CodeCon 2002
Sponsored by LinuxFund.org
Main Registration Program People Schedule Mailing Lists Links About

Peek-A-Booty - a distributed anti-censorship application
presentersDrunken Master, Joey DeVilla
historyThis project was started around the time of the HOPE 2000 conference (July 2000). The design took place for approximately 6 months after that. For the next 9 months the code was developed slowly due to the fact that people were trying to work on it in their non-existent free time. I quit my job and worked on it full time starting in September 2001.
demoWe will demonstrate browsing the web through the Peek-A-Booty network. We will show routing through multiple nodes and the nifty prototype screen saver.
achievementsCurrently can route packets reliably through multiple nodes. It can discover other nodes in the network.
claim to famemade wired's top 10 vaporware of 2001
future plans
  • Implement "Internet Spread Spectrum": Each packet takes a different route through the Peek-A-Booty network, but they all end up at the same place.
  • Make Peek-A-Booty SOCKS 4/5 compilant so that any protocol can be run through the network.

Invisible IRC Project - secure, anonymous client/server networks
presenters[0x90]
historyIn October, 2001, [0x90] released the project. Three short months later, on December 3 version 1 final was released featuring all the tools required to chat on an IIP network or act as a relay to an IIP server.
demoDemo will include no less than three consoles at which attendees may chat on an IIP cryptonet. Aditionally, the presentation will included a short synopsis on the architecture of IIPv1 and an ongoing open discussion on the architecture of the upcoming, completely distrubuted IIPv2.
achievementsSince it's original inception, it has been demostrated in a number of client-server networks such as ICECAST and SHOUTcast multimedia streaming.
future plansIIPv2 seeks to be a completely distributed IRC network running on top of an anonymous point to point protocol (IP Steganography).

Idel - lightweight mobile code for p2p cpu sharing
presenterDarius Bacon
history
  • Started in December 2000.
  • Feb 2001: initial release does confined execution.
  • Dec 2001: restarted work with focus on practical usability.
demoWill demo an embarrassingly parallel job distributed over the public internet running on diverse hosts that don't know of the type of job ahead of time, don't trust the code implementing it, and sometimes have other things to do.Will show installation of jobber and dealer nodes, plus the code for a new task to run on the network.
achievements
  1. Providing the above capabilities with a free and open design, running on standard operating systems.
  2. A portable algorithm-neutral compression format.
future plansCapability-based security and resource management. A C frontend and a native-code backend. Markets for computational resources.

gateway crypto: achieving connectivity by any means necessary
presenterDan "Effugas" Kaminsky
history The Gateway Cryptography project began several years ago as I found myself unable to route traffic through increasingly disroutable networks. Some of its techniques were discussed at Defcon and the Black Hat Briefings during the summer of 2001, and will be published sometime this month in the next edition of Internet Tradecraft.
demo
  1. End to end security through a connection broker linking two NAT'd hosts
  2. SSH over HTTP Tunneling
  3. SSH over UDP (just for kicks)
  4. Using SSH Dynamic Forwarding to interface arbitrary applications with SSH Port Forwards (SOCKS as SSH API)
  5. audience challenges
achievements Custom code has been integrated with the OpenSSH codebase to make it more amenable to highly specific tunneling requirements. The prime goal is to always achieve end-to-end security without requiring unproven and untrusted cryptographic services to be invoked. You guys write the directories, let SSH handle the connectivity.
future plans SSH is nice, but real fun requires thinking on a different layer. I'll be discussing some of the ramifications of combining libnet and libpcap to get direct-to-the-wire userspace connectivity, which will eventually culminate in Anyron. Anyron is experimental handshake-only TCP connection broker. In plain terms, it will allow two hosts behind address-translating firewalls to glue together both of their outgoing TCP sessions into one bidirectional session, with only minor help from a third low-traffic broker.

Reptile - a distributed but uniform content exchange mechanism
presentersKevin Burton, Fen Labalme
historyReptile is a sub-project of the larger OpenPrivacy initiative. It was created in June 2001
demoWe will demo Reptile:
  • subscribing to prevously unknown content
  • publishing content from node A
  • subscribing to content from node A on node B
  • searching for new content based on Reputation
  • managing/searching article history
  • showing newest articles available
  • showing most popular articles in your community
  • technology demos including Pipes, Reptile search, etc.
achievementsCurrently Reptile is almost API/design complete. We have a very impressive framework but we need to make it capable of real user functionality.
claim to fameCreated the Jakarta Jetspeed and Alexandria projects and co-founded the OpenPrivacy project.

http://relativity.yi.org/bio/

future plans
  • Integration with the OpenPrivacy suite of services
  • SOAP bindings
  • Freenet/Jabber integration
  • Lucene integration

Mnet - a universal shared filestore
presentersBryce "Zooko" Wilcox-O'Hearn, Andrew Loewenstern, Jim McCoy
historyMnet is a new branch of the Mojo Nation project, which started in 1999 and saw its first public release in August of 2000. During the fall of 2000 and the whole of 2001 the Mojo Nation network was continuously in operation and the software was continuously developed to make it full featured and robust.
demoA demo/tutorial on what Mnet does (as a get-and-put universal shared filestore for hackers, not as a search-and-download file-snarfing service), and how to invoke it programmatically through HTTP/XML-RPC/Tristero or with a Python interpreter.
achievementsMnet is capable of spreading a file through a distributed network of nodes using encryption, Information Dispersal, and dynamic adaptive behavior to make the file available in spite of disruptions. It also has a distributed search engine for finding files by keyword search. Mnet's ancestor project, Mojo Nation, incorporates blindable digital cash tokens, and Mnet nodes can use those tokens if they connect to the Mojo Nation token server.
claim to fameMnet is still a "quiet" project with no official web site or publicity. Mojo Nation has received extensive coverage in industry magazines, on-line forums, general-circulation newspapers, television, etc. See press for some links.
future plans
  • make Mnet into a truly decentralized network with no central point of failure in network topology or in administration.
  • offers a simple API: `get' and `put' files in the universal shared filestore.
  • actively cooperating with independent hackers to extend Mnet and to connect with other open source projects.
  • Mnet will soon be integrated with the Tristero project, which will allow programmers to use Mnet and other networks through an identical API.

