Mike Shaver Moves to Zero-Knowledge 90
Mike Shaver, who recently left the Netscape/AOL conglomerate, has apparently landed a job with Montreal-based Zero Knowledge. The press release has more details, but it appears that Zero Knowledge is privacy company which promises the ability to post, browse and all those good things anonyomously. Mike will be their Chief Software Officer, while continuing to work on Mozilla as time permits.
Wow. Sounds like a sweet job. (Score:1)
kwsNI
Zero Knowledge? (Score:1)
ls:
CSO? (Score:1)
Re:CSO? (Score:1)
That should have read:
So he's the Bill Gates of the company?
(Insert canned laughter here)
hmm (Score:1)
Mike will be their Chief Software Office
He must be a pretty big guy!! *rimshot*
An (albeit old) article on zero knowlege systems.. (Score:4)
The Zero-Knowledge software works using three servers, located at leased sites in scattered locations worldwide. Client software encrypts Internet access requests and information using three layers of public-key encryption software. Each of the three servers only knows part of the information needed to identify a user and the contents of an Internet session. Even Zero-Knowledge itself doesn't know the identity of the owner of particular pseudonyms, so it can't divulge that information if subpoenaed.
Of course implementation is everything, but I'm all in favor of any step towards ubiquitous encryption and pervasive privacy.
Duh. (Score:1)
kwsNI
Interesting news order (Score:3)
Specs.. (Score:1)
Operating System:
Windows 95, Windows 98
Internet Connection (Modem or LAN-based) using standard Microsoft TCP/IP
Obtained from freedom.net [freedom.net] webpage.
Freedom is cool, but Win9x only for now (Score:2)
But if you are on Win9x, Freedom is great--fully anonymous surfing, email, telnet, whatever. With the paid version ($50) you can set up five "nyms," which each store their own set of cookies. You can use different nyms for different purposes, accept all the cookies and don't worry about it, no one will have any idea who you are. There is even an option to pay by anonymous money order.
porn (Score:2)
Also:
"empowers Internet users to surf the Web, send email, post to newsgroups and IRC chat in total privacy."
Right now spam, and to a lesser extent, e-mail hoaxes and threats are an ongoing problem. I can see this software as a possible tool for spammers and hoaxers. Once again, does a person have legal recourse in a situation where an anoymous person has spammed them?
--
Isn't this illegal? (Score:1)
Re:An (albeit old) article on zero knowlege system (Score:1)
Excellent news (Score:1)
Hiring someone with expertise on a multi-platform application like Netscape was an excellent move. The only reason I don't use this is because the Zero-Knowledge client currently runs only on Win9x, with versions for other OSes to be released "real soon now". Hopefully, this should significantly jump-start those efforts, bringing anonymity to people who refuse to run an insecure OS.
Re:This is Not a Flame (Score:1)
Munky_v2
Re:Wow. Sounds like a sweet job. (Score:1)
kwsNI
Re:This is Not a Flame (Score:2)
http://slashdot.org/search.pl?quer y=Mike+Shavers [slashdot.org]
Article from Macleans (www.macleans.ca) (Score:2)
An Internet privacy product creates a public stir
BY VINCE BEISER
Austin Hill wants to make Web surfers invisible. With the Internet increasingly becoming a place where people's movements and personal information are tracked, logged, bought and sold, Hill's Montreal-based company, Zero-Knowledge Systems Inc., is set to launch a product that will conceal all cyber-wanderings. "Right now, the Net is like a street with a camera on every corner. Everything you do leaves a trace," says Hill, Zero-Knowledge's 26-year-old president. Law enforcement agencies, employers and hackers can easily monitor e-mail and online chat; corporate Web sites gather information on visitors, then resell it to marketing companies. Zero-Knowledge's Freedom software will prevent that by encrypting every communication a user sends.
Scheduled for commercial release late this year, Freedom is already generating a buzz among Silicon Valley venture capitalist and privacy advocates. But it is also unsettling law enforcement officials, who warn that the privacy software will make life easier for virus makers, pedophiles and other online miscreants. FBI chief Louis Freeh recently told the U.S. Senate that the widespread availability of strong encryption products will "devastate our capabilities for fighting crime, preventing acts of terrorism and protecting the national security." Brent Pack, a so-called hacker hunter with the U.S. army's computer crime investigation unit, agrees. "Our job is hard enough," he says, "without adding any additional hurdles."
There already are anonymous Web-surfing services and e-mail encryption programs on the market. Freedom, however, is the first to bundle these functions in a single user-friendly application. Though it is still being tested, "the idea," says Bruce Schneier, one of the industry's leading cryptography experts, "is fundamentally sound."
