- Shaw charging a $60 fee to open port 25
- Ideas for a better internet
- Decentralization, BitDNS(Based on Bitcoin) allows for the decentralization of Domain Names without losing legibility. ie somone can register google.bit and have the resilience of the Bitcoin Protocol
- Automatic licence plate recognition (ALPR) project (We're going to try emulate what police cars are doing, and setup a demo of what we can do with 3 months of such data)
- Plate format and info it shows
- Response to police abuses during the G20
- Innovation Station
- non-profit press release website
- quadcopters! (I can't actually come this week, but I'm going to do a quadcopter parts buy next week and will announce a set of tutorials at the makerspace. If anyone wants in they should let me know! -Derek)
BTW - Kurt asked me about costs and this is what I sent him:
Arduino is about $30 sensors are between $80 and $200 depending on what options you choose motors and speed controllers run $60-$120 or so depending on size and power batteries are $15 to $40 depending on size battery charger is $50 or so for a nice one (or use the one I'm buying to keep at the space if you just want to fly out here) transmitter/receiver is between $50 and $250 depending on options, or can use a $60 pair of XBee radios and a couple of wii controllers
Have a hard time getting away for less than $300, but could go much higher depending on design characteristics.
- all grain brewing class at the makerspace (again, I can't come this week but Kris and Tyler if you guys want to just set a date and tell me what it is I'll get announcements out and get people signed up! -Derek)
1) Kris - newly moved downtown, internet privacy guy
2) Chris - UVic grad student - interested in internet security & legal issues (Deep Packet Inspection)
3) Ernie - network support, phone systems & pbx
4) Matthew - at UVic CompSci
5) Kevin - s/w dev
6) David - prod dev & design from
7) Lisa - Oracle DBA - in the states (skyped in)
8) Fabian - (skyped in)
9) Kurt - s/w dev
Pre-Meeting - What's Happening
- Makerspace? Kris - needs access to a truck; would like to donate/loan the space all of his brewing equipment and fridge with two taps. two full all-grain setups (one is Tylers). Kris doesn't have room for all of the equipment in his new, smaller space.
- This week - yesvictoria - young entrepeneur society - hasn't gone himself yet. Found out about at silent acution support japan. Bid on everything - alcohol may have been involved. Meeting tomorrow. *need note in wikicalandar
- Tomorrow 8 pm QV Bakery. Two-three boards of a game called Settlers of Catan. Sort of an easier version of Risk. Is fun.
- Friday - Mike Delamont in town this week due to awards. 7 & 9 God is a Scottish Dragqueen (Atomic Vaudeville show - Kris on board) $15 at vic event center.
- Makerspace - couple of events this weekend - including Derek bringing a video camera to record some videos to spice up the makerspace home page
- Nanaimo hackathon at end of month. Folks need to register to participate.
- Epsilon - got hacked on Friday - so Kris avoids registering for anything.
- Tungle.com - effective service. But is in cloud so providing your name and contacts. Mac plug-in sucked in his adrbook without asking. Unfortunate.
- Chris Parsons - needs what questions would you pose to ISPs at a CRC hearing.
- TED party on Saturday night. TED talk with greatest talk ever sold.
- Derek - will be ordering quadcopter parts. Tutorials coming up at makerspace.
- Tronapalooza (during cansecwest.com) - iphone controlled fighting quad copters. Plus unlimited booze. Nothing bad could happen. 1 kg - video camera and a paintball gun. Face recognition.
Shaw's Email Server Tax
- Kris just moved. Wants to set up own mail server again. Shaw said he had to pay to get static IP and port. residential - same speed but no static and port is closed. Asked twittered them about it. He said I pay $60/month for one IP and spammers could do that too. They had no answer for him. He bought a VPS (?) in Vancouver. $12 in Vancouver. Has it running but he can't connect to it. 25 outbbound blocked as well with shaw so he can't connect to it. !!! Basically a $60 tax to run his own mail server. Try to combine all useful angles. Shaw's hidden internet tax Chris said. IMTP stuff or anti-competitive. Security ITMP's don't count they say. Seems like a complaint should be filed. Crhis said security waiver was really the DPI used by MTS-Allstream. Used just for security. Shaw might say ITMP decision would justify their block. CRTC 2009-657 says Kevin. This policy decision may look like it supports port blocking, but doesn't based on how the decision was arrived it. Kevin says nothing in 657 saying that security ITMPs are any different than any other ITMPs. Kris also wants to go on the angle that Shaw can no longer state that they are offering internet service - rather a limited access network provider. Becomes what defines "internet" service. * Broadband same as rocket stick?
