[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FYI] Firma Zero Knowledge Systems startet heute Freedom Network



Hallo,

was ist dann bezüglich der unteren Äußerungen von der Cypherpunk
Mailingliste letztlich von Freedom zu halten ?
Hört sich für mich eher so an, als wäre Freedom bis jetzt nicht zu
trauen, oder hat sich was geändert ?

Ciao
Kai

-----BEGIN FORWARDED MESSAGES-----

From: Lucky Green <shamrock@cypherpunks.to>
Subject: RE: Freedom/Pipenet Security
In-reply-to: <19991116024004.29045.qmail@nym.alias.net>
To: cypherpunks@cyberpass.net, cryptography@c2.net
Message-id: <NDBBIFGOKODBCKDGJDKLCEODCMAA.shamrock@cypherpunks.to>

On 16.11.1999 at 00:26 Lucky Green <shamrock@cypherpunks.to> wrote:

>Anon wrote:
>> The information that "traffic shaping" (link padding?) will be
>> turned off in the initial release is especially disappointing.
>> Without this technology Freedom provides little more privacy than
>> anonymizer.com, or one of the hundreds of free web proxies listed at
>> http://www.ijs.co.nz/proxies.htm and http://proxys4all.cgi.net/.
>>
>> No doubt the same cypherpunks who make excuses for ZKS's lack of open
>> source because of potential protocol instability (when they are already
>> issuing Release Candidate versions!) will explain why the absence of
>> link padding is nothing to worry about.  It will be interesting to see
>> how long ZKS continues to get a free pass from cypherpunks.
>
>I wouldn't fully agree that ZKS received a free pass from Cypherpunks, but
I
>readily admit that ZKS received a "presumption of security absent final
>specs and evidence to the contrary" due to the fact that Ian Goldberg is
>their Chief Scientist. Ian, unlike all but a few, is certainly capable of
>designing a secure anon IP system and has built up the impeccable personal
>credentials to not ever have given anyone even a hint of doubt that
anything
>with Ian's name on it is anything but secure. Therefore, Freedom received
>the benefit of the doubt. This was a reasonable course of action to take
at
>the time.
>
>However, I must agree with Anon that the time for doubt is over. Freedom's
>present pseudonymous email system is massively insecure and subject to
>compromise by even a moderately competent script-kiddy attacker. Freedom
>email nyms allow for easy confirmation of the identity of a suspected nym
>user. This attack does not require the powers of the NSA, but can be
>accomplished by the average Bugtraq or Cypherpunks reader. At present, the
>use of Freedom nym email for anything significantly more sensitive than
you
>would find comfortable discussing via your Hotmail account must be
>discouraged. I want a secure infrastructure as much, probably more so,
than
>the next guy and therefore don't relish these findings. But undeniably,
>given the facts, these findings are the truth.
>
>Unfortunately, Freedom security holes do not stop there. Freedom, as a
>feature, does not provide for anonymous IP. It provides for pseudonymous
IP.
>The exit node (AIP) knows the nym of the user making an outgoing
connection.
>If this user has been so unfortunate as to have set up a reply block, as
the
>default sign-up script will prompt him to do, he too will fall to the same
>attack Freedom email nyms are subject to.
>
>Now one may assert that the thread model for most users is not a corrupted
>Freedom server, but a corrupted target host. Sure, Raytheon may first
>subpoena Yahoo, but they will just as quickly subpoena the exit hop you
>chose in Freedom to access Yahoo. This task completed, they will know your
>Freedom nym. All that's left to do is a trivial attack against your POP
>server and your identity has been revealed. Your sole prayer for
maintaining
>privacy is that your opponent will only resort to subpoenas, not hacks.
>YMMV, but I wouldn't want to bet any significant amount of money on the
>rigidity of this thin piece of straw.
>
>Sadly, the core architecture of the Freedom IP network as presently
fielded
>appears to be insecure even disregarding the fatal email nym-based
attacks.
>Absent link padding, an attacker with access to your modem link, your
ISP's
>router, or you ISP's Postmaster (that is to say any attacker that bothers
to
>subscribe to Bugtraq or knows how to access http://www.rootshell.com) will
>be able to correlate your activities to those of your Freedom nym.
>
>At this point, it seems that the best we can hope with respect to Freedom
>security is for ZKS to fix the truck-size security holes by version 1.1
and
>that nobody with any sensitive information will use Freedom until that
time.
>
>--Lucky Green <shamrock@cypherpunks.to>

