Proper implementation of friend groups: Request for input

December 17th, 2007

In my quest to bring the features of Livejournal (and other proprietary social networks) to the open, public internet, I'm stuck on how to properly implements friend groups. Friend groups determine which users are allowed to see your more sensitive blog entries. I've pulled together a description of several alternative models, and I'd like some input.

Read full entry »

When torrents bite back

September 19th, 2007

Four days ago, a group calling itself the "MediaDefender-Defenders" released a torrent pointing to 700 megabytes of corporate emails from MediaDefender, a company providing "BitTorrent protection services" to record labels and movie studios. The emails expose company strategy, confidential contracts, passwords and login information, lists of servers and IP addresses, and reactions to mentions of the company in the news [read them here]. This post is a summary of recent events, along with a heaping of speculation as to what happened behind the scenes.

Read full entry »

Using Tor correctly: Anonymous browsing edition

October 21st, 2006

Tor is a popular system for sending Internet traffic anonymously. It is mainly used for three purposes: hiding one's identity, hiding the identity of the site one is visiting, and hiding the data that one is sending and receiving. However, using Tor without some basic precautions is worse than not using Tor at all, leading to privacy violations, data theft, and security concerns. Here, I cover browser security with respect to preventing identity and data leakage when using the Tor network. If you are only using it to defeat web filtering, feel free to read only the section called "Locking yourself down".

At the end is an executive summary. Use it as a guideline, but make sure to read this entire post first -- it contains important instructions on how to change your browsing habits.

Read full entry »

Towards anonymous currency transactions

October 8th, 2006

Anyone can create and maintain an anonymous online identity through the use of Tor and carefully chosen browser settings, but a difficulty soon arises: How does one pay anonymously for services? Some hosting and email providers accept digital currency (usually e-gold), but the process of getting e-gold in the first place is a bit trickier. Every reputable-looking digital currency exchange service that I've seen demands some proof of identity in a bid to prevent money launderers and financial fraudsters from using their system. There used to be a service that allowed anonymous digital currency transfers (YodelBank), but it closed when the operator became weary of running it. Where does this leave anonymity-seekers? I have a proposal for a system that could allow (though not guarantee) anonymous, blind transfers without opening avenues for money laundering.

Read full entry »

Upgrade Tor to TRUE latest version (in Ubuntu)

October 8th, 2006
Very out of date by now. Just use these instructions.

The Tor packages in the Debian (and Ubuntu) respositories are not up-to-date. This is dangerous, since people do rely on them for strong anonymity, even though the package warns them not to do so (it's still the best out there.) To get the latest stable version, you'll have to add another repository to your sources.list file and set your system to trust it.

Read full entry »