2011-02-20

Pirate Software, week 7: Seeks

Ten years ago I collected bookmarks to everything interesting I found on the net. Today I don't, because I can in most cases find it again by just googling it up. But our dependency upon search is quite scary. The net is so vast that it is hard for us to tell if Google is doing a good job, or sending us to the wrong pages. And it is a bit scary that Google saves all our searches. Go here and have a look at your own searches.

If we translated the situation to meat-space, what if you always went to the same guy every time you had a question, and what about the idea of him writing down every question you ever asked?

So, really, there are two issues here:
  1. Is Google giving us the right answers?
  2. How much is our privacy worth?
The first question could be answered, perhaps, by some kind of research, of which I am not capable. There are true alternatives to Google, as you know, but why would we trust the alternatives more than Google? Could we do it ourselves? Well, yes, perhaps. I have found one such effort, YaCy, which is a program you install on your own computer. You can send it off spidering the web for you, but the search results from your computer alone can't do the web justice, of course. Google has, after all, hundreds of thousands of computers at hand for search. So what YaCy does when you search for "pirate party usa" is to connect through peer-to-peer with other YaCy users and assemble the search result from all those peers. So, you might wonder, does it work? Unfortunately, no. My experience is that the results don't reflect what you'd hope for. Your experience might differ, so try it out in case you're interested.

What about privacy, not having all your searches saved by others? There are several ways you can go here:
  • You can tell Google not to save your searches. But do you trust them not to? I think I do, but I'd rather not depend on it.
  • You can switch to one of the proxy search engines out there that explicitly claim they don't track your searches, such as Duck Duck Go, Ixquick or Scroogle. I haven't tried them much, but they seems to work fine. If you ask me, go for the Duck!
  • You could install a proxy search engine on your own machine, such as Seeks. It does share your searches, but anonymously, and only with other machines who have also installed Seeks. In that way it resembles YaCy, but does a much better job. You can try it out here.
    I have currently chosen the Seeks project as my choice for search. Since it is open source I can potentially inspect the source and make up my own mind as to its claims for what it does. The project is very ambitious, as they plan to in the future build its own search index. It may never get that far, but it is currently good enough for me. I might change to something else later, which is the good thing about search - simple to replace.
    

    

    

    

    

    

Posted by



at





5 comments:
  









    


    

    

    

Labels:



    

    



    

    

    

    

          
    
        

          
    
        

    2011-02-11
    

          
    
        

    

    




    
Pirate Software, week 6: Pidgin + OTR

    

    

    

    

    
I was never into IRC for direct chat in the early days of the net. For me the whole concept started with ICQ in 1996, and then with Yahoo Messenger in 1999. These products used proprietary protocols for communication, and were never secure. They also quickly became bloatware and painful to use since they tried to expand into being much more than "lowly" chat.
    

    
But chat will never go away, as we value direct conversations. Today many people mostly use Skype for chat, which is a bad idea for many reasons:
    

    1. It doesn't use an open protocol, so it is very hard, almost impossible, to put Skype to use except through the official Skype client.
      2. 

    2. Your messages aren't encrypted between you and your chat partner, so your conversation can (and in some cases probably is) monitored. Remember that Skype offers phone calls to normal phones, and to be allowed to connect with the public phone system, they have to comply with lots of government regulation, of which machinery for wire-tapping by police is one.
      3. 

    3. It isn't open source, so it is unclear how things works. 
      4. 

    4. Also Skype has become bloatware. 
      5. 

    A very good alternative is Pidgin, which is an open source chat client with which you can connect to IRC, ICQ, Yahoo Messenger, the open protocol XMPP and many many more. It works with Windows, Mac and many versions of Linux.
    

    
Plus it supports OTR, which is an easy to install plugin that offers (quoting directly from the website):
    

    • Encryption - No one else can read your instant messages.
      • 

    • Authentication - You are assured the correspondent is who you think it is.
      • 

    • Deniability - The messages you send do not have digital signatures that are          checkable by a third party.  Anyone can forge messages after a          conversation to make them look like they came from you.  However,          during a conversation, your correspondent is assured the messages          he sees are authentic and unmodified.        
      • 

    • Perfect forward secrecy - If you lose control of your private keys, no previous conversation is compromised.
      • 

    So, install Pidgin and OTR and see if it works well for you. You can try out OTR with me if you like. My ICQ id is 309394, and my Yahoo id is mats_henricson.
    

    
If you are curious about chat in general, EFF has a very good page.

    

    

    

    

Posted by



at





5 comments:
  









    


    

    

    

Labels:



    

    



    

    

    

    

          
    
        

          
    
        

    2011-02-06
    

          
    
        

    

    




    
Pirate Software, week 5: i2p

    

    

    

    

    
The idea of a private, completely anonymous internet guarded with strong encryption and re-routing of messages seems to be from at least mid 1988. Two fascinating reads are The Crypto Anarchist Manifesto and A Cypherpunk's Manifesto. If you hesitated just a millisecond before you clicked on these links, then you know the reason these ideas still exist! Because today government agencies, companies and military organizations across the planet are monitoring what we all do on the net. The words "crypto", "anarchist" and "manifesto" surely attracts some search queries. Is that desirable? Does it feel good to drop into a bucket labeled "suspicious" just because you're curious about cryptography?
    

    
Many people think not, and some even try to do something about it. One of the best efforts out there is ip2, also known a Invisible Internet Protocol. It is completely open source and very actively developed by a large bunch of people. (As a side note, one of the developers went under the name of jrandom, but he (or she, who knows) mysteriously left the project in 2008 and has not come back. There are other similar mysteries if you know where to look.)
    

    
Anyway, ip2 is very simple to install, very simple to upgrade (being developer myself I must say it is exceptionally well done), and just works. There are lots of services built on top of i2p:
    

    • Web browsing 
      • 

    • BitTorrent
      • 

    • Chat
      • 

    • Email
      • 

    Some of these services are completely hidden inside i2p, so if you use an i2p chat, then the messages never leaves the encrypted network. As such it is as private and anonymous as you can ever get. i2p uses strong encryption and p2p networking, technology that is threatening to many, and if our societies goes completely to hell it is likely i2p will be banned. So, we'd better start using it now!
    
 

    

    

    

    

Posted by



at





5 comments:
  









    


    

    

    

Labels:



    

    



    

    

    

    

        
    
      

    


    

    

    
Subscribe to:
Posts (Atom)