Dwarf Fortress OS: Security through Insanity?

I want to design a new operating system whose entire user interface is based on navigating through an instance of Dwarf Fortress, you know just for fun. It would be like bringing back Norton Commander, but with a user experience designed by George R.R. Martin. If you wanted access to my data, you must be prepared to go on a quest!

Update: apparently someone on Reddit has already begun this critical work!

The goal of course, would be to make it that much more fun for people who want to inspect your laptop at border crossings and other powerless zones within 100 miles of a border.
When asked by an inspecting officer of some kind “What the hell is this?!”, you can then spout bardic verses such as these when describing how to navigate to your sensitive email, documents, contacts and other magical treasure:

“Of easy passage to the prize, I did not promise,” said the stranger. “Through haunted woods we must go, there to find the elf princess to join our quest, then through the savage plains to the dwarf fortress, to find the dwarf champion and learn the location of the final prize. The path will be fraught with danger, for we cannot make this journey alone.”

 

Sending Secure Broadcast Messages with Signal

I have a created a simple Signal batch sending script (signal-batch.sh), which works with the fantastic Signal-CLI (Command Line Interface) project.

Now, you might be asking, why is this needed, or why wouldn’t I just use a group? Well, there are many cases where a person may want to send an alert or update message to a large group of people, who don’t otherwise want to be associated with each other. This is a one-to-many use case, not a many-to-many. For situations of high risk related to human rights, activism, living under a police state, or these days, even just being a U.S. born NASA scientist, it is a very real threat that your phone might be physically taken from you, and forced to be unlocked. In that case, anyone in any groups you are in would then also be exposed and put at risk, as happened in the tragic story of a Mexican activist.

In some cases, you may want to send messages out to 10,000s of people, for protests, events, concerts, emergencies, and so on. This is a use cases that goes back to the early, pre-Twitter TXTMob and RNC2004 systems I was involved in , except we were just using plain old SMS then, which was expensive and risky. Now, you can do this with fully encrypted messages, sent freely anywhere on the globe, right from your laptop. Neato!

Okay, so how does the script work? Here’s a quick run-down with instructions for any Linux or MacOS system. (This can work for Windows, but someone needs to rewrite the script as a BAT script).

  1. Download Signal-CLI and unpack it somewhere
  2. Download the signal-batch.sh script and put it into the “bin” folder for Signal-CLI
  3. Create a text file with all of the numbers you want to send to, one per line, with country code (+12125551212)
  4. Open a terminal, and follow, the excellent signal-cli readme instructions on how to register your number (or a new, clean number) with Signal
  5. Once you complete the registration and verification, you are ready to run signal-batch.sh!
  6. In the terminal type > ./signal-batch.sh to see the usage info below

usage: ./signal-batch yourSignalNumber yourBatchList “Your message goes here!”
example: ./signal-batch +12125551212 mygrouplist.txt “This is the broadcast message you requested!”

Before I go, I must state this: DO NOT ABUSE THIS SCRIPT FOR SPAM, DoS OR OTHER MALICIOUS PURPOSES. I am sure your Signal account will be shutdown if you do, and the “this is why we can’t have nice things” bad karmic spirits will reign down on you.

Finally, if you are promoting the use of Signal to high risk communities, please read some of these excellent guides below and making it as safe as possible:

 

From 2015 MIT Tech Review: “Tracking Terrorists in an Encrypted World”

I am proud of this opinion piece I wrote for the MIT Technology Review, back during the height of the Apple v. FBI legal battle over encryption and forced backdoors. While I am clearly a fan of strong encryption, I am also grounded with regards to the limits of what it can achieve. Ultimately, my point was to call out some of the ways in which encryption of message content still leaves us vulnerable to surveillance by adversaries of all kinds, whether legal or not.

 

A View from Nathan Freitas 6 Ways Law Enforcement Can Track Terrorists in an Encrypted World

Government officials want us to believe that encryption is helping terrorists, but law enforcement still has plenty of tools to get the data. November 24, 2015

The phrase “the terrorists are going dark” has come back in vogue after the Paris attacks, referring to assertions that encryption is somehow enabling the communication of future attackers to go undetected. But the public is being presented with a false choice: either we allow law enforcement unfettered access to digital communications, or we let the terrorists win. As always, it is not that simple.

Read the full article here: https://www.technologyreview.com/s/543896/6-ways-law-enforcement-can-track-terrorists-in-an-encrypted-world/

 

(I was also very honored to get my very own illustrated avatar… )

Published
Categorized as General

What to do when the internet goes down?

