From ian at revver.com  Mon Jul  3 22:50:18 2006
From: ian at revver.com (Ian Clarke)
Date: Mon, 3 Jul 2006 15:50:18 -0700
Subject: [freenet-chat] Freenet Project status report - and request for your
	assistance
Message-ID: <65803800-A33C-42A6-834C-812C35838F59@revver.com>

Hi all, time for a status update.

The pace of coding on Freenet has increased dramatically since the  
release of the 0.7 alpha. We now have an active group of core  
developers working with Matthew Toseland (our full-time dev), and a  
growing community of developers working on third-party applications  
through the Freenet Client Protocol. After the rather stagnant period  
before the decision to switch to a darknet model, Freenet is now more  
active and vibrant than it has ever been.

Current estimates put the size of the darknet between 300-400 nodes,  
not bad for a hard-to-use alpha release, and we are seeing an average  
of about 50 commits per week from developers. We have 4 Google Summer  
of Code projects working on everything from a new load-balancing  
mechanism, to a cross-platform file upload and download utility  
(called "Thaw"), and a flexible user-friendly installer.

We have also been thinking hard about how to minimize the inherent  
usability challenges posed by a darknet approach, and with this in  
mind, have implemented support for third party applications to add  
and remove darknet connections via FCP. This means we can do things  
like write IM plugins to make it very easy to establish connections  
to friends.

We will also be deploying "opennet" functionality, so that users who  
don't need the security offered by the darknet, can just start up a  
node and get going immediately, as with previous versions of Freenet,  
but this time with the benefits of NAT circumvention and a UDP-based  
transport.

On the more administrative side, Florent Daigni?re has been a big  
help, setting up a bug tracker (https://bugs.freenetproject.org/),  
and a variety of other tools to help streamline Freenet's development  
process.

Its not all good news though, despite the generosity of many of our  
users, donations to the project have been unable to keep-up with the  
$2300 per month (a meager salary for a software developer in the UK)  
needed by Matthew Toseland, and right now we are on the verge of not  
being able to continue to pay him - which would obviously be terrible  
for the project. In the past, users and supporters of the project  
have been extremely generous when we have asked them to help us out  
of a financial hole, and I am hoping that you can be similarly  
generous on this occasion.

With this in mind, I would ask that you visit our donations page on  
the website, it can be found at:

    http://freenetproject.org/donate.html

And please donate anything you can spare.

Many thanks,

Ian Clarke,
Freenet Project Coordinator.

From toad at amphibian.dyndns.org  Wed Jul  5 01:24:26 2006
From: toad at amphibian.dyndns.org (Matthew Toseland)
Date: Wed, 5 Jul 2006 02:24:26 +0100
Subject: [freenet-chat] Interesting news from Iran
Message-ID: <20060705012426.GA28068@amphibian.dyndns.org>

Apparently Iran blocks all HTTP proxies... China doesn't do this yet.