Alpine - a social discovery mechanism which can handle high churn rates, malicious peers, and limited bandwidth
presenterMartin R. Peck
historyThe ALPINE Network project started in September, 2000 as an attempt to improve on the Gnutella approach to searching in peer networks. Since that time it has expanded to provide a general purpose resource discovery infrastructure that can interoperate with other applications and protocols.
demoThe demo will display the following features of the ALPINE Network and applications:
  • Adding peers and growing peer groups automatically.
  • Defining peer groups for specific domains of discovery.
  • Running queries and viewing their effect on peer quality values.
  • Retrieving resources discovered by queries.
  • Using modules to support additional protocols and data transports.
achievementsNetwork is currently fully functional
future plans
  • Implement Tristero Search interface
  • Full XML-RPC and ORBit interface support
  • Implement Swing, GTK--, and Win32 native interfaces

Eikon - an image search engine
presenterLuke Francl
historyThis project is based on research by Chuck Jacobs, Adam Finkelstein, and David Salesin. See: http://grail.cs.washington.edu/projects/query/

June 2001: initial implementation of the Jacobs, et al image query
Nov 2001 - Jan 2002: re-architecture, with an emphasis on preformance, abstraction, and interoperability

demo
  • A brief summary of how Eikon works and the interfaces programmers can use to access it.
  • Demonstration of using Eikon from the web based interface to retrieve similar images.
  • Demonstration of an application using XML-RPC to retrieve metadata from the Eikon database.
achievementshave a working image search engine
future plansExpand the scope of the project to include infra-image searching, more file formats (including video). Use the Eikon libraries to write a distributed image search service.

CryptoMail - encrypted email for all
presentersJoshua Teitelbaum, Peter Leung
historyThe first version of the CryptoMail Email System was written by Joshua Teitelbaum in the Fall of 1999, after one of the most popular web-based Email services (Hotmail.com) had major security problems.
demoThe demonstration will show CryptoMail in action. I will create an account, log in, send mail from one account to another, and basically demo the security features of the mail client.
achievementsUsers have a compelling but still meager email client and a highly secure way to perform email communications.
future plansPlan to move the protocol to Open PGP.

libfreenet - a case study in horrors incomprehensible to the mind of man, and other secure protocol design mistakes
presenterSteven Hazel
history
  • Began December 2000, as a project to make non-Java v0.3 Freenet clients possible.
  • Project scope expanded to full protocol implementation, to facilitate alternate Freenet node implementations.
  • Version 0.5.0 released June 13th 2001, with full Freenet 0.3 compatibility.
demoI discuss some of the hurdles I encountered in implementing the Freenet protocol for libfreenet, and explain how different design decisions might have led to a more widely analyzed and easier to implement protocol. I make the point that secure protocols that are more difficult to implement are less likely to be adopted, and I argue that simplicity and use of applicable standards should be priorities in the design of new and experimental protocols, particularly in applications involving cryptography, where design or implementation flaws have the potential to compromise security.
achievements
  • libfreenet was the basis of a number of Freenet clients and network analysis applications.
  • libfreenet's complexity inspired the creation of simpler client-to-node communications protocols.
claim to fameThe only working Freenet v0.3 protocol implementation written in a language other than Java. Also the only Freenet v0.3 protocol implementation that shares no code with the reference node implementation.
future plansNo plans to support Freenet 0.4 protocol changes. I've given up.

BitTorrent - hosting large, popular files cheaply
presenterBram Cohen
historyStarted in May 2001, based on lessons learned writing Mojo Nation, I've been working on it full time since then.
demoWill show installation and download on a fresh machine, then show how to host files as well.
achievementsCan handle several downloads at once. Integrates seamlessly with the web - users download simply by clicking on hyperlinks.
claim to fameCovered in New Scientist.
future plansScaling will be improved to thousands of simultaneous downloaders.

WikiWikiWan - ad-hoc wireless networking
presentersJonathan Moore, Jeremy Avnet
historyThis project started because I saw the strength of people with money being exercised one the Internet by attacking up stream at ISP and the domain name system. Because of this I decided to try and build a network in which no ISP existed and where the net work was peer to peer at the low level. I have been working on this project very slowly for the last two years or so. This project is built with as much off the shelf software and hard ware as possible.
demoI will show a number of nodes working.
achievements I have a small network that people have been using for there full time Internet connection using this technology.
future plans new hardware and adding ipv6, reputations, QoS.

Panel - 'Money: Do we need it?'
topics
  • creating financially viable open source projects
  • open source-based company business models
  • getting sponsorship to work on open source projects
  • day jobs for the open source ronin
panelists

Panel - 'Legality: Could we be in trouble?'
topics
  • past victories: winning the war against export controls
  • fair use and the music sharing cases
  • the DMCA and its more evil step-child, the SSSCA
  • when are the risks too great for technologists to pursue their careers?
panelists

Panel - 'The future of DNS security'
topics
  • what makes a secure DNS system?
  • DNS threat models
  • what is DNSSEC
  • DNSSEC deployment
  • How secure is the Internet's DNS system today?
panelists

PGP key signing

organised by Len Sassaman.

The PGP key signing will use the " Zimmermann-Sassaman Group Key Signing Method". See the CodeCon PGP key signing page for more details.