public inbox for nncp-devel@lists.cypherpunks.ru
Atom feed
* [EN] NNCP 7.4.0 release announcement
@ 2021-07-19 16:57 Sergey Matveev
2021-07-21 18:47 ` Jonathan Lane
0 siblings, 1 reply; 12+ messages in thread
From: Sergey Matveev @ 2021-07-19 16:57 UTC (permalink / raw)
To: nncp-devel
[-- Attachment #1: Type: text/plain, Size: 1894 bytes --]
I am pleased to announce NNCP 7.4.0 release availability!
NNCP (Node to Node copy) is a collection of utilities simplifying
secure store-and-forward files and mail exchanging.
This utilities are intended to help build up small size (dozens of
nodes) ad-hoc friend-to-friend (F2F) statically routed darknet
delay-tolerant networks for fire-and-forget secure reliable files, file
requests, Internet mail and commands transmission. All packets are
integrity checked, end-to-end encrypted (E2EE), explicitly authenticated
by known participants public keys. Onion encryption is applied to
relayed packets. Each node acts both as a client and server, can use
push and poll behaviour model. Also there is multicasting areas support.
Out-of-box offline sneakernet/floppynet, dead drops, sequential and
append-only CD-ROM/tape storages, air-gapped computers support. But
online TCP daemon with full-duplex resumable data transmission exists.
------------------------ >8 ------------------------
The main improvements for that release are:
* Fixed simultaneous "nncp-daemon" and "nncp-caller" MCD work.
------------------------ >8 ------------------------
NNCP's home page is: http://www.nncpgo.org/
Source code and its signature for that version can be found here:
http://www.nncpgo.org/download/nncp-7.4.0.tar.xz (1153 KiB)
http://www.nncpgo.org/download/nncp-7.4.0.tar.xz.sig
SHA256 hash: F7499FBF B0658054 F2732722 D54FE31E A0F105FD 9970B5BB 6413A9CC 065CB0EB
GPG key ID: 0x2B25868E75A1A953 NNCP releases <releases@nncpgo•org>
Fingerprint: 92C2 F0AE FE73 208E 46BF F3DE 2B25 868E 75A1 A953
Please send questions regarding the use of NNCP, bug reports and patches
to mailing list: http://lists.cypherpunks.ru/nncp_002ddevel.html
--
Sergey Matveev (http://www.stargrave.org/)
OpenPGP: CF60 E89A 5923 1E76 E263 6422 AE1A 8109 E498 57EF
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [EN] NNCP 7.4.0 release announcement
2021-07-19 16:57 [EN] NNCP 7.4.0 release announcement Sergey Matveev
@ 2021-07-21 18:47 ` Jonathan Lane
2021-07-21 19:13 ` John Goerzen
2021-07-21 19:32 ` Website TLS certificates Sergey Matveev
0 siblings, 2 replies; 12+ messages in thread
From: Jonathan Lane @ 2021-07-21 18:47 UTC (permalink / raw)
To: nncp-devel
On Mon, Jul 19, 2021 at 07:57:18PM +0300, Sergey Matveev wrote:
> NNCP's home page is: http://www.nncpgo.org/
>
> Source code and its signature for that version can be found here:
>
> http://www.nncpgo.org/download/nncp-7.4.0.tar.xz (1153 KiB)
> http://www.nncpgo.org/download/nncp-7.4.0.tar.xz.sig
Is there a plan to get proper SSL certificates for the website? I can't
access them from either w3m or Firefox on my machine because of trust
issues.
--
tidux@sdf•org
SDF Public Access UNIX System - http://sdf.org
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [EN] NNCP 7.4.0 release announcement
2021-07-21 18:47 ` Jonathan Lane
@ 2021-07-21 19:13 ` John Goerzen
2021-07-21 19:32 ` Website TLS certificates Sergey Matveev
1 sibling, 0 replies; 12+ messages in thread
From: John Goerzen @ 2021-07-21 19:13 UTC (permalink / raw)
To: Jonathan Lane; +Cc: nncp-devel
On Wed, Jul 21 2021, Jonathan Lane wrote:
> On Mon, Jul 19, 2021 at 07:57:18PM +0300, Sergey Matveev wrote:
>> NNCP's home page is: http://www.nncpgo.org/
>>
>> Source code and its signature for that version can be found
>> here:
>>
>> http://www.nncpgo.org/download/nncp-7.4.0.tar.xz (1153 KiB)
>> http://www.nncpgo.org/download/nncp-7.4.0.tar.xz.sig
> Is there a plan to get proper SSL certificates for the website?
> I can't
> access them from either w3m or Firefox on my machine because of
> trust
> issues.
[ I'm not Sergey... ] I've noticed the https versions have
issues, but the links above are plain HTTP ones and work fine for
me in Firefox, elinks, etc.
- John
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Website TLS certificates
2021-07-21 18:47 ` Jonathan Lane
2021-07-21 19:13 ` John Goerzen
@ 2021-07-21 19:32 ` Sergey Matveev
2021-08-03 15:58 ` John Goerzen
2021-09-02 8:59 ` Sergey Matveev
1 sibling, 2 replies; 12+ messages in thread
From: Sergey Matveev @ 2021-07-21 19:32 UTC (permalink / raw)
To: nncp-devel
[-- Attachment #1: Type: text/plain, Size: 2052 bytes --]
Greetings!
*** Jonathan Lane [2021-07-21 18:47]:
>Is there a plan to get proper SSL certificates for the website? I can't
>access them from either w3m or Firefox on my machine because of trust
>issues.
I do not know any free CAs that are both can by trusted by me and major
OS/browser vendors. And definitely won't play in those business (not
security) games. Major OS/browser vendors, being US-based, were forced
to reject/remove all free CAs that are not under USA/NATO control to
create their own one (Let's Encrypt) under "proper" jurisdiction. Great
and very clever move indeed, because now the most part of the Web is
authenticated by single centralized USA/NATO-control entity.