<abcdef> all tor routers are blocked in iran
<abcdef> is there any web-censorship-circumvention net which operates
like freenet?
<abcdef> I got a technical question
<abcdef> u c when u try to connect to a proxy in Iran, no matter what
port you're using
<abcdef> when you try to load a webpage, it time-outs
<FuriousRage> use an anonymous proxy then it should work
<abcdef> I told my brother who lives in the uk to set up a proxy on his
machine
<abcdef> I can access his webpages (apache)
<abcdef> but nomatter what port he sets, it doesnt work
<abcdef> what could the ISP have done?
<abcdef> and that's the reason why tor does not work in Iran
<abcdef> the whole idea behind tor was so stupid it's unbelievable
<abcdef> by unbelievable i mean UNNNbelievable
<Bludapoto> In what way abcdef?
<Bludapoto> I mean, it's just an automatic proxy chain for socks traffic
<abcdef> it uses proxy to connect, uses certain routers which are
blocked by all filtering products
<FuriousRage> abcdef: i belive you can use *any* port for tor
<abcdef> it could have been a distributed net like freenet
<FuriousRage> try use port 80 and see if it works
<abcdef> already tried that
<FuriousRage> abcdef: ask in #tor they should have more indept knowledge
<abcdef> for tor and other proxies
<abcdef> on my bro's machine in the uk
<Bludapoto> abcdef, TOR is distributed. You can run your node as an
accessor, or as a router
<abcdef> hmmm
<abcdef> thanks for info Bludapoto
<Bludapoto> welcome - but definitely check in #tor
<Bludapoto> They've also got a TON of docs online, very helpful overall.
Tor's kind of .. small, anyway.
<abcdef> I'm jest a little frustrated by this fuckin' taliban censorship
<FuriousRage> abcdef: cant you just use an anonymous http proxy?
<Bludapoto> By which I mean the Tor community/userbase. Hidden Services
are usually slower than freenet, and it's pretty much just a bunch of
people celebrating the fact that they're circumventing. It got kind of
boring after a few days.
<Caco_Patane> put you eforts on freenet in order to transform that
frustration into happiness, proud and joy =D
<abcdef> like cgi-proxy?
<abcdef> I cannot use any proxy set on the user agent
<abcdef> no matter socks,SSL, regular anything
<FuriousRage> you should be able to set an http proxy in your browser
<abcdef> I know they used to work up until 2004
<FuriousRage> Bludapoto: i got fed up with tor over irc, keep d/c me,
now i got hold of an oper here to set me an cloak
<Caco_Patane> what about a SSH tunnel, do you have any server outside?
<abcdef> but the ministry of IT which is the exclusive ICP, found a way
to prevent browsers from using proxies
<Bludapoto> Furious: nice
<FuriousRage> abcdef: they can tprevent your browser to use proxy on
your computer unless you install some software they provide to fuck you
your box
<abcdef> nah, they have blocked proxy access on their fuckin' servers
<FuriousRage> abcdef: althought, if you got a friend outside iran, and
he got an 24/7 computer using linux(most likly) you could ask him to
give you an anonymous proxy acces of somesort, like http tunneling, or
over vpn or something
<abcdef> my bro's IP was not blocked, I could view his webpages (he uses
apache) , but couldn't
<abcdef> use his proxy
<abcdef> VPN works
<FuriousRage> abcdef: there's many ways to tunnel http traffic afaik,
just cant get many to mind atm ;>
<sich> then you need to connect with vpn outside iran, and then use some
proxy inside the vpn
<Bludapoto> Furious: Thanks for the help.
<sich> but you need to find someone who give you access on is proxy
<FuriousRage> np
<FuriousRage> sich: there is tons of free working 100%(?) anonymous
proxies, i have used many sometimes ;>
<abcdef> well, I want all those stupid fuckin' muslims be able to
<abcdef> bypass censorship
<abcdef> not everybody has a friend/family overseas
<sich> FuriousRage: yes, but apparently he can't connect to any proxy
<abcdef> and proxy and tor work neither
<abcdef> that's why I say the idea behind tor was stupid
<FuriousRage> sich: not directly, but thru someones other box he should
be since vpn works..
<abcdef> coz it's based on socks
<sich> yes, exact, but the problem is not to be anonymous, but to bypass
control
<sich> then there is no need to use anonymous proxy
<abcdef> the anonimity is not an issue here
<abcdef> (Iran)
<FuriousRage> could tunnel the http traffic over ssh afaik too
<abcdef> the only accessible websites are piles upon piles of islamic
shit
<abcdef> all free hosts are blocked
<abcdef> most blogspot blogs are blocked
<abcdef> geocities got blocked in 2004
<sich> they block http traffic but not irc ?
<abcdef> not yet
<abcdef> the other side of the problem is that there are thousands of
free american hosts out there
<FuriousRage> tunnel http traffic over ssh on port 80 or 8080, should
work perhaps
<sich> on my opinion the only real way to bypass all this problems, is
to find some friends
<sich> and use vpn + proxy
<abcdef> but one can't register and upload phProxy coz they block IPs
from Iran and North Korea due to stupid US sanctions
<sich> hum, yes....
<sich> I see that usa law are stupid, like in France
<abcdef> and the next day, u see Pres. George Bush (whom I thank for
freeing Afghans) in TV
<abcdef> talking about funding anonimizer web-based proxy servers
<abcdef> for offering free access to Iranian IPs
<abcdef> what a moron!
<FuriousRage> you can say that again ;>
<Caco_Patane> abcdef have your tried freenet? you were able to connect
to somebody?
<abcdef> yeah
<abcdef> freenet (still) works but I'm looking for a network like #tor
<abcdef> I got no problem bypassing censorship myself
<abcdef> I need to find a dummy-friendly to offer to Iranians
<sich> it's not eays, you need to trust him, and he need to trust you to
<sich> brb
<abcdef> well, I don't trust nobody on freenet
<abcdef> but I exchange my ref key with them
<abcdef> I'm not talking about anonimity, no Iranian authority can
question you why u viewed a website full of Muhammad cartoons
<abcdef> they have arrested many content creators though
<nextgens> abcdef: they are probably fingerprinting/blocking proxying
protocols
<nextgens> the solution is to access proxies not using them
<nextgens> or through ssl connections
<abcdef> any info on these fingerprinting techniques?
<abcdef> I mean any possible technique for blocking proxy use?
<nextgens> it's trivial
<FuriousRage> some/many propxies screams loud and clear that they are
proxies afaik
<nextgens> you detect the session bytes of proxied connections
<abcdef> i c
<nextgens> and you send a RST at both ends
<nextgens> "trivial" :p
<abcdef> I need book titles any suggestions
<nextgens> FuriousRage: it's not a blacklist
<abcdef> I'm sorry I'm so dumb I'm wasting your time
<nextgens> it's dataflow analysis
<abcdef> packet analyzing right?
<nextgens> yes
<nextgens> try using SSH if you have a trusted hop "outsite"
<nextgens> abcdef: ssh -D <port>
<abcdef> ok i'll give it a try
<abcdef> thanks
<nextgens> and configure your browsert to listen on the socks address
localhost:<port>
<nextgens> it will work
<abcdef> damn
<abcdef> http://java.sun.com/javase/downloads/index.jsp blocks Iranians
IPs
<abcdef> does the Java license permit me to mirror it?
<abcdef> java.sun.com says: Export Denied blah blah blah Iran, North
Korea blah blah
<abcdef> that's why I wanna rewrite the whole java code in c
<abcdef> nevermind bye
-- 
Matthew J Toseland - toad at amphibian.dyndns.org
Freenet Project Official Codemonkey - http://freenetproject.org/
ICTHUS - Nothing is impossible. Our Boss says so.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://emu.freenetproject.org/pipermail/chat/attachments/20060705/01672a90/attachment.pgp 

