Technology – Page 76 – A Geek With Guns

Using a Raspberry Pi as a Tor Relay

I’ve been discussing Tor more frequently because I foresee a day when laws such as the Cyber Intelligence Sharing and Protection Act (CISPA) force everybody wanting to communicate online anonymously to seek shelter in fully encrypted and anonymized networks. In addition the that Internet related laws are slowing making it so only people who receive a stamp of approval from state regulators will be allowed to legally post material online. In fact the United States government has already used its influence to take down websites it found undesirable and there is no reason to believe such actions won’t continue.

Many people are turned off by Tor because it is relatively slow. The Tor network’s bandwidth relies on relay nodes, which all traffic is transmitted through. What is needed to speed up the Tor network are more fast relay nodes. To this end I’ve begun investigating the use of Raspberry Pis as Tor relay nodes. For those who are unfamiliar with the Raspberry Pi it is a credit card sized ARM-based Linux computer. Two models are available, a $25.00 model and a $35.00 model. As you can see the device is dirt cheap, based on a processor that Tor has been ported to, and, in the case of the $35.00 model, has a built-in Ethernet port. All of these features make for an ideal platform on which to run a Tor relay.

I ordered a $35.00 model Raspberry Pi (although I paid slightly more since they are in very short supply at the moment) Friday and received it Monday. After installing Rasbian, the Debian-based Linux distribution optimized for the Raspberry Pi, onto an SD card I had lying around I plugged my little device into my television and booted it up. Installing Tor on the device was easy, I just had to enter the command sudo apt-get install tor and wait for a minute or so (since the device uses an SD card for storage write operations can be kind of slow). After the short wait I had Tor up and running and merely had to edit the torrc file to enable it as a relay node, open port 9001 on my firewall, and restart the Tor service. My little relay now appears on the Tor Metrics Portal and has traffic routing through it. For now I’ve throttled the relay to use 1Mbps normally and allow 1.5Mbps burst speeds. I plan to increase the bandwidth bit by bit until the relay begins to interfere with my overall network speeds (I use my network for other services including serving this website and I don’t want the relay to interfere with those).

If this project pans out I believe it will offer an effective way to increase the overall bandwidth of the Tor network. I know several people who would like to run a Tor relay but lack the technical expertise to set one up. Having a cheap Tor relay appliance, which is possible by utilizing embedded platforms likes the Raspberry Pi, would give those people an option to help increase the network’s bandwidth and, by so doing, make the network more appealing. Someday, if the Tor network becomes fast enough, a bulk of Internet traffic could seek refuge from today’s tyrannical states in the encrypted and anonymized heaven it offers. Should that happen there is little states could do to censor people online.

I’ll close by saying that the future we live into today is amazing. You can now pick up a fully capable computer for $35.00. That is something I never expected to say just a few short years ago.

Bitcoin ATMs

The Free State Project held its annual Liberty Forum this weekend, which means that all sorts of subversive ideas were unveiled and shared. One of the ideas that I found very interesting was an Automated Teller Machine (ATM) that turns cash into Bitcoins:

Zach Harvey has an ambitious plan to accelerate adoption of the Internet’s favorite alternative currency: installing in thousands of bars, restaurants, and grocery stores ATMs that will let you buy Bitcoins anonymously.

It’s the opposite of a traditional automated teller that dispenses currency. Instead, these Bitcoin ATMs will accept dollar bills — using the same validation mechanism as vending machines — and instantly convert the amount to Bitcoins and deposit the result in your account.

I mentioned Bitcoin as a tool to fight the Cyber Intelligence Sharing and Protection Act (CISPA) since it allows individuals to make anonymous transactions and thus leave no trail for state agents to trace back to physical individuals. Avoiding having your financial information fall into government hands is very useful. If the state is unable to access your financial information they don’t know what to charge you for taxes and can’t bring criminal charges against you for buying goods it has labeled verboten. The one missing key in the Bitcoin puzzle is turning Federal Reserve notes into Bitcoins anonymously, which is what this ATM could make easier. At Bitcoin continues to gain traction it will be interesting to see what else develops around it.

