public inbox for nncp-devel@lists.cypherpunks.ru Atom feed
* [EN] NNCP 7.4.0 release announcement @ 2021-07-19 16:57 Sergey Matveev 2021-07-21 18:47 ` Jonathan Lane 0 siblings, 1 reply; 12+ messages in thread From: Sergey Matveev @ 2021-07-19 16:57 UTC (permalink / raw) To: nncp-devel [-- Attachment #1: Type: text/plain, Size: 1894 bytes --] I am pleased to announce NNCP 7.4.0 release availability! NNCP (Node to Node copy) is a collection of utilities simplifying secure store-and-forward files and mail exchanging. This utilities are intended to help build up small size (dozens of nodes) ad-hoc friend-to-friend (F2F) statically routed darknet delay-tolerant networks for fire-and-forget secure reliable files, file requests, Internet mail and commands transmission. All packets are integrity checked, end-to-end encrypted (E2EE), explicitly authenticated by known participants public keys. Onion encryption is applied to relayed packets. Each node acts both as a client and server, can use push and poll behaviour model. Also there is multicasting areas support. Out-of-box offline sneakernet/floppynet, dead drops, sequential and append-only CD-ROM/tape storages, air-gapped computers support. But online TCP daemon with full-duplex resumable data transmission exists. ------------------------ >8 ------------------------ The main improvements for that release are: * Fixed simultaneous "nncp-daemon" and "nncp-caller" MCD work. ------------------------ >8 ------------------------ NNCP's home page is: http://www.nncpgo.org/ Source code and its signature for that version can be found here: http://www.nncpgo.org/download/nncp-7.4.0.tar.xz (1153 KiB) http://www.nncpgo.org/download/nncp-7.4.0.tar.xz.sig SHA256 hash: F7499FBF B0658054 F2732722 D54FE31E A0F105FD 9970B5BB 6413A9CC 065CB0EB GPG key ID: 0x2B25868E75A1A953 NNCP releases <releases@nncpgo•org> Fingerprint: 92C2 F0AE FE73 208E 46BF F3DE 2B25 868E 75A1 A953 Please send questions regarding the use of NNCP, bug reports and patches to mailing list: http://lists.cypherpunks.ru/nncp_002ddevel.html -- Sergey Matveev (http://www.stargrave.org/) OpenPGP: CF60 E89A 5923 1E76 E263 6422 AE1A 8109 E498 57EF [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 833 bytes --] ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [EN] NNCP 7.4.0 release announcement 2021-07-19 16:57 [EN] NNCP 7.4.0 release announcement Sergey Matveev @ 2021-07-21 18:47 ` Jonathan Lane 2021-07-21 19:13 ` John Goerzen 2021-07-21 19:32 ` Website TLS certificates Sergey Matveev 0 siblings, 2 replies; 12+ messages in thread From: Jonathan Lane @ 2021-07-21 18:47 UTC (permalink / raw) To: nncp-devel On Mon, Jul 19, 2021 at 07:57:18PM +0300, Sergey Matveev wrote: > NNCP's home page is: http://www.nncpgo.org/ > > Source code and its signature for that version can be found here: > > http://www.nncpgo.org/download/nncp-7.4.0.tar.xz (1153 KiB) > http://www.nncpgo.org/download/nncp-7.4.0.tar.xz.sig Is there a plan to get proper SSL certificates for the website? I can't access them from either w3m or Firefox on my machine because of trust issues. -- tidux@sdf•org SDF Public Access UNIX System - http://sdf.org ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [EN] NNCP 7.4.0 release announcement 2021-07-21 18:47 ` Jonathan Lane @ 2021-07-21 19:13 ` John Goerzen 2021-07-21 19:32 ` Website TLS certificates Sergey Matveev 1 sibling, 0 replies; 12+ messages in thread From: John Goerzen @ 2021-07-21 19:13 UTC (permalink / raw) To: Jonathan Lane; +Cc: nncp-devel On Wed, Jul 21 2021, Jonathan Lane wrote: > On Mon, Jul 19, 2021 at 07:57:18PM +0300, Sergey Matveev wrote: >> NNCP's home page is: http://www.nncpgo.org/ >> >> Source code and its signature for that version can be found >> here: >> >> http://www.nncpgo.org/download/nncp-7.4.0.tar.xz (1153 KiB) >> http://www.nncpgo.org/download/nncp-7.4.0.tar.xz.sig > Is there a plan to get proper SSL certificates for the website? > I can't > access them from either w3m or Firefox on my machine because of > trust > issues. [ I'm not Sergey... ] I've noticed the https versions have issues, but the links above are plain HTTP ones and work fine for me in Firefox, elinks, etc. - John ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Website TLS certificates 2021-07-21 18:47 ` Jonathan Lane 2021-07-21 19:13 ` John Goerzen @ 2021-07-21 19:32 ` Sergey Matveev 2021-08-03 15:58 ` John Goerzen 2021-09-02 8:59 ` Sergey Matveev 1 sibling, 2 replies; 12+ messages in thread From: Sergey Matveev @ 2021-07-21 19:32 UTC (permalink / raw) To: nncp-devel [-- Attachment #1: Type: text/plain, Size: 2052 bytes --] Greetings! *** Jonathan Lane [2021-07-21 18:47]: >Is there a plan to get proper SSL certificates for the website? I can't >access them from either w3m or Firefox on my machine because of trust >issues. I do not know any free CAs that are both can by trusted by me and major OS/browser vendors. And definitely won't play in those business (not security) games. Major OS/browser vendors, being US-based, were forced to reject/remove all free CAs that are not under USA/NATO control to create their own one (Let's Encrypt) under "proper" jurisdiction. Great and very clever move indeed, because now the most part of the Web is authenticated by single centralized USA/NATO-control entity. Previously I used well-known CACert.org, but because of COVID they were not able to access their datacenter to restore the interrupted workability, so I was forced to choose another CA. Even with CACert.org people were unsatisfied, because only minor OSes provide its certificate out of box. So what is the choice? * Do not use TLS -- but certificate pinning could be done and it could be useful for security * Do not use X.509 at all, but TLS relies on it. * Paid ones -- no way. They are not about security, but business. * Let's Encrypt -- clearly it can be used for authentication forging. So why bother? Encryption could be done anyway. * Other CAs, like CACert.org -- majority of users will be still unsatisfied and CACert.org was down for a very long time. * Self-signed certificate? Unlike Let's Encrypt with its very short lived certificates, that practically forbids (harms very much) certificate pinning usage, long-lived self-signed ones are much more convenient with TOFU+pinning usage. * Issued by own CA? The same as self-signed, but just single convenient trust anchor for my various resources. My ca.cypherpunks.ru is also signed with my PGP key, having some Web-of-Trust paths. -- Sergey Matveev (http://www.stargrave.org/) OpenPGP: CF60 E89A 5923 1E76 E263 