From magetoo at fastmail.fm  Fri Jul 14 22:14:43 2006
From: magetoo at fastmail.fm (Magnus Eriksson)
Date: Sat, 15 Jul 2006 00:14:43 +0200 (CEST)
Subject: [freenet-chat] Skype cracked
Message-ID: <Pine.NEB.4.62.0607150006510.761@simak>


I thought this might be interesting:


Chinese Company: Skype Protocol Cracked
http://www.cio.com/blog_view.html?CID=22974

  "The 10-person Chinese company, which has received venture capital 
funding, is planning to release in two weeks three software components 
based on the Skype protocol that would allow developers to create 
compatible applications ..."

  "By cracking the Skype protocol, the company claims it can also block 
Skype voice traffic ..."


Original source:

Skype Protocol Has Been Cracked
http://www.voipwiki.com/blog/?p=16


So..

  "Software components that would allow developers to create compatible 
applications"

Fantastic!  So we have great stego for Freenet.  And it might even be 
possible to bounce traffic off Skype nodes (or, Freenet nodes using that 
"component").

But...

  "the company claims it can also block Skype voice traffic"

We're screwed.  :-)


   But I suppose it might be useful.  Another option, if nothing else.  And 
maybe I even can have a client that doesn't automatically report my whole 
social network to an easily subpoenaed server.


MAgnus



From nextgens at freenetproject.org  Fri Jul 14 22:18:36 2006
From: nextgens at freenetproject.org (Florent =?iso-8859-1?Q?Daigni=E8re_=28NextGen$=29?=)
Date: Sat, 15 Jul 2006 00:18:36 +0200
Subject: [freenet-chat] Skype cracked
In-Reply-To: <Pine.NEB.4.62.0607150006510.761@simak>
References: <Pine.NEB.4.62.0607150006510.761@simak>
Message-ID: <20060714221831.GB8573@freenetproject.org>

* Magnus Eriksson <magetoo at fastmail.fm> [2006-07-15 00:14:43]:

> 
> I thought this might be interesting:
> 
> 
> Chinese Company: Skype Protocol Cracked
> http://www.cio.com/blog_view.html?CID=22974
> 
>  "The 10-person Chinese company, which has received venture capital 
> funding, is planning to release in two weeks three software components 
> based on the Skype protocol that would allow developers to create 
> compatible applications ..."

Until the protocol changes ;)

NextGen$


From toad at amphibian.dyndns.org  Fri Jul 14 22:19:32 2006
From: toad at amphibian.dyndns.org (Matthew Toseland)
Date: Fri, 14 Jul 2006 23:19:32 +0100
Subject: [freenet-chat] Skype cracked
In-Reply-To: <Pine.NEB.4.62.0607150006510.761@simak>
References: <Pine.NEB.4.62.0607150006510.761@simak>
Message-ID: <20060714221932.GA7515@amphibian.dyndns.org>

Surely it is patented, and therefore cannot be used in western
countries...?

On Sat, Jul 15, 2006 at 12:14:43AM +0200, Magnus Eriksson wrote:
> 
> I thought this might be interesting:
> 
> 
> Chinese Company: Skype Protocol Cracked
> http://www.cio.com/blog_view.html?CID=22974
> 
>  "The 10-person Chinese company, which has received venture capital 
> funding, is planning to release in two weeks three software components 
> based on the Skype protocol that would allow developers to create 
> compatible applications ..."
> 
>  "By cracking the Skype protocol, the company claims it can also block 
> Skype voice traffic ..."
> 
> 
> Original source:
> 
> Skype Protocol Has Been Cracked
> http://www.voipwiki.com/blog/?p=16
> 
> 
> So..
> 
>  "Software components that would allow developers to create compatible 
> applications"
> 
> Fantastic!  So we have great stego for Freenet.  And it might even be 
> possible to bounce traffic off Skype nodes (or, Freenet nodes using that 
> "component").
> 
> But...
> 
>  "the company claims it can also block Skype voice traffic"
> 
> We're screwed.  :-)
> 
> 
>   But I suppose it might be useful.  Another option, if nothing else.  And 
> maybe I even can have a client that doesn't automatically report my whole 
> social network to an easily subpoenaed server.
> 
> 
> MAgnus
> 
> _______________________________________________
> chat mailing list
> chat at freenetproject.org
> Archived: http://news.gmane.org/gmane.network.freenet.general
> Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/chat
> Or mailto:chat-request at freenetproject.org?subject=unsubscribe
> 