Previously I used well-known CACert.org, but because of COVID they were
not able to access their datacenter to restore the interrupted
workability, so I was forced to choose another CA. Even with CACert.org
people were unsatisfied, because only minor OSes provide its certificate
out of box.
So what is the choice?
* Do not use TLS -- but certificate pinning could be done and it could
be useful for security
* Do not use X.509 at all, but TLS relies on it.
* Paid ones -- no way. They are not about security, but business.
* Let's Encrypt -- clearly it can be used for authentication forging.
So why bother? Encryption could be done anyway.
* Other CAs, like CACert.org -- majority of users will be still
unsatisfied and CACert.org was down for a very long time.
* Self-signed certificate? Unlike Let's Encrypt with its very short
lived certificates, that practically forbids (harms very much)
certificate pinning usage, long-lived self-signed ones are much more
convenient with TOFU+pinning usage.
* Issued by own CA? The same as self-signed, but just single convenient
trust anchor for my various resources. My ca.cypherpunks.ru is also
signed with my PGP key, having some Web-of-Trust paths.
--
Sergey Matveev (http://www.stargrave.org/)
OpenPGP: CF60 E89A 5923 1E76 E263 6422 AE1A 8109 E498 57EF
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Website TLS certificates
2021-07-21 19:32 ` Website TLS certificates Sergey Matveev
@ 2021-08-03 15:58 ` John Goerzen
2021-08-03 18:02 ` Sergey Matveev
2021-09-02 8:59 ` Sergey Matveev
1 sibling, 1 reply; 12+ messages in thread
From: John Goerzen @ 2021-08-03 15:58 UTC (permalink / raw)
To: Sergey Matveev; +Cc: nncp-devel
On Wed, Jul 21 2021, Sergey Matveev wrote:
> *** Jonathan Lane [2021-07-21 18:47]:
>>Is there a plan to get proper SSL certificates for the website?
>>I can't
>>access them from either w3m or Firefox on my machine because of
>>trust
>>issues.
>
> I do not know any free CAs that are both can by trusted by me
> and major
> OS/browser vendors. And definitely won't play in those business
> (not
> security) games. Major OS/browser vendors, being US-based, were
> forced
> to reject/remove all free CAs that are not under USA/NATO
> control to
> create their own one (Let's Encrypt) under "proper"
> jurisdiction. Great
> and very clever move indeed, because now the most part of the
> Web is
> authenticated by single centralized USA/NATO-control entity.
Hi Sergey,
So just today I had an exchange here, with a person wondering why
the TLS for a thing that's all about encryption is broken. You
can find it here:
https://floss.social/web/statuses/106691934299110939
The person I was corresponding with wrote, "With the cost of TLS
certs being free, why would your group not encrypt? Your group is
all about encryption!" This was AFTER I sent him a link to your
post in the NNCP archives.
> * Paid ones -- no way. They are not about security, but
> business.
> * Let's Encrypt -- clearly it can be used for authentication
> forging.
> So why bother? Encryption could be done anyway.
I'm not familiar with this problem with Let's Encrypt (and would
be happy to learn more).
I have been using it for some years now with good success.
As for "why bother", I think we can recognize that TLS with Let's
Encrypt does provide some measure of improvement, even if
imperfect.
But the more important reason is: if we're looking to build
something that attracts security-conscious people, it's big
perception problem when it LOOKS like "the project can't even
configure TLS for their website correctly". It leads to a lack of
trust from people that could really benefit from NNCP.
To be honest, when I was first looking into NNCP, that put me off
as well. I eventually got past that, obviously, but not everyone
may.
How can I help?
If you don't want to run Let's Encrypt yourself, perhaps I could:
- Operate a mirror of www.nncpgo.org that does support TLS (that
would be pretty easy, probably, since it's just built out of the
source tree)
- Work with others to raise funds cover the cost of a TLS cert
from a vendor you trust (especially if it's not too expensive)
I really want to make sure barriers to entry are low of people to
get involved!
- John
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Website TLS certificates
2021-08-03 15:58 ` John Goerzen
@ 2021-08-03 18:02 ` Sergey Matveev
2021-08-04 2:46 ` John Goerzen
0 siblings, 1 reply; 12+ messages in thread
From: Sergey Matveev @ 2021-08-03 18:02 UTC (permalink / raw)
To: nncp-devel
[-- Attachment #1: Type: text/plain, Size: 8690 bytes --]
Greetings!
*** John Goerzen [2021-08-03 10:58]:
>The person I was corresponding with wrote, "With the cost of TLS certs being
>free, why would your group not encrypt? Your group is all about
>encryption!"
I completely agree that there is no reason not to encrypt (everything).
But my concerns are all about authentication.
>As for "why bother", I think we can recognize that TLS with Let's Encrypt
>does provide some measure of improvement, even if imperfect.
If it brings an *illusion* of security, than it hurts much more than
gives any positive things. When you clearly understand the insecurity of
the channel, then you make proper good risks evaluation. When you are
told that you have got secure channel, but actually it is likely to be
impersonated with trusted man-in-the-middle (untrusted Let's Encrypt CA),
then hardly you can evaluate your risks.
Channel is encrypted -- good. But if you do not know precisely to whom
you have got that channel -- there is not much value in the encryption
by its own.
I remind that all websites like www.nncpgo.org, www.cypherpunks.ru and
dozens of others -- have TLS. If you want encryption, just point your
software to use HTTPS protocol. If you want authentication, then we have
to find the common gratis trust anchor. Currently there is no such, even
CACert.org, that I trust much more, is included only in minor (by
popularity) distributions.
>But the more important reason is: if we're looking to build something that
>attracts security-conscious people, it's big perception problem when it
>LOOKS like "the project can't even configure TLS for their website
>correctly". It leads to a lack of trust from people that could really
>benefit from NNCP.
I doubt people thinking about TLS are really security conscious. Most
people do not know difference between encryption and authentication.
Most people have never thought about trust anchors and who *they* are
really trust and who decided that *they* trust some of the company they
have never heard of before among the dozens/hundreds preinstalled on
their operating system.
