The latest alpha release of the Tor Browser uses a deterministic build process for exactly that reason: users of open source software (or the small minority of users with the necessary technical skills) should be able to check that the published binaries match the published source exactly - no malware, no easter eggs, no backdoors. If someone detects a mismatch, they can alert the rest of the community.

Mike Perry, who spent six weeks getting deterministic builds working for Tor, has some interesting thoughts on why this is an important issue for security tools, even if the users completely trust the developers.

I'd like to see more open source projects following Tor's lead. Gitian is a deterministic build tool that might help - it enables multiple people to build a binary from the same source and check that they get identical results.

This case is unusual in that there's been a long series of bomb threats - they could easily have started monitoring all known remailers a week ago. But I wouldn't be surprised if they had all known remailers under surveillance all the time - especially since they know that's necessary if they want to trace a message at any time in the future.

What they should have done is use one of those handy-dandy national security letters or whatever they are called to gain access to the server in secret. They could have pried the private key loose that way, then initiated monitoring on the next server up the chain, another letter, and so on.

Interesting point - I wonder if they though the Riseup admins would blow the whistle and go to jail.

Of course this also falls apart if one of the servers is some place that doesn't like the US and won't honor requests from US law enforcement.

True. Watching this unfold could be an interesting lesson in the international reach (or not) of wiretap and seizure orders.

Unless the server operator was a total dofus, this brings them exactly zero steps towards resolving their problem, because this is exactly the kind of attack that Mixmasters was designed to withstand.

I'm not sure you're right about that. Unlike the more recent Mixminion design, Mixmaster doesn't provide forward secrecy. Each mix uses a long-term public/private key pair. To send a message anonymously, you encrypt it with the public key of each mix you want it to pass through, and each mix uses its own private key to remove a layer of encryption. The last mix in the chain removes the last layer of encryption and delivers the message to its destination. The mixes carry on using the same key pairs indefinitely.

Now imagine you have the wiretapping and server-seizing powers of the FBI and you want to trace a message. You wiretap all the mixes and record the encrypted messages passing between them. When an unencrypted bomb threat pops out of one of the mixes, you seize that mix and use its private key to decrypt all the messages you recorded arriving at that mix. One of them decrypts to the bomb threat. You seize whichever mix that message came from and repeat.

This attack has been known about ten years, which is why Mixminion changes its key pair periodically and uses TLS on the connections between mixes. But remailers don't get much attention these days, so it seems people are still using Mixmaster.

TL;DR: You can trace messages by seizing Mixmaster servers. Expect more servers to be seized in the coming days.

I used to spend a lot of time evaluating new languages. Now I just use this handy flowchart.

Doesn't that just make the "friend" instantly liable for contributory infringement?

When you download a file through a chain of people, every link in that chain is a friendship. Nobody connects directly to a stranger. So the only people who can bust you for contributory infringement are your own friends, and the only people who can bust them are their own friends, and so on.

It's possible that an infiltrator would spend time building up fake friendships just to bust people for copyright infringement, but it doesn't seem very cost-effective to me. That tactic has been pretty much abandoned in drug policing because it just mops up a few naive people at the edges of the distribution network without ever getting closer to the centre.

By the time the darknet grows enough to be useful there will be some friends of friend of friends that are not so careful and not so trustworthy, and not so cluefull. They will click a link somewhere. Their kids will install some internet game. They will get a piece of malware installed. They will get compromised, then the movies sitting on their computers will be discovered as well as their list of darknet friends, and the jig is up.

Whose jig is up? Not mine. If somebody two or three hops away from me in the darknet gets owned, I don't lose my anonymity, because the only people who know my identity are my immediate neighbours in the darknet, who are people I trust.

In BitTorrent, a single compromised node can identify everyone in the swarm. In a darknet, a compromised node can only identify its immediate neighbours. If you choose your friends carefully you can stay safe, even if your friends' friends aren't so careful.

The first rule of darknets is "Don't talk about darknets" - so they tend to get reinvented a lot. ;-)

WASTE and RetroShare are fairly similar, but RetroShare has a lot more features - forums, its own email system, public and private chatrooms, better portability, better firewall traversal, etc.

You're going to need a centralized forum/chatroom, aren't you, where you can meet people and identify those with common interests and focus?

I've heard rumours about a distributed network of chatrooms called IRL where you can meet people with similar interests. Apparently it's like IRC except the jokes aren't as good.