-- 
Matthew J Toseland - toad at amphibian.dyndns.org
Freenet Project Official Codemonkey - http://freenetproject.org/
ICTHUS - Nothing is impossible. Our Boss says so.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://emu.freenetproject.org/pipermail/chat/attachments/20060714/be774fae/attachment.pgp 

From toad at amphibian.dyndns.org  Fri Jul 14 22:20:06 2006
From: toad at amphibian.dyndns.org (Matthew Toseland)
Date: Fri, 14 Jul 2006 23:20:06 +0100
Subject: [freenet-chat] Skype cracked
In-Reply-To: <Pine.NEB.4.62.0607150006510.761@simak>
References: <Pine.NEB.4.62.0607150006510.761@simak>
Message-ID: <20060714222006.GB7515@amphibian.dyndns.org>

Is there any evidence of reasonable crypto in skype? I have heard that
it is encrypted, but no other VOIP is...?

On Sat, Jul 15, 2006 at 12:14:43AM +0200, Magnus Eriksson wrote:
> 
> I thought this might be interesting:
> 
> 
> Chinese Company: Skype Protocol Cracked
> http://www.cio.com/blog_view.html?CID=22974
> 
>  "The 10-person Chinese company, which has received venture capital 
> funding, is planning to release in two weeks three software components 
> based on the Skype protocol that would allow developers to create 
> compatible applications ..."
> 
>  "By cracking the Skype protocol, the company claims it can also block 
> Skype voice traffic ..."
> 
> 
> Original source:
> 
> Skype Protocol Has Been Cracked
> http://www.voipwiki.com/blog/?p=16
> 
> 
> So..
> 
>  "Software components that would allow developers to create compatible 
> applications"
> 
> Fantastic!  So we have great stego for Freenet.  And it might even be 
> possible to bounce traffic off Skype nodes (or, Freenet nodes using that 
> "component").
> 
> But...
> 
>  "the company claims it can also block Skype voice traffic"
> 
> We're screwed.  :-)
> 
> 
>   But I suppose it might be useful.  Another option, if nothing else.  And 
> maybe I even can have a client that doesn't automatically report my whole 
> social network to an easily subpoenaed server.
> 
> 
> MAgnus
> 
> _______________________________________________
> chat mailing list
> chat at freenetproject.org
> Archived: http://news.gmane.org/gmane.network.freenet.general
> Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/chat
> Or mailto:chat-request at freenetproject.org?subject=unsubscribe
> 

-- 
Matthew J Toseland - toad at amphibian.dyndns.org
Freenet Project Official Codemonkey - http://freenetproject.org/
ICTHUS - Nothing is impossible. Our Boss says so.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://emu.freenetproject.org/pipermail/chat/attachments/20060714/8ddac584/attachment.pgp 

From cacopatane at gmail.com  Fri Jul 14 22:27:25 2006
From: cacopatane at gmail.com (Caco Patane)
Date: Fri, 14 Jul 2006 19:27:25 -0300
Subject: [freenet-chat] Skype cracked
In-Reply-To: <20060714222006.GB7515@amphibian.dyndns.org>
References: <Pine.NEB.4.62.0607150006510.761@simak>
	<20060714222006.GB7515@amphibian.dyndns.org>
Message-ID: <b9160f500607141527j29bb6bfdxb60861ee7752cd89@mail.gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 7/14/06, Matthew Toseland <toad at amphibian.dyndns.org> wrote:
> Is there any evidence of reasonable crypto in skype? I have heard that
> it is encrypted, but no other VOIP is...?

http://www.philzimmermann.com/EN/zfone/zfone.html

Saludos,
Caco_Patane <!>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEuBo5HFYiWTwv8Y4RAsQbAJ0cX0CHGYKhcIpMN5C9UvJViythFgCdGT/N
o2R3PFO4Juq8chn85AyAvKI=
=RKT1
-----END PGP SIGNATURE-----


From toad at amphibian.dyndns.org  Fri Jul 14 22:28:13 2006
From: toad at amphibian.dyndns.org (Matthew Toseland)
Date: Fri, 14 Jul 2006 23:28:13 +0100
Subject: [freenet-chat] Skype cracked
In-Reply-To: <b9160f500607141527j29bb6bfdxb60861ee7752cd89@mail.gmail.com>
References: <Pine.NEB.4.62.0607150006510.761@simak>
	<20060714222006.GB7515@amphibian.dyndns.org>
	<b9160f500607141527j29bb6bfdxb60861ee7752cd89@mail.gmail.com>
Message-ID: <20060714222813.GA21975@amphibian.dyndns.org>

On Fri, Jul 14, 2006 at 07:27:25PM -0300, Caco Patane wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On 7/14/06, Matthew Toseland <toad at amphibian.dyndns.org> wrote:
> >Is there any evidence of reasonable crypto in skype? I have heard that
> >it is encrypted, but no other VOIP is...?