6422 AE1A 8109 E498 57EF [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 833 bytes --] ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Website TLS certificates 2021-07-21 19:32 ` Website TLS certificates Sergey Matveev @ 2021-08-03 15:58 ` John Goerzen 2021-08-03 18:02 ` Sergey Matveev 2021-09-02 8:59 ` Sergey Matveev 1 sibling, 1 reply; 12+ messages in thread From: John Goerzen @ 2021-08-03 15:58 UTC (permalink / raw) To: Sergey Matveev; +Cc: nncp-devel On Wed, Jul 21 2021, Sergey Matveev wrote: > *** Jonathan Lane [2021-07-21 18:47]: >>Is there a plan to get proper SSL certificates for the website? >>I can't >>access them from either w3m or Firefox on my machine because of >>trust >>issues. > > I do not know any free CAs that are both can by trusted by me > and major > OS/browser vendors. And definitely won't play in those business > (not > security) games. Major OS/browser vendors, being US-based, were > forced > to reject/remove all free CAs that are not under USA/NATO > control to > create their own one (Let's Encrypt) under "proper" > jurisdiction. Great > and very clever move indeed, because now the most part of the > Web is > authenticated by single centralized USA/NATO-control entity. Hi Sergey, So just today I had an exchange here, with a person wondering why the TLS for a thing that's all about encryption is broken. You can find it here: https://floss.social/web/statuses/106691934299110939 The person I was corresponding with wrote, "With the cost of TLS certs being free, why would your group not encrypt? Your group is all about encryption!" This was AFTER I sent him a link to your post in the NNCP archives. > * Paid ones -- no way. They are not about security, but > business. > * Let's Encrypt -- clearly it can be used for authentication > forging. > So why bother? Encryption could be done anyway. I'm not familiar with this problem with Let's Encrypt (and would be happy to learn more). I have been using it for some years now with good success. As for "why bother", I think we can recognize that TLS with Let's Encrypt does provide some measure of improvement, even if imperfect. But the more important reason is: if we're looking to build something that attracts security-conscious people, it's big perception problem when it LOOKS like "the project can't even configure TLS for their website correctly". It leads to a lack of trust from people that could really benefit from NNCP. To be honest, when I was first looking into NNCP, that put me off as well. I eventually got past that, obviously, but not everyone may. How can I help? If you don't want to run Let's Encrypt yourself, perhaps I could: - Operate a mirror of www.nncpgo.org that does support TLS (that would be pretty easy, probably, since it's just built out of the source tree) - Work with others to raise funds cover the cost of a TLS cert from a vendor you trust (especially if it's not too expensive) I really want to make sure barriers to entry are low of people to get involved! - John ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Website TLS certificates 2021-08-03 15:58 ` John Goerzen @ 2021-08-03 18:02 ` Sergey Matveev 2021-08-04 2:46 ` John Goerzen 0 siblings, 1 reply; 12+ messages in thread From: Sergey Matveev @ 2021-08-03 18:02 UTC (permalink / raw) To: nncp-devel [-- Attachment #1: Type: text/plain, Size: 8690 bytes --] Greetings! *** John Goerzen [2021-08-03 10:58]: >The person I was corresponding with wrote, "With the cost of TLS certs being >free, why would your group not encrypt? Your group is all about >encryption!" I completely agree that there is no reason not to encrypt (everything). But my concerns are all about authentication. >As for "why bother", I think we can recognize that TLS with Let's Encrypt >does provide some measure of improvement, even if imperfect. If it brings an *illusion* of security, than it hurts much more than gives any positive things. When you clearly understand the insecurity of the channel, then you make proper good risks evaluation. When you are told that you have got secure channel, but actually it is likely to be impersonated with trusted man-in-the-middle (untrusted Let's Encrypt CA), then hardly you can evaluate your risks. Channel is encrypted -- good. But if you do not know precisely to whom you have got that channel -- there is not much value in the encryption by its own. I remind that all websites like www.nncpgo.org, www.cypherpunks.ru and dozens of others -- have TLS. If you want encryption, just point your software to use HTTPS protocol. If you want authentication, then we have to find the common gratis trust anchor. Currently there is no such, even CACert.org, that I trust much more, is included only in minor (by popularity) distributions. >But the more important reason is: if we're looking to build something that >attracts security-conscious people, it's big perception problem when it >LOOKS like "the project can't even configure TLS for their website >correctly". It leads to a lack of trust from people that could really >benefit from NNCP. I doubt people thinking about TLS are really security conscious. Most people do not know difference between encryption and authentication. Most people have never thought about trust anchors and who *they* are really trust and who decided that *they* trust some of the company they have never heard of before among the dozens/hundreds preinstalled on their operating system. If somebody thinks that "TLS is good and secure" and he throws some software off because he does not see "TLS", but some strange unseen before "Noise"... well, I am honestly not sad about the fact that most people have not enough education to make security evaluations. That people just do not deserve security (some kind of). Let be honest: there is "world"/ecosystem spread and created by businessmen, where WhatsApp or even Telegram are considered secure system, like the presence of "https://" in URL field, or signature on the executable made by Microsoft/Apple/Google. And there is world of "real" serious cryptography security with PGP, Noise and similar kind of things. If one is interested in "businessmen" security, then he should hire and pay for antivirus protections, IDS systems, certified software and so on. If one is interested in real security, then he have to understand at least some cryptography-related basics. I do not want to say that TLS sucks -- it could be very good system in enterprise level scale, where I can trust my security/system administrators. But at global scale level... our world always