Peek-a-Boo(ty) 297
Anemophilous Coward writes "Tom's Hardware has a story detailing cDc's new anonymity app, just demonstrated Sunday. Peek-A-Booty is designed to let surfers access sites blocked by government restrictions, and is essentially, a distributed proxy network. It uses a peer-to-peer model, masking the identity of each node. This means the user can route around censorship that blocks citizens' access to specific IP addresses, because the censor doesn't know they're going there. There is also a website dedicated to the project."
Easier way? (Score:2)
Aside - I first read cDc as 'Center for Disease Control', heh, sure changed the article.
Easily blocked too... (Score:3, Interesting)
Re:Easier way? (Score:2)
That ends up sounding very similar to Freenet.
Good for some, nightmare for others (Score:5, Interesting)
On the good side: China. Folks over there who have to deal with the gigantic "Firewall O' Death" (also known as the "Damn it, Communism works so stop reading about how it doesn't" Firewall) can possibly use this tool to get to the outside information they need to keep spreadin' the news that "Information good."
On the other side, as a Security Manager in a bank who's sometimes asked to go find out if person XYZ has been accessing nakedhairyeyebrowedcheerleaders.com, I can see how this utility might make it impossible for me to do my job.
So I've got mixed feelings on this utility.
Re:Good for some, nightmare for others (Score:2, Insightful)
What exactly does that have to do with security? Doesn't a "security manager" have anything better to do? If anything, be concerned because it's an encrypted channel for information to move in an out, not that someone might <gasp> be doing some personal surfing on the job</gasp>.
If these sorts of applications make it harder for security "managers" to play Network nazi (small 'n'--Godwin's law does no apply here), that that is an added benefit, so far as I see.
Re:Good for some, nightmare for others (Score:2, Interesting)
And before you say that drones' computers don't have that kind of access, remember: it's always the higher ups that think the rules don't apply to them. How about Mr Branch Manager or Ms VP/Accounting getting their workstation compromised?
Re:Good for some, nightmare for others (Score:2, Interesting)
I live in the Midwest and 90% of the banks that I have had interaction with have used MS based computers across the board with a mainframe running the critical stuff. I found out that a lot of banks were running online banking services with little or no firewall protection. At first I thought it was a fluke but I quickly found out it was fairly common in the smaller banks. These institutions would be fairly easy prey for someone with a little knowledge that wouldn't be hard to obtain. I admit I have limited experience in a specific locale so do what you want with my stats.
Re:Good for some, nightmare for others (Score:2, Insightful)
Re:Good for some, nightmare for others (Score:5, Insightful)
That doesn't really matter, though. The most vulnerable part of any corporate network is its users, now. A user who's violating the acceptable use policies for his or her employer's network is an automatic security risk. First, such an employee becomes a possible blackmail target. In the case of porn, a network admin must bar porn on a professional network because of the possibility of a sexual harassment suit being filed against the company. That means that the AUP must make accessing such materials through the corporate site a disciplinable offense...hey, presto, instant blackmail. Second, though, any user who is actively subverting procedures put in place to prevent such abuse must believe that he or she "knows better than you do". Although the user's right in the vast bulk of cases, the cost in those rare cases where they're wrong is disastrous. What if the site is malicious? If they can get around your barriers, then what else are they downloading? Do they necessarily even know? How tight are the barriers around their machines?
Would you be willing to bet the company on their care?
Re:Good for some, nightmare for others (Score:2)
This often-repeated argument will make sense to me once there are other "security" personnel going through people's desks and briefcases looking for porn. Until then, it's just a silly rationalization for cheap power trips.
Sounds like a thought crime to me.
Those are problems for the security people to solve. Telling people "You can't bring your own food in for lunch because we don't know that you won't jam peanut butter in the locks" just makes me think you need to hire a better locksmith.
If the computer systems you provide are so easily compromised that any random input source spells doom for your company, then you clearly have selected the wrong computer systems.
RE: Someday, I see this splitting up the net (Score:2)
I see more of this coming. In the future, I predict businesses will get together and pay in to some sort of entity that builds (or promises to build) an independent Internet type network just for business purposes. If you're a porn provider or warez site, you simply won't qualify to be a part of this private network. The only question remaining is how many ties to the rest of the Internet will it have? It seems it has to have at least a few, because employees working from home will want to tunnel in via VPN to the workplace.
