Search Mailing List Archives
[liberationtech] dumb question
jacob at appelbaum.net
Wed Sep 15 18:28:01 PDT 2010
On 09/15/2010 10:49 AM, Adam Fisk wrote:
> Hi Daniel- I was imprecise in my language, and I apologize. I think
> the confusion comes from the notion that a Haystack user would be
> undetectable as a result of hiding in otherwise innocuous looking
> traffic. That's clearly different from anonymity, but it it does give
> the illusion of safety. At the end of the day, the practical danger is
I think that Haystack very clearly claimed to be an anonymity system.
Is there really any debate about it? It actually still used on their
It was also claimed in many media interviews, on their website, etc.
> I also would love to see a complete version of Haystack that works and
> does not endanger anyone. Lord knows I've had some experience writing
> beta software, and I don't mean to dishonor anyone's hard work. The
> stakes are just so much higher in this case, making releasing any
> early test version much trickier. I think we're all calling the test
> version "Haystack" because we have nothing else to identify as
> "Haystack." That said, I'll be more precise next time, and thanks for
> pointing it out!
Everyone involved is calling the currently in-the-wild releases
"Haystack" because Austin told the entire world that was the name of the
project. The actual binary examined was called something else (tricky!)
but the issue still stands: The only thing released was what was overly
hyped and frankly, to beat a dead horse, dangerous.
It is clearly not the same thing outlined in Daniel's design on this
list but that does not mean much to the users in Iran.
Daniel's design is an interesting one and worth discussion. I really
hope that he picks up a new name and continues with the dialog about
that design document.
> On Wed, Sep 15, 2010 at 12:06 AM, Daniel Colascione
> <dan.colascione at gmail.com> wrote:
>> Hi, Adam. I appreciate your nuanced post. You are right: there is plenty
>> of room for other tools in the gap between Tor and a bare proxy. Every
>> solution involves certain trade-offs, and not everyone prefers the
>> trade-offs made by Tor.
>> By the way, I noticed certain misunderstandings in your post. I hope you
>> don't mind my correcting them.
>> On 9/14/10 11:30 PM, Adam Fisk wrote:
>>> The key is not to confuse the two. Haystack is such a disaster because
>>> it purported to be an anonymity tool
>> The CRC made many hyperbolic claims, but in the interest of historical
>> accuracy, we didn't make this one. From the Haystack FAQ,
>> "Tor focuses on using onion routing to ensure that a user's
>> communications cannot be traced back...Haystack focuses on being
>> unblockable and innocuous while simultaneously protecting the privacy of
>> our users. We do not employ onion routing, though our proxy system does
>> provide a limited form of the same benefit."
>>> but really was just a
>>> semi-functional circumvention tool.
>> I assume you're talking about the broken test program that was released.
>> If so, I urge you not to perpetuate this myth. Haystack was never
>> completed. The program that was released was never meant to be Haystack.
>> Daniel Colascione
>> liberationtech mailing list
>> liberationtech at lists.stanford.edu
>> Should you need to change your subscription options, please go to:
More information about the liberationtech