It works by stripping all data leaving a user's computer of identifying information -- be it e-mail, chat-room gossip or requests for Web pages -- then wrapping it in several layers of 128-bit encryption, currently considered unbreakable. The data is then routed through a series of randomly chosen servers, each of which unwraps one of the encryption envelopes to find where to send the packet next. That means no single server knows both the origin and destination of the packet. (Even Zero-Knowledge won't know which data packets connect to which users, hence, the company name.)
Freedom allows users to create up to five pseudonymous identities, none of which can be traced. This sits nicely with privacy advocates. "The police would have a much easier time if they could enter your house or read your mail any time they wanted," says David Jones, president of Electronic Frontier Canada, a cyber-rights group. "Why should e-mail be any less deserving of protection than a letter sent by Canada Post?"
Hill, too, is a longtime believer in individual freedom -- especially his own. He quit high school at 15 to start a career as a computer security consultant. At 21, with the help of his older brother Hamnett, he co-founded what is now TotalNet Inc., one of Canada's largest Internet service providers. After selling that venture for a hefty profit, the brothers founded Zero-Knowledge in 1997, along with their father, Hammie, a corporate accountant.
Overseeing Freedom's development is star hacker and Toronto native Ian Goldberg, 26. In recent years, he has made headlines by cracking the digital security system used by Netscape's Navigator and another used by many wireless phones, including Canada's Fido Network.
While the demand for Web privacy is widespread and while the technology may be solid, the question remains: will people pay $75 to buy Freedom? Austin Hill is confident they will. The number of employees at Zero-Knowledge's loft-like headquarters on Montreal's now-hip Boulevard St. Laurent is projected to zoom from 50 to 110 in the next few months, and at least 50,000 volunteers have signed up to test Freedom's new release. "We don't expect overnight success," says Hill, "but we expect it quick."
Do you /. guys read anything older than a few hrs? (Score:2)
APPARENTLY? There have been tons of stories about these guys ever since they began offering the beta and it should be no suprize at all to anybody that follows security just a little bit.
Check their own site for stories [zeroknowledge.com] that go back for months, including ZDNET, the Wall Street Journal, CNNin, C|Net, Newsweek, InternetNews, The Village Voice, Wired, Time.com and the list goes on for 2 very long pages.
Yea, the new suit part might be news, but the what it "apparently" does part is old now.
Models of security v privacy (slightly ot) (Score:4)
Things like ZKS make me wonder about what we are striving for in terms of privacy. There is the "real" world and the digital world -- is one meant to be an analogue of the other? Obviously, we want privacy because we don't want the digital world to be worse than the real world in certain ways. For instance, if we didn't encrypt credit card data during transactions, the digital world would be broken compared to the real when it comes to purchasing. Similarly, I want to be able to secure documents that I send to someone so that they are at least as good as taking certain "security" measures in the real world (registered mail, envelopes that aren't transparent, etc).
There seems to be a distinction between the desire for online security (which seeks to emulate the security we can find in the real world) and the desire for online privacy (which seeks to surpass the real). There is no real-world equivalent to what ZKS proposes. If I walk down the street, people may not recognize me (unless they know me), but I clearly have an identity -- I can be distinguished from someone else on the street by a third-party observer, even though the observer may not be able to identify either of us. ZKS would allow me to walk down the street and appear identical to everyone else -- not just nameless, but faceless.
Obviously, a lack of privacy dehumanizes; but couldn't an overabundance dehumanize as well? I'm interested in where exactly we're going with all this.
Irony... (Score:3)
Gerv
ZKS e-mail spam? [was: Re:porn] (Score:1)
I like the company, they've hired some very smart and very nice people, but I wish they'd be more forward-thinking regarding efficient payment options.
JMR
Comic Book Store Guy says: (Score:3)
Worst. Name. Ever.
Seriously, what kind of marketing wizard decided to name the company "Zero Knowledge". It sounds like a synonym for "Know Nothing." "Yeah, I know there are a lot of smart companies out there that we could work with, but that's so cliché -- we should team up with them Zero Knowledge guys!"
Cheers,
ZicoKnows@hotmail.com
Re:porn (Score:3)
On the flip side of this, Freedom can make it safer for children by keeping any personal information away from prying eyes, specifially those of child molesters, etc. So now which is more important, protecting children from child molesters, or to make it easier to track child molesters? It'd also make it easier for the police to do stings in chat rooms, etc., because they can create a relatively untraceable pseudonym...