was the area of struggle and battle between various nations and their influence, so there just can not be single trust anchor everyone accepts. I am not against TLS, but against global-scale PKI system, that is impossible to be trusted. I believe that TLS must not exist at all, because IPv6+IPsec with "anonymous" (naked public keys, without certificates) must been taken its place, being more elegant, more flexible, more transparent, more efficient (encryption is done in kernel, long lived IKEv2 security associations, unlike every time making TLS connection in userland with all the time additional libraries (or wrappers)). But it is better currently (until we finally move to IPv6, where all IPsec flexibility and convenience can be met) to use TLS of course, than not to use any kind of security measures. But that is completely different purely technical question and idealistic world we move to with IPv6 :-) Only the user himself must (should) make decisions whom he trusts. If he trusts solely the single Microsoft/Apple/Mozilla/Google corporation: I doubt he should use NNCP or all that kind of technologies, because they do not make decisions for the user. Let's some company decide what he is allowed to run, allowed to visit in the WWW. If user wants to control his trust anchors, then he uses certificate pinning, trust-on-first-use (TOFU), web-of-trust and all that kind of technologies. Gemini protocol forces TLS usage, but exclusively with TOFU and no PKI involved (however it is not forbidden). There was discussion why Debian does not use TLS for package downloads: https://news.ycombinator.com/item?id=18958679 https://security.stackexchange.com/questions/53117/what-trusted-root-certification-authorities-should-i-trust https://wiki.debian.org/SecureApt Huge quantity of people think that "http://blablabla.onion" is insecure, because of "http://". The same people think about insecurity of http://h.blablabla, where "h." leads to Hyperboria overlay network made upon cjdns and Yggdrasil. And even more people forget about possibility of using all of that over IPsec, that is completely transparent for the transport/application level. And most free software operating systems rely solely on PGP or signify tools with trust anchors completely unrelated to businessmen PKI world. And do not forget that there is also politics and military forces, working together with businessmen, where NOBUS (nobody but US) is completely acceptable for security. That "world"/ecosystem has DNSSEC, with central trust anchor. "Real" crypto world has DNSCurve, where you control your trust anchor as you wish (you can pin them, you can create the same global scale centralized PKI), where everything is encrypted (unlike DNSSEC with its clearly visible plaintext)). But business do not rule the real serious security. Business make mostly "good enough", NOBUS-like security theatres. Speaking of NNCP: the most crucial thing to authenticate is its tarballs, that are OpenPGP-signed. If you want encryption: replace "http://" with "https://". If you want authentication of the website, together with tarballs, then you *have to* achieve the trust of my main OpenPGP key, signed with dozens of people, including Richard M. Stallman, which signs NNCP release keypair, DNSCurve public keys and ca.cypherpunks.ru CA certificate itself: http://www.stargrave.org/Trust-anchor.html Authentication is very serious question, because it easily creates devastating illusion of security, where you can not make objective risks evaluations. Encryption is easy, but authentication, I mean trust -- is very hard to get. >- Operate a mirror of www.nncpgo.org that does support TLS (that would be >pretty easy, probably, since it's just built out of the source tree) www.nncpgo.org already (since the beginning?) supports TLS. That is authenticated by my OpenPGP key (that signed http://ca.cypherpunks.ru) for which you can find various ways of trusting it. Another TLS site with US/NATO controlled entity definitely won't be more secure. >- Work with others to raise funds cover the cost of a TLS cert from a >vendor you trust (especially if it's not too expensive) NNCP is a thing for the world of real crypto: PGP, DNSCurve, Noise, manual trust control. No way I will wish to pay for businessmen security theatre. >I really want to make sure barriers to entry are low of people to get >involved! Then people somehow should spread the education, spread the base cryptography-related knowledge. Everything is doomed from cryptography security point of view, when nearly everyone trusts Telegram/WhatsApp and closed proprietary surveillance operating system like Microsoft Windows and Apple macOS. I tend to talk about that and spread the knowledge, for years participating in various conferences: http://www.stargrave.org/Talks.html Illiteracy is the main problem. Most people (actually their Google/Apple/Mozilla/Microsoft-driven web-browsers) will anyway complain about insecurity even when downloading OpenPGP signed tarball from .onion over the yggdrasil, with a bit of IPsec between home router and computer itself. But they keep quiet if US/NATO definitely can alter authentication of most websites. -- Sergey Matveev (http://www.stargrave.org/) OpenPGP: CF60 E89A 5923 1E76 E263 6422 AE1A 8109 E498 57EF [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 833 bytes --] ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Website TLS certificates 2021-08-03 18:02 ` Sergey Matveev @ 2021-08-04 2:46 ` John Goerzen 2021-08-04 12:51 ` Sergey Matveev 0 siblings, 1 reply; 12+ messages in thread From: John Goerzen @ 2021-08-04 2:46 UTC (permalink / raw) To: Sergey Matveev; +Cc: nncp-devel On Tue, Aug 03 2021, Sergey Matveev wrote: > Greetings! Good evening / morning! Thank you for your very thoughtful response. I understand where you are coming from a lot better (and I had misunderstood what kind of authentication you meant previously). I think we are in pretty close agreement technically, but differ tactically. That's fine. I'll reply to a few bits here, but I did read the whole thing! >>As for "why bother", I think we can recognize that TLS with >>Let's Encrypt >>does provide some measure of improvement, even if imperfect. > > If it brings an *illusion* of security, than it hurts much more > than > gives any positive things. When you clearly understand the > insecurity of Agreed. > Channel is encrypted -- good. But if you do not know precisely > to whom > you have got that channel -- there is not much value in the > encryption > by its own. Right, hence