Archive for the 'Uncategorized' Category

GNU SIP Witch 1.0 released for peer-to-peer next gen VoIP

Saturday, May 14th, 2011

May 14, 2011 (Bayonne, NJ). We are distributing today a 1.0 release of the GNU SIP protocol provisioning and peer-to-peer call server, GNU SIP Witch. GNU SIP Witch is developed within GNU Telephony and has been selected for use in the GNU Free Call project. This will provide a stable release that we will support for existing applications while we actively develop GNU Free Call services.

GNU SIP Witch is available as part of the GNU project. Stable releases will also power a web site later this summer to provide initial worldwide secure calling services for free directly to the general public for use in conjunction with any ZRTP enabled standards compliant softphone applications and SIP devices. GNU SIP Witch can be used to deploy private secure calling networks, whether stand-alone or in conjunction with existing VoIP infrastructure, for private institutions and national governments.

GNU SIP Witch is distributed as free software, that is, it is licensed using the GNU General Public License (GPL) version 3 (or later), explicitly to provide others the freedom to use, modify, learn from, redistribute, and participate in it’s continued development, and can be obtained in source directly from http://ftp.gnu.org/gnu/sipwitch. A number of GNU/Linux distributions already distribute GNU SIP Witch in binary form for easy installation. GNU SIP Witch is cross-platform and can also be built on Apple OS/X, BSD systems, and for Microsoft Windows. Future releases will also support Android devices for use in GNU Free Call. Our services and applications are intended to offer the benefits of software freedom on all common computing platforms.

GNU SIP Witch is a free software project and is being developed by volunteers from around the world. The Free Software Foundation and the GNU project provides technical, infrastructure, and organizational support for GNU SIP Witch development. Future work will focus on delivering GNU Free Call services such as self-organizing peer-to-peer calling networks directly to the desktop and mobile devices of users worldwide.

In conjunction with this release, the GNU Free Call project is distributing an initial release of our technological assistance package for common computing platforms by providing our switchview desktop client for use with GNU SIP Witch on your local machine. In the future TAP will enable multi-platform personal encryption, include further support for desktop and mobile secure calling, and provide other basic and common computing services missing on some platforms.

About the Free Software Foundation:
The Free Software Foundation, founded in 1985, is dedicated to promoting computer users’ right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software—particularly the GNU operating system (used widely today in its GNU/Linux variant)— and free documentation. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software. Their web site, located at http://www.gnu.org/, is an important source of information about GNU/Linux.

About GNU Free Call:
GNU Free Call is a project to develop and deploy secure self-organized communication services worldwide for private use and for public administration. We use the open standard SIP protocol and GNU SIP Witch to create secured peer-to-peer mesh calling networks, and we welcome all participation in our effort.

Contact Information:
Haakon Eriksen – Project Coordinator – haakon.eriksen at far.no
David Sugar – Project Architect – dyfet at gnu.org
Mailing List – Participation – sipwitch-devel at gnu.org

GNU Free Call awarded at GoOpen

Tuesday, March 22nd, 2011

Driv Inkubator and the Norwegian Competence Center for Open Source today awarded the GNU Free Call project 100 000 Norwegian kroner (17500 USD) for best eHealth solution using Free Software in their annual competition. This award has been presented to project coordinator Haakon Meland Eriksen and project architect David Sugar. Mr. Eriksen was present to receive the award during the GoOpen conference being held in Oslo.

GNU Free Call is a new project to develop and deploy secure self-organized communication services worldwide for private use and for public administration, and it will be released as Free (as in freedom) Software. GoOpen is a publicly-funded conference about using Free and Open Source Software for sharing.

It is often a challenge to provide basic humanitarian and medical care in stressed environments. Medical personal need to communicate, and to do so privately with regard to the dignity of their patients. In times of national emergency the communications infrastructure is often broken, and our goal is to address this through the development and deployment of self-organizing mesh calling networks. These can be built on the existing GNU SIP Witch package and deployed through IP capable cell phones and low cost FreedomBox servers, as well as through traditional locally connected desktop and laptop computers. Put simply – eHealth through a secured healthnet of cell phones.

Free Software means that the program’s users have the four essential freedoms:

* The freedom to run the program, for any purpose (freedom 0).

* The freedom to study how the program works, and change it to make it do what you wish (freedom 1). Access to the source code is a precondition for this.

* The freedom to redistribute copies so you can help your neighbor (freedom 2).

* The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this.

For more information, please visit our project’s site or contact us at the addresses below:

GNU Telephony – http://www.gnutelephony.org
David Sugar – project architect – dyfet@gnutelephony.org
Haakon Meland Eriksen – project coordinator – haakon.eriksen@far.no

When Freedom Rings

Saturday, March 19th, 2011

I was both surprised and pleased with the community response to the announcement for GNU Free Call. Rather unfortunately our hosting for the wiki, Ibiblio, was down, as they were doing a large move on Tuesday. Even more amusing, Haakon’s email provider also decided to do some relocation this week.