If somebody thinks that "TLS is good and secure" and he throws some
software off because he does not see "TLS", but some strange unseen
before "Noise"... well, I am honestly not sad about the fact that most
people have not enough education to make security evaluations. That
people just do not deserve security (some kind of).
Let be honest: there is "world"/ecosystem spread and created by
businessmen, where WhatsApp or even Telegram are considered secure
system, like the presence of "https://" in URL field, or signature on
the executable made by Microsoft/Apple/Google. And there is world of
"real" serious cryptography security with PGP, Noise and similar kind of
things. If one is interested in "businessmen" security, then he should
hire and pay for antivirus protections, IDS systems, certified software
and so on. If one is interested in real security, then he have to
understand at least some cryptography-related basics.
I do not want to say that TLS sucks -- it could be very good system in
enterprise level scale, where I can trust my security/system
administrators. But at global scale level... our world always was the
area of struggle and battle between various nations and their influence,
so there just can not be single trust anchor everyone accepts. I am not
against TLS, but against global-scale PKI system, that is impossible to
be trusted.
I believe that TLS must not exist at all, because IPv6+IPsec with
"anonymous" (naked public keys, without certificates) must been taken
its place, being more elegant, more flexible, more transparent, more
efficient (encryption is done in kernel, long lived IKEv2 security
associations, unlike every time making TLS connection in userland with
all the time additional libraries (or wrappers)). But it is better
currently (until we finally move to IPv6, where all IPsec flexibility
and convenience can be met) to use TLS of course, than not to use any
kind of security measures. But that is completely different purely
technical question and idealistic world we move to with IPv6 :-)
Only the user himself must (should) make decisions whom he trusts. If he
trusts solely the single Microsoft/Apple/Mozilla/Google corporation: I
doubt he should use NNCP or all that kind of technologies, because they
do not make decisions for the user. Let's some company decide what he is
allowed to run, allowed to visit in the WWW. If user wants to control
his trust anchors, then he uses certificate pinning, trust-on-first-use
(TOFU), web-of-trust and all that kind of technologies. Gemini protocol
forces TLS usage, but exclusively with TOFU and no PKI involved (however
it is not forbidden). There was discussion why Debian does not use TLS
for package downloads: https://news.ycombinator.com/item?id=18958679
https://security.stackexchange.com/questions/53117/what-trusted-root-certification-authorities-should-i-trust
https://wiki.debian.org/SecureApt
Huge quantity of people think that "http://blablabla.onion" is insecure,
because of "http://". The same people think about insecurity of
http://h.blablabla, where "h." leads to Hyperboria overlay network made
upon cjdns and Yggdrasil. And even more people forget about possibility
of using all of that over IPsec, that is completely transparent for the
transport/application level. And most free software operating systems
rely solely on PGP or signify tools with trust anchors completely
unrelated to businessmen PKI world.
And do not forget that there is also politics and military forces,
working together with businessmen, where NOBUS (nobody but US) is
completely acceptable for security. That "world"/ecosystem has DNSSEC,
with central trust anchor. "Real" crypto world has DNSCurve, where you
control your trust anchor as you wish (you can pin them, you can create
the same global scale centralized PKI), where everything is encrypted
(unlike DNSSEC with its clearly visible plaintext)). But business do not
rule the real serious security. Business make mostly "good enough",
NOBUS-like security theatres.
Speaking of NNCP: the most crucial thing to authenticate is its
tarballs, that are OpenPGP-signed. If you want encryption: replace
"http://" with "https://". If you want authentication of the website,
together with tarballs, then you *have to* achieve the trust of my main
OpenPGP key, signed with dozens of people, including Richard M. Stallman,
which signs NNCP release keypair, DNSCurve public keys and
ca.cypherpunks.ru CA certificate itself: http://www.stargrave.org/Trust-anchor.html
Authentication is very serious question, because it easily creates
devastating illusion of security, where you can not make objective risks
evaluations. Encryption is easy, but authentication, I mean trust -- is
very hard to get.
>- Operate a mirror of www.nncpgo.org that does support TLS (that would be
>pretty easy, probably, since it's just built out of the source tree)
www.nncpgo.org already (since the beginning?) supports TLS. That is
authenticated by my OpenPGP key (that signed http://ca.cypherpunks.ru)
for which you can find various ways of trusting it. Another TLS site
with US/NATO controlled entity definitely won't be more secure.
>- Work with others to raise funds cover the cost of a TLS cert from a
>vendor you trust (especially if it's not too expensive)
NNCP is a thing for the world of real crypto: PGP, DNSCurve, Noise,
manual trust control. No way I will wish to pay for businessmen security
theatre.
>I really want to make sure barriers to entry are low of people to get
>involved!
Then people somehow should spread the education, spread the base
cryptography-related knowledge. Everything is doomed from cryptography
security point of view, when nearly everyone trusts Telegram/WhatsApp
and closed proprietary surveillance operating system like Microsoft
Windows and Apple macOS. I tend to talk about that and spread the
knowledge, for years participating in various conferences:
http://www.stargrave.org/Talks.html Illiteracy is the main problem.
Most people (actually their Google/Apple/Mozilla/Microsoft-driven
web-browsers) will anyway complain about insecurity even when
downloading OpenPGP signed tarball from .onion over the yggdrasil, with
a bit of IPsec between home router and computer itself. But they keep
quiet if US/NATO definitely can alter authentication of most websites.
--
Sergey Matveev (http://www.stargrave.org/)
OpenPGP: CF60 E89A 5923 1E76 E263 6422 AE1A 8109 E498 57EF
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Website TLS certificates
2021-08-03 18:02 ` Sergey Matveev
@ 2021-08-04 2:46 ` John Goerzen
2021-08-04 12:51 ` Sergey Matveev
0 siblings, 1 reply; 12+ messages in thread
From: John Goerzen @ 2021-08-04 2:46 UTC (permalink / raw)
To: Sergey Matveev; +Cc: nncp-devel
On Tue, Aug 03 2021, Sergey Matveev wrote:
> Greetings!
