Kushal Das4

FOSS and life. Kushal Das talks here.

kushal76uaid62oup5774umh654scnu5dwzh4u2534qxhcbi4wbab3ad.onion

dgplug summer training 2018

dgplug summer training 2018 will start at 13:30 UTC, 17th June. This will be the 11th edition. Like every year, we have modified the training based on the feedback and, of course, there will be more experiments to try and make it better.

What happened differently in 2017?

We did not manage to get all the guest sessions mentioned, but, we moved the guest sessions at the later stage of the training. This ensured that only the really interested people were attending, so there was a better chance of having an actual conversation during the sessions. As we received mostly positive feedback on that, we are going to do the same this year.

We had much more discussions among the participants in general than in previous years. Anwesha and I wrote an article about the history of the Free Software and we had a lot of discussion about the political motivation and freedom in general during the training.

We also had an amazing detailed session on Aadhaar and how it is affecting (read destroying) India, by Kiran Jonnalagadda.

Beside, we started writing a new book to introduce the participants to Linux command line. We tried to cover the basics of Linux command line and the tools we use on a day to day basis.

Shakthi Kannan started Operation Blue Moon where he is helping individuals to get things done by managing their own sprints. All information on this project can be found in the aforementioned Github link.

What are the new plans in 2018?

We are living in an era of surveillance and the people in power are trying to hide facts from the people who are being governed. There are a number of Free Software projects which are helping the citizens of cyberspace to resist and bypass the blockades. This year we will focus on these applications and how one can start contributing to the same projects in upstream. A special focus will be given to The Tor project, both from users’ and developers’ point of views.

In 2017, a lot of people asked help to start learning Go. So, this year we will do a basic introduction to Go in the training. Though, Python will remain the primary choice for teaching.

How to join the training?

First, join our mailing list, and then join the IRC channel #dgplug on Freenode.

Remembering John Perry Barlow

I dream of a day, and it is not a crazy dream, when everybody on this planet who wants to know all about that is presently known about something, will be able to do so regardless of where he or she is. And and I dream of a day where the right to know is understood as a natural human right, that extends to every being on the planet who is governed by anything. The right to know what it’s government is doing and how and why. -- John Perry Barlow

I met John Perry Barlow only once in my life, during his PyCon US 2014 keynote. I remember trying my best to stay calm as I walked towards him to start a conversation. After some time, he went up on the stage and started speaking. Even though I spoke with him very briefly, I still felt like I knew him for a long time.

This Saturday, April 7th, Electronic Frontier Foundation and Freedom of the Press Foundation organized the John Perry Barlow Symposium at the Internet Archive to celebrate the life and leadership of John Perry Barlow, or JPB as he was known to many of his friends and followers.

The event started around 2:30AM IST, and Anwesha and /me woke up at right time to attend the whole event. Farhaan and Saptak also took part in watching the event live.

Cory Doctorow was set to open the event but was late due to closing down of SFO runways (he later mentioned that he was stuck for more than 5 hours). In his stead, Cindy Cohn, Executive Director of the Electronic Frontier Foundation, started the event. There were two main panel sessions, with 4 speakers in each, and everyone spoke about how Barlow inspired them, or about Internet freedom, and took questions after. But, before those sessions began, Ana Barlow spoke about her dad, and about how many people from different geographies were connected to JPB, and how he touched so many people’s lives.

The first panel had Mitch Kapor, Pam Samuelson, Trevor Timm on the stage. Mitch started talking with JPB’s writing from 1990s and how he saw the future of Internet. He also reminded us that most of the stories JPB told us, were literally true :D. He reminded us even though EFF started as a civil liberties organization, but how Wall Street Journal characterized EFF as a hacker defense fund. Pam Samuelson spoke next starting with a quote from JPB. Pam mentioned The Economy of Ideas published in 1994 in the Wired magazine as the Barlow’s best contribution to copyrights.