the WoT (or attempts at it) in various flavors. > If somebody thinks that "TLS is good and secure" and he throws > some > software off because he does not see "TLS", but some strange > unseen > before "Noise"... well, I am honestly not sad about the fact > that most > people have not enough education to make security evaluations. > That > people just do not deserve security (some kind of). And here I would say: let's start by meeting people where they're at and educating them. It's the only way we'll be able to spread. > (TOFU), web-of-trust and all that kind of technologies. Gemini > protocol > forces TLS usage, but exclusively with TOFU and no PKI involved > (however > it is not forbidden). There was discussion why Debian does not > use TLS Interesting. I have been meaning to get involved with Gemini for quite some time. > Speaking of NNCP: the most crucial thing to authenticate is its > tarballs, that are OpenPGP-signed. If you want encryption: > replace Absolutely agreed, and I did point this out to the correspondent in the conversation I linked. I also pointed out to them that the entire website content is in the release tarballs. > Authentication is very serious question, because it easily > creates > devastating illusion of security, where you can not make > objective risks > evaluations. Encryption is easy, but authentication, I mean > trust -- is > very hard to get. Agreed. > >>- Operate a mirror of www.nncpgo.org that does support TLS (that >>would be >>pretty easy, probably, since it's just built out of the source >>tree) > > www.nncpgo.org already (since the beginning?) supports TLS. That > is I misspoke; I should have said "TLS with a cert that validates on most browsers". > authenticated by my OpenPGP key (that signed > http://ca.cypherpunks.ru) > for which you can find various ways of trusting it. Another TLS > site > with US/NATO controlled entity definitely won't be more secure. I just wanted to say something here... There are also a lot of Americans and Europeans that have negative stereotypes of the security of Russian software. I won't repeat them here because I don't like stereotypes. Fundamentally every government is flawed. There is a whole off-topic conversation one could have about the different ways they are and which are more than others, but I think the bottom line is there's no perfect government on earth. I live in the USA and I am plenty involved in activism to make things better here. Europe is currently discussing expanded domestic surveillance laws. We have to be vigilant everywhere. But what governments do is not the same as what people do. I have been a supporter of EFF for a very long time (decades). They are the good guys here. They fought to make strong encryption legal in the USA back when that was a murky area, have fought against surveillance, have fought to protect people's privacy, encryption, and so forth in a whole host of areas for a very long time. They are one of the champions behind Let's Encrypt. Again, I'm not saying that Let's Encrypt is perfect, but mere presence in the US doesn't constitute technical control by the US government. EFF is not a friend of the government - heck, John Gilmore was one of the founders and has repeatedly sued the US government - and it isn't logical to assume that EFF/ISRG is compromised on the basis of its location in the US. In fact, a source of some strength (and also, it must be said, some problems, since it is more difficult to regulate) is the high degree of protection US entities have from government interference. >>I really want to make sure barriers to entry are low of people >>to get >>involved! > > Then people somehow should spread the education, spread the base > cryptography-related knowledge. Everything is doomed from > cryptography > security point of view, when nearly everyone trusts > Telegram/WhatsApp > and closed proprietary surveillance operating system like > Microsoft > Windows and Apple macOS. I tend to talk about that and spread > the Oh I am in absolute agreement there. I've written recently, eg, https://changelog.complete.org/archives/10205-roundup-of-secure-messengers-with-off-the-grid-capabilities-distributed-mesh-messengers and https://changelog.complete.org/archives/10231-recovering-our-lost-free-will-online-tools-and-techniques-that-are-available-now (which highlights NNCP several times). > knowledge, for years participating in various conferences: > http://www.stargrave.org/Talks.html Illiteracy is the main > problem. I've seen that page, and several look very interesting, but unfortunately aren't in a language I understand. So I touched on some of these issues at https://changelog.complete.org/archives/10216-the-hidden-drawbacks-of-p2p-and-a-defense-of-signal where I pointed out that "Signal brings encryption and privacy to meet people where they’re at". I think that's really important - Signal's not perfect, but it provides benefits over something controlled by Facebook. > Most people (actually their > Google/Apple/Mozilla/Microsoft-driven > web-browsers) will anyway complain about insecurity even when > downloading OpenPGP signed tarball from .onion over the > yggdrasil, with > a bit of IPsec between home router and computer itself. But they > keep Hah! And Ouch. So fundamentally, I want to send a message that "you can trust NNCP". The reality of meeting people where we are is that people are getting a browser warning from nncpgo.org. I specifically put a non-https link in the message that was replied to, and browsers are "upgrading" to https opportunistically, then warning (and even warning on plain http sometimes). Would you object if I set up something like nncp.mirrors.quux.org or some such, with a TLS cert? I'm not sure if that's a good plan or not, yet, or really how big a deal this is (I don't want one conversation to color it too much), but I think it is a perception issue related to getting people in the door. - John ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Website TLS certificates 2021-08-04 2:46 ` John Goerzen @ 2021-08-04 12:51 ` Sergey Matveev 2021-08-04 18:54 ` Jonathan Lane 0 siblings, 1 reply; 12+ messages in thread From: Sergey Matveev @ 2021-08-04 12:51 UTC (permalink / raw) To: nncp-devel [-- Attachment #1: Type: text/plain, Size: 10678 bytes --] Greetings! *** John Goerzen [2021-08-03 21:46]: >And here I would say: let's start by meeting people where they're at and >educating them. It's the only way we'll be able to spread. And that is the chicken and egg problem :-). For example I am not on any