I mean no other widely deployed or standards compliant VOIP. :) SIP
isn't.
> 
> http://www.philzimmermann.com/EN/zfone/zfone.html
> 
> Saludos,
> Caco_Patane <!>
-- 
Matthew J Toseland - toad at amphibian.dyndns.org
Freenet Project Official Codemonkey - http://freenetproject.org/
ICTHUS - Nothing is impossible. Our Boss says so.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://emu.freenetproject.org/pipermail/chat/attachments/20060714/61378bac/attachment.pgp 

From ian at revver.com  Fri Jul 14 22:50:30 2006
From: ian at revver.com (Ian Clarke)
Date: Fri, 14 Jul 2006 15:50:30 -0700
Subject: [freenet-chat] Skype cracked
In-Reply-To: <20060714222006.GB7515@amphibian.dyndns.org>
References: <Pine.NEB.4.62.0607150006510.761@simak>
	<20060714222006.GB7515@amphibian.dyndns.org>
Message-ID: <4AE27976-67F1-4435-92A2-D8048DC7CD5E@revver.com>

http://www.skype.com/security/files/2005-031%20security%20evaluation.pdf

On 14 Jul 2006, at 15:20, Matthew Toseland wrote:

> Is there any evidence of reasonable crypto in skype? I have heard that
> it is encrypted, but no other VOIP is...?
>
> On Sat, Jul 15, 2006 at 12:14:43AM +0200, Magnus Eriksson wrote:
>>
>> I thought this might be interesting:
>>
>>
>> Chinese Company: Skype Protocol Cracked
>> http://www.cio.com/blog_view.html?CID=22974
>>
>>  "The 10-person Chinese company, which has received venture capital
>> funding, is planning to release in two weeks three software  
>> components
>> based on the Skype protocol that would allow developers to create
>> compatible applications ..."
>>
>>  "By cracking the Skype protocol, the company claims it can also  
>> block
>> Skype voice traffic ..."
>>
>>
>> Original source:
>>
>> Skype Protocol Has Been Cracked
>> http://www.voipwiki.com/blog/?p=16
>>
>>
>> So..
>>
>>  "Software components that would allow developers to create  
>> compatible
>> applications"
>>
>> Fantastic!  So we have great stego for Freenet.  And it might even be
>> possible to bounce traffic off Skype nodes (or, Freenet nodes  
>> using that
>> "component").
>>
>> But...
>>
>>  "the company claims it can also block Skype voice traffic"
>>
>> We're screwed.  :-)
>>
>>
>>   But I suppose it might be useful.  Another option, if nothing  
>> else.  And
>> maybe I even can have a client that doesn't automatically report  
>> my whole
>> social network to an easily subpoenaed server.
>>
>>
>> MAgnus
>>
>> _______________________________________________
>> chat mailing list
>> chat at freenetproject.org
>> Archived: http://news.gmane.org/gmane.network.freenet.general
>> Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/ 
>> listinfo/chat
>> Or mailto:chat-request at freenetproject.org?subject=unsubscribe
>>
>
> -- 
> Matthew J Toseland - toad at amphibian.dyndns.org
> Freenet Project Official Codemonkey - http://freenetproject.org/
> ICTHUS - Nothing is impossible. Our Boss says so.
> _______________________________________________
> chat mailing list
> chat at freenetproject.org
> Archived: http://news.gmane.org/gmane.network.freenet.general
> Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/ 
> listinfo/chat
> Or mailto:chat-request at freenetproject.org?subject=unsubscribe

Ian Clarke: Co-Founder & Chief Scientist Revver, Inc.
contact | ian at revver.com - 323.871.2828 | personal blog - http:// 
locut.us/blog

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://emu.freenetproject.org/pipermail/chat/attachments/20060714/655c9021/attachment.htm 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 188 bytes
Desc: This is a digitally signed message part
Url : http://emu.freenetproject.org/pipermail/chat/attachments/20060714/655c9021/attachment.pgp 

From magetoo at fastmail.fm  Sat Jul 15 11:24:08 2006
From: magetoo at fastmail.fm (Magnus Eriksson)
Date: Sat, 15 Jul 2006 13:24:08 +0200 (CEST)
Subject: [freenet-chat] Skype cracked
In-Reply-To: <20060714221831.GB8573@freenetproject.org>
References: <Pine.NEB.4.62.0607150006510.761@simak>
	<20060714221831.GB8573@freenetproject.org>
Message-ID: <Pine.NEB.4.62.0607151320100.761@simak>

On Sat, 15 Jul 2006, Florent Daigni?re (NextGen$) wrote:

>>  "The 10-person Chinese company, which has received venture capital
>> funding, is planning to release in two weeks three software components
>> based on the Skype protocol that would allow developers to create
>> compatible applications ..."