Good evening / morning!
Thank you for your very thoughtful response. I understand where
you are coming from a lot better (and I had misunderstood what
kind of authentication you meant previously). I think we are in
pretty close agreement technically, but differ tactically. That's
fine. I'll reply to a few bits here, but I did read the whole
thing!
>>As for "why bother", I think we can recognize that TLS with
>>Let's Encrypt
>>does provide some measure of improvement, even if imperfect.
>
> If it brings an *illusion* of security, than it hurts much more
> than
> gives any positive things. When you clearly understand the
> insecurity of
Agreed.
> Channel is encrypted -- good. But if you do not know precisely
> to whom
> you have got that channel -- there is not much value in the
> encryption
> by its own.
Right, hence the WoT (or attempts at it) in various flavors.
> If somebody thinks that "TLS is good and secure" and he throws
> some
> software off because he does not see "TLS", but some strange
> unseen
> before "Noise"... well, I am honestly not sad about the fact
> that most
> people have not enough education to make security evaluations.
> That
> people just do not deserve security (some kind of).
And here I would say: let's start by meeting people where they're
at and educating them. It's the only way we'll be able to spread.
> (TOFU), web-of-trust and all that kind of technologies. Gemini
> protocol
> forces TLS usage, but exclusively with TOFU and no PKI involved
> (however
> it is not forbidden). There was discussion why Debian does not
> use TLS
Interesting. I have been meaning to get involved with Gemini for
quite some time.
> Speaking of NNCP: the most crucial thing to authenticate is its
> tarballs, that are OpenPGP-signed. If you want encryption:
> replace
Absolutely agreed, and I did point this out to the correspondent
in the conversation I linked. I also pointed out to them that the
entire website content is in the release tarballs.
> Authentication is very serious question, because it easily
> creates
> devastating illusion of security, where you can not make
> objective risks
> evaluations. Encryption is easy, but authentication, I mean
> trust -- is
> very hard to get.
Agreed.
>
>>- Operate a mirror of www.nncpgo.org that does support TLS (that
>>would be
>>pretty easy, probably, since it's just built out of the source
>>tree)
>
> www.nncpgo.org already (since the beginning?) supports TLS. That
> is
I misspoke; I should have said "TLS with a cert that validates on
most browsers".
> authenticated by my OpenPGP key (that signed
> http://ca.cypherpunks.ru)
> for which you can find various ways of trusting it. Another TLS
> site
> with US/NATO controlled entity definitely won't be more secure.
I just wanted to say something here... There are also a lot of
Americans and Europeans that have negative stereotypes of the
security of Russian software. I won't repeat them here because I
don't like stereotypes.
Fundamentally every government is flawed. There is a whole
off-topic conversation one could have about the different ways
they are and which are more than others, but I think the bottom
line is there's no perfect government on earth. I live in the USA
and I am plenty involved in activism to make things better here.
Europe is currently discussing expanded domestic surveillance
laws. We have to be vigilant everywhere.
But what governments do is not the same as what people do. I have
been a supporter of EFF for a very long time (decades). They are
the good guys here. They fought to make strong encryption legal
in the USA back when that was a murky area, have fought against
surveillance, have fought to protect people's privacy, encryption,
and so forth in a whole host of areas for a very long time. They
are one of the champions behind Let's Encrypt. Again, I'm not
saying that Let's Encrypt is perfect, but mere presence in the US
doesn't constitute technical control by the US government. EFF is
not a friend of the government - heck, John Gilmore was one of the
founders and has repeatedly sued the US government - and it isn't
logical to assume that EFF/ISRG is compromised on the basis of its
location in the US. In fact, a source of some strength (and also,
it must be said, some problems, since it is more difficult to
regulate) is the high degree of protection US entities have from
government interference.
>>I really want to make sure barriers to entry are low of people
>>to get
>>involved!
>
> Then people somehow should spread the education, spread the base
> cryptography-related knowledge. Everything is doomed from
> cryptography
> security point of view, when nearly everyone trusts
> Telegram/WhatsApp
> and closed proprietary surveillance operating system like
> Microsoft
> Windows and Apple macOS. I tend to talk about that and spread
> the
Oh I am in absolute agreement there. I've written recently, eg,
https://changelog.complete.org/archives/10205-roundup-of-secure-messengers-with-off-the-grid-capabilities-distributed-mesh-messengers
and
https://changelog.complete.org/archives/10231-recovering-our-lost-free-will-online-tools-and-techniques-that-are-available-now
(which highlights NNCP several times).
> knowledge, for years participating in various conferences:
> http://www.stargrave.org/Talks.html Illiteracy is the main
> problem.
I've seen that page, and several look very interesting, but
unfortunately aren't in a language I understand.
So I touched on some of these issues at
https://changelog.complete.org/archives/10216-the-hidden-drawbacks-of-p2p-and-a-defense-of-signal
where I pointed out that "Signal brings encryption and privacy to
meet people where they’re at". I think that's really important -
Signal's not perfect, but it provides benefits over something
controlled by Facebook.
> Most people (actually their
> Google/Apple/Mozilla/Microsoft-driven
> web-browsers) will anyway complain about insecurity even when
> downloading OpenPGP signed tarball from .onion over the
> yggdrasil, with
> a bit of IPsec between home router and computer itself. But they
> keep
Hah! And Ouch.
So fundamentally, I want to send a message that "you can trust
NNCP". The reality of meeting people where we are is that people
are getting a browser warning from nncpgo.org. I specifically put
a non-https link in the message that was replied to, and browsers
are "upgrading" to https opportunistically, then warning (and even
warning on plain http sometimes).
Would you object if I set up something like nncp.mirrors.quux.org
or some such, with a TLS cert? I'm not sure if that's a good plan
or not, yet, or really how big a deal this is (I don't want one
conversation to color it too much), but I think it is a perception
issue related to getting people in the door.