popular social networks, I forbid using JavaScript in the browser, proprietary formats and so on, so on and on. Can cypherpunk, as an example, be on Facebook with his iPhone? I think not. But I agreed that often it is the only way to reach the people. Personally I won't go on compromise and let myself allow anti-cypherpunks technologies usage. For example I respect Stallman, who just stops the record and go away, if noone will guarantee him that it will be available under free formats. I am rather stubborn principal person and it is easier for me to bury some of my wishes (like spreading the knowledge of cryptography basics), than to reconcile myself with something unallowable (from my point of view), because I definitely won't respect myself from that point. I would quit the job if one will pressure me using Microsoft Word document formats. I had some troubles in the institute (but solved them!), forbidding to use any kind of proprietary software. I know that now there is no way to chat (and make relationships) with the girls, because of their closed proprietary vendor-locked-in smartphone ecosystems, they only used to use :-). Life is harder because of that, but my principles, the fact that I truly tend to follow the ideas I really believe, are more important for me. >Interesting. I have been meaning to get involved with Gemini for quite some >time. I just read about it, but actually because of *forced* TLS usage I do not like that project. It just forces me to do something very inefficient and lame when I use IPsec, isolated LAN, localhost. Why do not they use Noise, that is much much more simpler even than TLS 1.3 (very simplified version, comparing to TLS 1.2)? I understand that it is because of TLS-libraries availability, but the same reason can be applied to HTTP/WWW -- they are already existing too. Basically Gemini even answers that in the FAQ: when you see "gemini://" you expect to see no advertisements and similar junk. But who forbids including them in Gemini pages, in Gopher pages? The fact that people who run Gemini are not interested in that? That is not an acceptable answer and reason for me. But that is completely different story :-). Gopher is no way worse than Gemini in my opinion, except the only fact, that its RFC does not explicitly allow sending of UTF-8. >[...] >But what governments do is not the same as what people do. I have been a >supporter of EFF for a very long time (decades). They are the good guys >here. Completely agreed with everything said above. I also supported (with money) EFF and very respect many people behind that organization. But... EFF changed drastically over time. Possibly I changed much especially for the last decade :-). But then EFAIL issue appeared (https://efail.de/) EFF massively spread information that the whole OpenPGP ecosystem is so bad, that it should not be used at all, better to use Signal. https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilities-require-you-take-action-now (this is slightly updated article, mentions patches and fixes) OpenPGP is far from being ideal, perfect, having good (simple!) design, but it is still the only way to use strong serious cryptography on most systems (GnuPG was often installed out-of-box in most GNU/Linux distributions)! And EFF calls to abandon it. With the "Signal" suggestion as a replacement. "Signal" without any doubts is the best tool among WhatsApp/Telegram/Viber/do-not-know-what-people-also-use, but it still uses cellphone binding, that is *completely* unacceptable for me and it is the reason I can not frankly recommend it (I do not say "I do not recommend it", I just do not say about it at all). EFF cypherpunks values has changed? They think that every person has the cellphone? That it is acceptable to think that everybody definitely has it? I can not agree with that. Moreover, how can they tell about WhatsApp usage? https://ssd.eff.org/module-categories/tool-guides Seriously? No, this is not the same organization I supported before. We have very different values and acceptable criteria. Possibly that I am just radically changed over the years. Several years before I run 100Mbps Tor exit node. That was DoSed many times from China. I had several conversations with our police forces, including international complaints about actions from my node. But I believed that anyway I did a right thing, obviously nothing harmful. Nowadays I completely against Tor, at least because of the fact, that it has centralized routers database completely driven by/from US again. And there were several memorable censorship occasions by Tor's "rulers" (operators of that database), like that one https://www.mail-archive.com/tor-relays@lists.torproject.org/msg11947.html That slightly fears myself, but I really in solidarity with that thoughts: https://withblue.ink/2020/11/12/maybe-we-shouldnt-want-a-fully-decentralized-web.html Some sentences from it I became very agreed with: [...] and I am now a proponent of the idea that just because something can be built, it doesn’t mean it should be built. I have seen, and I am seeing every day, the dangers of completely unrestricted speech, and I don’t want to be the one enabling that. [...] your freedom of speech isn’t my obligation to enable you and give you a platform. I think that while the Internet has helped the world in countless of ways, it has also brought out the worst in people. And Tor, being centralizingly controlled from US, for me is actually the communication channel for supporting opposition and destabilizing forces in many countries, including my one. I really feel the great responsibility for the things I run/do/create/support. When I support Tor, I support valuable people, valuable and important tasks, but at the same time I support a magnitude more people/forces that are literally has the target of making my life worse (oppositional forces in my country). So I do more harm by running all those Tor exit nodes. Moxie Marlinspike told that "ecosystem is moving": https://www.youtube.com/watch?v=Nj3YFprqAr8 Great talk! But I can not accept the fact that it is better to have those "smart" devices with centralized auto-updating servers. It is better to use Signal that completely plaintext SMTP messages, agreed. But it is not the aim we (I) trying to reach. For me it is like saying that "a brick is better for hammering the nail, than you bare hand": no doubts, but I think that we should not think about using a brick at all, and our first checkpoint have to be using an ordinary convenient hammer. "Signal" is a brick