<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-text-flowed" style="font-size: 16px;"
lang="x-western">On 2012-04-24 8:03 AM, John Moser wrote:
<br>
<blockquote type="cite" style="color: #000000;">
<br>
On 04/24/2012 08:49 AM, Paul Campbell wrote:
<br>
<blockquote type="cite" style="color: #000000;">There's been
some discussion on this mailing list about
<br>
application-firewalls, and I wanted to say a word about
Ubuntu's
<br>
inability to filter internet connections at the
application-level.
<br>
</blockquote>
<br>
It's doable, just not pretty.
<br>
<br>
<blockquote type="cite" style="color: #000000;">I work as a
freelance journalist. On many occasions I recommend the use
<br>
of Tor to sources in middle eastern and southeast Asian
countries. For
<br>
their own safety, they need an anonymous way to upload things
to the
<br>
internet and in general to communicate online.
<br>
</blockquote>
<br>
Immediately assuming you've got the technical profile of a ZDNet
columnist.
<br>
<br>
<br>
<blockquote type="cite" style="color: #000000;">When needing to
use Tor, the source will activate the firewall
<br>
software's user-created "Tor Profile" and then start a Tor
browsing
<br>
session. When finished browsing, the source will close Tor and
change
<br>
the firewall settings from the "Tor Profile" back to the
default profile
<br>
which in general allows all applications to connect to the
internet.
<br>
This setup ensures that no other applications "accidentally"
connect to
<br>
the internet during an active Tor session and "reveal" the
source's true
<br>
IP address.
<br>
<br>
</blockquote>
<br>
Vacuous.
<br>
<br>
A connection from your IP address doesn't "reveal" your source
address. The source address from your computer is stamped on
every TOR packet: it's possible to determine that you're using
TOR, regardless. Blocking other connections unrelated to TOR
won't hide what you're doing under TOR; and having other
connections (say to your e-mail, IRC, P2P, non-sensitive Web
sites, etc.) doesn't jeopardize the secrecy of your TOR
connection.
<br>
<br>
Aside, has anyone considered that actively aiding a sovereign
nation's population in accessing materials restricted from the
general population's view is an active attack on that nation's
procedurally declared national security, and a direct act of
war? Not defending tyranny, just saying: you are committing an
act of war.
<br>
</blockquote>
<br>
Rubbish. It's not even hacking, and only tyrannies claim hacking
is an act of war.
<br>
<br>
This is merely working around threats to minimal privacy.
<br>
<br>
<blockquote type="cite" style="color: #000000;">If we have
extradition treaties with these people, it's perfectly
reasonable for you to be arrested and shipped over there; and if
our government refuses to do so, then the logical response in
kind is for them to start bombing our soil.
<br>
</blockquote>
<br>
More rubbish. Who is "our", kemosabe? You need to get over that
militarism.
<br>
<blockquote type="cite" style="color: #000000;">
<br>
Some things are worth getting bloody for, and some things carry
the implications but in practice those implications never pan
out. You probably won't get extradited and nobody is going to
start lobbing nukes just because of people helping crack the
Great Arab Firewall. They could though; it's actually a
reasonable response.
<br>
</blockquote>
<br>
No, these claims are literally hysterical. Also wrongheaded: we
have a civic duty to help people whose civil liberties are
compromised.
<br>
<br>
PB
<br>
<br>
-----
<br>
<br>
<blockquote type="cite" style="color: #000000;">
<br>
<br>
<blockquote type="cite" style="color: #000000;">
<br>
Sincerely,
<br>
<br>
Paul Campbell
<br>
<br>
<br>
<br>
<br>
</blockquote>
<br>
</blockquote>
<br>
</div>
</body>
</html>