- John
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Website TLS certificates
2021-08-04 2:46 ` John Goerzen
@ 2021-08-04 12:51 ` Sergey Matveev
2021-08-04 18:54 ` Jonathan Lane
0 siblings, 1 reply; 12+ messages in thread
From: Sergey Matveev @ 2021-08-04 12:51 UTC (permalink / raw)
To: nncp-devel
[-- Attachment #1: Type: text/plain, Size: 10678 bytes --]
Greetings!
*** John Goerzen [2021-08-03 21:46]:
>And here I would say: let's start by meeting people where they're at and
>educating them. It's the only way we'll be able to spread.
And that is the chicken and egg problem :-). For example I am not on any
popular social networks, I forbid using JavaScript in the browser,
proprietary formats and so on, so on and on. Can cypherpunk, as an
example, be on Facebook with his iPhone? I think not. But I agreed that
often it is the only way to reach the people. Personally I won't go on
compromise and let myself allow anti-cypherpunks technologies usage. For
example I respect Stallman, who just stops the record and go away, if
noone will guarantee him that it will be available under free formats. I
am rather stubborn principal person and it is easier for me to bury some
of my wishes (like spreading the knowledge of cryptography basics), than
to reconcile myself with something unallowable (from my point of view),
because I definitely won't respect myself from that point. I would quit
the job if one will pressure me using Microsoft Word document formats. I
had some troubles in the institute (but solved them!), forbidding to use
any kind of proprietary software. I know that now there is no way to
chat (and make relationships) with the girls, because of their closed
proprietary vendor-locked-in smartphone ecosystems, they only used to
use :-). Life is harder because of that, but my principles, the fact
that I truly tend to follow the ideas I really believe, are more
important for me.
>Interesting. I have been meaning to get involved with Gemini for quite some
>time.
I just read about it, but actually because of *forced* TLS usage I do
not like that project. It just forces me to do something very
inefficient and lame when I use IPsec, isolated LAN, localhost. Why do
not they use Noise, that is much much more simpler even than TLS 1.3
(very simplified version, comparing to TLS 1.2)? I understand that it is
because of TLS-libraries availability, but the same reason can be
applied to HTTP/WWW -- they are already existing too. Basically Gemini
even answers that in the FAQ: when you see "gemini://" you expect to see
no advertisements and similar junk. But who forbids including them in
Gemini pages, in Gopher pages? The fact that people who run Gemini are
not interested in that? That is not an acceptable answer and reason for me.
But that is completely different story :-). Gopher is no way worse than
Gemini in my opinion, except the only fact, that its RFC does not
explicitly allow sending of UTF-8.
>[...]
>But what governments do is not the same as what people do. I have been a
>supporter of EFF for a very long time (decades). They are the good guys
>here.
Completely agreed with everything said above. I also supported (with
money) EFF and very respect many people behind that organization. But...
EFF changed drastically over time. Possibly I changed much especially
for the last decade :-). But then EFAIL issue appeared (https://efail.de/)
EFF massively spread information that the whole OpenPGP ecosystem is so
bad, that it should not be used at all, better to use Signal.
https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilities-require-you-take-action-now
(this is slightly updated article, mentions patches and fixes)
OpenPGP is far from being ideal, perfect, having good (simple!) design,
but it is still the only way to use strong serious cryptography on most
systems (GnuPG was often installed out-of-box in most GNU/Linux
distributions)! And EFF calls to abandon it. With the "Signal"
suggestion as a replacement. "Signal" without any doubts is the best
tool among WhatsApp/Telegram/Viber/do-not-know-what-people-also-use, but
it still uses cellphone binding, that is *completely* unacceptable for
me and it is the reason I can not frankly recommend it (I do not say "I
do not recommend it", I just do not say about it at all). EFF
cypherpunks values has changed? They think that every person has the
cellphone? That it is acceptable to think that everybody definitely has
it? I can not agree with that. Moreover, how can they tell about
WhatsApp usage? https://ssd.eff.org/module-categories/tool-guides
Seriously? No, this is not the same organization I supported before. We
have very different values and acceptable criteria.
Possibly that I am just radically changed over the years. Several years
before I run 100Mbps Tor exit node. That was DoSed many times from
China. I had several conversations with our police forces, including
international complaints about actions from my node. But I believed that
anyway I did a right thing, obviously nothing harmful. Nowadays I
completely against Tor, at least because of the fact, that it has
centralized routers database completely driven by/from US again. And
there were several memorable censorship occasions by Tor's "rulers"
(operators of that database), like that one
https://www.mail-archive.com/tor-relays@lists.torproject.org/msg11947.html
That slightly fears myself, but I really in solidarity with that
thoughts: https://withblue.ink/2020/11/12/maybe-we-shouldnt-want-a-fully-decentralized-web.html
Some sentences from it I became very agreed with:
[...] and I am now a proponent of the idea that just because
something can be built, it doesn’t mean it should be built.
I have seen, and I am seeing every day, the dangers of completely
unrestricted speech, and I don’t want to be the one enabling that.
[...] your freedom of speech isn’t my obligation to enable you and
give you a platform.
I think that while the Internet has helped the world in countless of
ways, it has also brought out the worst in people.
And Tor, being centralizingly controlled from US, for me is actually the
communication channel for supporting opposition and destabilizing forces
in many countries, including my one. I really feel the great
responsibility for the things I run/do/create/support. When I support
Tor, I support valuable people, valuable and important tasks, but at the
same time I support a magnitude more people/forces that are literally
has the target of making my life worse (oppositional forces in my
country). So I do more harm by running all those Tor exit nodes.
Moxie Marlinspike told that "ecosystem is moving":
https://www.youtube.com/watch?v=Nj3YFprqAr8
Great talk! But I can not accept the fact that it is better to have
those "smart" devices with centralized auto-updating servers. It is
better to use Signal that completely plaintext SMTP messages, agreed.