North Korea Treats Foreigners Better than Its Own People

The government of North Korea has officially announced that foreign visitors will receive better treatment than the denizens damned to live there:

North Korea will soon allow foreigners to tweet, Skype and surf the Internet from their cellphones, iPads and other mobile devices in its second relaxation of controls on communications in recent weeks. However, North Korean citizens will not have access to the mobile Internet service to be offered by provider Koryolink within the next week.

This move actually makes a great deal of sense if you believe Kim Jong-un, or somebody else high up in the North Korean state, is attempting to get foreign investment in order to boost their absolutely abysmal economy. When a country is seeking foreign capital they must make their country as appealing and convenient as possible. I won’t be surprised if we hear about North Korean granting more privileges to visiting foreigners over the next few years.

Fighting CISPA

Remember the Cyber Intelligence Sharing and Protection Act (CISPA) that was introduced last year? Guess what, it’s back. For those of you who weren’t following CISPA the first time around it is a piece of legislation that would introduce exceptions into current privacy laws if those exceptions fell under the vague category of cyber security. Effectively it would render all privacy laws null and void as anything can be twisted into a cyber security threat. The Electronic Frontier Foundation (EFF) is urging people to contact Congress and demand that they vote against CISPA. Unfortunately such a strategy is, at the very best, temporary. The bill was shot down last year only to be reintroduce again this year and if it fails again it will almost certainly be reintroduced at a later date. Until the bill passes there will be a continuous cycle of the legislation getting voted down and reintroduced. This cycle will continue until the bill can be passed, likely as an amendment to a “must pass bill” (think the National Defense Authorization Act) or in a lame duck session on some Christmas Eve.

Fortunately there is good news, the tools to render CISPA entirely irrelevant already exist. Government spying powers become irrelevant if they can’t read acquired data or connect acquired data to real people. Making data unreadable is relatively easy to do using strong encryption tools. All major modern operating systems have built-in full drive encryption capabilities. Microsoft call their drive encryption technology BitLocker, Apple calls theirs FileVault 2, and Ubuntu has the same technology minus a fancy marketing term. When you fully encrypt your drive you make the data inaccessible to anybody who doesn’t have the proper decryption key. What if you don’t have a modern version of Windows, OS X, or Ubuntu? No problem, there’s a wonderful tool called TrueCrypt. TrueCrypt allows you to fully encryption a Microsoft Windows disk or creation encrypted volumes on Windows, OS X, and Linux. You can even use the tool to create a hidden encrypted volume that stores your secure information while keeping junk data in the regular encrypted volume. Doing this allows you to “decrypt” the volume to comply with state demands without having to decrypt your important information.

Encryption shouldn’t stop at your local system though. Every day you probably communicate with other people online and those communications are likely stored on third party servers or can be intercepted en route. There are tools that greatly reduce the risk of both problems. OpenPGP is an e-mail encryption tool that has been around for ages and is still a very effective tool to prevent prying eyes from reading your electronic correspondences. OpenPGP works by using asymmetric encryption. For OpenPGP to work there needs to be two keys, a public certificate and a private certificate. You distribute your public certificate to individuals you want to securely communicate with and, as the name implies, keep your private certificate private. E-mails encrypted with your private certificate can only be decrypted with your public certificate and vise versa. For instant messaging there is a tool called Off-the-Record Messaging (OTR). OTR works on top of currently existing instant messenger services so you can use it to communicate without having to convince all of your friends to switch services (I still have friends who refuse to move away from AOL Instant Messenger).