> Until the protocol changes ;)

   But they're not in alpha, so they can't break backwards compatibility 
just like that.  ;-)


MAgnus

From magetoo at fastmail.fm  Sat Jul 15 11:27:30 2006
From: magetoo at fastmail.fm (Magnus Eriksson)
Date: Sat, 15 Jul 2006 13:27:30 +0200 (CEST)
Subject: [freenet-chat] Skype cracked
In-Reply-To: <20060714221932.GA7515@amphibian.dyndns.org>
References: <Pine.NEB.4.62.0607150006510.761@simak>
	<20060714221932.GA7515@amphibian.dyndns.org>
Message-ID: <Pine.NEB.4.62.0607151324340.761@simak>

On Fri, 14 Jul 2006, Matthew Toseland wrote:

> Surely it is patented, and therefore cannot be used in western
> countries...?

   There is one mention of patents in the voipwiki.com blog: "They reverse 
engineered a protocol that was not protected by patent".

   Whether that means "not at all" or "not in China" I don't know.  I don't 
recall seeing anyone of the posters at Slashdot clearly saying it was 
patented either.


MAgnus



From nextgens at freenetproject.org  Sat Jul 15 14:47:22 2006
From: nextgens at freenetproject.org (Florent =?iso-8859-1?Q?Daigni=E8re_=28NextGen$=29?=)
Date: Sat, 15 Jul 2006 16:47:22 +0200
Subject: [freenet-chat] Skype cracked
In-Reply-To: <20060714222006.GB7515@amphibian.dyndns.org>
References: <Pine.NEB.4.62.0607150006510.761@simak>
	<20060714222006.GB7515@amphibian.dyndns.org>
Message-ID: <20060715144722.GB5514@freenetproject.org>

* Matthew Toseland <toad at amphibian.dyndns.org> [2006-07-14 23:20:06]:

> Is there any evidence of reasonable crypto in skype? I have heard that
> it is encrypted, but no other VOIP is...?
> 

I've found some interresting slides about it :
http://actes.sstic.org/SSTIC06/Castle_in_the_Skype/SSTIC06-Desclaux-Castle_in_the_Skype.pdf
http://actes.sstic.org/SSTIC06/Castle_in_the_Skype/SSTIC06-article-Desclaux-Castle_in_the_Skype.pdf

they are less than a month old ... in french, sorry.

To sum up, it shows that skype is using many tricks to harden the
reverse-engeenering process... I don't like security by obscurity :p

NextGen$

> On Sat, Jul 15, 2006 at 12:14:43AM +0200, Magnus Eriksson wrote:
> > 
> > I thought this might be interesting:
> > 
> > 
> > Chinese Company: Skype Protocol Cracked
> > http://www.cio.com/blog_view.html?CID=22974
> > 
> >  "The 10-person Chinese company, which has received venture capital 
> > funding, is planning to release in two weeks three software components 
> > based on the Skype protocol that would allow developers to create 
> > compatible applications ..."
> > 
> >  "By cracking the Skype protocol, the company claims it can also block 
> > Skype voice traffic ..."
> > 
> > 
> > Original source:
> > 
> > Skype Protocol Has Been Cracked
> > http://www.voipwiki.com/blog/?p=16
> > 
> > 
> > So..
> > 
> >  "Software components that would allow developers to create compatible 
> > applications"
> > 
> > Fantastic!  So we have great stego for Freenet.  And it might even be 
> > possible to bounce traffic off Skype nodes (or, Freenet nodes using that 
> > "component").
> > 
> > But...
> > 
> >  "the company claims it can also block Skype voice traffic"
> > 
> > We're screwed.  :-)
> > 
> > 
> >   But I suppose it might be useful.  Another option, if nothing else.  And 
> > maybe I even can have a client that doesn't automatically report my whole 
> > social network to an easily subpoenaed server.
> > 
> > 
> > MAgnus
> > 
> > _______________________________________________
> > chat mailing list
> > chat at freenetproject.org
> > Archived: http://news.gmane.org/gmane.network.freenet.general
> > Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/chat
> > Or mailto:chat-request at freenetproject.org?subject=unsubscribe
> > 
> 
> -- 
> Matthew J Toseland - toad at amphibian.dyndns.org
> Freenet Project Official Codemonkey - http://freenetproject.org/
> ICTHUS - Nothing is impossible. Our Boss says so.



> _______________________________________________
> chat mailing list
> chat at freenetproject.org
> Archived: http://news.gmane.org/gmane.network.freenet.general
> Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/chat
> Or mailto:chat-request at freenetproject.org?subject=unsubscribe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://emu.freenetproject.org/pipermail/chat/attachments/20060715/ae2e9549/attachment.pgp 

From droden at gmail.com  Sun Jul 16 06:20:53 2006
From: droden at gmail.com (David 'Bombe' Roden)
Date: Sun, 16 Jul 2006 08:20:53 +0200
Subject: [freenet-chat] Skype cracked
In-Reply-To: <Pine.NEB.4.62.0607151320100.761@simak>
References: <Pine.NEB.4.62.0607150006510.761@simak>
	<20060714221831.GB8573@freenetproject.org>
	<Pine.NEB.4.62.0607151320100.761@simak>
Message-ID: <200607160820.58298.droden@gmail.com>

On Saturday 15 July 2006 13:24, Magnus Eriksson wrote:

> > Until the protocol changes ;)
>    But they're not in alpha, so they can't break backwards
> compatibility just like that.  ;-)

Sure they can. AOL does it all the time (with ICQ).