But it is not the aim we (I) trying to reach. For me it is like saying
that "a brick is better for hammering the nail, than you bare hand": no
doubts, but I think that we should not think about using a brick at all,
and our first checkpoint have to be using an ordinary convenient hammer.
"Signal" is a brick here. Some cool GNUnet-driven ecosystem (for
esample) is a hammer we should wish for.
>I'm not saying that Let's Encrypt is perfect, but mere presence in the US
>doesn't constitute technical control by the US government.
Agreed. But the fact that for years all major big software companies
like Apple/Google/Microsoft removed every gratis CA, and then *suddenly*
there appeared Let's Encrypt (virtually from nowhere) that is heavily
supported by all major vendors. Who would have the most benefit, profit
and interest in single CA responsible for >70% of all websites?
Intelligence agencies without any doubts. Of course currently there is
no evidence that Let's Encrypt is compromised and is under direct
control of any of those agencies, but I really honestly can not believe
that that kind of huge CA is located under US jurisdiction and
completely independent and not compromised (from cryptographic point of
view). All US special forces history shows us that NSA/whatever can even
repack boxes with Cisco hardware, implanting hardware backdoors, than to
bury their wish of surveillance. No offence or disrespect to anybody I
have mentioned! Surveillance, intelligence, espionage is *the* job of
that kind of forces, it is what they are intended to do, they are
essential for security, defence and stability in the country (at least).
And they try to do their best. And Let's Encrypt, people behind it, its
founders -- I hope are honest people trying to do their best too. But I
just can never believe that any expected natural will of special forces,
when there is question of national security, can be prevented/denied by
"ordinary" company under their jurisdiction. Possibly that could happen
in Netherlands, Sweden, but unbelievable it could be possible in
countries like China, Russia, US.
>I've written recently, eg
Yeah, I am subscribed to your blog :-)
>aren't in a language I understand.
So do I. (kidding :-))
>So I touched on some of these issues at https://changelog.complete.org/archives/10216-the-hidden-drawbacks-of-p2p-and-a-defense-of-signal
>where I pointed out that "Signal brings encryption and privacy to meet
>people where they’re at". I think that's really important - Signal's not
>perfect, but it provides benefits over something controlled by Facebook.
Agree with that points. But possibly I just want too much at once: want
only either to jump or to stand without moving, throwing away the
possibility to make at least some small step in the right direction.
>I specifically put a non-https link in the message
So do I, not forcing HTTPS, but allowing users to make their own decision.
>and browsers are "upgrading" to https opportunistically
And I would say that before that behaviour, when using HTTP, when
visiting russian website from russian city -- no traffic went to
US/NATO. And since force HTTPS, with Let's Encrypt, and with all of that
forced DNS-over-TLS/HTTPS, much traffic with at least metadata goes to
foreign countries now. Of course this is some kind of conspiracy theory,
but technically with all that HTTPS, DoH, DoT -- much metadata is leaked
"outside" :-)
>Would you object if I set up something like nncp.mirrors.quux.org or some
>such, with a TLS cert? I'm not sure if that's a good plan or not, yet, or
>really how big a deal this is
I have nothing against. I can add a link to your mirror of course. Can
enable WebDAV or rsync to simplify mirroring, if you do not want to
rebuild documentation from sources.
--
Sergey Matveev (http://www.stargrave.org/)
OpenPGP: CF60 E89A 5923 1E76 E263 6422 AE1A 8109 E498 57EF
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Website TLS certificates
2021-08-04 12:51 ` Sergey Matveev
@ 2021-08-04 18:54 ` Jonathan Lane
2021-08-04 19:24 ` Sergey Matveev
2021-08-04 20:16 ` Sergey Matveev
0 siblings, 2 replies; 12+ messages in thread
From: Jonathan Lane @ 2021-08-04 18:54 UTC (permalink / raw)
To: nncp-devel
On Wed, Aug 04, 2021 at 03:51:13PM +0300, Sergey Matveev wrote:
> I just read about it, but actually because of *forced* TLS usage I do
> not like that project. It just forces me to do something very
> inefficient and lame when I use IPsec, isolated LAN, localhost. Why do
> not they use Noise, that is much much more simpler even than TLS 1.3
> (very simplified version, comparing to TLS 1.2)? I understand that it is
> because of TLS-libraries availability, but the same reason can be
> applied to HTTP/WWW -- they are already existing too. Basically Gemini
> even answers that in the FAQ: when you see "gemini://" you expect to see
> no advertisements and similar junk. But who forbids including them in
> Gemini pages, in Gopher pages? The fact that people who run Gemini are
> not interested in that?
No, the fact that Gemini and Gopher are single-request-per-page
protocols. Dynamic hotloaded web style ads are fundamentally impossible.
The worst you could get on Gemini is first-party sponsored content.
> >[...]
> >But what governments do is not the same as what people do. I have been a
> >supporter of EFF for a very long time (decades). They are the good guys
> >here.
>
> Completely agreed with everything said above. I also supported (with
> money) EFF and very respect many people behind that organization. But...
> EFF changed drastically over time. Possibly I changed much especially
> for the last decade :-). But then EFAIL issue appeared (https://efail.de/)
> EFF massively spread information that the whole OpenPGP ecosystem is so
> bad, that it should not be used at all, better to use Signal.
> https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilities-require-you-take-action-now
> (this is slightly updated article, mentions patches and fixes)
> OpenPGP is far from being ideal, perfect, having good (simple!) design,
> but it is still the only way to use strong serious cryptography on most
> systems (GnuPG was often installed out-of-box in most GNU/Linux
> distributions)! And EFF calls to abandon it. With the "Signal"
> suggestion as a replacement. "Signal" without any doubts is the best
> tool among WhatsApp/Telegram/Viber/do-not-know-what-people-also-use, but
> it still uses cellphone binding, that is *completely* unacceptable for
> me and it is the reason I can not frankly recommend it (I do not say "I
> do not recommend it", I just do not say about it at all). EFF
> cypherpunks values has changed? They think that every person has the
> cellphone? That it is acceptable to think that everybody definitely has
> it? I can not agree with that. Moreover, how can they tell about
> WhatsApp usage? https://ssd.eff.org/module-categories/tool-guides
> Seriously? No, this is not the same organization I supported before. We
> have very different values and acceptable criteria.