here. Some cool GNUnet-driven ecosystem (for esample) is a hammer we should wish for. >I'm not saying that Let's Encrypt is perfect, but mere presence in the US >doesn't constitute technical control by the US government. Agreed. But the fact that for years all major big software companies like Apple/Google/Microsoft removed every gratis CA, and then *suddenly* there appeared Let's Encrypt (virtually from nowhere) that is heavily supported by all major vendors. Who would have the most benefit, profit and interest in single CA responsible for >70% of all websites? Intelligence agencies without any doubts. Of course currently there is no evidence that Let's Encrypt is compromised and is under direct control of any of those agencies, but I really honestly can not believe that that kind of huge CA is located under US jurisdiction and completely independent and not compromised (from cryptographic point of view). All US special forces history shows us that NSA/whatever can even repack boxes with Cisco hardware, implanting hardware backdoors, than to bury their wish of surveillance. No offence or disrespect to anybody I have mentioned! Surveillance, intelligence, espionage is *the* job of that kind of forces, it is what they are intended to do, they are essential for security, defence and stability in the country (at least). And they try to do their best. And Let's Encrypt, people behind it, its founders -- I hope are honest people trying to do their best too. But I just can never believe that any expected natural will of special forces, when there is question of national security, can be prevented/denied by "ordinary" company under their jurisdiction. Possibly that could happen in Netherlands, Sweden, but unbelievable it could be possible in countries like China, Russia, US. >I've written recently, eg Yeah, I am subscribed to your blog :-) >aren't in a language I understand. So do I. (kidding :-)) >So I touched on some of these issues at https://changelog.complete.org/archives/10216-the-hidden-drawbacks-of-p2p-and-a-defense-of-signal >where I pointed out that "Signal brings encryption and privacy to meet >people where they’re at". I think that's really important - Signal's not >perfect, but it provides benefits over something controlled by Facebook. Agree with that points. But possibly I just want too much at once: want only either to jump or to stand without moving, throwing away the possibility to make at least some small step in the right direction. >I specifically put a non-https link in the message So do I, not forcing HTTPS, but allowing users to make their own decision. >and browsers are "upgrading" to https opportunistically And I would say that before that behaviour, when using HTTP, when visiting russian website from russian city -- no traffic went to US/NATO. And since force HTTPS, with Let's Encrypt, and with all of that forced DNS-over-TLS/HTTPS, much traffic with at least metadata goes to foreign countries now. Of course this is some kind of conspiracy theory, but technically with all that HTTPS, DoH, DoT -- much metadata is leaked "outside" :-) >Would you object if I set up something like nncp.mirrors.quux.org or some >such, with a TLS cert? I'm not sure if that's a good plan or not, yet, or >really how big a deal this is I have nothing against. I can add a link to your mirror of course. Can enable WebDAV or rsync to simplify mirroring, if you do not want to rebuild documentation from sources. -- Sergey Matveev (http://www.stargrave.org/) OpenPGP: CF60 E89A 5923 1E76 E263 6422 AE1A 8109 E498 57EF [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 833 bytes --] ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Website TLS certificates 2021-08-04 12:51 ` Sergey Matveev @ 2021-08-04 18:54 ` Jonathan Lane 2021-08-04 19:24 ` Sergey Matveev 2021-08-04 20:16 ` Sergey Matveev 0 siblings, 2 replies; 12+ messages in thread From: Jonathan Lane @ 2021-08-04 18:54 UTC (permalink / raw) To: nncp-devel On Wed, Aug 04, 2021 at 03:51:13PM +0300, Sergey Matveev wrote: > I just read about it, but actually because of *forced* TLS usage I do > not like that project. It just forces me to do something very > inefficient and lame when I use IPsec, isolated LAN, localhost. Why do > not they use Noise, that is much much more simpler even than TLS 1.3 > (very simplified version, comparing to TLS 1.2)? I understand that it is > because of TLS-libraries availability, but the same reason can be > applied to HTTP/WWW -- they are already existing too. Basically Gemini > even answers that in the FAQ: when you see "gemini://" you expect to see > no advertisements and similar junk. But who forbids including them in > Gemini pages, in Gopher pages? The fact that people who run Gemini are > not interested in that? No, the fact that Gemini and Gopher are single-request-per-page protocols. Dynamic hotloaded web style ads are fundamentally impossible. The worst you could get on Gemini is first-party sponsored content. > >[...] > >But what governments do is not the same as what people do. I have been a > >supporter of EFF for a very long time (decades). They are the good guys > >here. > > Completely agreed with everything said above. I also supported (with > money) EFF and very respect many people behind that organization. But... > EFF changed drastically over time. Possibly I changed much especially > for the last decade :-). But then EFAIL issue appeared (https://efail.de/) > EFF massively spread information that the whole OpenPGP ecosystem is so > bad, that it should not be used at all, better to use Signal. > https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilities-require-you-take-action-now > (this is slightly updated article, mentions patches and fixes) > OpenPGP is far from being ideal, perfect, having good (simple!) design, > but it is still the only way to use strong serious cryptography on most > systems (GnuPG was often installed out-of-box in most GNU/Linux > distributions)! And EFF calls to abandon it. With the "Signal" > suggestion as a replacement. "Signal" without any doubts is the best > tool among WhatsApp/Telegram/Viber/do-not-know-what-people-also-use, but > it still uses cellphone binding, that is *completely* unacceptable for > me and it is the reason I can not frankly recommend it (I do not say "I > do not recommend it", I just do not say about it at all). EFF > cypherpunks values has changed? They think that every person has the > cellphone? That it is acceptable to think that everybody definitely has > it? I can not agree with