Similarly, after LimeWire was shut down the brand was relaunched as a monthly subscription service for slowing your computer down and giving you viruses.

Looks like someone already created a torrent.

Wow, Jacob Appelbaum has really changed since he joined that church...

While I agree with your criticism of the "creative economy" fable, I can see one way in which "creative industries" can genuinely increase productivity, and that's by making people want more stuff, or newer stuff, or higher-status stuff, which in turn makes them work harder, keeping the ol' investment capital flowing. Novelty is an important part of that process, and novelty is the sine qua non of the "creative industries": even when the product sucks, at least it's new.

The stimulation of demand through advertising and marketing has been driving Western economies since the Second World War, and it works just as well for intangible as tangible goods. So while I agree with your criticism, I don't think you should limit it to the "creative industries" - I think it applies to any industry that would vanish in a puff of smoke without its advertising department.

It's hard to see why a video store clerk (what is a video store?) is a creative persona.

The "creative class" isn't the class of creative people - it's the class of people whose jobs depend on the production of intangible goods such as stories, music and software. That's why video store employees (remember them?) and software engineers are members of the class but shoe store employees and hardware engineers aren't. It's a well-recognised labour category in the UK, but apparently not in the U.S., according to this excellent article about the creative industries:

In Britain, where the pioneering work on the concept has been done, the category covers design, advertising, theatre, dance, music, visual arts, creative writing, crafts, plus museums and galleries. On the ministerial level it also includes leisure, entertainment, tourism and heritage industries, and sports. The situation in the UK, in particular, is quite different because throughout the 1990s to the present, “creative industry” has been a government-established, recognized, and practiced category for government policy and administration. In the United States, in contrast, the terms “creative industries” and “culture industries” are rarely used outside academic circles. The term “creative economy” does appear in some policy discussions and documents on a local and sometimes regional level. . . . . In other cases, the terms “information economy,” and “intellectual property” are the common framing concepts and cover the effort to control and efficiently commodify creative material, especially in its intangible forms.

The best technical introduction to game theory I've come across is Game Theory: A Critical Introduction by Shaun P. Hargreaves-Heap and Yanis Varoufakis, which introduces the most important concepts while placing them within their philosophical context (for example, to what extent is it reasonable to regard humans as the kind of agents assumed by game theory?). I've been studying game theory for years and wish I'd read this book a long time ago.

If you really have no patience for philosophy, try Game Theory for Applied Economists by Robert Gibbons instead. ;-)

John Maynard Smith's Evolution and the Theory of Games is accessible and indispensable.

Less technical works that explore the implications of the theory in fascinating ways include The Evolution of Cooperation (the book that first got me interested in the subject) and The Complexity of Cooperation by Robert Axelrod, and anything by Brian Skyrms.

Having stuck my oar in during a previous consultation, I was emailed a copy of the draft recommendations and asked for feedback. Here's the response I sent to Nominet.

Dear ______,

Thank you for circulating this draft. I'm disappointed to find that Nominet is still considering adopting a policy that effectively grants the police new powers. In a democratic society, the only acceptable way for police powers to be extended is through legislation. If there is a genuine need for the police to be able to take down websites without judicial supervision, Parliament should grant the police that power. If Parliament does not do so, no other organisation should arrogate the right to do so - particularly when, as the draft notes, the Government is currently considering such legislation.

It may be inconvenient for the police, and perhaps even "harmful to consumers", that judicial oversight sometimes imposes delays on police work. Nevertheless, that oversight exists for good reasons, and attempts by the police to circumvent it are misguided and dangerous.

Court orders are available at very short notice for other kinds of urgent police work; if the courts have not seen fit to make orders for taking down websites available to the police as quickly as the police would like then it is worth asking why not. Nominet should not allow itself to be manipulated by the police into short-circuiting the judicial process.

As a piece of quasi-legislation, the draft is seriously lacking. It does not define key terms such as "consumer harm" or "UK law enforcement agencies with which Nominet has a trusted relationship". No process is defined for deciding which cases "involve disputes between private parties, freedom of expression or political speech", or for challenging such decisions.

The vague language in the final paragraph about an "appeal mechanism" and an "independent panel" makes no concrete commitments to meaningful oversight. Indeed, it is difficult to imagine how it could do so, since Nominet does not have any legal powers to punish wrong decisions or make reparations. The courts do - they are the proper venue for such decisions.

Best regards,
______