Everyone DOES have a smartphone in the US, statistically speaking. Many
people have a smartphone but not a PC. That's why the recommendations
changed. Even in places like Japan, China, India, and Brazil, so many
people have smartphones that businesses set up "storefronts" inside
popular app platforms: LINE, WeChat, and Whatsapp respectively. Asking
people to not use smartphones is unrealistic at this point, so the EFF
is making security recommendations with that in mind.
> Some sentences from it I became very agreed with:
>
> [...] and I am now a proponent of the idea that just because
> something can be built, it doesn’t mean it should be built.
>
> I have seen, and I am seeing every day, the dangers of completely
> unrestricted speech, and I don’t want to be the one enabling that.
>
> [...] your freedom of speech isn’t my obligation to enable you and
> give you a platform.
Protip: 99% of the English-speaking people saying/writing this are just
asshurt that the political right wing finally figured out how to use
FOSS, cryptography, etc. They're trying to return to a Soviet-style
world where only the political left has any kind of infosec capability.
> >I'm not saying that Let's Encrypt is perfect, but mere presence in the US
> >doesn't constitute technical control by the US government.
>
> Agreed. But the fact that for years all major big software companies
> like Apple/Google/Microsoft removed every gratis CA, and then *suddenly*
> there appeared Let's Encrypt (virtually from nowhere) that is heavily
> supported by all major vendors. Who would have the most benefit, profit
> and interest in single CA responsible for >70% of all websites?
> Intelligence agencies without any doubts. Of course currently there is
> no evidence that Let's Encrypt is compromised and is under direct
> control of any of those agencies, but I really honestly can not believe
> that that kind of huge CA is located under US jurisdiction and
> completely independent and not compromised (from cryptographic point of
> view). All US special forces history shows us that NSA/whatever can even
> repack boxes with Cisco hardware, implanting hardware backdoors, than to
> bury their wish of surveillance. No offence or disrespect to anybody I
> have mentioned! Surveillance, intelligence, espionage is *the* job of
> that kind of forces, it is what they are intended to do, they are
> essential for security, defence and stability in the country (at least).
> And they try to do their best. And Let's Encrypt, people behind it, its
> founders -- I hope are honest people trying to do their best too. But I
> just can never believe that any expected natural will of special forces,
> when there is question of national security, can be prevented/denied by
> "ordinary" company under their jurisdiction. Possibly that could happen
> in Netherlands, Sweden, but unbelievable it could be possible in
> countries like China, Russia, US.
I disgree with your modeling of the threat environment. If a government
agency is going to interfere with a TLS CA like Let's Encrypt, the
threat posed by that is that they can silently MITM a website like
NNCPGo.org. They can do that right now anyways due to plaintext HTTP.
Either the tarball signature matches, or it doesn't, and website HTTPS
doesn't change that. What it does change, as John mentioned, is
reputation. I passed up on using NNCP for over a year until I saw it
mentioned on his blog specifically because it looked like a classic
malware profile from an American perspective: unknown software from
Russia delivered without a certificate or with an untrusted one. If
your goal is to spread adoption, there needs to be some HTTPS mirror,
whether hosted by you or someone else.
> Agree with that points. But possibly I just want too much at once: want
> only either to jump or to stand without moving, throwing away the
> possibility to make at least some small step in the right direction.
Yeah, that's too much. Chat platforms are ruled by Metcalfe's Law. If
it's too hard for people to bring their non-technical friends along they
won't bother, because their conversations with those friends will still
be on the insecure platform. Signal is easy for those non-technical
people to use. Matrix with forced e2e OLM based crypto might be another
good option some day once the clients and servers mature a bit.
--
tidux@sdf•org
SDF Public Access UNIX System - http://sdf.org
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Website TLS certificates
2021-08-04 18:54 ` Jonathan Lane
@ 2021-08-04 19:24 ` Sergey Matveev
2021-08-04 20:16 ` Sergey Matveev
1 sibling, 0 replies; 12+ messages in thread
From: Sergey Matveev @ 2021-08-04 19:24 UTC (permalink / raw)
To: nncp-devel
[-- Attachment #1: Type: text/plain, Size: 4626 bytes --]
*** Jonathan Lane [2021-08-04 18:54]:
>No, the fact that Gemini and Gopher are single-request-per-page
>protocols. Dynamic hotloaded web style ads are fundamentally impossible.
>The worst you could get on Gemini is first-party sponsored content.
Ability to fetch multiple documents at once does not force anyone to do
it, especially for doing it for advertisement and similar junk.
Everything is in hands of the authors. If author decides to show
advertisement, then he can make it anyway, even in Gemini, even in Gopher.
>Everyone DOES have a smartphone in the US, statistically speaking.
That is very sad. So EFF and people seek ways how to live "securely"
with "personal surveillance devices, aimed to run various non-free
software automatically downloaded from some servers over the network".
For me this is completely ridiculous task, obviously. Seems that is why
I completely ignorant now to EFF, trying to help that kind of people.
>Protip: 99% of the English-speaking people saying/writing this are just
>asshurt that the political right wing finally figured out how to use
>FOSS, cryptography, etc. They're trying to return to a Soviet-style
>world where only the political left has any kind of infosec capability.
I do not remember what left/right wings means (I just know that there is
that kind of separation), but if all of that means that author's article
is about Soviet-style, then nothing strange that I came up to this too,
being born in USSR, being citizen of Russia, supporting software and
tripping to Iran, Syria, working in one of federal security companies :-)
>agency is going to interfere with a TLS CA like Let's Encrypt, the
>threat posed by that is that they can silently MITM a website like
>NNCPGo.org.
Exactly.
>They can do that right now anyways due to plaintext HTTP.
