[liberationtech] New testing and disclosure policy
Jacob Appelbaum
jacob at appelbaum.net
Mon Sep 13 19:59:28 PDT 2010
Hello Bram and others,
On 09/13/2010 04:35 PM, Bram Cohen wrote:
>> If and when we resume testing, we will create a regular, formalized
>
>> notice, sent to each tester manually and embedded in the test program
>> itself, that informs each tester (in his or her native language) of 1)
>> the program’s status as an incomplete prototype, 2) the legal and
>> extralegal consequences he or she may face if found using the program,
>> and 3) the program’s unsuitability for sensitive information. We will
>> also solicit community feedback on the precise message we use.
>
> It isn't clear from the wording above whether you've come to understand this,
> but it's very important that early adopters of an anticensorship tool be
> specifically NOT people who are actually getting censored. For them to adopt it
> at that point puts them in considerable risk.
I agree and the evidence is overwhelmingly negative.
It's very clear to me that Haystack has users that do not understand
this - my copy of Haystack has *no* warning at all.
>
> Jake demonstrated that Haystack was still up last night for me as well, and I
> directly observed a number of problems with Haystack which make it entirely
> possible, if not likely, that all the IPs of everyone who's ever used Haystack
> have already been gathered by iranian intelligence. In the interests of not
> endangering users any more I'm not going to give further details right now, but
> the short of it is that the haystack network should remain down, and everyone
> should refrain from so much as trying to run the haystack software, even though
> it won't work.
I agree that it is probably unsafe to comment on it too much more at
this time.
Austin Heap claims today that he is still doing machine testing:
http://www.washingtonpost.com/wp-dyn/content/article/2010/09/13/AR2010091305827.html
Specifically the article reports:
"For the time being, we are going to stop human testing and rely instead
on machine testing," Heap said.
So is that true? Are you guys really still doing machine testing?
If so - I'd highly encourage you guys to stop for the Nth time...
Sincerely,
Jacob
More information about the liberationtech
mailing list