[liberationtech] [SPAM:###] Re: Google Unveils Tools to Access Web From Repressive Countries | TIME.com

Thu Oct 24 08:00:58 PDT 2013

Thanks Adam,

I appreciate your note, and I'm glad to hear what you have to say.

Forgive me, but I don't agree with you that everyone at Google Ideas shares
our goals.  Look into some of the other work that Jared Cohen does and it
becomes apparent that for him and his ilk, human rights concerns only exist
within dictatorships, not democracies.  Some of his colleagues have put
people I know directly at risk, and that I cannot forgive easily.

So while I'm glad to see that Lantern is behind this, I'm deeply
disappointed to see Cohen's involvement.

Best,
Jillian

On Tue, Oct 22, 2013 at 11:44 PM, Adam Fisk <afisk at bravenewsoftware.org>wrote:

> Hi Everyone-
>
> First off, apologies for the radio silence. My libtech reading has
> decreased in direct proportion to the volume of traffic, which seems in
> turn to have increased in direct proportion to my personal volume of work,
> so I'm a bit late to the game. To provide some context, over at Brave New
> Software we're still primarily focused on Lantern<https://www.getlantern.org>and have been rolling out a series of 1.0.0 beta releases we would greatly
> appreciate everyone's feedback on. We've been trying hard to improve our
> documentation, and all of our code is of course open source<https://github.com/getlantern/lantern> with
> an ever improving body of more detailed documentation<https://github.com/getlantern/lantern/wiki> we're
> in the process of migrating <https://github.com/getlantern/lantern-docs>.
>
> That said, we have been involved with UProxy <https://uproxy.org/> since
> the earliest stages and have written some of the code, but with the
> University of Washington and Google Ideas really doing the heavy lifting.
> We do, however, strongly believe in the potential of WebRTC to provide both
> interesting cover traffic as well as usability improvements that come as a
> result of reusing technology already built into the browser. One of the
> primary goals of both Lantern and UProxy is to build solutions that can
> scale to a large number of users without incurring unsustainable costs, and
> allowing ordinary users to provide access easily is a huge part of that
> effort. Another really vital aspect to both Lantern and UProxy is blocking
> resistance, and particularly the idea that trust networks are a promising
> path forward in that regard. I think we're seeing this now with private Tor
> networks where bridges are distributed through trusted contacts, and that's
> exactly what we're after with both Lantern and UProxy.
>
> I will say that I completely agree with both the criticisms on some of the
> messaging and with the security approach (which applies to both uproxy and
> Lantern), and I'll elaborate on that. At BNS we have not controlled any of
> the messaging, but as you said Roger, the following:
>
> > It's completely encrypted and there's
> > no way for the government to detect what?s happening because it just
> > looks like voice traffic or chat traffic.
>
> is a gross overstatement. I'm personally of the belief that the above is
> simply not possible or at the very least extremely hard and unsolved, as I
> think we've discussed a bit in person with regard to the efforts to
> disguise Tor traffic as Skype traffic. I'm not sure I've ever said this
> directly, but I'll say now publicly that you're one of the technologists I
> personally hold in the highest possible regard, and I always welcome any
> criticisms you may have. You've also given Lantern really valuable advice
> from its earliest days, which I really appreciate. The above quote I think
> is an unfortunate combination of a limited understanding of the technology
> and conversation with a reporter who will pick the juiciest sound bites,
> but it's clearly incorrect and just dangerous.
>
> I also quickly wanted to also acknowledge Sascha's excellent point about
> trust network mapping:
>
> > I would be more concerned with adversary externaly
> > observing the connections, seeing that a group of people from within
> > country X are connecting to the same ip in country Y , thus relating
> > those people in that group as sharing a node in a social graph, so to
> > each other, while they might not have seen them as related before..
>
> This is a concern that was discussed at some length yesterday at the