Also true.
>Either the tarball signature matches, or it doesn't, and website HTTPS
>doesn't change that
Indeed.
>What it does change, as John mentioned, is
>reputation. I passed up on using NNCP for over a year until I saw it
>mentioned on his blog specifically because it looked like a classic
>malware profile from an American perspective: unknown software from
>Russia delivered without a certificate or with an untrusted one. If
>your goal is to spread adoption, there needs to be some HTTPS mirror,
>whether hosted by you or someone else.
If the world where everyone DOES have the smartphone requires you to use
some US/NATO (because major software vendors, currently located in
US/NATO, forbids anyone else, who is gratis -- we all know that
everything is about business, not security) service, then no, thank
you -- I really do not want to gain that kind of reputation. If people
evaluate software by looking at who is signed its website... well, let
they go their own way. If people are really in need of funny pictures
with very loud words about security, then Telegram is their choice. And
I see that exactly that kind of thing is happening. I have never wanted
and tried to compete with the professional sales and marketing managers
(this is just silly).
>it's too hard for people to bring their non-technical friends along they
>won't bother, because their conversations with those friends will still
>be on the insecure platform.
Agreed. But that also means that actually none of this people want
security/privacy at all. They just do not want to "pay" (possibly by
some inconvenience) anything for that. So why bother trying to secure
them? Not the target audience.
>Signal is easy for those non-technical people to use.
But hardly anyone will see his friends moving from WhatsApp to Signal.
Either user uses only the single WhatsApp, or he uses two applications,
for two groups of people. All new contacts will anyway appear in
WhatsApp (Telegram, whatever). Or am I wrong, as with thinking that
there people without smartphones in the Western world?
>Matrix with forced e2e OLM based crypto might be another
>good option some day once the clients and servers mature a bit.
I could believe that people can move all their contacts to Signal, but
would never believe that federated (or distributed, whatever) service
can compete with quality of service of centralized services, which can
even afford lending of communication links for lower delays and
anycasted distributed hops. If people are already wearing and using
portable surveillance devices, then everything is already doomed.
--
Sergey Matveev (http://www.stargrave.org/)
OpenPGP: CF60 E89A 5923 1E76 E263 6422 AE1A 8109 E498 57EF
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Website TLS certificates
2021-08-04 18:54 ` Jonathan Lane
2021-08-04 19:24 ` Sergey Matveev
@ 2021-08-04 20:16 ` Sergey Matveev
1 sibling, 0 replies; 12+ messages in thread
From: Sergey Matveev @ 2021-08-04 20:16 UTC (permalink / raw)
To: nncp-devel
[-- Attachment #1: Type: text/plain, Size: 1088 bytes --]
*** Jonathan Lane [2021-08-04 18:54]:
>I disgree with your modeling of the threat environment. If a government
>agency is going to interfere with a TLS CA like Let's Encrypt, the
>threat posed by that is that they can silently MITM a website like
>NNCPGo.org. They can do that right now anyways due to plaintext HTTP.
Forget to note that by using Let's Encrypt I explicitly allow only
(hopefully!) US/NATO to MitM the traffic. And the main question for me:
why would I want to do that? Why US? Why not China or my native country
special forces? So the choice is: either I allow only US to MitM my
website, or allow everyone to do so. This is easy choice for me.
Actually I am allowing to do more comfortable certificate pinning,
because of 1-year certificates, and authenticating with my
OpenPGP-signed trust anchor. Also all certificate hashes are kept inside
CAA DNS records on the DNSCurve servers, which public keys are also
signed with my OpenPGP one.
--
Sergey Matveev (http://www.stargrave.org/)
OpenPGP: CF60 E89A 5923 1E76 E263 6422 AE1A 8109 E498 57EF
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Website TLS certificates
2021-07-21 19:32 ` Website TLS certificates Sergey Matveev
2021-08-03 15:58 ` John Goerzen
@ 2021-09-02 8:59 ` Sergey Matveev
1 sibling, 0 replies; 12+ messages in thread
From: Sergey Matveev @ 2021-09-02 8:59 UTC (permalink / raw)
To: nncp-devel
[-- Attachment #1: Type: text/plain, Size: 984 bytes --]
Greetings, again!
Yet another problem with Let's Encrypt is that they (have to) obey laws
about prohibiting sanctioned countries (Iran, Sudan, North Korea, Syria,
at least, uncertainty with Cuba, difficulties with Crimea region). For
example Github not long ago blocked russian developer, because he visited
Crimea -- rather loud event among our developers. Visiting Iran also
lead to your block there. I worked with some Syrian government agency,
often travel to Crimea, visit Iran: so it would be question of time when
Let's Encrypt will prohibit its usage for people like me. Russia will
likely appear in that countries list too.
https://community.letsencrypt.org/t/certificates-for-us-sanctioned-countries/1223
https://community.letsencrypt.org/t/issuance-criteria-for-ir-domains/81812
https://community.letsencrypt.org/t/lets-encrypt-and-u-s-laws/3251
--
Sergey Matveev (http://www.stargrave.org/)
OpenPGP: CF60 E89A 5923 1E76 E263 6422 AE1A 8109 E498 57EF
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 12+ messages in thread
end of thread, other threads:[~2021-09-02 9:06 UTC | newest]
Thread overview: 12+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-07-19 16:57 [EN] NNCP 7.4.0 release announcement Sergey Matveev
2021-07-21 18:47 ` Jonathan Lane
2021-07-21 19:13 ` John Goerzen
2021-07-21 19:32 ` Website TLS certificates Sergey Matveev
2021-08-03 15:58 ` John Goerzen
2021-08-03 18:02 ` Sergey Matveev
2021-08-04 2:46 ` John Goerzen
2021-08-04 12:51 ` Sergey Matveev
2021-08-04 18:54 ` Jonathan Lane
2021-08-04 19:24 ` Sergey Matveev
2021-08-04 20:16 ` Sergey Matveev
2021-09-02 8:59 ` Sergey Matveev