This file is available on a Cryptome DVD offered by Cryptome. Donate $25 for a DVD of the Cryptome 10-year archives of 35,000 files from June 1996 to June 2006 (~3.5 GB). Click Paypal or mail check/MO made out to John Young, 251 West 89th Street, New York, NY 10024. Archives include all files of cryptome.org, cryptome2.org, jya.com, cartome.org, eyeball-series.org and iraq-kill-maim.org. Cryptome offers with the Cryptome DVD an INSCOM DVD of about 18,000 pages of counter-intelligence dossiers declassified by the US Army Information and Security Command, dating from 1945 to 1985. No additional contribution required -- $25 for both. The DVDs will be sent anywhere worldwide without extra cost.

10 November 1999

From: potsmoker@alpha.freedom.net
Received: (from freedom@localhost)
by afs1.freedom.net (8.9.2/8.9.2) id BAA09687
for cypherpunks@cyberpass.net; Wed, 10 Nov 1999 01:33:47 -0500 (EST)
Message-Id: <199911100633.BAA09687@afs1.freedom.net>
X-Authentication-Warning: afs1.freedom.net: freedom set sender to potsmoker@alpha.freedom.net using -f
To: "'cypherpunks@cyberpass.net'" <cypherpunks@cyberpass.net>
Subject: Freedomnet on a Mac!
Date: Wed, 10 Nov 1999 01:32:15 -0800
MIME-Version: 1.0
Content-Type: multipart/mixed;
charset = "us-ascii" ;
boundary = "D8NVR0CNWTSK6PCASKYFESWGX2CRYU5HSY3APL3R511HHJHF"
Comments: This message was processed by the Freedom Mail Gateway
Sender: owner-cypherpunks@cyberpass.net
Precedence: first-class
Reply-To: potsmoker@alpha.freedom.net
X-List: cypherpunks@cyberpass.net
X-Loop: cypherpunks@cyberpass.net

As has been mentioned here already, all you drug traffickers, pedarists and terrorists really need Freedom. You also need a fast Mac, Virtual PC and PGP Disk.

I took up Ian's kind offer, got my beta copy and, because there's no Mac version of the Freedom client yet, I installed the whole fucking thing onto a Virtual PC instance of Windows '95 on my G3 Mac. I put Virtual PC and its "hard drive" (which is just a huge Mac file) in a PGP Disk encrypted volume, and I'm thinking this has to be one of the most secure setups possible on a personal computer. When I quit VPC and dismount the encrypted volume, there is NO TRACE of Freedom.

Freedom works great under VPC, at least for web and mail, which is all I've tried so far. Frankly, although I've owned VPC since it first came out, this is the first good use I've found for it. Being, after all, software emulation of a Pentium, it's not a speed demon, but the G3 is a hot chip and it's fine for just surfing and emailing as my alter-ego. Stability so far is flawless.

For anyone who hasn't used Virtual PC yet, it's some features that make it incredibly convenient for day-to-day use. You can choose to quit the application without shutting down Windows, and it will save its state to a file on the (in my case, encrypted) disk. Coming back into that instance, with Windows 95 already booted and my applications still running as I left them, takes less than 10 seconds. I tell Freedom to create a route (I leave Freedom running so I don't have to type my passphrase -- what the fuck, it all get encrypted before I walk away from the machine, right?), and another 10-15 seconds later I'm surfing. If someone battered down the door while I was composing this message, I could hit cmd-Q, <enter> and VPC would take five seconds to save state and exit. A minute later, the PGP Disk would automatically dismount.

VPC uses the Mac's built-in ethernet card but uses whatever IP address is set in Windows, even if it's different than the Mac. This adds another level of deniability and if you're in a dynamic IP environment, every time you "boot" your VPC it gets a new IP address seperate from the Mac. (In order to do two IPs on a dial-up, you'll need some masq'ing software, like IPNetRouter on the Mac.)

If an attacker (and by this I mean a law enforcement agent) busted into my house (in other words, served a search warrant on my premises) and stole my machine ("collecting evidence", I think they call it) looking for my 'nym, they would find a G3 PowerMac with absolutely nothing to indicate that I had ever even heard of "Freedom," much less that I have installed it and use it regularly as that criminal genius known around the world as "potsmoker". There's no registry entries or Freedom preference files to be found in the clear -- all of that is locked in my PGP Disk.

One potential point of attack is that Freedom doesn't give me a new pop/smtp account, it provides a remailer chain back to (one of) my regular email address(es). So any messages sent to my 'nym show up in my regular mailbox as an encrypted enclosure that only Freedom can read. An attacker who could watch my pop account and wanted to tie me to my 'nym would see those messages arriving from the Freedom remailer. Unless I get a lot of traffic on that 'nym, an attacker could send me mail at various intervals and watch the encrypted enclosures come into my mailbox on the same schedule, especially since the default latency is in the seconds, not minutes. (I'm confused by Freedom's "Reply Blocks" setup screen; there seem to be multiple paths set up by default but I don't know how they're used or why I'd want to set up other paths. I may actually have to crack the manual ;-)

Since I'm only getting test messages from myself so far, and I'm still using the default latency of a couple minutes, traffic analysis on my incoming mail would be easy right now. To combat this, I could subscribing my 'nym to cypherpunks or another high-volume list. If this were the final release I might do this, but since it's still beta I'll be kind to their remailers...

The fact that my 'nym's messages come into my regular mailbox posed a bit of a challenge since my primary mail reader is Eudora on the Mac, yet I could only read them on the VPC. But I solved it by setting Eudora to "Leave mail on server for x days". Whenever I get mail from the freedom relailer, I just bop into Virtual PC and read those same messages into my Windows mail reader, where Freedom automagically decrypts them. The Windows mail client deletes them from the server, too, so that minimizes their incriminating stay in my pop box.

Sure I gotta deal with this piece of shit Windows whenever I'm "being" my 'nym, but my 'nym is already developing his own personality, and in my drug-induced haze I'm already beginning to think of him as a dumbshit Windows '95 user. This is even consistent with the "Mozilla/2.0 (compatible; MSIE 3.0; Windows 95)" my browser is -- correctly -- identifying itself as to the webservers I hit from my 'nym.

Maybe someday they'll come out with a Mac version of Freedom. If they do; I'll install it and create lower-security 'nyms that operate out of the Mac OS just for day-to-day surfing, to keep those fucking Web Marketers from tracking my ass. I only need to use the Virtual PC 'nym when I want to do something nefarious. What better way to convince investigators or a court that I am NOT "potsmoker" than to type in my Freedom passphrase and show them that "potsmoker" is not among the 'nyms _I_ use.

Pretty fucking slick.

-potsmoker

Freedom: http://www.zeroknowledge.com/

Macintosh: http://www.apple.com/

Virtual PC: http://www.connectix.com/

PGP Disk: http://www.pgp.com/

______________________________________________________________________________

Total Internet privacy -- get your Freedom pseudonym at http://www.freedom.net