Re:Good for some, nightmare for others (Score:2, Informative)
Re:Good for some, nightmare for others (Score:4, Insightful)
Re:Good for some, nightmare for others (Score:3, Insightful)
The more inspired drones have installed Opera, which doesn't require administrator access to install in Windows. They could presumably use PB. They're a small minority, though.
Re:Good for some, nightmare for others (Score:2)
Re:Good for some, nightmare for others (Score:2)
Previous gig had Cetus Stormwindows and LANovation LAN Escort set up. They were fond of randomly disabling basic Windows functions like Find and Help.
In short order, I found a way to de-Escort my machine and soon found a pair of network stiffs poring over my machine looking for evidence. What was funny was that our division was under a separate charter and budget and technically, as long as I didn't do anything to the corporate net, my PC should have been mine to modify at will...
Oh well, I quit after all their bullshit and have been much happier since!
GTRacer
- Bring it on, NetNazis!
Re:Good for some, nightmare for others (Score:2)
Do I sense some resentment here?
Re:Good for some, nightmare for others (Score:2)
as someone who has both admin'd and broken through other admin's security setups, let me say that anybody who cannot COMPLETELY secure a box has no idea what they are doing.
One box I was on was setup so that only files with certain names could be run.
Solution?
Rename file (if rename is disabled, just download it as an 'allowed' file name) to one of the allowed program file names.
The latest clever admin trick that I saw was that the computer was setup such that Install Shield always detected the presence of Uninstall Shield running in the background, thus Install Shield would refuse to run.
Nifty that. I may have to ask them how they did it.
I simply got the manual extractor for Install Shield compressed files and decompressed the files myself. (luckily the program did not have a bunch of DLLs that it demanded be installed in the System32 directory or anything.
Hell systems locked down to run nothing else but Word and Explorer I have managed to get to DOS on. (and once your in DOS shit tends to go all haywire.
This 'security issue' was eventually addressed (even in a Microsoft patch I do believe. . .
Of course as a last resort option I simply stick in any of a number of Linux Boot Disks that are designed to go in and change the Admin password on a box. I have had to do this several times after being assigned to work on machines for which nobody knew the administrative password for.
(once physical access to the box has been gained, the machine CAN and eventually WILL be compromised. Period. Unless you encrypt the living shit out of the entire HD and only have the key stored on a dongle that has to be plugged in to the serial port while typing some long password on the keyboard and said dongle is stored in a Fort Knox like security situation)
Re:Good for some, nightmare for others (Score:2)
Re:Good for some, nightmare for others (Score:3, Funny)
They are not drones because they are windows users. The reverse would be more accurate.
Re:Good for some, nightmare for others (Score:2)
When Thin-Skinned P.C. Liberal Arts Majors Attack. Tonight on FOX.
Re:Good for some, nightmare for others (Score:4, Funny)
That's right. Please refer to them more accurately. Call them "lusers".
Re:Good for some, nightmare for others (Score:2)
That's probably because you're resentful of being one of those drones.
Unemployment (Score:2)
I'm sure that getting upset at people for how they refer to employees probably hasn't helped you get a job.
Instead of saying "I resent that you call employees drones!", you should try, "Who should I talk to about becoming one of your drones?"
Re:Good for some, nightmare for others (Score:2)
Now if he were the sysadmin referring to his charges as drones it would be patronising and arrogant. Bad style.
Watching the interplay between the drones and the administrators (from a safe distance) has got to be verrrry, verrrrry interesting.
Re:Good for some, nightmare for others (Score:2)
Did I call you a drone? Did I insult you in any way?
Re:Good for some, nightmare for others (Score:2, Insightful)
Cat
Re:Good for some, nightmare for others (Score:2)
I guess you haven't been sued under the "creating a hostile work environment" sexual harrasment theory. Yet.
Personally I could care less what my employees do so long as they produce. However the governement makes me liable for certain on the job employee activities. Unfortunately that mean I have to keep a lid on things.
Re:Good for some, nightmare for others (Score:2)
Unfortuantely merely having a policy is not enough. You also must enforce it to protect yourself against lawsuits.
Re: At least you have the monitoring idea right (Score:2)
It's the job of a manager to oversee his/her employees and make sure they're using their time efficiently. As I've always said, employees who want to waste time will find a million ways to do it. If you restrict them from surfing the net, they'll just talk to friends on the phone, or bring in a newspaper to read, or walk the halls with a cup of coffee and try to look busy.