> MAgnus

	David
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: not available
Url : http://emu.freenetproject.org/pipermail/chat/attachments/20060716/4e797ffd/attachment.pgp 

From magetoo at fastmail.fm  Sun Jul 16 09:57:59 2006
From: magetoo at fastmail.fm (Magnus Eriksson)
Date: Sun, 16 Jul 2006 11:57:59 +0200 (CEST)
Subject: [freenet-chat] Skype cracked
In-Reply-To: <200607160820.58298.droden@gmail.com>
References: <Pine.NEB.4.62.0607150006510.761@simak>
	<20060714221831.GB8573@freenetproject.org>
	<Pine.NEB.4.62.0607151320100.761@simak>
	<200607160820.58298.droden@gmail.com>
Message-ID: <Pine.NEB.4.62.0607161151270.761@simak>

On Sun, 16 Jul 2006, David 'Bombe' Roden wrote:

> On Saturday 15 July 2006 13:24, Magnus Eriksson wrote:
>
>>> Until the protocol changes ;)
>>    But they're not in alpha, so they can't break backwards
>> compatibility just like that.  ;-)

> Sure they can. AOL does it all the time (with ICQ).


   It was a sort-of humorous reference to Nexgens reply to me about 
mandatory upgrades..

   That being said, I doubt they do it by posting "you must upgrade to 
build $foo within 24h", several times a week.


  (I thought AOL did AIM?  Shows how well I keep up with "that stuff..)


MAgnus



From jflesch at nerim.net  Mon Jul 17 15:59:15 2006
From: jflesch at nerim.net (Jerome Flesch)
Date: Mon, 17 Jul 2006 17:59:15 +0200
Subject: [freenet-chat] Thaw: A Fuqid replacement
Message-ID: <200607171759.16368.jflesch@nerim.net>

Hello,

As some of you already know it, I'm currently working on Thaw. So what is 
Thaw? Thaw is a program aiming to become, in a first step, a good Fuqid 
replacement, and in a second step, a program helping users to make their own 
file indexation, share these indexes, and search quickly in these indexes 
(later reinsertions-on-demand and various things like this will probably be 
added).

Currently, Thaw seems to have reached the first step: It is now perfectly 
useable to download and insert files on Freenet. That's why today, I announce 
its first public availability. 

You can find Thaw here:
CHK at IP3lCht4EIWGRHOIzfNxxO~cshKphRtWdKT1eeo8mHE,CBPh79bHPGgntj3zSV2zjFu1bkMZfq38hh5P~~ooXLI,AAEC--8/Thaw-0.1-beta.jar

But if you want the latest improvements, Thaw snapshots are available here:
http://downloads.freenetproject.org/alpha/Thaw/
(The file is always called Thaw.jar, but is updated after each new 
improvement) 

You can report possible bugs here:
https://bugs.freenetproject.org/

The mailing-list where you will be able to see all new improvements and 
discuss of possible new ones:
http://emu.freenetproject.org/cgi-bin/mailman/listinfo/thaw

A Frost board is available: "thaw"

To avoid the usual questions, here are some details:
- Thaw is written in Java / Swing, so you will need at least a jre 1.4
- Thaw uses persistent requests: When you start a request (insertion / 
download), it's the node which manages it. So if you close Thaw, the request 
will continue to run on the node.
- Thaw is designed to work on another computer than the node. So even if they 
are working on the same computer, Thaw will transfer files to/from the node 
as if they would be distant.
( https://bugs.freenetproject.org/view.php?id=562 )
- Thaw will create a configuration file. This file is stored where Thaw is 
runned (it allows multiple installations if needed).
- Thaw is the legal property of the Freenet Project.

To conclude, thanks to Toad, Nextgens, Bback, Sanity, Usurp, ET (Frost), and 
all the people who helped me :) (sorry if I've omitted some people)

-- 
Jerome Flesch.


From alejandro at mosteo.com  Tue Jul 18 01:30:25 2006
From: alejandro at mosteo.com (Jano)
Date: Tue, 18 Jul 2006 03:30:25 +0200
Subject: [freenet-chat] Re: Skype cracked
References: <Pine.NEB.4.62.0607150006510.761@simak>
	<20060714221932.GA7515@amphibian.dyndns.org>
	<Pine.NEB.4.62.0607151324340.761@simak>
Message-ID: <e9hdjh$pla$1@sea.gmane.org>

Magnus Eriksson wrote:

> On Fri, 14 Jul 2006, Matthew Toseland wrote:
> 
>> Surely it is patented, and therefore cannot be used in western
>> countries...?
> 
>    There is one mention of patents in the voipwiki.com blog: "They reverse
> engineered a protocol that was not protected by patent".
> 
>    Whether that means "not at all" or "not in China" I don't know.  I
>    don't
> recall seeing anyone of the posters at Slashdot clearly saying it was
> patented either.

