Alison Macrina alison@torproject.org wrote:
Scott Bennet> If he discovers that neither his campus library nor the university as a
whole is already officially running at least one relay, this may be a better way to teach them. If, rather than going for a relay, which is quite likely to scare them until they understand more and better about tor, AJ were instead to campaign to get the library to install the tor browser bundle onto its publicly available computers, that alone would be a terrific coup and might engender a great deal of student support for tor on campus over time. (The library would, of course, need to find a way to lock down the settings of the installed bundle, so that it couldn't be turned into a relay by users, but that should not be difficult to do.) If he succeeded in getting the tor browser bundle added to the library's most likely tightly limited list of applications available on its public machines, he could then wait a while to see what the staff members thought of it. If they decided after watching it in use for a while that it was a good thing to have made available to their users, you might then approach another department that operates a student computer lab to try to get TBB installed there. If the library employees liked it, they might give the prospective department a positive recommendation. If AJ played it right and it usually turned out well, he might eventually cover much of the campus with TBB installations. In any case, getting the TBB installed would educate far more people about anonymity and privacy issues than merely getting a relay installed that most people would never be aware of.
This is a great idea, and the slides I shared in my last email could help get this conversation started (the slides cover Tor Browser as well as relays and other Tor stuff). If AJ is interested I can connect him with other libraries I've worked with that have installed Tor Browser on all of their public computers.
I, for one, am very happy to know that Alison and her organization are making those materials available. They have the potential to assist many people like AJ in making the public more aware of the issues and of the tools available to help it protect/recover its privacy and anonymity. Alison, do you also have materials on using HTTPS where available instead of HTTP? The dangers inherent in allowing Java or JavaScript to be enabled in one's web browser? Cookies? Tools like the HTTPSeverywhere and NoScript plug-ins for Firefox? The reasons for avoiding the use of telnet clients and which tools to use instead for remote logins? If not, they would make great additions, particularly pages that explain how to convince librarians about these matters? Let me give an example. I have for at least ten years asked my local public library to provide a) a secure shell client, b) a secure web browser for ordinary use where anonymity is not a concern, c) a secure FTP client, and d) the TBB for use by those who desire anonymity. They have always refused to budge. They run an unsecurable OS on their public computers. They provide only Internet Explorer for web access. I'm unsure whether they still allow any FTP access at all. As you can imagine, they have severely limited the usefulness of their computers to the library patrons they claim to serve. I could not, for example, submit my on-line application to renew my flight instructor certificate via the library's computers. They have refused to let me speak with those making the decisions about what is provided on their public computers, much less to make an organized presentation to them. I was told that the decisions about software on the computers are made by the library board, not even by the IT staff. What is a good approach to get better results? I am at a loss as to how to get the library to emerge from the stone age into the age of the Cheka, much less that of the NSA, FSB, search engine profilers, botnets, packet sniffers, spyware, etc. Disclaimer: I confess that I have no idea how prevalent my public library's attitudes and policies are among public libraries in the U.S. today, so I can't make any claims about widespread need for the sort of materials I'm asking about.
Scott Bennett, Comm. ASMELG, CFIAG ********************************************************************** * Internet: bennett at sdf.org *xor* bennett at freeshell.org * *--------------------------------------------------------------------* * "A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army." * * -- Gov. John Hancock, New York Journal, 28 January 1790 * **********************************************************************