From CBC’s Spark radio show:

There are lots of reasons you can find yourself offline: a natural disaster, government censorship, or simply a flaky ISP. Nathan Freitas researches alternative network technologies, and he knows first-hand what it’s like to not have internet access — he was in New York City during 911 and for the major power outage in 2004, he was in Boston during the marathon bombings and he’s lived in remote parts of Nepal.

That got Nathan thinking about alternatives to the internet — ways that small groups of people can set up their own peer-to-peer networks, from the bottom up. He thinks there are lots of ways you can share digital information without ever going online, and he calls this kind of ad-hoc sharing “Wind.”

Wind Farm 0: If there was suddenly no Internet, what would we do?

(Originally, posted on Medium and Fold, but here since this is my *real* blog after all, and if the Internet went down, I still will have my local blog archive, and can run a teeny tiny WordPress server on my own computer, local network and/or $9 computer).

This last Friday and Saturday, a group of tool developers, designers, user advocates, security experts, tinkerers and curious humans gathered at the Berkman Center on Friday and Saturday for discussions, teachings and hands-on learning about the past, present and future of nearby network communication technology…. and to answer the basic question “If there was suddenly no Internet, what would we do?”.
11146648_10152944926373434_4549087628200142545_o
I call this new communication space between all of our devices “Wind”, as it is a counterpart to the Web, but very different in its shape and basic nature.Wind Farm is an event designed to understand how to better harness the power from the Wind, and shape it to our needs.
10955252_10152944926218434_1722205278635437230_o
We had over 40 participants from Microsoft Research, the Open Technology Institute (part of New America Foundation), F-Droid (Free Software Foundation Europe), Tibet Action Institute, Rights Action Lab, the Briar Project, the Guardian Project, DeNovo (out of UC Berkekey’s TIER group), NYU, USC, members of the local Nepali community, and fellows from Harvard’s Berkman Center and Nieman Foundation. We all realized that there is a shared core problem that needs to be solved, around the basic “dialtone” or “chime” that let’s people near you, and their smart devices, know that you are there, available and interested in communicating about a specific topic, or using a specific set of information.On day two, powered by donuts and coffee, I (Nathan) gathered our experts together with curious participants in our outdoor introductory workshop and simulation event… the event we simulated? An alien invasion where our telecommunication system for the planet was about to be taken out by their mother ship. The participants were taught basic skills like using Bluetooth, NFC, Wifi and other tools to share information directly between their smartphones, instead of using the Internet.
image (3)
Everyone also learned how to fold an origami pinwheel, and adorn it (or themselves) with a 1KB read/write capable near field communication sticker chip. If you can turn a square piece of paper into a beautiful, functional pinwheel, and make it a portable, power free hard drive by putting a sticker on it, then you can do just about anything!
10750351_10152947234823434_7432061859459728997_o
We taught people how to transfer apps between their Android phones directly, since Google Play and other app stores don’t work when the Internet doesn’t exist. To do so, we used F-Droid and the App Swap feature.
One of the missions to help build a new, nearby community-powered network was to deploy an adhoc wifi mesh system, using Commotion, across the Harvard campus. Using some elevated platforms (aka fire escape), we managed to build a five-hop system that connected 23 Everett Street to Harvard Yard, with nothing but handheld antennas, battery packs, and the creativity of determined humans…
Simultaneously with the Wifi-mesh, we also deployed multiple covert battery and solar-charged PirateBoxes(Boxen?) throughout campus, and used them in a data relay “Pony Express” manner. Two teams with four relay runners each moved photos between each pirate box, to reach their end goal. Every PirateBox also contained a full, offline/nearby copy of the Guardian Project’s F-Droid repo app store, for local app distribution.
pirateboxen
To coordinate communications between teams throughout the afternoon, we used the Gilga app (aka Pinwheel) to send messages using only Bluetooth and WifiDirect… it was the first medium scale test of the technology (with 10-20 users communicating together at any given team), and it worked as expected. Each team needed to use the app to send critical messages about media being shared through out the local nearby networks.
gilgadouble
If you’d like to learn more about the concept of Wind, and the entire Wind Farm event, you can read on at WindFarm0.link. We will be holding more Wind Farm events in the coming months, so that you, too, can be prepared for a day without the Internet, and app and tool builders can understand the unique challenges this type of situation creates.