I read there that you can't patent a protocol without revealing it -- hence
you wouldn't need to reverse engineer it ;)



From RKent20551 at cs.com  Fri Jul 21 13:07:25 2006
From: RKent20551 at cs.com (RKent20551 at cs.com)
Date: Fri, 21 Jul 2006 09:07:25 EDT
Subject: [freenet-chat] Internet Censorship in Cuba
Message-ID: <53b.53df3e00.31f22b8d@cs.com>

Access to the World Wide Web is restricted in Cuba, and Internet surfing is 
only permitted for dollar-paying foreign tourists and a few Cubans considered 
trustworthy by the government. It is also illegal for Cubans to own a computer 
without a government license.

One explanation given for this situation by the Cuban government is that the 
U.S. refuses to allow Cuba access to fiber optic cables, and that Cuba must 
resort to expensive satellite links to access the World Wide Web.

Can anyone give advice as to the accuracy of this argument? For example, are 
there alternative points of access to fiber optic cables for Cuba, and how 
much more expensive are fiber optic cable links as opposed to satellite links?

Advice would be appreciated.

Thank you,

Robert Kent 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://emu.freenetproject.org/pipermail/chat/attachments/20060721/948ba647/attachment.htm 

From toad at amphibian.dyndns.org  Fri Jul 28 01:54:48 2006
From: toad at amphibian.dyndns.org (Matthew Toseland)
Date: Fri, 28 Jul 2006 02:54:48 +0100
Subject: [freenet-chat] Several items of news
Message-ID: <20060728015448.GA30681@amphibian.dyndns.org>

http://yro.slashdot.org/yro/06/07/27/1315203.shtml

In no way does my posting this link mean that my employer endorses illegal
sharing of music or other copyrighted materials.
(Okay, I'm a little paranoid. Read below for why!)

Oh and the DADVSI has passed its constitutional challenge, and is now
even worse. But it's all in French so nobody has noticed! (In particular
/. hasn't noticed). Accurate translations and analysis, in English,
especially of the differences between the EUCD's strict requirements and
the DADVSI's implementation, and of the precise wording/meaning of the
Vivendi amendment, would be appreciated:
http://maitre.eolas.free.fr/journal/index.php?2006/07/27/408-loi-dadvsi-le-conseil-constitutionnel-a-rendu-sa-decision
http://linuxfr.org/journal/
The distribution of "software obviously intended for the unauthorized
provision to the public of protected works or content" would be
criminalized, according to the babelfished first page. This might
include Freenet; see http://freenetproject.org/index.php?page=philosophy
Nextgens is of the view that it would include all P2P software that
doesn't enforce strong DRM.

Finally, the FFII (the group which fought the software patents campaign
in Europe, including many of the world's largest IT litigation
companies, to a standstill last year) is up to its eyeballs right now.
There is a big push for the EPLA, which would both legalize software
patents and make it easier to enforce them, and might not require
approval from the European Parliament. For the uninitiate, software
patents are patents on often trivial techniques used in computer
software; they are generally only of value to large corporations who can
afford vast numbers of them and thus force cross-licensing, or to patent
parasites who don't ship any code. In particular, they present a major
threat to open source software, since we cannot pay royalties. Freenet
is open source. Arguing "we can hide behind IBM" is dubious, as IBM has
been pushing for software patents, and filing them, for a long time.

Apart from that, the IPRED2 rolls on; the IPRED2 makes the "intentional"
(this word may be meaningless) infringement of intellectual property "on
a commercial scale" (this may not mean much either), or attempting,
aiding, abetting, or inciting such infringement, a criminal offence
punishable by a wide range of sanctions including prison time. This would
very likely make it illegal to distribute Freenet in France, and it
might have wider effects; the FFII argues that it is impossible to avoid
infringing on software patents if you write software, and therefore that
all software devs who don't work for megacorps would be criminalized.
Open source would again probably be hardest hit. FIPR argues that it
would probably result in ISPs blocking sites alleged to infringe
intellectual property as well as child porn sites, and if it was
interpreted this widely then IMHO it could very well lead to mandatory
TCPA as well.

http://www.ffii.org/
http://www.fipr.org/copyright/ipred2.html
-- 
Matthew J Toseland - toad at amphibian.dyndns.org
Freenet Project Official Codemonkey - http://freenetproject.org/
ICTHUS - Nothing is impossible. Our Boss says so.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://emu.freenetproject.org/pipermail/chat/attachments/20060728/0d8a56f5/attachment.pgp 

From dhamo_t at yahoo.co.in  Mon Jul 31 17:13:40 2006
From: dhamo_t at yahoo.co.in (dam dar)
Date: Mon, 31 Jul 2006 18:13:40 +0100 (BST)
Subject: [freenet-chat] (no subject)
Message-ID: <20060731171340.87453.qmail@web8408.mail.in.yahoo.com>

hi
   



 				
---------------------------------
 Here?s a new way to find what you're looking for - Yahoo! Answers 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://emu.freenetproject.org/pipermail/chat/attachments/20060731/4d0a73eb/attachment.htm