Cory Doctorow came up on stage to introduce the next speaker, Trevor Timm, the executive director of Freedom of the Press Foundation (FPF). He particularly mentioned SecureDrop project and the importance of it. I want to emphasize one quote from him.

It’s been observed that many people around the world, billions of people struggle under bad code written by callow silicon valley dude bros, those who hack up a few lines of code and then subject billions of people to it’s outcomes without any consideration of ethics.

Trevor talked about the initial days of Freedom of the Press Foundation, and how JPB was the organizational powerhouse behind the organization. On the day FPF was launched, JPB and Daniel Ellsberg wrote an article for Huffingtonpost, named Crowd Funding the Right to Know.

When a government becomes invisible, it becomes unaccountable. To expose its lies, errors, and illegal acts is not treason, it is a moral responsibility. Leaks become the lifeblood of the Republic.

After few months of publishing the above mentioned article, one government employee was moved by the words, and contacted FPF board members (through Micah Lee). Later when his name become public, Barlow posted the following tweet.

Next, Edward Snowden himself came in as the 4th speaker in the panel. He told a story which is not publicized much. He went back to his days in NSA where even though he was high school drop out, he had a high salary and very comfortable life. As he gained access to highly classified information, he realized that something was not right.

I realized what was legal, was not necessarily what was moral. I realized what is being made public, was not the same of what was true. -- Edward Snowden.

He talked about how EFF and JPB’s work gave direction of many decisions of his life. Snowden read Barlow’s A Declaration of the Independence of Cyberspace and perhaps that was the first seed of radicalization in his life. How Barlow choose people over living a very happy and easy life, shows his alliance with us, the common people of the world.

After the first panel of speakers, Cory again took the stage to talk about privacy and Internet. He spoke about why building technology which are safe for world is important in this time of the history.

After a break of few minutes, the next panel of speakers came up on the stage, the panel had Shari Steele, John Gilmore, Steven Levy, Joi Ito.

Shari was the first speaker in this group. While started talking about the initial days of joining EFF, she mentioned how even without knowing about JPB before, only one meeting converted Shari into a groupie. Describing the first big legal fight of EFF, and how JPB wrote A Declaration of the Independence of Cyberspace during that time. She chose a quote from the same:

We are creating a world where anyone, anywhere may express his or her beliefs, no matter how singular, without fear of being coerced into silence or conformity.

Later, John Gilmore pointed out a few quotes from JPB on LSD and how the American society tries to control everything. John explained why he thinks Barlow’s ideas were correct when it comes to psychedelic drugs and the effects on human brains. He mentioned how JPB cautioned us about distinguishing the data, information and the experience, in ways that are often forgotten today.

Next, Steven Levy kept skipping many different stories, choosing to focus on how amazingly Barlow decided to express his ideas. The many articles JPB wrote, helped to transform the view of web in our minds. Steven chose a quote from JPB’s biography (which will be published in June) to share with us:

If people code out for eight minutes like I did and then come back, they usually do so as a different person than the one who left. But I guess my brain doesn’t use all that much oxygen because I appeared to be the same guy, at least from the inside. For eight minutes, however, I had not just been gratefully dead, I had been plain, flat out, ordinary dead. It was then I decided the time had finally come for me to begin working on my book. Looking for a ghost writer was not really the issue. At the time, my main concern was to not be a ghost before the book itself was done.

I think Steven Levy chose the right words to describe Barlow in the last sentence of his talk:

Reading that book, makes me think that how much we are going to miss Barlow’s voice in this scary time for tech when our consensual hallucination is looking more and more like a bad trip.

When you talk to Dalai Lama, just like when you talk to John Perry Barlow, there is a deep sense of humor that comes from knowing how f***** up the world is, how unjust the world is, how terrible it is, but still being so connected to true nature, that it is so funny. -- Joi Ito

Joi mentioned that Barlow not only gave a direction to us by writing the declaration of the independence of cyberspace, but, he also created different organizations to make sure that we start moving that direction.

Amelia Barlow was the last speaker of the day. She went through the 25 Principles of Adult Behavior.

