[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [OT] another proxy, but not open source :-(

     On Tue, 25 May 2010 13:33:23 -0400 Ted Smith <teddks@xxxxxxxxx>
>On Tue, 2010-05-25 at 01:45 -0500, Scott Bennett wrote:
>> I don't know who "Censorship Research Center" might be, but they claim
>> to have a development project going for another encrypted proxy service.
>> However, they say it will be free software, but *not* be open source, so =
>> one can examine what they have done in order to look for bugs, design fla=
>> etc. :-(  There isn't much real information at the web site,
>> 	http://www.haystacknetwork.com
>> but what little there is looks very much like an attempt to sucker people
>> who don't understand much about security.
>>      Oh.  I almost forgot.  Their FAQ page mentions tor, complaining abou=
>> tor's publicly available directory and arguing that their method is bette=
>> while not mentioning bridges.
>I saw this a while ago. From what I could get from their website, it

     What drew my attention to it was a small newspaper column in yesterday's
_Fib_ (a.k.a. _Trib_ a.k.a. _The_Chicago_Tribune_) that I saw at a coffee
shop.  The author was all ga-ga about it, praising Austin Heap as if he
should be canonized ASAP for his wonderful work for freedom of speech.
Being somewhat of a skeptical nature, I looked up the web site referred to
in the article when I got back to my apartment last night.  I couldn't figure
out why the author, Kurt Knutson of WGN TV, was so taken in by something that
isn't even available yet and about which there is so little publicly available

>looks like they'll be running single-hop proxies from various hosts, and
>distributing that list inside the proprietary software they distribute

     That's more than I managed to extract from it, but that certainly
looks very bad if that is indeed what they are doing.

>(IIRC). They also say they'll be using HTTP as the transport protocol,
>which means either that the content will be unencrypted or that it'll be
>tunneled through HTTP.=20
>I wonder if they'll sign the binary blobs they distribute; it would be
>very easy for the police in any country to distribute their own
>backdoored version (via sneakernet) and just arrest everyone who uses
     Maybe they'll sign it with their own in-house equivalent to PGP, too. :-}

                                  Scott Bennett, Comm. ASMELG, CFIAG
* Internet:       bennett at cs.niu.edu                              *
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/