> Google Ideas Summit, and it's a really astute observation others have also
> made, most recently at CTS in Berlin. With Lantern it's considerably less
> of an issue because Lantern uses Kaleidoscope<https://github.com/getlantern/kaleidoscope> to
> also share connections of contacts who are not direct friends, in Lantern's
> case up to four degrees away. While that raises its own concerns in terms
> of proxying through essentially total strangers (again with blocking
> resistance as the goal), it does mitigate against social network mapping
> attacks. In both the UProxy and Lantern cases, however, there is more
> thought and research to be done, as it's not immediately obvious how
> significant it is that two people know the same person, particularly when
> that person is inherently living in another country that is uncensored.
> That is by no means an effort to dismiss the critique but rather an
> observation that the conclusions to draw aren't obvious at least to me.
>
> On a final note, I just want to say I truly believe we're all after the
> same ultimate goals of freedom of expression and speech around the world.
> That may sound naive, but that's truly something I'm personally passionate
> about. At Brave New Software we not only welcome but strongly encourage
> critique and criticism of our work, and we deeply thank anyone willing to
> take the time and to do the work to do so. For us I think that aspect of
> work is a vital component. For so many of us on this list who are in the
> trenches in this long term fight to build an Internet that's inherently
> less susceptible to corruption and that inherently preserves freedom of
> speech and freedom from control, the amount of work required to build those
> systems well is staggering and sometime overwhelming. As a result I would
> simply submit a plea that we take the work seriously and not engage in
> frivolous debate or endless argument. We simply don't have time and can't
> afford to operate inefficiently as a community. I see us all as
> collaborators working towards the same ultimate goals, or at least close
> enough ultimate goals that we can team up for a good while, and it's truly
> a privilege to be a part of it all.
>
> Thanks so much.
>
> -Adam
>
>
>
>
> On Tue, Oct 22, 2013 at 2:58 PM, Collin Anderson <
> collin at averysmallbird.com> wrote:
>
>>
>> On Tue, Oct 22, 2013 at 1:36 AM, Roger Dingledine <arma at mit.edu> wrote:
>>
>>> That was a different guy though right? And surely this time
>>> they're doing it right, with a comprehensive design document and threat
>>> model, open source, etc before the publicity splash?
>>>
>>
>> Sort of, but I think these challenges about Google or Jared Cohen's
>> involvements with either are a bit immaterial -- particularly given the
>> development chain and that I believe it will be open source at the time of
>> actual use. My understanding is that uProxy simply opens a SOCKS connection
>> to relay traffic with your G+/XMPP peer through WebRTC; it is not exactly
>> reinventing the Internet or circumvention. Anyway, uProxy is developed by
>> University of Washington and Brave New Software (Lantern), hence the
>> "seeded by Google Ideas" note. The developers seemed to be kicking around
>> thoughts on the next stage of transport, so it would be a prime time to
>> bother them about pluggable transports.
>>
>> Adam is probably on Libtech, but I have CC'ed him just in case because it
>> would probably be more useful to talk about Lantern right now than have
>> things derail.
>>
>> --
>> *Collin David Anderson*
>> averysmallbird.com | @cda | Washington, D.C.
>>
>
>
>
> --
> --
> Adam
> pgp A998 2B6E EF1C 373E 723F A813 045D A255 901A FD89
>
> --
> Liberationtech is public & archives are searchable on Google. Violations
> of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
> Unsubscribe, change to digest, or change password by emailing moderator at
> companys at stanford.edu.
>

-- 
*Note: *I am slowly extricating myself from Gmail. Please change your
address books to: jilliancyork at riseup.net or jillian at eff.org.

US: +1-857-891-4244 | NL: +31-657086088
site:  jilliancyork.com <http://jilliancyork.com/>* | *
twitter: @jilliancyork* *

"We must not be afraid of dreaming the seemingly impossible if we want the
seemingly impossible to become a reality" - *Vaclav Havel*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20131024/1b3dd582/attachment.html>