The day ended with a marching order from Cory Doctorow. He asked everyone to talk more about the Internet and technologies and how they are affecting our lives. If we think that everyone can understand the problems, that will be a very false hope. Most people still don’t think much about freedom and how the people in power control our lives using the same technologies we think are amazing. Talking to more people and helping them to understand the problem is a good start to the path of having a better future. And John Perry Barlow showed us how to walk on that path with his extraordinary life and willfulness of creating special bonds with everyone around him.

I want to specially thank the Internet Archive for hosting the event and allowing the people like uswe who are in the cyberspace to actually get the feeling of being in the room with everyone else.

Recording of the event Header image copyright: EFF

The Onion service to access my blog

I am happy to announce the availability of my website as an Onion hidden service at http://kushal76uaid62oup5774umh654scnu5dwzh4u2534qxhcbi4wbab3ad.onion/. This is a complete different instance than the regular https://kushaldas.in.

The .onion hidden service addresses are generated based on the hash of the public key. It means the Tor browser will take you to the right service which has access to the private key. The Onion services are always inside the Tor network, means you are not exiting the circuit/network. It is also end-to-end encrypted. These features together help to have confidentiality and integrity. If you want to read more about how the Tor hidden services work, read this document.

Things different on this site

  • This website has all the resources local to the server. Saptak helped to identify the external resources. Anwesha and I both wrote two different versions of the Python scripts to make things available locally. It was a fun programming problem.
  • No user-tracking JavaScript in the site.
  • No Disqus comments either. As it would require to load external Javascript, which in turn can be used to identify users.

Visiting the site using Tor Browser

Just in case you never encountered any .onion address before, you can visit these addresses using the Tor Browser. Download the latest version of the site. Remember to download Tor Browser only from the official website. Because my service is using version 3 of hidden service, you will need at least Tor Browser 7.5 to visit it.

Here are a few quick tips for using Tor Browser:

  • Do not install any plugin on the browser. They can be used to find your IP address.
  • Do not change the default browser window size. Browser window size can be used as metatdata to identify the users.
  • Use https versions of the websites you want to visit. The Tor Browser uses HTTPS Everywhere plugin to help you with that. As I mentioned earlier, the onion hidden services are already end-to-end encrypted, and you don’t get out of the Tor network, you can use them without the SSL certificates.

You can find more tips on the Tor project website.

Btw, DuckDuckGo also provides the search engine over a hidden service which you can use all the time.

Share files securely using OnionShare

Sharing files securely is always a open discussion topic. Somehow the relationship between security/privacy and usability stand in the opposite sides. But, OnionShare managed to create a bridge between them. It is a tool written by Micah Lee which helps to share files of any size securely and anonymously using Tor.

In the rest of the post I will talk about how you can this tool in your daily life.

How to install OnionShare?

OnionShare is a Python application and already packaged for most of the Linux distributions. If you are using Windows or Mac OS X, then visit the homepage of the application, and you can find the download links there.

On Fedora, you can just install it using dnf command.

sudo dnf install onionshare -y

For Ubuntu, use the ppa repository from Micah.

sudo add-apt-repository ppa:micahflee/ppa
sudo apt-get update
sudo apt-get install onionshare

How to use the tool?

When you start the tool, it will first try to connect to the Tor network. After a successful connection, it will have a window open where you can select a number of files, and then click on Start sharing button. The tool will take some time to create a random onion URL, which you can then pass to the person who is going to download the files using the Tor Browser.

You can mark any download to stop after the first download (using the settings menu). Because the tool is using Tor, it can punch through standard NAT. Means you can share files from directly your laptop or home desktop. One can still access the files using the Tor Browser.

Because of the nature of Tor, the whole connection is end to end encrypted. This also makes the sharer and downloader anonymous, but you have to make sure that you are sharing the download URL in a secure way (for example, you can share it using Signal). OnionShare also has a rate-limit so that an attacker can not do many attempts to guess the full download URL.