that. Moreover, how can they tell about > WhatsApp usage? https://ssd.eff.org/module-categories/tool-guides > Seriously? No, this is not the same organization I supported before. We > have very different values and acceptable criteria. Everyone DOES have a smartphone in the US, statistically speaking. Many people have a smartphone but not a PC. That's why the recommendations changed. Even in places like Japan, China, India, and Brazil, so many people have smartphones that businesses set up "storefronts" inside popular app platforms: LINE, WeChat, and Whatsapp respectively. Asking people to not use smartphones is unrealistic at this point, so the EFF is making security recommendations with that in mind. > Some sentences from it I became very agreed with: > > [...] and I am now a proponent of the idea that just because > something can be built, it doesn’t mean it should be built. > > I have seen, and I am seeing every day, the dangers of completely > unrestricted speech, and I don’t want to be the one enabling that. > > [...] your freedom of speech isn’t my obligation to enable you and > give you a platform. Protip: 99% of the English-speaking people saying/writing this are just asshurt that the political right wing finally figured out how to use FOSS, cryptography, etc. They're trying to return to a Soviet-style world where only the political left has any kind of infosec capability. > >I'm not saying that Let's Encrypt is perfect, but mere presence in the US > >doesn't constitute technical control by the US government. > > Agreed. But the fact that for years all major big software companies > like Apple/Google/Microsoft removed every gratis CA, and then *suddenly* > there appeared Let's Encrypt (virtually from nowhere) that is heavily > supported by all major vendors. Who would have the most benefit, profit > and interest in single CA responsible for >70% of all websites? > Intelligence agencies without any doubts. Of course currently there is > no evidence that Let's Encrypt is compromised and is under direct > control of any of those agencies, but I really honestly can not believe > that that kind of huge CA is located under US jurisdiction and > completely independent and not compromised (from cryptographic point of > view). All US special forces history shows us that NSA/whatever can even > repack boxes with Cisco hardware, implanting hardware backdoors, than to > bury their wish of surveillance. No offence or disrespect to anybody I > have mentioned! Surveillance, intelligence, espionage is *the* job of > that kind of forces, it is what they are intended to do, they are > essential for security, defence and stability in the country (at least). > And they try to do their best. And Let's Encrypt, people behind it, its > founders -- I hope are honest people trying to do their best too. But I > just can never believe that any expected natural will of special forces, > when there is question of national security, can be prevented/denied by > "ordinary" company under their jurisdiction. Possibly that could happen > in Netherlands, Sweden, but unbelievable it could be possible in > countries like China, Russia, US. I disgree with your modeling of the threat environment. If a government agency is going to interfere with a TLS CA like Let's Encrypt, the threat posed by that is that they can silently MITM a website like NNCPGo.org. They can do that right now anyways due to plaintext HTTP. Either the tarball signature matches, or it doesn't, and website HTTPS doesn't change that. What it does change, as John mentioned, is reputation. I passed up on using NNCP for over a year until I saw it mentioned on his blog specifically because it looked like a classic malware profile from an American perspective: unknown software from Russia delivered without a certificate or with an untrusted one. If your goal is to spread adoption, there needs to be some HTTPS mirror, whether hosted by you or someone else. > Agree with that points. But possibly I just want too much at once: want > only either to jump or to stand without moving, throwing away the > possibility to make at least some small step in the right direction. Yeah, that's too much. Chat platforms are ruled by Metcalfe's Law. If it's too hard for people to bring their non-technical friends along they won't bother, because their conversations with those friends will still be on the insecure platform. Signal is easy for those non-technical people to use. Matrix with forced e2e OLM based crypto might be another good option some day once the clients and servers mature a bit. -- tidux@sdf•org SDF Public Access UNIX System - http://sdf.org ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Website TLS certificates 2021-08-04 18:54 ` Jonathan Lane @ 2021-08-04 19:24 ` Sergey Matveev 2021-08-04 20:16 ` Sergey Matveev 1 sibling, 0 replies; 12+ messages in thread From: Sergey Matveev @ 2021-08-04 19:24 UTC (permalink / raw) To: nncp-devel [-- Attachment #1: Type: text/plain, Size: 4626 bytes --] *** Jonathan Lane [2021-08-04 18:54]: >No, the fact that Gemini and Gopher are single-request-per-page >protocols. Dynamic hotloaded web style ads are fundamentally impossible. >The worst you could get on Gemini is first-party sponsored content. Ability to fetch multiple documents at once does not force anyone to do it, especially for doing it for advertisement and similar junk. Everything is in hands of the authors. If author decides to show advertisement, then he can make it anyway, even in Gemini, even in Gopher. >Everyone DOES have a smartphone in the US, statistically speaking. That is very sad. So EFF and people seek ways how to live "securely" with "personal surveillance devices, aimed to run various non-free software automatically downloaded from some servers over the network". For me this is completely ridiculous task, obviously. Seems that is why I completely ignorant now to EFF, trying to help that kind of people. >Protip: 99% of the English-speaking people saying/writing this are just >asshurt that the political right wing finally figured out how to use >FOSS, cryptography, etc. They're trying to return to a Soviet-style >world where only the political left has any kind of infosec capability. I do not remember what left/right wings means (I just know that there is that kind of separation), but if all of that means that author's article is about Soviet-style, then nothing strange that I came up to this too, being born in USSR, being citizen of Russia, supporting software and tripping to Iran, Syria, working in one of federal