What about the second problem? How does one stop the state from connecting data to you? Simple, by anonymizing your data. The most popular tool for anonymizing data is Tor. Tor is an onion router, which is a not-so-fancy term for software that encrypts data at an entry point (in the case of Tor, your computer), bounces that encrypted data between multiple nodes on the network, and decrypts the data and sends it to its destination at an exit point. Unless you provide identifying information the exit node is unable to link the data it decrypts to its originator and none of the middle nodes are able to read the data or link it to its originator. Likewise, neither the exit point or intermittent nodes are able to link data that is returned from the receiver. In addition to anonymizing regular Internet traffic Tor allows an individual to run a hidden service. Hidden services only exist on the Tor network and all information communicated between a client and a hidden service is encrypted and bounced between multiple nodes in the network. This means communications between a hidden service and a client are hidden from outside sources and neither the hidden service or the client can identify one another (unless one submits identifying information to the other). If you need a demonstration of the effectiveness of hidden services take a look at Silk Road, a hidden service that allows individuals to sell illegal drugs. Silk Road is so effective that the Drug Enforcement Agency (DEA) has been unable to take it down.

Speaking of buying goods anonymously, let’s discuss payment systems. Silk Road and other “black” market hidden services generally rely on Bitcoin for transactions. Bitcoin is an electronic peer-to-peer currency that is both secure and relatively anonymous. Transactions are performed by sending Bitcoins to published public keys asymmetric encryption at your service, again). The public keys are anonymous unless the holder choose to reveal his identify or his identify is somehow compromised. Information between a sender and receiver of Bitcoins need only know the other person’s public key. Once again the effectiveness of Bitcoin can be demonstrated by the fact that the DEA has been unable to use Bitcoin transaction information to identify sellers on Silk Road.

There are many other tools out there, including I2P and Freenet, that can help denizens of the Internet render CISPA irrelevant. The state can’t do anything with information it can’t read or tie to a real person, which is why the United States has long held a policy prohibiting the export of strong cryptographic technology.

The More the State Pushes the More People Will Slip Away

The state continues to push but they fail to see that the more they push the more people will slip away. A bill has been introduced in the Illinois Senate that would require administrators of websites to remove anonymous comments upon demand:

A recently introduced bill in the Illinois state Senate would require anonymous website comment posters to reveal their identities if they want to keep their comments online.

The bill, called the Internet Posting Removal Act, is sponsored by Illinois state Sen. Ira Silverstein. It states that a “web site administrator upon request shall remove any comments posted on his or her web site by an anonymous poster unless the anonymous poster agrees to attach his or her name to the post and confirms that his or her IP address, legal name, and home address are accurate.”

Legislation like this will force more and more of the Internet to seek shelter in the unregulated safety of Tor hidden services. Personally I look forward to the day when a majority of websites are safety hidden inside of the Tor network as it will make censorship practically impossible.

DEFCAD for Your Firearm Related 3D Printing Needs

Late last year it was announced that design files for firearm related objects would no longer be allowed on Thingverse. This decision came after 3D printer designs for AR-15 lowers were posted. In response Defense Distributed has launched DEFCAD, a site to host 3D printer designs for firearm related items. As of this writing designs for a shotshell holder, an AR-15 pistol grip, an AR-15 lower, and many other items are available.

The best thing about the Internet is the fact that no information posted to it can ever be completely killed. Despite Thingverse’s attempt to censor firearm related 3D printer designs they are still available.

A Pet Peeve I Share in this App-Oriented Age

I love smartphones. Ever since I started carrying around a Palm Treo 700p I realized having access to the collected knowledge of humanity from a pocketable device was glorious. Back then the limited hardare of portable devices required the use of mobil optimized websites. Fortunately we’ve evolve from that point in time and now our smartphones are able to display full websites. Unfortunately we have another problem, every website on the planet seems to believe requiring users to download a special application is far better than allowing directe access to their website from a mobile device. They’re wrong. Applications have their places. Games, personal information management, and e-mail clients are useful to have installed on your phone but requiring the installation and use of an application to gain access to news articles is not a smart design decision.

