Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: Help freedom of press in canada

  1. #1
    Junior Member
    Join Date
    Mar 2004
    Posts
    8

    Help freedom of press in canada

    Is it too risky for them?
    A group of journalist (between 5 and 10) would like to published uncensored content on the internet. they have not much money. For the project to be working they would need anonymity and privacy over home,office and Internet networks while using a CMS and a web server.

    Do you think there is a way to give them 99.9% protection against retaliation over a long period (+5 year), or else they will lost their job and be sue.

    I am evaluating the project maybe you can give me some tips.

    they use OS9 OS10, win XP, win 2000 from intranet home and office network.

    anonymity strategies:
    Freenet and JAP seem to be unreliable.
    So are public proxies.


    privacy strategies:
    Strong encryption.
    Camouflage and steganographic.

    Thanks for your help.

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    Interesting. What exactly is they are publishing that would have them "censored"? AFAIK, very little gets censored in Canada with the exception of Neo-Nazi types or other hate websites.

    And I'm not sure about your privacy strategies as being indicative of making stuff "private". You can use things like SSH as secure connections (choose higher keys or stronger keys of -- at min -- 2048) and is available on every platformed mentioned above AFAIK.

    The website that would disseminate the info could be located out of Canada's juristiction and in a country that wouldn't abide by their requests (many Asian nations have ISPs like this).

    As for retaliation, depending on what the information is, "inference" can usually be used to figure out who wrote something (based on writing style, etc.). You make it sound like the Gov't of Canada will kill them, which they wouldn't do unless there was about 27 Parliamentary committees and 34 Senator committees created first along with shuffling of money elsewhere. (scarcastic comment is mine).

    Oh yes.. and lastly,

    t is hereby recognized and declared that in Canada there have existed and shall continue to exist without discrimination by reason of race, national origin, colour, religion or sex, the following human rights and fundamental freedoms, namely,

    (a) the right of the individual to life, liberty, security of the person and enjoyment of property, and the right not to be deprived thereof except by due process of law;

    (b) the right of the individual to equality before the law and the protection of the law;

    (c) freedom of religion;

    (d) freedom of speech;

    (e) freedom of assembly and association; and

    (f) freedom of the press.
    This is here for a reason. Why aren't the journalists using this?
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Yes, I have to agree with MSM.................if child pornographers can survive........so can your lot........unless they have no skills, no male gender parts..........and so on?

    MSM......I like that you still spell "colour" correctly in the "frozen North"

    What "publishing" and "reporting" is it then...............will the "accused" have a right to response?........or are we just talking sedition?

    Your call?

  4. #4
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,785
    **~*~"retaliation"~*~** leaving that to the imagination is not in your best interest. if your really looking for help with this i think you should explain yourself.

    WTF:

    privacy strategies:
    Strong encryption.
    Camouflage and steganographic

    sounds like they could loose more than their jobs here. just what do you think is protected under freedom of speech/press?

    i think before anyone helps this guy you should find out what it is exactly you are helping (being a party to)

    (sorry im not as graceful as MsMittens. i fear someone may miss sudelty... sagittarius ya know)
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  5. #5
    Junior Member
    Join Date
    Mar 2004
    Posts
    8

    i am the good guy

    Freedom of press
    I don't want to start a philosophical thread but I can tell you what I know about these journalists and why I want to help them.

    They work for two BIG newspaper and are well known and respected. They have access to a lot of informations wich are of public interest and very difficult to obtain for you and me, but they are censored by their boss and by law in some cases of no publication order.

    They can't publish the news like they think they should and this is why they want a private and anonymous way to publish together over the Internet.

    It's not about publishing abused children or molester name, they are professionals and they feel unable to do their jobs in some special cases. They will censor themself trought the publishing group and they want to express themselves, be trusted and read, not sued.

    There was to my knowledge many cases of journalists and newspaper being sued by rich people over privacy and reputation related laws in Canada.

    Maybe I paranoid but I think child pornographers risk less here that a journalist who tell the true about the role of Paul Martin in the fund's scandal.


    The project
    Is this possible to make such a system 99.9% efficient for anonimity and privacy from a corporate network?
    1. Anonimity and privacy acess to a CMS server for the journalists,
    2. Automated anonymous and private upload from the CMS to a public web server.

  6. #6
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    Keep something in mind: while you view yourself as the good guy we don't know you from a hole in the wall. Social engineering can be very effective if you sound like someone desperate for help. And if you are asking one of us to do this for you -- without knowing the full details and risks of what we might be getting involved in (assuming that it's not a snow job for something else) -- you're asking a lot of us.

    I think we've provided you with some suggestions on ways to go. It's up to you to decide as to what you want to do.

    Is this possible to make such a system 99.9% efficient for anonimity and privacy from a corporate network?
    No. They will pick up traffic that the system exists. It would be best, if you are going this route, not to use corporate networks. Could result in "fireable" activities against the AUP set out by the Newspapers' IT team/management.

    1. Anonimity and privacy acess to a CMS server for the journalists,
    Host the server elsewhere and use ssh to access it. By hosting the server elsewhere (especially in nations that they would not be able to gain access to) the newspaper wouldn't have the ability to shut access down to it.