security companies :-) >agency is going to interfere with a TLS CA like Let's Encrypt, the >threat posed by that is that they can silently MITM a website like >NNCPGo.org. Exactly. >They can do that right now anyways due to plaintext HTTP. Also true. >Either the tarball signature matches, or it doesn't, and website HTTPS >doesn't change that Indeed. >What it does change, as John mentioned, is >reputation. I passed up on using NNCP for over a year until I saw it >mentioned on his blog specifically because it looked like a classic >malware profile from an American perspective: unknown software from >Russia delivered without a certificate or with an untrusted one. If >your goal is to spread adoption, there needs to be some HTTPS mirror, >whether hosted by you or someone else. If the world where everyone DOES have the smartphone requires you to use some US/NATO (because major software vendors, currently located in US/NATO, forbids anyone else, who is gratis -- we all know that everything is about business, not security) service, then no, thank you -- I really do not want to gain that kind of reputation. If people evaluate software by looking at who is signed its website... well, let they go their own way. If people are really in need of funny pictures with very loud words about security, then Telegram is their choice. And I see that exactly that kind of thing is happening. I have never wanted and tried to compete with the professional sales and marketing managers (this is just silly). >it's too hard for people to bring their non-technical friends along they >won't bother, because their conversations with those friends will still >be on the insecure platform. Agreed. But that also means that actually none of this people want security/privacy at all. They just do not want to "pay" (possibly by some inconvenience) anything for that. So why bother trying to secure them? Not the target audience. >Signal is easy for those non-technical people to use. But hardly anyone will see his friends moving from WhatsApp to Signal. Either user uses only the single WhatsApp, or he uses two applications, for two groups of people. All new contacts will anyway appear in WhatsApp (Telegram, whatever). Or am I wrong, as with thinking that there people without smartphones in the Western world? >Matrix with forced e2e OLM based crypto might be another >good option some day once the clients and servers mature a bit. I could believe that people can move all their contacts to Signal, but would never believe that federated (or distributed, whatever) service can compete with quality of service of centralized services, which can even afford lending of communication links for lower delays and anycasted distributed hops. If people are already wearing and using portable surveillance devices, then everything is already doomed. -- Sergey Matveev (http://www.stargrave.org/) OpenPGP: CF60 E89A 5923 1E76 E263 6422 AE1A 8109 E498 57EF [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 833 bytes --] ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Website TLS certificates 2021-08-04 18:54 ` Jonathan Lane 2021-08-04 19:24 ` Sergey Matveev @ 2021-08-04 20:16 ` Sergey Matveev 1 sibling, 0 replies; 12+ messages in thread From: Sergey Matveev @ 2021-08-04 20:16 UTC (permalink / raw) To: nncp-devel [-- Attachment #1: Type: text/plain, Size: 1088 bytes --] *** Jonathan Lane [2021-08-04 18:54]: >I disgree with your modeling of the threat environment. If a government >agency is going to interfere with a TLS CA like Let's Encrypt, the >threat posed by that is that they can silently MITM a website like >NNCPGo.org. They can do that right now anyways due to plaintext HTTP. Forget to note that by using Let's Encrypt I explicitly allow only (hopefully!) US/NATO to MitM the traffic. And the main question for me: why would I want to do that? Why US? Why not China or my native country special forces? So the choice is: either I allow only US to MitM my website, or allow everyone to do so. This is easy choice for me. Actually I am allowing to do more comfortable certificate pinning, because of 1-year certificates, and authenticating with my OpenPGP-signed trust anchor. Also all certificate hashes are kept inside CAA DNS records on the DNSCurve servers, which public keys are also signed with my OpenPGP one. -- Sergey Matveev (http://www.stargrave.org/) OpenPGP: CF60 E89A 5923 1E76 E263 6422 AE1A 8109 E498 57EF [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 833 bytes --] ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Website TLS certificates 2021-07-21 19:32 ` Website TLS certificates Sergey Matveev 2021-08-03 15:58 ` John Goerzen @ 2021-09-02 8:59 ` Sergey Matveev 1 sibling, 0 replies; 12+ messages in thread From: Sergey Matveev @ 2021-09-02 8:59 UTC (permalink / raw) To: nncp-devel [-- Attachment #1: Type: text/plain, Size: 984 bytes --] Greetings, again! Yet another problem with Let's Encrypt is that they (have to) obey laws about prohibiting sanctioned countries (Iran, Sudan, North Korea, Syria, at least, uncertainty with Cuba, difficulties with Crimea region). For example Github not long ago blocked russian developer, because he visited Crimea -- rather loud event among our developers. Visiting Iran also lead to your block there. I worked with some Syrian government agency, often travel to Crimea, visit Iran: so it would be question of time when Let's Encrypt will prohibit its usage for people like me. Russia will likely appear in that countries list too. https://community.letsencrypt.org/t/certificates-for-us-sanctioned-countries/1223 https://community.letsencrypt.org/t/issuance-criteria-for-ir-domains/81812 https://community.letsencrypt.org/t/lets-encrypt-and-u-s-laws/3251 -- Sergey Matveev (http://www.stargrave.org/) OpenPGP: CF60 E89A 5923 1E76 E263 6422 AE1A 8109 E498 57EF [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 833 bytes --] ^ permalink raw reply [flat|nested] 12+ messages in thread
end of thread, other threads:[~2021-09-02 9:06 UTC | newest] Thread overview: 12+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2021-07-19 16:57 [EN] NNCP 7.4.0 release announcement Sergey Matveev 2021-07-21 18:47 ` Jonathan Lane 2021-07-21 19:13 ` John Goerzen 2021-07-21 19:32 ` Website TLS certificates Sergey Matveev 2021-08-03 15:58 ` John Goerzen 2021-08-03 18:02 ` Sergey Matveev 2021-08-04 2:46 ` John Goerzen 2021-08-04 12:51 ` Sergey Matveev 2021-08-04 18:54 ` Jonathan Lane 2021-08-04 19:24 ` Sergey Matveev 2021-08-04 20:16 ` Sergey Matveev 2021-09-02 8:59 ` Sergey Matveev