- CRTC policy - the big net neutrality victory in Canada.
- 657 appears to be intended to support traffic shaping, rather than close specific ports. This was the response from Shaw.
"Reserved for Shaw's mail server"
- Chris suggests use Bernier's wording to support anti-competitive.
- 4 pm Feb 17th - tweet to kevin from shaw help.
- Kris - pay tax or they want to be able to read and log all his emails - which is a privacy concern.
- Ryan - Devil's advocate:
- 1) unless encrypting, email plaintext anyway. If encrypted, shaw can't read it.
so no extra security running your own over theirs. they're doing packet sniffing anyhow. Or could. And shouldn't.
- 2) they aren't preventing you from doing it, they are just charging you extra. Maybe needed as people don't configure their computers to prevent them from being turned into spambots.
657 says: ITMPs used for nw security or deployed temporarily for nw integrity. Protect folks from spam and illicit materials. Are a necessary part of an ISPs operations. So CRTC not addressing these. If overzealous or overbearing, then would fall under the rest of the ITMP regulations. Shaw claiming 25 is for nw security to prevent a spamfest. (per Chris P.)
Kevin's email to use port 25 to prevent phishing. So helps security.
Kris getting penalized for being competent in a sea of folks who aren't.
Ryan - problem is not enough competition in the marketspace - no alternative provider. Techsavvy - 6 IPs and nothing blocked. Lots of mail servers don't accept mail from folks without legit reverse. Kris could do reverse on the fly on his DPS. Can also do on Shaw. Full computer on fat pipe in Van for $12/month webserve.ca . Shaw wanting $60. $90 for static IP, unblocked. Residential vs. Business cost varies over time.
Fabian VPN even less. No long-term contract. So even cheaper if on US soil and part of Patriot Act.
Kris'll be drafting something by tomorrow.
Ryan - maybe propose a solution? Lisa - maybe a prove you are competent test.
Kevin - might use in ways that aren't just email - could also be check-for-validity. Problem for him offering a service that rides on top - he and all his clients would have to reconfigure to handle the wacky change. Kevin - maybe just go into webpage and uncheck the blocked ports - done.
Ideas for a Better Internet
http://cyberlaw.stanford.edu/ Chris P.
- Berkman Center at Harvard Law School & Stanford CompSci.
- Looking for proposals that would improve the internet - esp infra, security, literacy. Goal of making the internet a better place for everyone.
- Harvard & Stanford students will chip in & then work with technologists to make something happen.
- You don't get any money if you win, but you get access to a long list of high profile folks. Tim O'Reilly, White House Susan Crawford, etc.
- Kris - (not too surprisingly) suggested ISPs should stop blocking 25?
- Kevin - suggested the original competitive secure internet concept that the ideas group has worked on before - the doc already routed & signed.
- Deadline is 12 pm PST April 15th. One week!
- Kevin - CIRA cira.ca charter to promote Canadian internet.
- Kris - (re: securing the internet suggestion) knows the 5 guys in Ottawa who were intially hired by a guy to secure 5% of the internet. Worked on frees/wan. IPSEC for linux. Now called opens/wan.
- Common problem eg firesheep - packet sniffing around for years. This would prevent that. If you download wireshark or tcpdump (non-graphical).
- firesheep collects the session cookies (also gotten w/wireshark if tech proficient). If IPSEC, wouldn't happen. But organizations tend to want to look through your stuff.
- Sniffers could not read the package contents. Still would know next IP address-based step from header
- can work around that using TOR - https://www.torproject.org/ TOR.EFF.ORG. IOERROR in twitter. Jackob Applebaum. Uses encryption, but also onion routing. Encrypts data five times. Hops and takes off layers one at a time. If watching, you only see a couple of nodes. Chris P. papers came out last year to circumvent onion routing by setting up incredibly well-resourced routers. usually between 15-30 hops per tracerout, but TOR uses five of its own specific nodes.
- Lisa suggests accelerating the spread of IPv6 usage
- Kris - also on epsilon breach - "reasonable" - we are past the point that personal info is stored unencrypted.