With the many comments I received, it is clear to me some are best answered on the wiki, especially now that it is back. This includes things like a more detailed project roadmap, which Haakon has been hard at work updating. Other things are probably best handled through the mailing list (sipwitch-devel). In particular, I think many concerned issues that either were not well explained in the FAQ attached to the original announcement, or not covered at all, and so I think we need to have a new or further extended FAQ on the wiki for GFC.

What I wanted to talk about right now is some general things in GNU Telephony as a whole. In particular, there are a few things in development now, and some of them do require additional help.

The first of these is an effort to consolidate GNU Common C++ with GNU uCommon, and have the entire ZRTP stack build under cmake. There already is an experimental branch in svn for a ucommon library that also builds commoncpp, and an experimental branch of ccrtp that builds against that. I am hoping to see this released for ucommon 4.2, or maybe 5.0, as there are also some abi issues I would like to change in ucommon itself.

I had asked Simon L’nu to help me coordinate establishing a public portal so people could create accounts and connect through sipwitch to each other securely such as with a ZRTP enabled SIP client, as well as receive calls from the general public under a public sip uri, if they so wish. I also want to use this to coordinate internal project communications, and I have thought about setting up freeswitch as a conference server backend for this purpose. But we do not yet have a public site to run these things at, though several nations, including the Cherokee of Idaho, have asked about possibly helping with this.

There is also an experimental sipwitch gui that has been started, in Qt. This may eventually become a desktop Gui to match Haakon’s very impressive vision, but initially it may only exercise some core sipwitch services for desktop users. At least it is a starting point down that path.

I had also thought about writing a wiki document explaining our policies and coding practices. Most are essentially the same as used in the GNU project, especially when speaking of packages that are already part of GNU proper. However, in some of the newer packages, we may diverge in some areas as is convenient for our users so long as there is no effect on freedom. For example, much like in KDE, there is a growing tendency it seems in GNU Telephony to prefer cmake over autotools.

For those who have offered to help with GFC, I especially appreciate that. I hope all can join the mailing list, so that it will be easier to communicate and collaborate together in freedom.

GNU Free Call Announced

Monday, March 14th, 2011

“Free as in freedom, and free as in no cost, too!”

GNU Free Call is a new project to develop and deploy secure self-organized communication services worldwide for private use and for public administration. We use the open standard SIP protocol and GNU SIP Witch to create secured peer-to-peer mesh calling networks, and we welcome all participation in our effort.

Who
Haakon Eriksen – Project Coordinator – haakon.eriksen@far.no

David Sugar – Project Architect – dyfet@gnu.org

What
Our goal is to make GNU Free Call ubiquitous in a manner and level of usability similar to Skype, that is, usable on all platforms, and directly by the general public for all manner of secure communication between known and anonymous parties, but without requiring a central service provider to register with, without using insecure source secret binary protocols that may have back-doors, and without having network control points of any kind that can be exploited or abused by external parties. By doing so as a self organizing meshed calling network, we further eliminate potential service control points such as through explicit routing peers even if networks are isolated in civil emergencies.

We do recognize this project has significant long term social and political implications. It also offers potentially essential utility in public service by enabling the continuation of emergency services without requiring existing communication infrastructure. There are many ordinary public service uses, such as the delivery of eHealth services, as well as medical, and legal communication, where it is essential to treat all with equal human dignity by maintaining privacy regardless of race, religion, or political affiliation. Equally important is the continuation of emergency medical services even when existing infrastructure is no longer available or has been deliberately disabled.

How
Initially we will extend sipwitch to become aware of peer nodes by supporting host caches, and then support publishing of routes to connected peers. This work builds upon the already existing routing foundation in sipwitch itself. The use of host caches is a mechanism used in older p2p networks, it is generally well understood, it would meet the initial goals of establishing a self organized mesh network, and it is rather easy to initially implement to fully demonstrate the potential of sipwitch as a mesh calling system. More advanced methodologies can then be added later on.

Related to this goal is having sipwitch operate as a SIP mediation service for desktops users and IP enabled cell phones such as Android. This introduces the needs for users to be able to “pilot” their local sipwitch instance through a desktop and cell phone gui, whether to see what calls are being placed through it, or to see the verification status of secure key exchange. There are today IPC interfaces in sipwitch to allow for desktop integration, but a specific GUI to use these interfaces and present server and call states in a manner for people to understand still needs to also be constructed, and hence this too is part of the plan of work for this project.

In addition we will be extending GNU SIP Witch to offer secure VoIP proxy. Much like what was done initially by Phil Zimmerman to develop ZRTP using zfone, this mode of operation will enable development of key elements of a secure infrastructure without having to also initially create new SIP user agent applications. By offering secure proxy through a SIP Witch instance running at the endpoint, any existing SIP standard compliant softphone or device will be able to establish a secure connection to another standard compliant SIP device or SIP peer that is using GNU SIP Witch at the destination.

This project’s definition of secure media is similar to Zimmermann’s work on ZRTP, in that we assure there is no forwarding knowledge by using uniquely generated keys for each communication session. Furthermore, we will use GNU Privacy Guard (GPG) to fully automate session validation. This will be done by extending the SIP protocol to exchange public keys for establishing secure media sessions that will be created by each instance of SIP Witch operating at the end points on behalf of local SIP user agents, and then verifying there is no man-in-the-middle by exchanging GPG signed hashes of the session keys that were visible at each end.

Why

1. Why GNU SIP Witch?
GNU SIP Witch is a destination router for the SIP protocol. This means it is primarily concern is not in making things interconnect “with” the SIP Witch Server, like say something like Asterisk does very well, but rather instead is designed to enable two (or more) endpoints to find and then directly connect with each other. By handing off media operations directly to communicating endpoints, GNU SIP Witch requires a minimum of system resources, making it very suitable even for low end embedded routers, as well as for freedom boxes, shared virtual server instances, desktop systems, and IP connected cell phones such as Android, rather than requiring a dedicated server.

2. Why on the desktop and cell phone?
Ultimately we want to be close to the user so that no third party or external service must be connected to before establishing secure sessions since we are using unmodified SIP clients. If an external party is required, the connection between the SIP client and that external service would of course be completely insecure. A user with their own local infrastructure can of course also run a single sipwitch server, such as on a freedom box or a virtual machine, to meet all their local connectivity needs rather than doing so on each machine or device. An organization can also run a sip witch server on a completely remote site, such as a public portal, when interconnecting existing security enabled SIP clients, such as SIP Communicator and Twinkle, which support the ZRTP protocol stack. Another side benefit of having SIP Witch on the desktop and cell phone is that as we develop SIPWitch NAT services, it can act as a single point of contact for mediating all SIP protocol services for a user, as well as offering a single place where NAT support and mobile re-connection will only need to be configured and implemented once, rather than in each SIP client separately.

3. How to get GNU SIP Witch?
GNU SIP Witch is formally distributed as a package that is part of the GNU Project. It is also packaged in a number of popular GNU/Linux distributions, including Ubuntu and Fedora, GNU SIP Witch can also be built on most BSD systems from source, including OS/X, and supports compilation on Microsoft Windows as well.

4. How to configure GNU SIP Witch?
In the past GNU SIP Witch has been difficult to configure, even for ordinary uses. To address this issue we are hoping to finally introduce a model public portal that anyone will also be able to download and use to construct and configure a SIP Witch site or private service. To address the needs of peer-to-peer calling, we are introducing a desktop and cell phone GUI interface.

5. Why do I need a local SIP account to use it?
Since GNU SIP Witch is a SIP service one needs a SIP identity to authenticate yourself to your own local SIP server. However, we wish to eliminate manually creating local SIP users by offering to automatically detect and generate a local user account with a matching SIP user agent configuration for you as a single click operation from the new GUI. Initial clients proposed for this include Android CSipSimple, which is also being extended with GNU ZRTP, the Twinkle Softphone, and perhaps SIP Communicator, which uses the GNU ZRTP4J stack. Other clients, like GNOME Empathy and Linphone, may also be supported in this way as well.

6. How can I participate?
We have a wiki site used for GNU Telephony as a whole (http://www.gnutelephony.org/), as well as a mailing list for sipwitch itself (sipwitch-devel@gnu.org). In addition, to discuss core architecture, privacy issues, and social consequences, we have another mailing list gnucomm-privacy@gnu.org.

Secure key exchange for peer-to-peer communication and VoIP

Saturday, November 27th, 2010

I thought I would write about how I propose to make use of Diffie-Hellman (DH) key exchange within SIP to enable secure media exchange over the public Internet, and how this can change the way we think of secure VoIP and video communications and secure media streaming not just for individuals seeking privacy but also commercial organizations.

I chose to start with underlying idea in Diffie-Hellman key exchange, which is that two independent nodes can come to independently compute the same final value for a session key that can then be used for a symmetric cipher. This is done by computing key factors as exponents of a large prime which results in a pair of unique values that can produce the same result. The public number of the computed pair is shared and the private number is kept secret. A new secret/public pair is computed to generate the final cipher key, and a factor returned so the originator can do the same. The core idea is that the values publicly exchanged is insufficient to successfully compute the final key value without the unshared numbers. Hence, observing the exchange does not allow you to know or compute the final cipher key used.

Of course even before key exchange there must also be cipher negotiation, which really is similar to SDP media codec negotiation that SIP normally already does. I mention it now because while it is not an interesting or difficult problem, I note that a number of national governments and organizations have developed their own symmetric ciphers. Basically I choose to advertise the callers cipher choices in the initial SIP invite message (also indicating a secure call is requested), and the called party selects and replies a chosen cipher in the SIP answer message. 

The second problem is with persistent private keys that can be raided from participating nodes to then recompute past session keys. My answer for this is simple; I always generate unique ephemeral key factors for each call session. The prime used in a DH key exchange is actually a less interesting number, and as long as the ephemeral keys come out of unbiased random data they are secure from dictionary attacks. Similarly the public and private key factors used to compute the final symmetric key is also an ephemeral value, and hence the final media cipher key is unique for each session as well, thereby assuring no forward knowledge.

The third problem is simply assuring a valid and unbiased random number generation source is used to create ephemeral keys. This actually is outside the scope of my own work, as I simply reuse existing high entropy random number sources, whether offered by the Linux kernel, the openssl library, or by other means.

I further note traditional public/private key pairs are simply a static prime and an only once computed permanently retained private and public factors, and with large enough numbers this is considered secure for many years by itself. While the prime can be entirely static, I think recomputing a new random prime every few weeks is far more than sufficient, especially given ephemeral key factors are used for the initial exchange making every session unique.

While the prime is consistent, and hence need not be exchanged in the final reply, what is important are the two ephemeral public factors, one computed by the called party (returned as part of the sip “answer” message), and the other by the inviting party (returned in the SIP ack). What happens then is this:

In the SIP invite I will advertise for key exchange and advertise what cipher(s) we support. The invite message may already be very large, and may also include authentication headers, as well as advertised media descriptions, so we do not wish to add much more to it. This is especially important for using SIP over UDP, where a sip message can not be larger than a single datagram. Hence adding this minimal amount of info is not much larger.

The called party creates an ephemeral (random) private key factor and computes the public factor around a prime that can then be shared. The prime and key factor can be sent during the SIP answer message. Since the answer may have a smaller media descriptor and never has authentication headers, adding the public key is not an impossible burden. Indeed, the public key is likely in the same size range as a SIP authorization header might be.

In response to the SIP answer message the calling (inviting) party computes a private (ephemeral) value that is then used to compute a public factor that can be used for computing the final media cipher key. The public factor it computes is returned in the SIP ACK message, which also completes SIP media call session setup.

Once both sides have both shared public factors, they can independently compute their final cipher key to use for the media. But Diffie-Hellman is itself vulnerable to a very basic man-in-the-middle (MITM) attack. If someone in the middle answers the invite, they can then compute and send their own ephemeral key factor. It is not going to be the same as the one the final node would generate, however.

The MITM would then have to also send the invite to the final destination. When the final destination answers, it gives an ephemeral factor. The MITM then simply computes a new random factor for the final cipher key and returns the answering party the factor needed to compute a final cipher key between it and the destination.

Similarly, the MITM sends it’s own answer message with the initial computed random (ephemeral) key factor. The caller then computes a factor for the final cipher key and sends this back in it’s SIP ACK. The man in the middle then computes the final media cipher key used between itself and the caller, and a different final media cipher key with the destination. Media that is send by the calling party is then intercepted and decrypted using the caller’s cipher key, and re-encrypted using the cipher key it generated a factor for to the final destination. Neither end knows there is someone decrypting and listening to everything that is being sent, and doing so in real-time. This is the classic problem with pure Duffie-Hellman key exchange.

One thing we do know is that if both endpoints receive and have the same key factors there could not be a man-in-the-middle. This is because while the MITM will know the prime used, if the ephemeral private factors are sufficiently unbiased it has no means of knowing these private (secret) factors that were not shared. Hence it can only generate it’s own new and unique private key factors and then compute a new (and different) public value that it then gives to each party in the call.

Hence, if we can prove the factors have the same values on both ends, we can validate the exchange. There are two ways to do this.

The first, and that is perfect for purely anonymous communication, is to compute a hash or human readable string based on the two key factors. Both sides can do this, and present it to the user if in a real-time call. The users then can read this hash to each other, and if they both have the same values, they know they are the same. This is essentially what ZRTP does also. This methodology we will keep, as it is particularly useful for anonymous calls.

Of course one may not wish to read hashes to each other in each and every call. Nor have we “proven” a user identity or allowed for automated transactions. However, if these are important there is one additional step we can also take beyond what ZRTP does.

As each end receives the signed hash, it can be automatically compared with the locally generated hash to validate that the keys were exchanged clean. The hashes are as trustworthy as the signing key used. This requires the destination to have the public key of the user’s SIP from identity in their key chain of course. But this mode is seamless and very appropriate to a public or private organization deploying distributed self-managed secure networks, or for enabling generic voice commerce and secure b2b communications over the public Internet.

Entirely automatic exchange is also possible because one could create a dummy or special account filled with gpg keys for this purpose that an application can use unattended. For example, a /root gpg keychain could be filled with a special “mail@xxxx” key pair, and this could even be published through existing key servers. Then, if this were used to automatically transfer SMTP messages encapsulated in a cryptographic context initiated through SIP, the entire means of signing and verification also becomes automatic. This is somewhat analogous to SSL, except that we have eliminated the role of the certificate authority, and hence all keys are entirely self managed without requiring third parties or trusting some third party certificate.

Now there is one other trick that GNU SIP Witch in particular can do which will make this methodology and both anonymous and verified secure calling over VoIP much more widely available. GNU SIP Witch can choose to act as a media proxy. It can do this by rewriting the SDP to goto SIP Witch managed RTP ports. Doing so, these ports could take in unencrypted RTP streams and encrypt using media cipher keys that GNU SIP Witch computes. This would be done if the calling party or the called party do not already independently support secure calling on their own. This means any existing SIP VoIP application, including SIP phone devices, can suddenly be used to make entire secure calls without any modification. Moreover, SIP Witch can selectively use secure calling depending on if the endpoints are on the same subnet or not, or placed at each workstation as a local proxy and assure all call traffic, including internal traffic is always secure, especially if there is concern with internal espionage. This maximizes the range of secure deployment scenarios and all without requiring the introduction of new secure VoIP user agents.

There are other reasons related to anonymous calling uses where also creating stand-alone secure SIP user agent application is still of course also desirable. This is especially true when creating a secure client that for example can be ran at an Internet cafe to offer anonymous secure communications. The core methodology is entirely applicable to a custom written client application as well as to an SIP intermediary service like GNU SIP Witch. It is also applicable to using SIP for managing all kinds of “media” sessions, including, as noted, things like SMTP email exchange that traditionally used SSL.

GNU SIP Witch was originally brought forward as a means to replace Skype and preserve individual communication privacy by enabling the use of SIP URI’s for calling ZRTP users. By solving core issues related to enabling unrelated parties to call each other securely with provable identities over the public Internet using SIP uri’s alone, this makes many commercial uses practical as well. This includes business-to-business calling and receiving calls from commercial customers over the public Internet, and use by the medical profession or lawyers where privacy and security are mandated requirements. In that this methodology preserves communication privacy and also continues the optional use of social key verification, I feel we address those needs where privacy and anonymity are also essential.

Why civil liberties matter – an open letter to the Obama administration

Saturday, October 9th, 2010

“They made us many promises, more than I can remember, but they kept only one; they promised to take our land, and they did” – Maȟpíya Lúta

In a recent Rolling Stone magazine interview, you spoke of this administration’s commitment to civil rights while simultaneously insulting the intelligence of those who are concerned with civil liberties. It is this administration’s actual record on civil liberties, a record that is in fact worse than the preceding one, that is both clearly inexcusable and dangerously irresponsible.

The civil rights movement that you spoke about, and as we recognize today,would not have been possible without civil liberties. While laws were clearly misused to try suppressing that movement, those efforts failed largely because the United States at the time had some institutional commitment to essential core legal principles that included privacy, the freedom of speech and association, due process, and the presumption of innocence. Although each of these fundimental legal principles had been challenged on a reversible basis by the Bush administration, it is your justice department that has worked tirelessly to make those temporary transgressions become a permanent and enduring part of the institutional law of the United States.

Perhaps most people remember your administration’s dramatic assertion of the right to assassinate American citizens abroad on the whim and statement of a government official alone. This is not by far the only threat to civil liberties today your administration has engaged in. Other important actions include efforts by the United States Department of Justice to explicitly use state secrets to dismiss lawsuits of those seeking redress from the unlawful practice of rendition and torture at the hands of private contractors, and to generally establish state secrets as an institutional protection for those carrying out unlawful actions on behalf of the United States government in general, including telecom companies that had facilitated widespread illegal domestic intercept in the past.

Other actions by this administration make it explicit it wishes to reverse the institutional practice of presumption of innocence and replace it with presumption of guilt. One clear example of this is the assertion of the right of the United States government to automatically blacklist websites merely “accused” of copyright infringement in some manner, with neither court oversight nor due process. Related to this is the effort to create a new copyright treaty entirely in secret (ACTA) that seeks the ability to punish individuals directly for alleged crimes with no due process recourse. As these examples illustrates, in a society based on presumption of guilt, one can be punished for crimes that have not only not been proven, but that do not even have evidence presented that can be challenged. It is very clear to see, and history proves, how such tools can be misused to silence or censor independent and critical sources of speech on the public Internet.

Equally troubling are the recent raids on the homes of domestic dissidents and peace activists. As already reported by your own justice department, many of these investigations of domestic dissidents were improperly initiated, originally under the Bush administration, without any actual evidence whatsoever and often using knowingly false statements. Yet, this fact did not stop the FBI from engaging in “terrorism raids” on peace activists across the country or asserting “state secret” privilege when challenged to actually justify these actions.

Perhaps the most disconcerting departure into a society based on the presumption of guilt is the effort of this administration to seek a new law to mandate that government backdoors exist in all communication services and software. This effort wishes to both expand upon and fully institutionalize the illegal use of domestic surveillance as practiced by the Bush administration.

Back in the Clinton years, a law was created called CALEA (the Communications Assistance for Law Enforcement Act). This law required that all telephone systems sold and deployed by commercial carriers in the United States include backdoors to enable government intercept of voice communications. While the United States government and local police only engage in about 1000 lawfully initiated wiretap investigations nationwide in any given year, this law mandated the capability to simultaneously spy on millions of people at once be created. At the time it was “promised” that such widespread abuse would”never” actually happen. Yet we have learned that as early as the spring of 2001 the Bush administration had already used presidential directives authorizing private telecom carriers to use CALEA backdoors to engage in large scale domestic surveillance, presumably, given the date, entirely for domestic political purposes. This administration not only refuses to repudiate these past secret and illegal acts, but both defends and explicitly wishes to re-make into fully institutionally legal ones.

