Four short links: 8 October 2009

DIY Baby Rocker, Unix Systems Glory, Encrypting Ephemera, and Explaining Creative Joy

by Nat Torkington | @gnat | comments: 0

1. Linux Baby Rocker -- inventive use of a CD drive and the eject command ... (via Hacker News)
2. I Like Unicorn Because It's Unix -- forceful rant about the need to rediscover Unix systems programming. Reminds me of the Varnish notes where the author explains that it works better because it uses the operating system instead of recreating it poorly.
3. Encrypting Ephemeral Storage and EBS Volumes on Amazon -- step-by-step instructions. (via Matt Biddulph on Delicious)
4. You Have No Life -- if a video smacks even slightly of concentrated effort or advance planning, someone will inevitably scoff that the subject has a) "too much time on his hands" or b) "no life." Ten times out of ten. [...] After six years I lack a succinct, meaningful response to my students' defensive, clannish embrace of mediocrity, though I'm grateful for this tweet, which comes pretty close: dwineman: You say "looks like somebody has too much time on their hands" but all I hear is "I'm sad because I don't know what creativity feels like."

Four short links: 23 July 2009

Wave Fed, Fake Steve, Vanish and Reconnoiter

by Nat Torkington | @gnat | comments: 0

1. Google Wave Federation Protocol -- the interesting part of Wave for me is the system for keeping databases coherent. There's a reference implementationl.
2. I shouldn't have yelled at that Chinese guy so much -- the post that redeemed Fake Steve Jobs in my eyes. We all know that there's no fucking way in the world we should have microwave ovens and refrigerators and TV sets and everything else at the prices we're paying for them. There's no way we get all this stuff and everything is done fair and square and everyone gets treated right. No way. And don't be confused -- what we're talking about here is our way of life. Our standard of living. You want to "fix things in China," well, it's gonna cost you. Because everything you own, it's all done on the backs of millions of poor people whose lives are so awful you can't even begin to imagine them, people who will do anything to get a life that is a tiny bit better than the shitty one they were born into, people who get exploited and treated like shit and, in the worst of all cases, pay with their lives.
3. Vanish -- time-limited encryption in a Firefox plugin.
4. Reconnoiter -- holy cow web console and analytics for data centers, from the magic Theo Schlossnagle. He built the screenshots for his OSCON presentation, graphing streams of live performance data from dozens of data centers, while on a Virgin America flight.

Dramatic Increase in Number of Tor Clients from Iran: Interview with Tor Project and the EFF

by Timothy M. O'Brien | comments: 2

Anonymous proxies are in the news this week as Iranians are using proxies outside of Iran to communicate information about ongoing protests to others within the country. I've received several queries this week from non-technical colleagues about proxy servers. Is it legal to run a proxy server? Does running a proxy server violate my agreement with my broadband provider? I decided to track down some experts and get some perspective on different proxy servers and the laws surrounding them. In this entry, I speak with Andrew Lewman, the Executive Directory of the Tor Project about Tor and I also get some legal guidance from Peter Eckersley of the Electronic Frontier Foundation.

In this interview I ask Andrew to briefly introduce Tor and talk about some interesting useage statistics that show adoption of this anti-surveillance technology from within Iran. He answers a question about whether Tor is "unstoppable" and comments on the legality of running a Tor node. For the full interview, listen here.

The Tor Project

First, what is Tor? From The Tor Project:

Tor is free software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security known as traffic analysis. Tor protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location. Tor works with many of your existing applications, including web browsers, instant messaging clients, remote login, and other applications based on the TCP protocol.

When you run a Tor node, you are adding another node to a grid of computers that are used to establish random encrypted paths between each node to satisfy any given request. Law enforcement, military agencies, intelligence networks, journalists, and dissidents frequently use Tor to bypass restrictions and avoid surveillance. Andrew Lewman, Tor's Executive Director, wanted to be very clear that the Tor Project itself does not take positions on conflicts, and does not involve itself in resisting oppressive regimes. In response to a question about traffic from Iran, Andrew Lewman produced the following data:

New client connections from within Iran have increased nearly 10x over the past 5 days. Overall, Tor client usage seems to have increased 3x over the past 5 days. There are a lot of rough numbers in these statements, and they are very conservative. However, the source data we're reviewing continues to show these results.

For more information, see Andrew's blog post from last night: "Measuring Tor and Iran". Here's a graph from Andrew Lewman of Tor client count over the past few days, it appears that Tor is becoming an increasingly popular way for people in Iran to use the network to avoid surveillance.

But is it legal? The Legality of Running a Proxy Server

Peter Eckersley, Staff Technologist at the EFF, took some time to answer some very simple questions about EULAs, Tor, and the legality of running a proxy server.

Q: Various broadband providers state in EULAs that a customer must secure the equipment used to provide access to the Internet. What is the position of the EFF with regard to the legality of these EULAs? Are people breaking the law by providing an open access router?

Peter Eckersley: It's impossible to comment on broadband EULAs in general; each of them has different specific language and ISPs deploy them in different ways. We aren't aware of any case in which a broadband subscriber was sued for running an open wireless router, a proxy, or similar technology for sharing their connection with others.

Q: The last update to the Tor FAQ from the EFF on the Tor site was from 2005. Have there been any developments with the EFF in relation to Tor? Since 2005 is there more clarity as to the legality of running an Exit Node in a Tor network?

Peter Eckersley: The EFF Tor FAQ still reflects our opinions about the legality of Tor. It hasn't changed since 2005 because there haven't been any published cases or other events that have changed our views.

Q: What advice would the EFF have for anyone new to setting up a proxy server this week (as many have done to support protestors in Iran)? Is it legal? What issues do people need to be aware of?

Peter Eckersley: EFF's advice at this point is that people should consider setting up Tor bridge nodes or Tor routers instead of proxy servers. Several thousand new proxy servers have appeared in the past week, but we fear than unencrypted proxies leave Iranians vulnerable to surveillance and continued censorship by the Iranian government. SSL ecrypted proxies are better in this respect, but they are harder to set up than Tor routers, and there are some reports that the Iranian government has succeeded in blocking access to at least some encrypted proxies.

Fixed Typo @ 3:23 PM Central Saturday: One of my questions for the EFF had a rather important typo - I had typed Iraq instead of Iran. Fixed.