I have no problem with putting the basics of an automated system in place to block known porn sites and other blatantly illegal sites. Just by doing that, you're showing you took measures to prevent sexual harassment in the workplace. I think most companies would like to be in a position to say they did that, if it ever came up in court.
Beyond that, I think it's wrong for managers of other departments to request/expect I.T. to "fill them in on what so-and-so is doing on the web", or to complain that something's not "locked down tight enough". If you know you have employees surfing where you don't want them surfing, take care of it yourself!
Re: At least you have the monitoring idea right (Score:2)
At my last admin gig, I refused to provide managers with info on what sites were being accessed, what email was being rec'd, and what personal files were on hard drives. If a direct order didn't come from an executive or the IT Director, then it was not my place to rat out employees.
Talk about liability! I have no way of knowing/proving that John Doe accessed this site. I only know that John Doe's PC accessed xxx.com. But PHB's won't understand the difference.
Managers wouldn't ask someone in a cube famr what the guy next to him was surfing, why should I be put in that position? The other employees are my colleagues, and I refuse to disrespect them simply because I control the servers.
Re:Good for some, nightmare for others (Score:3, Insightful)
Additionally, your security policy should have language forbidding the use of non-authorized software, thus making the use of said software a fireable offense.
Re:Good for some, nightmare for others (Score:5, Funny)
And here I was getting all excited...
Re:Good for some, nightmare for others (Score:3, Insightful)
Er, good side: USA. To find DeCSS or similar tools without fear of prosecution, for example, or to keep spreadin' the news that "Censorship bad, even when it's done by a (heh) democratically (heh heh) elected (heh heh heh) administration."
Depends on what your job is. If your job is to protect the bank from liability, anonymised browsing allows you to state with certainty "Nobody can link us or our employees with porn surfing. Not us, not nobody."
If you've been tasked with catching a known baddie in the act (perhaps at preteenlolitas.com), then you've got keyloggers, machine caches (they don't have admin access, right?) or just drop VNC [att.com] on their machine and catch them with their pants down, so to speak.
I appreciate your concerns, but really, wouldn't it actually make your job easier if users showed a little courtesy and consideration, and stopped waving their dodgy surfing habits in your face (so to speak)?
Re:Good for some, nightmare for others (Score:4, Insightful)
So what you're saying is: "On the good side, fundamental human rights. On the bad side, makes life harder for pointy haired bosses who feel that lunch breaks spent playing cards are fine but lunch breaks surfing porn are an abomination.
And this gives you mixed feelings???
Re:Good for some, nightmare for others (Score:2)
No, employees spending the time that their getting paid anywhere from $6-$60 an hour for are using it to surf pr0n.
If you don't have good ways to monitor their productivity then you need to trust them. Let's say that they aren't surfing porn. What if they bring it in on a floppy disk? Or mail it to themselves? Or bring in a magazine?
plus there's always the threat of getting a sexual harrassment suit filed.
Same question above. And anyhow, does any of this rate in importance even close to the issue of human rights?
Re:Good for some, nightmare for others (Score:2)
Re:Good for some, nightmare for others (Score:2)
No problem. Whatever port is at the other end, the language spoken on the browser's connection will still be easily recognizable HTTP. You should already have an IDS running, and adding a signature for the "offending" HTTP traffic should be a no-brainer.
Re:Good for some, nightmare for others (Score:2)
BTW, I forgot to point out that the Chinese can do exactly the same thing. In fact, I'll bet that they already do, and that open-source software makes the task easier for them.
Re:Good for some, nightmare for others (Score:2)
Well, having been at a bank myself, that's the least of your problems. :)
I'd be more concerned if my tax dollars were used to buy filtering software for schools/libraries.... :)
Which I was against -- SEE! TOLD YOU SO!
Next time, just buy another corporation another stadium.
Does this really help the oppressed? (Score:2)
A few months later after I've seen a lot of people going to these systems I begin sending out visitors in the wee hours of the night to "educate" these people. Really these systems may actually make it EASIER to find incorrect thinking individuals. I don't have to compromise an entire network of dissidents, I just have to find a couple proxy sites and let the proxy logs do my work for me.