When we speak of introducing backdoors into communication systems, such back-doors rarely remain secret and often present themselves to abuse not only by national governments, but also by private corporations and even individuals. Such mandates do not make a society more secure, but in fact less. Perhaps most terrifying is adding backdoors to operating systems such as Microsoft Windows, already known to be insecure and defective by design, which simply further increases their vulnerability and the dangers inherent in their continued use.

This is a very real danger, one that can be lethal. Whether we speak of a compromised airline alarm system that resulted in an plane crash in Spain, a battleship rendered dead in the water, or an alarm system failing on an oil rig in part contributing to a catastrophic oil spill in the Gulf of Mexico, innocent people are put to great risk by enactment of this policy. While these accidents resulted in part from the shoddy workmanship of an already poorly designed operating system being used in inappropriate places, imagine the further possibilities for deliberate mischief by exploitation of any such guaranteed and mandated backdoor facility.

In the United States the 4th amendment did not come about simply because it was impractical to directly spy on everyone on such a large scale. Nor does it end simply because it may now be technically feasible to do so. Communication privacy furthermore is essential to the normal functioning of free societies, whether speaking of whistle-blowers, journalists who have to protect their sources, human rights and peace activists engaging in legitimate political dissent, workers engaged in union organizing, or lawyers who must protect the confidentiality of their privileged communications with clients. Privacy is ultimately about liberty while surveillance is always about control.

To this end, back in 2006, and at the time in response to the illegitimate actions of the prior administration, I created a project whose purpose was explicitly to create and deliver peer-to-peer cryptographically secure communication software directly to the general public. This software was licensed as free (as in freedom) software explicitly to facilitate people to verify that no backdoors are present and to enable them to legally modify and redistribute the software to others as they see fit. If a new law is created that tries to legally mandate the inclusion of backdoors in such software, we will openly refuse to comply.

What is most troubling of all about the expansion of illegal domestic surveillance is how this will reshape the institutional nature of society. To fully appreciate the effect of such surveillance on human societies, imagine being among several hundred million people who wake up each day having to prove they are not “terrorists”, however that may be whimsically defined at the moment, compounded by the impossible task of doing so without being accorded the right to face their accusers in summary ‘proceedings’ or even to be informed of the alleged ‘evidence’ produced by whatever arbitrary, secretive methods such agents of repression use, and where their prosecution is carried out under the shroud of “state secrets” that all such police states use to abuse their own citizens. Such is a society whose foundation is built on the premise of everyone being guilty until proven innocent and where due process does not exist; a society where the ends justifies the means. It is the imposition of such a illegitimate society that we choose to openly oppose, and to do so in this manner.

Legal terrorism Microsoft style

Saturday, October 2nd, 2010

“That as we enjoy great advantages from the inventions of others, we should be glad of an opportunity to serve others by any invention of ours, and this we should do freely and generously.” — Benjamin Franklin

Many people I think misunderstand Microsoft’s supreme court appeal of the i4i patent case. Some suggest that by focusing on limiting the ability to actually win patent cases that Microsoft is somehow limiting it’s own ability to use software patents against others. Nothing can be further from the truth, and indeed I think this case and their newly launched lawsuit against Motorola represents a milestone in their transformation from a proprietary software vendor into a litigation house.

What I think people fail to appreciate is that Microsoft does not seek the elimination of software patents but only to further limit the possibility of suffering spectacular losses at the end of such cases. This is because they understand well their most effective strategy is not in actually winning large judgments in patent cases against others, but rather simply in being able to financially exhaust others that they choose to sue. Hence, they wish to have an environment that is for them “safer to sue”.

Being a failed software company that can neither produce nor enter markets they are unable to illegally force people to buy their defective products, they clearly see future growth by taxing everyone else’s success. This is made possible by the threat of launching multi-year patent lawsuits that will cost millions of dollars to defend against even if they are entirely groundless, but for which they are far better positioned to financially sustain than their chosen target. They therefor can use the mere threat of patent lawsuits to effectively extort payments like a modern day Al Capone.

A perfect example for understanding this litigation strategy is Microsoft’s patent on inserting “@todo” comments in source code. This is clearly not the kind of patent anyone acquires to actually win a patent lawsuit against someone. It is also too ludicrous to seriously cross-license. However, what such a patent does buy them is immediate legal standing to literally choose to sue any competitor they may choose at any time regardless of the actual outcome. This kind of patent may even be most ideal for suing to eliminate free and open source competitors simply by raising the cost of being in business defending oneself to unsustainable levels, regardless of the eventual outcome.

Their fear then is not in limiting their ability to win a patent lawsuit against others if they choose to sue a hundred companies, but rather the possibility that perhaps one or more of a hundred entities that may separately choose to sue them might win. Sustaining the cost of launching and defending against multiple patent lawsuits over many years is already considered a part of their cost of business. Sustaining spectacular losses is not.

