|SUBJECT ||Re: [NYLXS - HANGOUT] Free Software Magazine
|BTW - Lulu.com was founded by Red Hat founder Bob Young
Secure VoIP calling, free software, and the right to privacy
By David Sugar
Online on: 24/10/2006
All free nations in the world today recognize certain basic principles,
such as freedom of speech, freedom of thought, and the freedom of
privacy. These values that we all share were articulated by and fought
for by people such as Voltaire, Jefferson, and Bolivar. This common
heritage of freedom is today under attack by those who wish to turn the
clock back on human progress. We all know that a government that lives
in such fear of its own citizens that it must spy on them and claims the
authority to do so en-mass and unchallengeable is not a legitimate
government of the people it claims to serve.
There is an interesting story about George Washington during the
American Revolutionary War. At one point some of Washington's officers
were plotting rebellion against him, and he accidentally received a
dispatch that was meant for one of the conspirators. Having opened it,
and read it, he realized what had happened, and then asked the courier
to please apologize because the letter was not meant for him. He choose
to act as best he could in a manner as if he had not read the letter.
For Washington understood that even at a time of war, there are certain
ideals that must never be sacrificed, otherwise even if victory was
achieved, it is not worth the price of a nation nobody would wish to
With these thoughts, we chose, on the first Monday of this October, to
release a stack for secure VOIP calling, as free software developed
through GNU Telephony, a loose organization of developers who specialize
in free software for telecommunications. We accomplished this by
creating a free software stack that implements Phil Zimmerman's ZRTP, as
well as the Secure RTP spec. This is now part of the GNU RTP Stack,
ccrtp. We chose to make this available for immediate use in the most
compelling way, by having available at the same time, a complete secure
softphone client anyone can also download and use and which implements
the secure calling features in an easy to use manner. This client was
the Twinkle Softphone client, developed by Michel De Boer, and modified
with his help to meet this goal in time with our initial release.
Secure calling VOIP using ZRTP operates much like ssh in concept. The
keys for communication are generated locally, rather than using an
external certificate authority, hence preventing weak or poisoned
certificates which SRTP potentially allows. Fingerprint session
signatures are shown and cached much like the ssh host fingerprints, so
that one can determine if there is a man in the middle decrypting at one
end and encrypting to another.
What we have developed does not interfere with lawful police
investigations, since the end point can still be compromised with
physical access, presumably executed as part of a lawful and judicially
supervised court order. But it does prevent arbitrary and mass spying on
what people say, which must come to an end before all other freedoms are
lost. With additional technologies including tls secured SIP and
anonymizing connection proxies, it is possible to also reduce
associative information signal that intelligence so desperately wishes
to mine, and that is a goal of later phases of this project.
Since it is free software, anyone can download and use it. Since it is
offered as a library, it can be used to produce applications, like
Twinkle, that can perform secure communications by design, rather than
as an afterthought. This technology is here to stay. There are enough
people who have set it up now around the world, including some I
personally showed. The source is available and mirrored worldwide.
Binaries have been build and now distributed in Debian. Much of that was
all done very rapidly and early on at the start of the month, the rest
while I was in Maturin speaking at the IVth International Free Knowledge
Conference, which I will write about next week, to deliberately make
sure it was immediately usable and widely disseminated.
This technology we are bringing to free VOIP software was of course
first proposed, in a proprietary form, and as an external proxy known as
zfone, by Phil Zimmerman. Much of the work in developing secure calling
in the GNU RTP Stack was done by people like Werner Dittman and Federico
Pouzols, and with lots of Michel De Boer from Twinkle. Whether you are a
head of state wishing to communicate in private, a union organizer
within a company, or simply talking to your family and friends, you have
a basic right and expectation of privacy. We intend to do everything in
our power to help further that goal.
Further information can be found at GNU Telephony
Ruben Safir wrote:
> On Mon, Oct 23, 2006 at 10:32:43PM -0400, einker wrote:
>> I' ve been reading this since issue #5. I thought you knew about it ....
> I discovered it last month and posted a note about it to the list. Since I
> got no responses, I thought I'd mention it again./ It would be nice to make
> a contribution to their rag. They did a much better job than we did trying to
> promote the same thing.
>> On 10/23/06, Ruben Safir wrote:
>>> Has anyone seen this Free Software Magazine at
>>> This site is one of the best examples of Free Software in action I've ever
>>> Its content is awesome, the commentaries just wonderful and in depth. The
>>> Magazine is everything I had hoped for with the NYLXS Quarterly Journal as
>>> serious review journal that doesn't completely lose the new user or
>>> user of computers.
>>> And David Sugar is a regular writer in it.
>>> And then they discovered this every cool social enginering tool.....
>>> Brooklyn Linux Solutions
>>> So many immigrant groups have swept through our town
>>> that Brooklyn, like Atlantis, reaches mythological
>>> proportions in the mind of the world - RI Safir 1998
>>> DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
>>> "Yeah - I write Free Software...so SUE ME"
>>> "The tremendous problem we face is that we are becoming
>>> sharecroppers to our own cultural heritage -- we need
>>> the ability to participate in our own society."
>>> http://www.mrbrklyn.com - Consulting
>>> http://www.nylxs.com - Leadership Development in Free Software
>>> http://www2.mrbrklyn.com/resources - Unpublished Archive or stories and
>>> articles from around the net
>> Evan M. Inker