest that you stop using envelopes when mailing letters and just use postcards instead, that way everybody along the way can read them much more easily. You don't have anything to hide, do you?
No real reason for secret ballots either, now that I think about it. After all, you're not attemting to make an illegal vote.
The police ought to be able to search your house at will, too. If you're not doing anything wrong you have nothing to fear, right?
Oh, remember that sooner or later if you stop defending your freedoms you lose them. When it becomes illegal to criticize the government and you say "but that wasn't what I meant" it's just a tad too late.
Re:un-molestation (Score:3, Insightful)
I don't see how "unresonable search and seizure" and "no troops shall be quartered in private homes" can really be interpreted in any way other than "leave me alone, unless there's a legitimate reason". Some links to research backing up your assertions would be nice.
Re:Anonymity is your constitutional right (Score:4, Insightful)
Re:un-molestation (Score:3, Insightful)
Actually, grandparent is basically correct; what you are forgetting is that the primary concern of citizens during most of our history is insulation against state power, and the Third and Fourth Amendments are restrictions specifically upon the power of the state to intrude substantially into the personal private sphere.
It would not have occurred to anyone for any time except basically our own (with our historically unique communications and information extraction and analysis tools) that the private information of any individual citizen reaqlly needed positive protection. Remember that the only agnecy that could violate that private sphere effectively (the government) was already fairly well-restricted; that the common person's private info has a paramount economic value is a very new concept.
Re:Privacy Geek (Score:2, Insightful)
On the other hand, wandering the public internet is akin to strolling in the park or mall, where one would not expect privacy to be guaranteed... and the officers of the Ministry of Love happily exploit that expectation.
What about changing the MAC Address? (Score:2, Insightful)
Re:Privacy Geek (Score:3, Insightful)
The problem with this statement is that not all activity on the internet is like strolling in the park or mall. Many times activity on the internet is exactly like a phone call, a communicatin between friends/colleagues/etc. For instance, email or instant messaging. If you post something on a forum such as slashdot, however, in that case it's in the public.
Re:un-molestation (Score:2, Insightful)
In the past, you shared much of your life with the community around you... Your friends and family in a relatively small town. Most people lived with very large families, in very small homes. There were precious few secrets, and very little privacy. But the information you shared with others was all personal... It was a shared existance. The reason people knew all your secrets is because they were there with you when it happened. They knew about the embaressing thing that happened at your last birthday party because they were there. And they also knew enough about you not too judge a single failing too harshly.
Today we've got massive databases storing up interesting bits of information gleened from all over the world. Impersonal corporations are trolling through our garbage looking for anything they can use to sell us something new. This isn't your next-door neighbor or your aunt overhearing some private exchange...this is a willful invasion of your privacy by someone completely un-connected to you.
Re:Privacy Geek (Score:4, Insightful)
I qoute the 4th ammendment:
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
Searching and seizing needs to be limited to private places and things, otherwise police can't arrest anyone anywhere without a warrant or confiscate drugs in public parks.
Re:Privacy Geek (Score:5, Insightful)
(pretending that's not a troll...)
The Internet being "public" is your assumption. You infer it, but it's certainly not implied.
The Internet is designed as an end-to-end architecture. AKA point-to-point, which is exactly what the telephone system is. It's not inherently designed to be public or private, but the end-to-end architecture certainly enables truly private communication (assuming the continuing existence of encryption technologies not broken or illegal), and to me it strongly suggests that, given demand, it should be a feature of most Internet applications. Which it sort of is, if you don't count security (i.e., my email and IM and web surfing is private, but that privacy is usually not very secure.)
Ultimately, the Internet with private communication is ten times as useful as the one without it. Maybe a thousand times. Hell, given the cultural impact, you can't measure the difference at all. It leads to two very different worlds.
Re:Fringe Group (Score:5, Insightful)
The fact that this score has an Insightful Moderation is scary...I've got Karma to burn, so let me speak my mind.
We should have a reasonable expectation of privacy in our everyday lives, even if the constitution doesn't have a "de facto" privacy clause in it. Remember that crazy court Case Roe v. Wade? The court didn't say that "abortion was legal," the Court declared that laws prohibiting abortion represented a violation of a women's right to privacy. While the right to privacy does to exist as such in the Constitution it has long been interpreted to exist as an umbrella created by the first 5 amendments in the Bill of Rights.
To be quite honest with you, I know cops who have problems with the way that today's society is going. They don't want to have to worry about carrying an ID when they're walking down the street to buy a gallon of milk. (HIIBEL V. SIXTH JUDICIAL DIST. COURT OF NEV.,HUMBOLDT CTY. (03-5554) 542 U.S. 177 (2004) 118 Nev. 868, 59 P.2d 1201, affirmed. [cornell.edu])
It really bothers me in a multitude of ways that our civil liberties are being torn down under the guise of terrorism. It really bothers me that many people are letting their guards down and just allowing these rights to just be walked on like nothing matters. Is it just me or am I the only one who sees a problem here?