On the happier and less controversial note of spammers, Freedom does reserve the right to pull 'nyms that are associated w/spam, etc.--a lot of spammers seem to be using either free email services until they get caught, or their own servers, so it'd get pretty expensive to pay $10/each for new names...
Re:porn (Score:2)
Liberty exists in proportion to wholesome restraint.
-Daniel Webster, Speech at the Charleston Bar Dinner, May 10, 1847.
They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.
-Benjamin Franklin, Historical Review of Pennsylvania
Re:Comic Book Store Guy says: (Score:1)
I think they took it from that.
Re:Freedom is cool, but Win9x only for now (Score:2)
Which makes sense - make it open so people can check the security. Other people can do the work of porting it to numourous wierd and wonderful platforms. They still make revenue because they're providing a service (including to users of unoffical, say, Linux ports). Everyone wins.
Hurrah for open source! Etc!
...j
Re:porn (Score:3)
From their FAQ [freedom.net]:
How does Zero-Knowledge limit spam abuse of Freedom?
Zero-Knowledge is very much aware of the possibility that our technology may be used by spammers to distribute unsolicited commercial email. To discourage this, Freedom attempts to limit the potential for spam through a number of measures:
* Limits on the total number of recipients/newsgroups to which email may be sent on any day
* Reduced limits on the total number of recipients/newsgroups to which email may be sent on any day for trial nyms
* Limits on cross-posting to newsgroups
* Limited lifespans for trial nyms, discouraging their use for spamming purposes
* Internet users can block email from any particular nym
Moreover, Zero-Knowledge has a 'no-spam' policy which it will try to enforce, and reserves the right to delete any nyms or restrict users ability to send email for spamming on the Freedom Network. That said, given Freedom's design goals of complete privacy, if an individual hides behind a nym to send spam via Freedom, Zero-Knowledge will be unable to determine the identity of the nym's owner or to associate a particular nym with any others owned by the same individual.
Re:Isn't this illegal? (Score:1)
Ha! Good thing they're Canadian!
(Also kind of nice to see the brain drain going the other way)
Re:Models of security v privacy (slightly ot) (Score:2)
I think that a lot of what people here aren't noticing yet (mostly 'cause it involves a lot of reading the Zero Knowledge/Freedom docs, etc.), is that Freedom isn't for anonymous internet, it's for pseudonymous use--if you're not careful (e.g. by switching to another pseudonym while on a site which actively places/updates cookies), you can have your pseudonyms connected together--or to your real name, if you shut off Freedom while surfing...
You can check out their page [freedom.net] for lots of details on what they have going on.... It can take a little digging, but there's lots of info there...
Re:Comic Book Store Guy says: (Score:1)
Q: Ever heard of a Zero Knowledge proof?
A: Yes.
Q: Has anyone who might even think of investing in this company ever heard of a Zero Knowledge proof?
A: Ummm...
Yes, it's a clever name, but that doesn't mean it's a wise choice. If the producers of "Frasier" decided to have an entire episode where the characters spoke in Ebonics "in commemoration of" Martin Luther King day*, I'd think it was clever as Hell. It would also be instant suicide.
Cheers,
ZicoKnows@hotmail.com
* Replace Ebonics/MLK day with Spanglish/Cinco de Mayo, Sign-Language/Nat'l Sign Language Day, etc. I was illustrating a point, not trying to start a race war. I shouldn't have to explain this, but in these politically correct times...
Zero-Knowledge Proofs (Score:2)
So, it's a double entendre: crypto in-joke, and also how much info you spread, accidentally, while using Freedom.
Re:Comic Book Store Guy says: (Score:1)
ZKS's poobah Austin explained the whole thing at Defcon last summer (they didn't have an official talk, but Austin was explaining Freedom at one of the last talks on internet privacy, and he explained in detail at the party they threw).
They are very much on top of the issues of spam, kiddie porn, etc.
And yes, they're aware of the demand for a Linux client, but as Austin explained it to me (AFAIK), the impetus for creating Freedom was allowing people to speak freely about the companies they work for without the fear of getting fired, and most of those people tend to use Windows.
ZKS are pretty cool people. And they know how to throw a party.
Re:Models of security v privacy (slightly ot) (Score:1)
Looks like I should have read the zks page a bit more carefully :)
With that knowledge my original question would have been much different (if it had even existed). pseudonymous use rather than anonymous pretty much negates the effect I was implying. Thanks for the correction.
Porn, spam, hoax, concerns (Score:2)
Each user has a pseudonym. If that pseudonym causes problems, it can be revoked, forcing the spammer to sign up again to spam again. Not really that much different than what any other ISP does, except that it is harder to prevent them from signing back up again.