I've spent a lot of spare brain cycles thinking about this stuff and it seems like you really need a way to obfuscate that nature of your communication over multiple channels. You need legitimate looking sites to act as proxies and to limit the frequency and size of transmissions to reduce their visibility. Anything that can make connection profiling possible rules it out as a viable solution.
Now, this system does have a host of possible uses, don't get me wrong. It will make it possible for somebody at the library to work around net nanny software, etc. It will make it easier to avoid the snoopy firewalls at the office who want to keep track of how many times I visited Ebay today. But I don't think this will do dissidents much good.
Re:Good for some, nightmare for others (Score:2)
The situation in China is not as worse as you might think, and while there are repeated announcements about tightened Internet control, it does not seem to be of much relevance to the casual surfer.
The game continues (Score:2)
It will never end, and there will never be a winner. The game just goes on and on and on...move and counter move, move and counter move...
It certainly is fun to make the other team (whoever they may be) squirm, though.
NakedHairyEyebrowedCheerleaders.com (Score:2)
Re:Good for some, nightmare for others (Score:2)
In somewhat unrelated news: (Score:2)
In Rural China, Mental Hospitals Await Some Who Rock the Boat [yahoo.com]
There is nothing as cathartic as nerve stapling those little drone bastards to keep them in line...
-- Chairman Sheng-ji Yang, The Human Hive
cDc using phpNuke (Score:2, Funny)
Freedom (Score:2)
Hey, let's start an open source version. Slashdoters might actually do something positive for free speech and all that for a change. Reply to this message if you're interested, and we'll get something set up.
It seems to me... (Score:4, Funny)
Freedom Fighter: Acolyte, what tool do you suggest we use to access the world of internet while circumventing our government's oppresive restrictions?
Acolyte: Peek-A-Booty
Freedom Fighter:Please go away.
Re:It seems to me... (Score:2)
Well, why else would you run it? 8)
Virg
public proxy (Score:2)
With a p2p type of services, anyone, anywhere can be a proxy. You'd have to be crazy to try and start blocking every IP or address block on the Internet because they offer public proxy services.
My thoughts on the whole thing are: Why censor the Internet in the first place? Programs like this would be unnecessary.
Re:public proxy (Score:3, Insightful)
My guess is that that's exactly what will happen in restrictive environments if this becomes widespread. A corporate/state "whitelist" will be used to list acceptable sites and all others will be forbidden. If something is found that might be useful, the powers that be can be petitioned to add it to the whitelist. This will of course castrate the power of the net in those restrictive environments, but that's precisely the point, particularly in China.
Re:public proxy (Score:2)
This will of course castrate the power of the net in those restrictive environments, but that's precisely the point, particularly in China.
At some point greed usually overwhelms power-hungriness. Do you think China wants its scientists, programmers, economists etc. to fall behind the rest of the world? I think that eventually the whitelist will crumble.
re: peek-a-boo (Score:2, Informative)
Triangle Boy [rfa.org] end the Freenet project [freenetproject.org]
anybody knows which program is actually the most practical?
Re: peek-a-boo (Score:2)
Hope this prospers more than Crowds did (Score:3, Informative)
See also the earlier Crowds [att.com] project courtesy of att.com (and while you're at it, if you use a network of systems [X, Windows, Mac, or anything with a Java browser] check out the amazing VNC [att.com] project).
Problem is, Crowds fell foul of the [brzzt, crackle] VERY SENSIBLE AND FOR YOUR OWN GOOD [bzz, pop] US laws on exporting encryption, and required you to sign a Declaration of Patriotic Fervour [att.com] to get your hands on it, which rather limited its usefulness in restrictive regimes that monitor and censor their citizens (other than the US, I mean).
Hopefully cDc will be able to get this thing prospering in the wild before they get charged with Conspiracy to Share Knowledge, or whatever. Good luck, guys, and remember, get that source out there early, and get it out there often.
Excellent! (Score:4, Funny)
Isn't it ironic... (Score:5, Interesting)
The day an anonymous website gets registration info from me is the day I cross completely into PHB syndrome.
Re:Isn't it ironic... (Score:2)
Create an anonymous email address and use that to register. You can get free pop mailboxes from Portland [portland.co.uk], or use www.sneakemail.com's anonymizer. [sneakemail.com]
Re:Isn't it ironic... (Score:3, Informative)
From the Peek-A-Booty Website [peek-a-booty.org]:
Peek-a-booty.org and anonymity
Posted on Monday, February 18 @ 14:46:12 PST by MrHappy
[Peek-a-booty.org] On Slashdot devaldez wrote: Isn't it ironic that the peek-a-booty website requires registration?! I thought the whole thing was directed toward anonymity.