Re:Too bad no one using it can comment (Score:3, Insightful)
People use *their own accounts* to troll Slashdot as well, not to mention regular AC posts. How the fuck is using Tor any different?
Max
Re:"Privacy is dead, deal with it!" (Score:3, Insightful)
Information doesn't want shit, deal with it.
Max
Re:Privacy Geek (Score:0, Insightful)
In the USA with that GWB madman on the loose and in control?
No.
Haven't you been watching the news? He wouldn't know what a court order was if he were slapped one for high treason.
Re:My personal reasoning (Score:2, Insightful)
Re:The whole privacy movement seems to have fizzle (Score:3, Insightful)
As an anarchist [infoshop.org], somebody who was at the WTO protests, and someone who strongly supports online privacy and the cypherpunk perspective, I'd like to ask what the hell you're talking about?
The WTO protests was one of the biggest events of the late 20th century, it was part of a snowballing effect against corporate globalization which stretched from all points on the globe, and culminated in events such as the uprisings in Argentina and the Zapatista march on Mexico City.
In what way are the WTO protests, which were centered around deconstructing corporate control of our lives, including information and it's free flow, counter to the cypherpunk position?
Re:Beware of Geeks Bearing Grifts (Score:3, Insightful)
What makes you think the public doesn't take privacy seriously? Try getting caught peeking in somebody's bedroom window, and you'll find out how serious most people are about their privacy. It's just that for most people don't need the level of privacy that the Tor Network provides. Someobdy goes to that much trouble to obfuscate their internet traffic definitely deserves to be called a "geek".
Re:Anonymity is your constitutional right (Score:3, Insightful)
"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."
This means that the government is outright forbidden to conduct unreasonable search and seizure. It also forbids unsubstantiated warrants to be issued. It allows the government the ability to issue warrant, search, or siezure when there is good reason that is supposed under oath and to an exact place, person, or thing. That is quite a narrow power!
With the way the Constitution is written, this is supposed to mean that the government can do those things *only* under that exactly described set of conditions. That inspector that you're talking about, by the Constitution, would require a court supported warrant to a specific place to do a search. The reason of "someone said this bad thing was happening" is insufficient, because you cannot state, under oath, that "bad thing" is happening, unless the person saying that it is can affirmatively testify to the occurrance of "bad thing".
I recognize that things aren't working that way at the moment, but that is what the Constitution *says* is supposed to be going on.
Re:Privacy Geek (Score:5, Insightful)
Nothing wrong with any of that, even if it does look a bit out of place to those around you.
Now then, I might elect to use Tor, PGP, S/MIME, OpenVPN in a deliberate attempt to disguise my identity.
And there's nothing wrong with that, either.
The notion that I might be conducting myself "in public" does not require me to wear my secrets on my shirtsleaves.
Problems with Tor. (Score:3, Insightful)
rhY
Re:TOR (Score:3, Insightful)
I'll say it again: the encryption in Tor does _not_ hide your payload. It only serves to hide your IP address.
If you use Tor, use encryption on the upper layer.
Trusted binaries ? (Score:3, Insightful)
Do you trust the precompiled binaries on the livecd ?
Sure, the OpenBSD source is available for you to comb over for backdoors & sniffers etc, but how do you know that Anonym.OS was compiled using that exact same source code ?
Maybe comparing hashes of the binaries to the offical OpenBSD versions would be a good start, but there are various reasons why this will only get you half way to validating that the build is kosher
I'm not even beginning to suggest this work is trojaned or anything - the last thing I want to do is spread FUD about something this cool and useful
One solution (which is very time consuming, and already dated), is the Trusted Build Live CD [sourceforge.net] (TB) by the Hacktivismo group. It is basically a cookbook for rolling your own Gentoo livecd, with some tailoring for anonymity related applications like Tor (AFAIK, it doesn't do the nice packet filtering that Anonym.OS does, however).
Take it to starbucks? I don't think so. (Score:4, Insightful)
That being said, what would be required for the linux community to make Wifi drivers more accessible? Is this something that is reliant entirely on the manufacturers providing drivers or is there some other solution? It would surely aid linux adoption if it was easier to get your Laptop Wifi working.
For the linux-savvy, NDISWrapper is of course very slick, and I was able to get my HP Notebook Wifi card working in about 20 minutes, but the less techy people such as the Grandmother mentioned in the posting are not going to be able to sort their way through ndiswrapper and iwconfig, much less figure out newer encryption methods.
Re:The whole privacy movement seems to have fizzle (Score:3, Insightful)
Yeah, that's probably [life.com] true [africanamericans.com].
-Eric