    SSH would allow for secure transmittal of information. I would stress here that your friends should probably have mail services not run by the newspaper (use web based accounts that aren't in the US, UK or Canada). Keep in mind that the newspaper probably has full rights/access to their email. Webbased email is done in clear text so if you can find one that supports secure HTTP or some other method that is encrypted that would be the best.

    2. Automated anonymous and private upload from the CMS to a public web server.
    See above.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  7. #7
    Junior Member
    Join Date
    Mar 2004
    Posts
    8
    It's more to have fun and help people wilhe learning about security as an unemployed junior software engineer Social engineering is a risk I try to mitigate.

    Ok, So I think like you that this should be attemp only from home or reliable internet public access places.

    here is a plan. what do you think?

    Get a free web server in an exotic country.

    Journalist have anonymous encrypted email account they use to discuss papers content and layout, sharing css html templates.

    Steps

    0. Secure the computer
    check if it is safe or not (spyware, config ,system setting and running programs)

    1. Access the anonymous mail and the public web server as visitor (copy-paste some html to modify).

    2. publish
    trough a web Hactivissimo 6/4 protocol trusted peer wich upload trough ftp to the web server.
    OR
    mail the encrypted content anonymously to a proxy server wich would upload to the web server.
    OR
    Camouflage and steganographic to communicate with a proxy server (say wallpaper server) wich would upload to the web server.

    3. Clean the computer
    the usual cleaning.

    Special care need to be taken in the design and configuration and use of the proxy server.

    SSH is a good idea, but how does it help in anoynimity? SSH anonymous proxies seem rare.

  8. #8
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    It's more to have fun and help people wilhe learning about security as an unemployed junior software engineer
    I dunno. Doesn't seem to fun if you can't openly say something without risk of legal retaliation or worse (which is what it sounds like). The amount of security you are looking at seems awfully severe and at a level of the NSA. I don't think you and/or your colleagues have the budget for this.

    That said, realize that you have let some of the cat out of the bag by the very first post you put here:

    • - you've identified that you or your associates are Canadians
      - that you work for two of Canada's national newspapers (Globe and Mail and The National most likely)
      - that this involves those with money (right now, sounds like the whole sponsorship scandal) and/or relates to national security
      - you will probably violate some laws and potentially do further damage
      - you are posting on a website that is located in the US, a country that has been known to help Canada and if this site's owners got a court order would be obliged to turn over your IP, which is recorded (as per the Privacy Policy below).


    I can tell you right now, that even if you did all of the suggestions put forth, someone, somewhere, with the pockets and resources deep enough and desire large enough will find you and your associates. There is no such thing, on the internet, as 100% anonymity and/or 100% privacy, IMHO. There is always a way to find out something (right or wrong).

    Now on to your list. The first two items are fine. It still strikes me that these is awfully extreme and reminds me of my uncle who was convinced that the Mafia was out to get him because he managed to get a name trademarked before the company that was using it did.

    2. publish
    trough a web Hactivissimo 6/4 protocol trusted peer wich upload trough ftp to the web server.
    OR
    mail the encrypted content anonymously to a proxy server wich would upload to the web server.
    OR
    Camouflage and steganographic to communicate with a proxy server (say wallpaper server) wich would upload to the web server.
    Why would you do this if you are using SSH? If the material is encrypted on the webserver, how will the general public (I am assuming that these are your targets) will read it? General public is "stupid" and ignorant on security. Or perhaps I'm misunderstanding what you want to do.

    3. Clean the computer
    the usual cleaning.
    No. Not the usual cleaning. It's too easy to do the usual. You need to do the extreme. There are tools that can recover, given enough of a budget, anything. Multiple 0 writes along with a few reformats should help minimize this (think extremely paranoid and make no assumptions about the budgets of others if you truly want to do this secretly)

    Special care need to be taken in the design and configuration and use of the proxy server.
    You need someone to set this up, which means they will know and become a security risk (that is, they could turn around and "rat" on you).

    SSH is a good idea, but how does it help in anoynimity? SSH anonymous proxies seem rare.
    SSH is for encryption so no one can sniff the "critical" details. The anonymity can come through "free" wireless access cafes (McDonalds or someone like that). Think wireless and you'll get the idea.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  9. #9
    Junior Member
    Join Date
    Mar 2004
    Posts
    8
    THE PROXY SERVER

    I think I can have a 90% with a server wich is moderately easy to get for free. (it is really for a development purpose)

    It will run mail and ftp daemon.
    It wil receive anonymous encrypted emails with
    file content, file information and ftp command.
    A script takes the mail, decrypt it and ftp to the free exotic web server.

    How better can it get? Can the anymous mail be trace back or is it really anonymous?

  10. #10
    Junior Member
    Join Date
    Mar 2004
    Posts
    8
    I sure doing this for entertainment because I am an unemployed nerd as I said. I evaluate the "project" just for fun and I don't want to get in trouble. They are not my friend and I know only two of them.

    I repeat, there is no terrosist and we love Bush and god. I am having fun with anonymity and privacy and freedom of press.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •