![[LWN Logo]](/images/lwn.banner.gif)
Date: Tue, 13 Apr 1999 23:39:41 -0600 (MDT) From: cult hero <jericho@dimensional.com> To: InfoSec News <isn@repsec.com> Subject: [ISN] linux-ipsec: FreeS/WAN press release Forwarded From: Sandy Harris <sandy.harris@sympatico.ca> Originally From: Henry Spencer <henry@spsystems.net> Strong Internet Privacy Software Free for Linux Users Worldwide Toronto, ON, April 14, 1999 - The Linux FreeS/WAN project today released free software to protect the privacy of Internet communications using strong encryption codes. FreeS/WAN automatically encrypts data as it crosses the Internet, to prevent unauthorized people from receiving or modifying it. One ordinary PC per site runs this free software under Linux to become a secure gateway in a Virtual Private Network, without having to modify users' operating systems or application software. The project built and released the software outside the United States, avoiding US government regulations which prohibit good privacy protection. FreeS/WAN version 1.0 is available immediately for downloading at http://www.xs4all.nl/~freeswan/. "Today's FreeS/WAN release allows network administrators to build excellent secure gateways out of old PCs at no cost, or using a cheap new PC," said John Gilmore, the entrepreneur who instigated the project in 1996. "They can build operational experience with strong network encryption and protect their users' most important communications worldwide." "The software was written outside the United States, and we do not accept contributions from US citizens or residents, so that it can be freely published for use in every country," said Henry Spencer, who built the release in Toronto, Canada. "Similar products based in the US require hard-to-get government export licenses before they can be provided to non-US users, and can never be simply published on a Web site. Our product is freely available worldwide for immediate downloading, at no cost." FreeS/WAN provides privacy against both quiet eavesdropping (such as "packet sniffing") and active attempts to compromise communications (such as impersonating participating computers). Secure "tunnels" carry information safely across the Internet between locations such as a company's main office, distant sales offices, and roaming laptops. This protects the privacy and integrity of all information sent among those locations, including sensitive intra-company email, financial transactions such as mergers and acquisitions, business negotiations, personal medical records, privileged correspondence with lawyers, and information about crimes or civil rights violations. The software will be particularly useful to frequent wiretapping targets such as private companies competing with government-owned companies, civil rights groups and lawyers, opposition political parties, and dissidents. FreeS/WAN provides privacy for Internet packets using the proposed standard Internet Protocol Security (IPSEC) protocols. FreeS/WAN negotiates strong keys using Diffie-Hellman key agreement with 1024-bit keys, and encrypts each packet with 168-bit Triple-DES (3DES). A modern $500 PC can set up a tunnel in less than a second, and can encrypt 6 megabits of packets per second, easily handling the whole available bandwidth at the vast majority of Internet sites. In preliminary testing, FreeS/WAN interoperated with 3DES IPSEC products from OpenBSD, PGP, SSH, Cisco, Raptor, and Xedia. Since FreeS/WAN is distributed as source code, its innards are open to review by outside experts and sophisticated users, reducing the chance of undetected bugs or hidden security compromises. The software has been in development for several years. It has been funded by several philanthropists interested in increased privacy on the Internet, including John Gilmore, co-founder of the Electronic Frontier Foundation, a leading online civil rights group. Press contacts: Hugh Daniel, +1 408 353 8124, hugh@toad.com Henry Spencer, +1 416 690 6561, henry@spsystems.net * FreeS/WAN derives its name from S/WAN, which is a trademark of RSA Data Security, Inc; used by permission. -30- -o- Subscribe: mail majordomo@repsec.com with "subscribe isn". Today's ISN Sponsor: Hacker News Network [www.hackernews.com]