[liberationtech] Jacob Appelbaum's Ultrasurf Report

Pavol Luptak wilder at trip.sk
Sat Apr 21 18:31:41 PDT 2012 

On Thu, Apr 19, 2012 at 12:16:33PM -0700, Catherine Fitzpatrick wrote:
>    Jacob Appelbaum's agenda doesn't seem to be entirely altruistic here with
>    this Ultrasurf report.
> 
>    There's a lot going on -- first, there's the desire of him (and his
>    supporters) to attack the US government and "DC Lobbyists" merely for what
>    they are, which is a hated government with a disliked Internet Freedom
>    program, which has put him under investigation for his involvement in
>    WikiLeaks (his buddies at the State Department notwithstanding). Second,
>    there's the desire to attack any competitor of Tor, especially a
>    competitor that adheres to the idea of proprietary versus open source
>    software. These are religious matters.

These are just facts, I don't like the US government because of the similar
reasons. 

>    There is the added dimension of the pornography issue -- Appelbaum's slam
>    on Ultrasurf for blocking porn distracts from the fact that Tor is
>    notoriously used for viewing pornography, including illegal child
>    pornography. And there's the fact that Appelbaum has published his
>    critique just as yet another criminal case involving the use of Tor for
>    illegal drug sales is being publicized:
> 
>    http://www.justice.gov/usao/cac/Pressroom/2012/045.html

At least for me this is just a proof of Tor's no censorship/no central control
at all.
And the reason why we should trust and prefer Tor rather than other solutions.

Regarding the government's drug prohibition - this is a religious matter.
From the moral point of view, nobody (including the government) has right 
to interfere to the mutual voluntary business (when no 3rd party is 
demonstrably affected).

People behind Tor just care about personal freedom (unlike the US government).

>    What's important in the fight for Internet freedom are the following
>    principles of non-coercion:
> 
>    o no one should be forced or brow-beaten into using open-source software;
>    proprietary software is ok to use. If your opensource software is
>    demonstrably better, it will sell itself without you having to
>    artificially level the playing field with constant ideological attacks

A possibility to analyze the source code can be definitely considered as 
a security advantage (compared to the source code absence), this is not about 
ideology. Of course anyone can choose any software (opensource or proprietary)
he wants, but it is good to know about this fact. Most common people do not 
realize this fact and therefore prefer usability instead of security. If you 
care about freedom/privacy of other people, it is definitely good to do some 
security awareness enlightenment (and that's what Jacob does).

> 
>    o no one who produces proprietary software solutions should be bullied
>    into having to discuss their flaws openly or be forcibly outed as to their
>    flaws; it merely helps give ideas to authoritarian governments and doesn't
>    really help users.

Of course, but everyone who produces proprietary software and rejects to 
discuss about its software flaws/vulnerabilities openly, should expect that 
the security community would probably prefer open and transparent security 
solutions...

>    o if you don't like proprietary software, you don't have to wage a jihad
>    against it, you can make your own opensource software that is supposedly
>    better

I have nothing against proprietary software (use a lot of them).

But anonymization/anti-censorship software (Tor or Ultrasurf) is extremely 
sensitive thing that may throw you in jail or endanger your life in the worst 
case.
That's reason why I would never use any closed-source proprietary 
anonymization/anti-censhorship software.

The problem is that most people who are using the closed-source proprietary
anonymization/anti-censorship software are just not aware of this simple fact.

>    o people have the right to be wrong about software -- an open society
>    requires that right to be wrong and to float contrary hypotheses even if
>    they are incorrect, politically or otherwise

Of course they have. But if you are a security guy and you are aware of many
security risks (e.g. that proprietary closed-source software simply lacks 
possibility of public source code inspection) and you care about privacy of 
other people, it is a good idea to promote these things (that's what Jacob 
does).

Pavol
-- 
______________________________________________________________________________
[Pavol Luptak, Nethemba s.r.o.] [http://www.nethemba.com] [tel: +421905400542]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 230 bytes
Desc: Digital signature
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20120422/f90bf449/attachment.asc>

More information about the liberationtech mailing list