GNU uCommon 4.0 and beyond social key verification

Friday, October 1st, 2010

I finally got around to doing a 4.0 release of the GNU uCommon library over this past weekend while away for family reasons. This was however mostly to clean up the API. What I am thinking of and I am working on is moving beyond Phil Zimmermann’s ZRTP to create a more general purpose foundation for secure communication sessions that is applicable to automated communication tasks as well as to realtime communication.

The premise of Phil Zimmermann’s ZRTP system is that each party generates a (largely) random per-session private and public key. The public keys are then exchanged during session setup, and a unique hash is generated at each end. This hash can only be the same if there is no man in the middle substituting keys, for they cannot generate a valid hash match on the public keys without knowing the private keys. These hashes are “socially verified” directly by the users reading their hashes to each other over a VoIP call.

The approach I am taking is to directly exchange the hashes of the per-session generated public keys between the endpoints by signing them with a digital signature to guarantee the hashes are valid. Each end then can compare the hash it generates locally with the signed hash it receives. The hashes by themselves reveal nothing about the actual keys used, and the signature assures they are reported without being altered, so their transmission in the clear does not compromise the integrity of the system and hence, like in GPG itself, the signing keys for the hashes can be static and used to verify users through a web of trust.

To actually break this kind of system, one has to have access to the private signing key on the node as well as sitting in the middle at the right time. If one has physical access to or otherwise has directly compromised such a node, then one need not go through such a complex process to compromise that user’s remaining communication anyway. In any case, the security of un-compromised nodes remains intact.

This methodology I feel works far better for the kinds of secure exchanges that SSL is traditionally used for today. Since each session uses a random and unique key set, there is similarly (to ZRTP) no forward knowledge to decrypt past sessions even if the present node one is communicating with has become compromised. This also, like ZRTP, remains a zero knowledge system where the operator of such services has no knowledge of the actual keys being used, and hence cannot be tortured to provide information he does not have.

Since the process of verification can be automated, it can be used for protecting things like email exchange (smtp, imap, etc), vpn’s, etc. In fact anything SSL is used for this should also be usable. Verification need not be done “in-session”, as it can also be done in realtime communication sessions entirely separately with ZRTP style social key exchange if that is desired. Signed hashes of past sessions can even be stored somewhere that is separately accessible through alternate means for later verification, since again neither the hashes nor their signatures reveal anything about the actual keys used in past sessions.

Much of this work will first appear in further development of the newer libusecure that is now a standard part of ucommon.

GNU Telephony Statement on new Internet Surveillance Laws

Monday, September 27th, 2010

“Privacy is ultimately about liberty while surveillance is always about control”

Good morning my relations. Today is not such a great day. In the United States the Obama administration is actively seeking a new law to legally mandate the forced introduction of insecure back doors and support for mass surveillance into all communication systems. Specifically targeted are Internet VoIP and messaging systems.

Speaking on behalf of the GNU Telephony project, we do intend to openly defy such a law should it actually come to pass, so I want to be very clear on this statement. It is not simply that we will choose to publicly defy the imposition of such an illegitimate law, but that we will explicitly continue to publicly develop and distribute free software (that is software that offers the freedom to use, inspect, and modify) enabling secure peer-to-peer communication privacy through encryption that is made available directly to anyone worldwide. Clearly such software is especially needed in those places, such as in the United States, where basic human freedoms and dignity seem most threatened.

In the United States the 4th amendment did not come about simply because it was impractical to directly spy on everyone on such a large scale. Nor does it end simply because it may now be technically feasible to do so. Communication privacy furthermore is essential to the normal functioning of free societies, whether speaking of whistle-blowers, journalists who have to protect their sources, human rights and peace activists engaging in legitimate political dissent, workers engaged in union organizing, or lawyers who must protect the confidentiality of their privileged communications with clients.

However, to fully appreciate the effect of such surveillance on human societies, imagine being among several hundred million people who wake up each day having to prove they are not a “terrorist” by whatever arbitrary means the government has decided to both define the terms of such a crime and whatever arbitrary methods unknown to you that they might choose to define you as such, and where even your prosecution is carried out under the immunity of “state secrets” that all police states use to abuse of their own citizens. Such a society is one who’s very foundation is built on the premise of everyone being guilty until proven innocent and where due process does not exist. It is the imposition of such a illegitimate society that we choose to openly oppose, and to do so in this manner.

David Alexander Sugar
Chief Facilitator
GNU Telephony

Free Software on the reservations

Wednesday, August 18th, 2010

“Information in the computer age is the last genuine free market left on earth except those free markets where indigenous people are still surviving” – Russell Means

Mitakuye Oyasin,
(to all my relations)

Today is a fine day, and while I have shared this elsewhere, I thought I would take the time to share this here. In many ways the struggle of the North American Indian remains to this day one to simply be recognized as and treated with common human dignity, and there remains I think an interesting and potentially important role for free software in this process, especially in overcoming some of the vast deprivations of both past and present faced by the communities in the captive nations. Given that I was asked several years ago to help speak for the people of the Lakota nation, it seemed appropriate to do so presently here once more.