From: Adam Shostack <adam@homeport.org>
To: lcs Mixmaster Remailer <mix@anon.lcs.mit.edu>
Cc: cypherpunks@cyberpass.net, cryptography@c2.net
Subject: Re: Freedom/Pipenet Security
Message-ID: <19991116084143.A12985@weathership.homeport.org>
References: <19991116024004.29045.qmail@nym.alias.net>

On 16.11.1999 at 08:41 Adam Shostack <adam@homeport.org> wrote:

>On Tue, Nov 16, 1999 at 02:40:04AM -0000, lcs Mixmaster Remailer wrote:
>| > The traffic shaping code has issues, in V1 it will be turned off.
>| > Incidentally, the whitepaper you're looking at is close to retirement,
>| > a newer, more accurate one will be out shortly.  In addition, we'll be
>| > releasing our security analysis, which includes all of this, at about
>| > the same time.
>|
>| Votehere.net was raked over the coals for similar admissions of
inaccurate
>| website documents and promises of improved versions in the future.
>| Will ZKS receive equal treatment?
>
>Sure seems that way. :)
>
>| The information that "traffic shaping" (link padding?) will be
>| turned off in the initial release is especially disappointing.
>| Without this technology Freedom provides little more privacy than
>| anonymizer.com, or one of the hundreds of free web proxies listed at
>| http://www.ijs.co.nz/proxies.htm and http://proxys4all.cgi.net/.
>
>This is incorrect.
>
>Any of those proxies offer a 'one warrant' model for betraying you.
>If you leave reply blocks off, Freedom requires three warrants,
>possibly in different jurisdictions.  In addition, anyone* can verify
>what logs we create on the system, which is not the case with most of
>those proxy systems.
>
>*Anyone meaning anyone who gets the server operator package.  I'll
>claim that in this small instance, opening our source doesn't matter,
>since whats really relevant is the actual logging to disk (or net),
>not what we do internally.
>
>We will be publishing or opening our source code to outside
>inspection.  I'm not going to attach a timeline to this. and we're
>currently having an internal discussion about various implications of
>the decision, including things like the need to take bugfixes and
>patches from the outside, the possibility of forks, etc.
>
>Adam
>
>
>| No doubt the same cypherpunks who make excuses for ZKS's lack of open
>| source because of potential protocol instability (when they are already
>| issuing Release Candidate versions!) will explain why the absence of
>| link padding is nothing to worry about.  It will be interesting to see
>| how long ZKS continues to get a free pass from cypherpunks.
>
>--
>Resistance is futile!                       http://jobs.zeroknowledge.com

From: Adam Shostack <adam@homeport.org>
To: Lucky Green <shamrock@cypherpunks.to>
Cc: cypherpunks@cyberpass.net, cryptography@c2.net
Subject: Re: Freedom/Pipenet Security
Message-ID: <19991116084814.A13041@weathership.homeport.org>
References: <19991116024004.29045.qmail@nym.alias.net>
<NDBBIFGOKODBCKDGJDKLCEODCMAA.shamrock@cypherpunks.to>

On 16.11.1999 at 08:48 Adam Shostack <adam@homeport.org> wrote:

>Lucky, you offer some interesting challenges and questions.  I'm going
>to focus on getting the whitepapers and security analysis finished and
>published before responding in depth, because I think that its more
>useful to have this conversation with all the issues on the table.
>
>Adam
-----END FORWARDED MESSAGES-----
--

Homepage: http://home.kamp.net/home/kai.raven/index.html
DH/DSS PGP-Key ID: 0xA0232531