[liberationtech] Deconstructing Mehdi Yahyanejad's "deconstruction of the security risks narrative of Haystack"
Danny O'Brien
danny at spesh.com
Sat Sep 18 16:34:34 PDT 2010
On Sat, Sep 18, 2010 at 1:44 PM, Evgeny Morozov
<evgeny.morozov at gmail.com> wrote:
>
> So let me shed some light on this here, for in my investigation I found how
> at least one group of testers got access to it. Here is how it worked.
> Together with their intermediary based outside of Iran, the Haystack team
> had set up a Gmail account and created a draft message there, where they
> stored instructions/executable files for download by others. The log-in
> details were then distributed to the testers – and eventually reached me
> last week. Even though I personally did not log into that account as it
> would probably have been illegal, a person authorized to use the Gmail
> account confirmed that the password still worked and sent me the
> screenshots.
>
Just drilling down to one point here: do we know whether the client
available for download via this Gmail account had the same
characteristic as the client that Mehdi and Jake analysed?
(This question isn't relevant to the main thread of your argument; I'm
still just trying to find out if I we can reasonably estimate the
distribution of the "test" client.)
d.
More information about the liberationtech
mailing list