Digitizing Books for Fun and Preservation

With the introduction of e-readers such as the Amazon Kindle and Barnes and Nobel Nook e-books have finally gained a foothold. In fact it’s been almost one and a half year since Amazon announced that they sold more e-books than hardcover books. It’s easy to see why e-books have taken off, it’s far more convenient to have every book you own on a single device instead of lugging around a handful of books wherever you go. Unfortunately there are some books that still aren’t in electronic format, many of which are very rare. For example, I have a copy of The Black Flag of Anarchy Corinne Jacker. It’s a very interesting title that covers anarchism in the United States but, as far as I can see, no electronic copy exists and no electronic copy is likely to be made. That is, at least, until I follow these instructions for building a do-it-yourself book scanners:

Daniel Reetz, founder of DIYBookScanner.org, had been making kits available for those looking to build their own device. Finding a need for a scanner himself, Reetz built his first book scanner from the trash he found from dumpster diving. He created an Instructable to share his experiences and discovered a diverse group of individuals who also had the need for a book scanner. The group ranged from a man from Indonesia hoping to preserve books from flood damage to a group of engineers looking for a new and interesting project to spark their interests. The DIY Book Scanner had modest beginnings, but over a period of two years it evolved into a movement of individuals using readily available resources to create solutions.

The article primarily discusses the trials and tribulations faced by the ArsTechnica writers who built one of the do-it-yourself scanners. It’s not easy but it is possible and the technology is guarantee to improve and become more accessible. Digitizing books is the most effective way to make rare titles available for everybody’s enjoyment and is currently the most effective way of preventing such titles from disappearing entirely. It is my hope that every piece of written literature will someday be available in electronic format.

A Proposal to Save the Australian Government Time and Money

I don’t claim myself to be a financial genius but I believe I can save the Australian government a lot of time and money:

Three American companies-Apple, Microsoft and Adobe-have been summoned by the Australian Parliament to explain why they charge higher prices Down Under than in other countries.

My proposal is to call of the hearing because I can provide the answer. The reason Apple, Microsoft, and Adobe charge what they charge is because those are the prices people are willing to pay. It’s as simple as that. If I manufacture a laptop, charge $2,000 for it, and enough people buy my laptop to turn me a profit I find acceptable then I know I’ve set the right price. Unfortunately the Australian government is unlike to find, “Because those are the prices the market will bear.” as an acceptable answer.

Beginning Tomorrow Unlocking Your Phone Will Again be Illegal

Here’s a question to ponder for a moment, is your cell phone yours? You paid for it, you pay for the plan that makes it useful, you have it in your possession, and you store your personal data on it so obviously it’s yours, right? Wrong. Your cell phone belongs to the state, which is why, beginning tomorrow, you could be kidnapped and locked in a cage for unlocking the phone in your pocket:

The clock to unlock a new mobile phone is running out.

In October 2012, the Librarian of Congress, who determines exemptions to a strict anti-hacking law called the Digital Millennium Copyright Act (DMCA), decided that unlocking mobile phones would no longer be allowed. But the librarian provided a 90-day window during which people could still buy a phone and unlock it. That window closes on January 26.

Unlocking a phone frees it from restrictions that keep the device from working on more than one carrier’s network, allowing it run on other networks that use the same wireless standard. This can be useful to international travellers who need their phones to work on different networks. Other people just like the freedom of being able to switch carriers as they please.

How could the act of unlocking “your” cell phone be illegal? In the name of defending the legal fiction of intellectual property the state passed a law known as the Digital Millenium Copyright Act (DMCA), which made it a criminal act to circumvent Digital Rights Management (DRM). In 2009 the Electronic Frontier Foundation (EFF) was able to get an exemption in the DMCA for unlocking cell phones but those exemptions must be renewed periodically and the state apparently has no desire to renew such an exemption. Just remember that you live in a free country where the right to property is guaranteed by the Constitution. Oh, and we’ve always been at war with Eastasia.