Well before considering free software as an economic model, some of the captive nations in North America have tried many different things in the past to create self-sustaining economic development, including of course casinos and call centers. Some have tried meat packing for freedom. Yet, unemployment remains high, over 80% for some communities, such as on the Lakotah reservations in North America. Similarly, per capita income often remains below the poverty line. On the Lakotah reservations, per capita income in fact is less than $4,000 annually, and average life expectancy is now under 47 years. These are not statistics from communities in Haiti , but rather from within the United States itself. The exact story is of course different for each of the captive nations, but the overall results of even the best of these efforts have usually been rather bleak.

One essential problem with call centers and casinos is that they require nations and people to participate in a culturally foreign social-economic model. Each time doing so, a small part of the culture dies in the process. That is because this model requires people to compete against each other, often by any means necessary, and to do so while using the labor of others for personal gain in a market that is often closed and where goods and services often become artificially scarce and demand is artificially generated to further extract wealth, rather than meeting real needs.

Certainly, for the American Indian working at a meat packing factory or a call center a job is a means of survival for a family. But it leads to no real economic development or further growth, whether for the worker or for the nation. It is a relationship that exists solely because the cost of bargained labor is so very cheap on the reservations. If the standard of living and income expectations did materially rise, those so eager to place some temporary facility or industry on the reservation will often simply pull up and leave to someplace cheaper. In fact, this relationship specifically discourages investment in the kind of economic development that would produce long term growth, infrastructure, and economic facilities, because doing so both will create higher future labor costs and make it far more difficult to later leave.

Even in the case of casinos, there are issues. Where a nation is fortunate enough to be the direct beneficial owner of a casino rather than simply licensing the rights and profits to an outside entity, this casts the nation itself in the role of extracting wealth through deliberate deception of others. It may be ironic, given that this is essentially a reversal of roles, since often indigenous lands were acquired through such tactics, but this too means people must forget who they are and what their lifeways mean and take up the very same behaviors of the invader that they found to be so very offensive. In this way, also, the nations and culture can surely also slowly die.

As I noted there are often basic cultural questioned tied to economics, and this is so often ignored by the great economic theorists. This understanding came most clearly to me from a discussion I had with Russell Means. While at the time I was starting a GNU/Linux telecenter project on the reservations, we ended up discussing the social and cultural consequences of western education. What he reminded me, and to roughly paraphrase his words, “Indians do not compete”. This however is in reality very much a social-economic statement, and not just one about education.

Clearly a possible way forward is to look at sustainable models based on voluntary cooperative economics, and there are a number examples found practiced today which do not require high levels of (presumably external) investment to get started, and which have already been demonstratively effective. One of the best examples of this is potentially found in the economics of free (as in freedom) software, and this is where I think technological-social free software projects could have an important role that can effect the real future of families, and not just in enabling education.

As we all know, free (as in freedom) software is often expressed and provided through a copyright license, and the best example is the GNU General Public License. The terms of such a license essentially are that one who receives free software is free to provide the software to others, whether in original form or modified, so long as they add no additional restrictions or conditions when they do so. Since they originally received the software with the full source code to compile and the information to build it (per gplv3 for example), it is necessary to offer it to others with the same. This, in economic terms, is also a transaction, but not necessarily an exchange of money, it is rather an exchange of consideration.

This relationship does not in any way prevent free software from being commercially sold in any fashion, as indeed demonstrated even by very large public corporations like IBM or very successful new ones like RedHat. However, it does mean one cannot artificially control or otherwise restrict the freedom of what the purchaser may do with what you have sold them. It instead offers new ways, including especially economic opportunities, for buyers and sellers to relate. Since the downstream seller may choose to make changes or fixes and then redistribute the improved version, those changes too become public, and can make their way to the original developer and all users of said software who then benefit. This is where cooperative benefits scale, and in a manner that is both socially and culturally consistent with the lifeways of many nations.

When speaking of upstream providers, downstream sellers, and end users, this is an analogous representation of what many free software integration projects and true free software business models already do in terms of it’s upstream and downstream relationships. Equally important, free software allows cooperative expertise rather than forcing rivalrous knowledge. Since one cannot derive exclusive benefit at the expense of another, there is much greater incentive for people working on similar problems to do so together, even when the outcome is in free software that will then be commercially sold. This might be thought of both as a market of both abundance and mutual interdependency, and such markets are the only kind I have seen that can self-sustain without abuse.

With no market barriers to participation, and today with the possibility for near zero cost in distribution, much of the cost of commercially starting in free software are entirely infrastructure and equipment costs. Given the cooperative nature of free software, this too could lend itself to shared or cooperative costs. Individual nations could even minimally invest in setting up small community development centers where equipment and infrastructure are particularly scarce. We had looked at starting something very much like this in Lakotah.

Free software certainly will not solve all the problems of the captive nations alone. However, it certainly can even in a small way help contribute to the establishment of sustainable economic development as well as a means to enable individual and communal economic sovereignty even in the present world, and hence to do so without having to compromise core social and cultural principles in the process.