While I suspect this might have just been intended as a cheap shot nevertheless it is a good and valid question. So to answer...
First: this site doesn't require registration. You are more than welcome to post anonymously. Your posting name will be "Anon" and no identifying information about you will be recorded.
Second, and more importantly, we don't actually care who *you* are per se, we're more interested in you creating an identity (or identities) here. Why? Because it allows others to recognize you; it builds familiarity and trust.
Take for example the identity of someone who consistently submits excellent, insightful material. As you read this person's submissions you might begin to develop a trust metric around them: articles they submit are better than articles submitted by someone else. Their having an identity creates a particular value for you and vice versa.
The only thing required to register on this site (and remember: you don't have to register) is an email address. By all means create a free one somewhere, use that to get your password and then forget about it.
There's you, there's your identity, there's anonymity. It's all up to you.
--Cycon
So, who is using my computer? (Score:4, Interesting)
Re:So, who is using my computer? (Score:2)
Re:So, who is using my computer? (Score:4, Informative)
Exactly. Although the request may come from an intermediary, and you may forward it on to another intermediary. The idea is that you'll never know, nor will you be able to view the SSL encrypted packets to even know what the data is.
Unfortunately, this is exactly what it means. However, your company will doubtless have a firewall in place that will stop you servicing incoming Peek-a-Booty request anyway. Chances are though you will still be able to use it though if you want to surf for donkey porn from work, so Peek-a-Booty is in (slight) danger of dying a quick death through leeching.
Incidentally, most residential cable and DSL customers will find that their contracts prohibit "providing services" to the internet community. Peek-a-Booty is definitely such a service. It doesn't even have the post-Napster excuse that you're necessarily getting anything in return (as a patriotic consumer should). Expect Peek-a-Booty to be about as popular with ISPs as a surprise IRS audit.
There are risks associated with this... (Score:2, Interesting)
Furthermore, since the software acts as a proxy service, this means that anyone, anywhere could potentially be hosting controversial material at any given time.
The cDc acknowledges this, in an interview with The Register [theregister.co.uk]:
"The app can be obscured, but not hidden as you correctly point out. We are going to give advance briefings to grassroots organizations who will act as one distribution chain; risk assessment will be part of that. Obviously, if someone is already on 'state radar', they would not be a suitable candidate," cDc member Oxblood Ruffin told us.
The above is from an article dated July 2001, so it might not be entirely up to date. Still, think twice and do your own research before installing if you for some reason are afraid of having the authorities come knocking on your door.
This still won't work! (Score:5, Insightful)
The problem: Say I'm a user who wants to connect to a Peek-A-Booty network. I need to get the address of a node to connect to. How do I get this? The obvious solution, and the one used for Gnutella and other peer-to-peer apps, is to publish a list of nodes (or at least one). But that won't work here -- because then the censors can use the same list to track down the nodes and block and/or disable them. This is especially problematic if you're using Peek-A-Booty as it claims it is meant to be: if you're in a country that filters access (say, China) and the government can track down the users trying to circumvent the filters, they can and will punish/torture/kill those people.
Peek-A-Booty has not solved this problem. Read what Tom's article has to say about it:
That's right -- the only way to connect to a Peek-A-Booty network is word-of-mouth, which is horribly ineffective. Finding a node will be extremely difficult unless you know the right people, and then it's very easy for the censor to ruin it. Trust the wrong person, and your whole network is exposed. Government spies could give out addresses that the claim are Peek-A-Booty networks, then catch anyone who tries to connect to those. Worst of all, they could just offer some huge incentive to people for turning in their friends.I hate to say it, but this system simply isn't ready yet. They have not come up with a technically sound solution.
Re:This still won't work! (Score:2)
Bear in mind that you'll also have to find out about and then get Peek-a-Booty in the first place. If you can do that, chances are you'll be able to find a list of nodes as well. Once this is up and running, a Google search and some patience should get you settled in.
I completely agree that it's not easy, that there is no magic technical solution, and that even using Peek-A-Booty may be risky for people in some areas.