Law enforcement issues: A packet can be traced by going to the first server in the chain and getting a subpeona for its logs, which will point to the next server in the chain, eventually pointing back to the sender. This would be problematic since the servers can be in different countries, but still theoretically possible. ZKS did not start up to make life easy for law enforcement, but to protect people from anyone, including law enforcement, who encroach on the their privacy.
There certainly will be abuses of ZKS, but that holds true of any system. The issue is whether or not a person should be allowed to interact with society on an anoymous level. I say yes. Police caught and convicted criminals long before there were DNA tests. They will still be able to do so without a trail of bloody footprints leading to the spammers door. If we give people tools such as ZKS, they can defend themselves from being attacked by spammers in the first place, rather than retaliating after the fact.
Re:Isn't this illegal? (Score:1)
I tried zero knowledge just after it came out (Score:1)
The software is very nice, although the connections are a bit slow over your average modem (understandably). Unfortunately, for me that limitation meant I couldn't use it, and I was forced to return my product.
On the bright side the company was very easy to deal with, and I suggest the product for anyone that doesn't have to deal with a lan as well as the internet.
Oh yeah, and of course the first version only runs on windows. :)
Re:porn (Score:1)
However, to connect a nym to a person is significantly more difficult, keeping hte privacy intact.
Interestingly enough, when I had to cancel my account with them (due to a technical problem, see earlier post), I had to send them the files related to my nyms and my passphrase for those nyms.
Although, as long as they accept anonymous money orders, they can just get new accounts.
Hopefully a happy medium can be found.
coolest thing about freedom by zeroknowledge (Score:2)
Pretty cool, but it *is* annoying that you're limited to a pop client. But, if you don't want to use pop, you can still use public email services, as they won't be able to see your actual ip address, because you're hidden behind the freedom servers.
Re:An (albeit old) article on zero knowlege system (Score:2)
I've got his session scheduled... I plan to grab some of the "best" questions from this thread on Slashdot and corner Ian afterwards and see what he's got to say. I'll post the results of my quest here tomorrow after the session, if anyone is interested.
---------
Question: How do I leverage the power of the internet?
Re:An (albeit old) article on zero knowlege system (Score:2)
Freedom with Mozilla (Score:1)
Freedom works in two ways as I understand it. First as an encrypting freedom-routing client at the IP layer of your TCP/IP stack and second as an HTTP proxy that plugs into your TCP/IP stack.
This means that it should already work with Mozilla. Anybody tried it?
Zooko
Re:ZKS e-mail spam? [was: Re:porn] (Score:1)
I was at the Bay Area Cypherpunks Physical Meeting and I overheard some ZKS officers suggesting that people should use e-gold to buy Freedom nyms. But it isn't on their web page yet, eh?
Zooko
P.S. Hi, Jim Ray!
Re:Comic Book Store Guy says: (Score:1)
What if Frasier and Lilith back in the Cheers days had taken a trip to England and stayed in Fawlty Towers?
Re:porn (Score:1)
--Ralph Waldo Emerson, 1850, responding to Webster's defense of slavery and the cotton business
"Oh God, my feet hurt!"
--Franklin responding to his gout.
Re:porn (Score:1)
Re:ZKS e-mail spam? [was: Re:porn] (Score:1)
Hi, Zooko, sadly it isn't yet, but since my customers and I all like these guys a lot I think it's bound to happen soon (FC00? -- hey, ya going this year?). It's strange, I regularly offer ZKS (and Slashdot) folks a chance to play around with a bit of e-gold, and nobody takes me up on it! This, despite the cool new Real Gold Lotto [realgoldlotto.com] that recently popped up. (I've got nothing to do with them, I know nothing, I see nothing...) Take advantage of me, everybody, create an account and I'll click you some gold!
Anyway, I get the very strong feeling of another digital cash developing (and if it does, I'd hope for G&SR to make a market between it and e-gold and/or DigiGold). I want to see a thousand flowers bloom in this area, as I'm sure many folks do. Of course, I can't predict others' actions, so it's just a feeling, but it should be an interesting conference in Anguilla this time, and I can't wait!
JMR
P.S. Tell Joy to e-mail me!
Re:Hey, I have a question (Score:2)
Remember, we're still a fairly small part of the software industry at large. It's not always easy for Linux geeks and Linux companies to find each other.
Good luck! Maybe I'll see your anonymous face at the next LWE in San Jose. :)
Vovida, OS VoIP
Beer recipe: free! #Source
Cold pints: $2 #Product