- Kevin - devil's advocate - must store keys somewhere. Likely on the same box as holding the data. Should be using SSL to access the database. Makes it hard to work with and doesn't add much security.
- Ryan: What about modifying browsers to let you know if insecure site?
- Kevin: Browsers are supposed to read the P3P policy, but it doesn't really get used.
- Chris - trying to create some kind of typography describing privacy at a site. 3 icons, various formats that would instantly inform a websurfer a la the Creative Commons model. To make it clear what is the level of privacy.
- Would be a voluntary implementation - "Privacy Commons".
- Article 29 working group inthe EU says you can have a multi-stage privacy notification - short, medium, and longest.
- Kev: why would this work any better than P3P?
- Chris: P3P was hard to figure out, this won't be.
- Kev: only people who will deploy it are people that think they'll look good.
- Fabian - bitcoin for DNS. Decentralized. Would prevent domains from being seized.
- there are some things out there like this. Can even create our own on top of the existing one.
- Kevin: How doing root servers? Is peer-to-peer that does validation against other peers. Longest bit-chain is the winner if contention.
- Microsoft could just release a version of windows that does bitcoin mining & earn all the gold themselves.
- There were a few guys that tried to create distributed DNS solutions in the wake of the seizures.
- group took time out to watch a video on youtube.com - search on ciranews
- Kris had a problem with privacy early on and had a bunch of domains highjacked... and never got them back even though the law was changed.
- ICANN policy requires that the domain owner be contact-able within a reasonable amount of time.
- Discussion about use of anonymous email and name info on domain registrations. You can do it, but you couldn't represent yourself in court.
- Problem of the government vs commercial sector being in charge of DNS.
- If someone sues you and you don't reply, you will likely lose.
- Current lawsuit at supreme court. Pissed off Wayne Quirks. John didn't do anything but linked back to potentially defamatory content.
- Need to be able to pop up a site to exercise free speech that might piss off a powerful entity such as the RCMP. If it's taken down, just pop up another one like a gopher.
- Use eg anonymizer remailer. Send article to lots of activist websites rather than have own personal website. Send out to multiple sites all at once.
- Best option to find a California publisher.
- One fellow got a warning email just for writing about how to remix a song using garage band.
- Kevin: hiding your identity is hard on the internet.
- maybe go to an internet cafe, pay for time, then anonymous email, then send out your "hot" content to activist sites.
privacy commissioner said if keep for only 3 months its okay, so folks doing a project to show how that could be a problem after all.
- ALPR discussion
- We're building a tool to demo the privacy implications of storing such data for 3 months, which is what we understand the privacy commissioner has authorized.
- Kurt giving an update on the software end. We're looking for people to opt-in for the demo.
- Even sample sets have false positives, and all of the current technology will.
- What is the argument police have for using this technology, and storing it? Are police doing data mining? Have they been audited by privacy commissioner?
- ALPR video at the bottom notice the bridges and island used as examples in the end) entrance/exit points
- You can't obfucaste your plates, even if for cameras; the precedence isn't detailed enough to mention physical viewing only
- Do we want a law enforcement process that automates the catching of summary offices and traffic laws?
- Go after cases that you can win and set precedent and then go after what you care about/leverage it
- Rob has agreed that Dave can stare at him indefinitely; context on viewing and/or recording is important. Looking vs stalking for example.
- What if we all emailed our ISPs and asked what information they provide law enforcement and under what conditions/requirements? warrant? subpoena?
- Large ISPs say no to providing law enforcement personal info, until the phalanx of lawyers hears that law enforcement is willing to pay the big $$. Small ISPs say no, but can't afford to say no when $$ is discussed
- Pawn shops won't verify your item that was stolen is there, unless you provide a police report numb
- Bank machines rely on GPS data/access to work to verify timing?
- 8 year old pepper sprayed - What if parents did this to their kid?
- water levels high in California with iodine/radiation from Japan?
- Byzantine Attacks on Anonymity Systems”, Nikita Borisov, George Danezis, Parisa Tabriz, Digital Privacy: Theory, Technologies, and Practices, 2007 is here
- Highly highly recommended from Chris! involves cracking tor
- Understanding privacy - Dan Solove
- Contextual integrity - Helen Nissenbaum