The thing is: what's the alternative? Accept the firewalling? Use non-SSL public proxies that leave your traffic visible? Peek-a-Booty is one solution. What's your alternative?
Re:This still won't work! (Score:4, Insightful)
And they never will. Why? Because the problem they are attempting to solve is not a purely techincal one. Censorship is a political issue (e.g. involves people, not just machines) and as such demands a political component to it's resolution.
The merit of the program sits on the notion that repressive countries cannot afford to blockade the internet wholesale in order to control access to the proxy network. Ergo the success of the project is based on enough people in non-firewalled countries participating. And this doesn't just mean a lot of p2p proxy nodes, it also means a lot of people publishing a list of gateways.
Much like in the world of warez, the massive proliferation of information would make it difficult if not impossible for the censoring agent not only to keep up with the number of IPs that serve as proxy nodes, but also to keep up with the number of websites that point to potential gateways.
Look, this is a software project designed to break the laws of repressive countries. As such, it will never be a "technical solution" to the problem. At best (and this is what I think they're going for) it is a technical aid in the struggle for freedom. I say cheers to them.
Re:This still won't work! (Score:2)
I hate to say it, but this system simply isn't ready yet. They have not come up with a technically sound solution.
The best is the enemy of the good. It doesn't make sense to hold up a solution with some flaws in favor of an impossible system with no flaws. Freedom fighters take risks. That's their choice. We should help them to understand the risks they are taking but we should not deny them the right to even try to work around the system. Proxies are popular today even though they have the problems you describe. Peek-a-booty just ups the ante a little bit.
Re:This still won't work! (Score:2)
If a node list is published on many sites which also have desirable content, filtering becomes much more difficult. Not impossible, but consider publishing node lists inside discussion forums such as slashdot, yahoo groups, bravenet, ezboard, myforum, hostboard, etc.
Sure, a censor could search out the node lists, but a simple countermeasure would be to make sure the node lists are updated regularily with short-lived hosts. Another simple countermeasure would be to poison the list with hosts a censor would not wish to block. The software could maintain a local cache of hosts NOT running the proxy to avoid swamping normal sites with invalid proxy requests. Forged node-lists posted by censors could (maybe) be detected by checking signatures and some sort of "ring of trust" public key infrastructure, PGP style.
It's probably impossible to make censorship completely impossible... but it is possible to make it more difficult and expensive for censors. It sounds like a lot more is yet to be done. There are a lot of creative people out there and I'm sure some of them won't have any problem coming up with some really good ideas (I just made up these on the spot as I read your message... and there are certainly a lot of people who've put a lot more throught into this than I have).
This works now (Score:4, Insightful)
Millions of drug users use this model quite happily.
Re:This works now (Score:2)
Drug users are slightly safer. If a single Peek-A-Booty user of a given node is compromised, the government can start watching all traffic to that node and build a giant list of criminals. If a single drug customer is compromised, there're practical limits on how many other clients they can catch during a sting.
Re:This still won't work! (Score:2)
Don't worry, now they can send you the list of nodes on a self-shredding e-mail [slashdot.org].
Re:This still won't work! (Score:2)
Spooky prediction (Score:5, Interesting)
The Great Rogerborgio will make a spooky prediction. When Peek-a-Booty 1.0 reaches 100,000 downloads, a story will break that the client contains a hostile trojan that lets "evil hackers" take control of your machine, impersonate you, steal your credit card details, and screw your shrieking girlfriend in the ass while you watch helplessly, tears of frustration streaming down your shocked, betrayed face.
The story will be submitted by a "credible group of anonymous white hat hackers" and run - unquestioned - by BBC Online and - slightly questioned, at best - by Reuturs, and every other online news source will pick it up from there and spread it as gospel truth.
It will not be true. It will be Fear, Uncertainty and Doubt, pure and simple. Many interested parties will want Peek-a-Booty to fail. In fact, there are so many - governmental and industrial - that even the Great Rogerborgio cannot peer through the mists of time sharply enough to determine the culprit.
But it will happen. And remember, you read it here first.
Re:Spooky prediction (Score:2)
There's a slight problem here (Score:2, Insightful)
Re:There's a slight problem here (Score:2, Insightful)
Aims & Reality (Score:2, Interesting)
One can simply see this trend with the GNUtella network, and monitoring the search strings people send out. They're full of stuff such as "hairless pre-teen sex" and "dogs fucking women".
I'd be much more interested in running Peek-A-Booty if it had some sort of information-type limiting, but this would go against the whole basic concept of the program. I'd be glad to assist those who are oppressed, but WILL NOT help sexual predators and the like.
Maybe people who want to help those in oppressive countries should throw up rogue squid proxy servers with bandwidth rate limiting and perhaps some client access limiting (*.cn, *.ru, and soon, *.us). This is what I do and it works quite well.
I don't even advertise it, but quite a few people find it and use it (mostly people in southeast asia, actually)
Look for the worst and you'll always find it. (Score:4, Insightful)
I don't mind helping everyone equally. Even sexual predators- there are other ways to catch them.
Sorry, kiddie porn is not a trump card with me.
Re:Look for the worst and you'll always find it. (Score:2)
As obvious, the opinions I voice are merely my own. While my ethics do not align exactly with law, I have a particular distaste for sexual predators and child molestors, and it's a great enough issue that I do not want to potentially help them.
I'd like to also clarify my "I'd be much more interested in running Peek-A-Booty if it had some sort of information-type limiting" comment. I meant this at the participant-level, and not a network-wide level. Some sort of mechanism where the participant has the freedom to disallow his resources to be used for certain ideologies of which he does not want to take part.
But again, this goes against the entire Peek-A-Booty concept, and I may even be alarmist.
The proxy idea works great for me, and my proxy server hasn't been firewalled from China as of yet.
I get a significant amount of traffic from China, and they seem to look at a lot of democracy-oriented and (non-child) porn sites from the rare times I've taken a glance at the traffic.
Please note, I am all for this project, and not against it in the least. I merely have some concerns.
Re:Aims & Reality (Score:2)
>Why is it right to censor kiddie porn but not other things? You are not really against censorship if you believe that it is, you just disagree with what should be censored.
Because, it's my fucking computer. The government has nothing to do with my computer or my decisions not support something. You seem to have people and government confused.
Your argument is ridiculous. Would you give a neo-nazi group, or perhaps a coprophiliac web space on your server? Probably not.
A person is not a government. A person can exercise their freedom of choice, and their opinions, and my opinion is that I simply do not want to support some causes. I am not oppressing them by not supporting them.
Re:Aims & Reality (Score:2)
Yes, that's censorship. Again, an ISP is not a citizen. An ISP's server is not an individual's computer.
There is no burden on a citizen that requires them to participate in Peek-A-Booty, which is my whole point. There is no burden that a citizen must provide all of their available resources for public use in America.
As I said before, I am not against Peek-A-Booty, it's just something I would not participate in, because it does not align with my ethics (concerning helping pedophiles). This is not oppression, this is an individual's personal freedom in effect.
You seem to carry the misconception that my not participating in this program means I am somehow actively blocking them from accessing their destinations. This is completely wrong. I am merely choosing not to allow my personal equipment be used as an avenue for them.
Using your argument, I'd be oppressing people if I didn't have CAT5 cables running from my DSL equipment out to the curb for general citizen use. It's the same thing.
To force citizens to participate in ideologies they wish to take no part of is against freedom and oppression in itself.
You need to make the distinction between the rights of a person, and that of governments and corporations.
Re:Aims & Reality (Score:2)
When you run Peek-A-Booty, or any proxy, you are acting as an ISP for the people using your proxy to access the internet. Just because you give it away for free does not mean you are not an ISP.
You seem to carry the misconception that my not participating in this program means I am somehow actively blocking them from accessing their destinations. This is completely wrong. I am merely choosing not to allow my personal equipment be used as an avenue for them.
No, I never said that. I am not saying that not running Peek-A-Booty is opressing or censoring anything. I am saying that running Peek-A-Booty and filtering out certain types of material is censorship.
You need to make the distinction between the rights of a person, and that of governments and corporations.
I have said nothing about rights, or even what is right or wrong to to. All I am saying is that it is hypocritical to censor anti-censorship software. You have the right to do it, but it is still hypocritical.
Where's the "Beef"? (Score:2, Funny)
Just because people have seen it run, doesn't make it non vaporware, it has to be distributed.
So where's the Beef? ([lame joke]or should that be dead cow?[/lame joke])
Another Diamond Age prediction true? (Score:3, Interesting)
New trend in /. posting? (Score:2, Interesting)
Here is what will happen... (Score:2, Interesting)
That will be the end of that.
The End. (uggh) Nice idea though!
numerous problems (Score:2)
censor the proxy (Score:2)
Blocked! (Score:2, Funny)
The Net interprets censorship as damage, ... (Score:2)
Sig: What Happened To The Censorware Project (censorware.org) [sethf.com]
Employee surfing - hard learned lessons (Score:5, Interesting)
I used to work at a company that had a very liberal internet use policy. We were pretty early adopters as far as the corporate world goes. We wanted people to use the Internet as a tool and didn't want to micromanage or scrutinize its usage.
Over the years we had to tighten our policy as abuses started to mount. The final straw was an idiot who was collecting kiddie porn and saving it on our network server! We immediately notified the police and he has arrested and prosecuted. The guy literally had hundreds of pictures carefully organized into directories to categorize them. It was obvious (1) that he had been doing it for a while, (2) he had invested a great deal of thought and time in these activities.
The company was dragged into the employee's defense trial. We spent a lot of time and money on attorneys, depositions, etc. It was a nightmare. We were forced to implement a system to control and monitor access to the Internet to insure that this type of thing did not happen again. It is one thing to get caught in that type of situation once but it can't happen again.
So we spent a lot of time and money watching and controlling Internet access. It sucks but it only takes one idiot to mess things up for everyone and there are a lot of idiots out there.
I still think that ideally Internet usage should be the employees' responsibility but in the real world things often get much more complicated.
Peek-A-Booty is no longer affiliated with CDC (Score:5, Informative)
PEEKABOOTY UPDATE
FOR IMMEDIATE RELEASE
LUBBOCK, TX, February 7 -- The CULT OF THE DEAD COW (cDc) would like to clarify a few matters in relation to Peekabooty, an anti-censorship software application currently under development.
Peekabooty was originally the brainchild of the Hacktivismo group, an international cadre of hackers founded by the cDc's Oxblood Ruffin. Hacktivismo's mandate was and is to develop technology in the service of human rights. Peekabooty was its first project; others are in various stages of planning and development.
The CULT OF THE DEAD COW has supported this work from its conception, because we view censorship of the Internet as a cancer that must be excised. However, it should be noted that the cDc membership have not been contributing code or driving the development schedule for Peekabooty. This project was entirely the concern of Hacktivismo group.
Two years ago, Bronc Buster and Mr. Pink wrote the proto-code for the current iteration of Peekabooty. Paul Baranowski (who until recently used the handle "Drunken Master") later became its chief architect and took charge of the Peekabooty programming effort. Some months ago, Paul chose to dedicate himself full-time to refactoring the codebase and finish implementing the remaining functionality.
Paul has recently decided to sever ties with the Hacktivismo group but he will continue to develop the Peekabooty app. Occasionally developers can't find the environment they need to do their best work and now is one such time.
Paul will be leaving Hacktivismo and taking on full responsibility for his work and all future development of his software. So from now on, Paul is directing all aspects of the Peekabooty project. It is no longer a Hacktivismo production. The Hacktivismo group will shift its main focus back to other projects in the pipeline.
We continue to wish Paul the best of luck. We believe that Peekabooty will prove itself to be a liberating force on the Net. Although Hacktivismo has severed formal ties with the project, some members intend to informally contribute their testing skills, etc. to the ongoing effort.
Paul will be presenting a recent snapshot at CodeCon, February 15 - 17, in San Francisco. Go check it out. But please be aware that this is not a launch; Peekabooty is still a work in progress.
Defeating Geographic Region Control (Score:2)
Nomenclature (Score:2, Insightful)
Quick Browse (Score:2, Informative)
This should not be released under the cDc name. (Score:2, Insightful)
Peek-a-booty appears to be a valid program, and may even be really useful for people who have governments blocking them from freely accessing the internet. However, I do think that they should get rid of the cDc name, mainly because cDc is associated with lame backdoor trojans by a lot of people. Also, if it ever got mainstream media attention, it is likely that they would start the article by saying something like: "cDC, the makers of the infamous backdoor trojan program Backorifice...". This is likely to scare people from installing it.
Just my two cents...
Re:Risky? (Score:2)
Well, they tried this in Afghanistan, among other things.
Look where it got them
Re: (Score:2, Insightful)
Re:OK, but.... (Score:2, Insightful)
So it would show up as a lot of connections to various IP's, not one single bannable IP.