Which open free news server is the SAFEST to use for privacy?

[Les Cargill]

Which normally public open-by-design free news server is the
SAFEST to use from the standpoint of privacy (for text messages)?

I assume it can only be either mixmin or aol, simply because they're the
only ones I know that do not require a login/password.

However, maybe the login/password ones can be safe also (if you use a
throwaway email address to register)?

Which do you think is the safest (privacy reasons) open news server?

[Mike Easter]

Les Cargill wrote:
> (if you use a throwaway email address to register)

Don't stop there. If you want to be more anonymous create an complete
bogus meatspace identity with transacting capability.


--
Mike Easter

[buZZard]

On 10/16/2015 3:31 PM, Les Cargill wrote:
> Which normally public open-by-design free news server is the
> SAFEST to use from the standpoint of privacy (for text messages)?
>
> I assume it can only be either mixmin or aol
>

Yea, that aol usenet server is good for privacy.

[Anonymous Remailer (austria)]

On 2015-10-16 19:31, Les Cargill wrote:

> Which normally public open-by-design free news server is the
> SAFEST to use from the standpoint of privacy (for text messages)?

No one.
--

[§ñûhwØ£f]

Thats not wot yer mom said.


--
http://www.wolfwatcher.org
www.snuhwolf.9f.com|www.savewolves.org
_____ ____ ____ __ /\_/\ __ _ ______ _____
/ __/ |/ / / / / // // . . \\ \ |\ | / __ \ \ \ __\
_\ \/ / /_/ / _ / \ / \ \| \| \ \_\ \ \__\ _\
/___/_/|_/\____/_//_/ \_@_/ \__|\__|\____/\____\_\

[Sir Gregory Hall, Esq. DoW #10]

On Sat, 17 Oct 2015 10:48:19 -0600, §ńűhwŘŁf <snuh...@netscape.net> wrote:

>On 10/17/2015 10:33 AM, Anonymous Remailer (austria) wrote:
>>
>> On 2015-10-16 19:31, Les Cargill wrote:
>>
>>> Which normally public open-by-design free news server is the
>>> SAFEST to use from the standpoint of privacy (for text messages)?
>>
>> No one.
>>
>Thats not wot yer mom said.

Hey, dumbass, the bottom line of your sig needs to be
offset one character to the right.


This is how it appears:

_____ ____ ____ __ /\_/\ __ _ ______ _____
/ __/ |/ / / / / // // . . \\ \ |\ | / __ \ \ \ __\
_\ \/ / /_/ / _ / \ / \ \| \| \ \_\ \ \__\ _\
/___/_/|_/\____/_//_/ \_@_/ \__|\__|\____/\____\_\

This is how it SHOULD appear:

_____ ____ ____ __ /\_/\ __ _ ______ _____
/ __/ |/ / / / / // // . . \\ \ |\ | / __ \ \ \ __\
_\ \/ / /_/ / _ / \ / \ \| \| \ \_\ \ \__\ _\
/___/_/|_/\____/_//_/ \_@_/ \__|\__|\____/\____\_\

HTH

--
Sir Gregory

[Les Cargill]

On Sat, 17 Oct 2015 06:13:05 -0400, buZZard wrote:

> Yea, that aol usenet server is good for privacy.

Typo. aioe

[Les Cargill]

On Sat, 17 Oct 2015 13:25:34 -0400, Sir Gregory Hall, Esq. DoW #10 wrote:

> Hey, dumbass, the bottom line of your sig needs to be
> offset one character to the right.

Does anyone have an idea of the answer?

[Mike Easter]

Les Cargill wrote:
> Does anyone have an idea of the answer?

Answers depend on which adversaries you are trying to mitigate, which
depends on what 'kind of' privacy you are seeking.

This conversation doesn't need ANY kind of privacy.

--
Mike Easter

[Les Cargill]

On Sat, 17 Oct 2015 12:25:12 -0700, Mike Easter wrote:

> Answers depend on which adversaries you are trying to mitigate, which
> depends on what 'kind of' privacy you are seeking.

The question is whether *anyone* here has ever considered how to rank
these public text nntp servers on the basis of how they protect their
users' basic privacy?

To answer your question directly, let's say I am posting to Usenet
about how to break the encryption of a PDF document (argument's sake)
or how to peek into the windows of my next door neighbor when she's
taking a shower (argument's sake) or how to better secure my laptop
from snooping by my wife when I'm emailing my mistress (argument's sake),
etc.

In those three cases (and in thousands of others that I could easily
manufacture), I wouldn't want anyone to connect me to my posts, which,
we all agree, are forever public on the net, once made (as will be
this one).

Some nntp servers are notably bad for privacy!

If I posted using, say, gg, of course, it requires two very critical
things which will negate my privacy, namely my (real) NNTP posting
host and my Google id (which itself, is a privacy hole).

So, of course, GG is out of the question. So would be netfront
for similar reasons. Same with sunsite. Same with mozilla.

However, the "others" may be less revealing in what they choose to
display in the header. For example, es sometimes displays the real
nntp posting host, as does mixmin at times (dunno why, but they do).

Similarly, aioe simply hashes the nntp posting host with a static
hash, which isn't all too secure either.

Some though, such as solani or albasani seem to take privacy
into account by changing the hash for the nntp posting host with
every post. I'm not sure what news4all does, but I think it's
similar in that they have the concept of protecting the nntp
posting host.

Of course, one or more of those servers (or all of them) are fronts
for the authorities (or worse), but we're not talking criminality
here - we're just talking basic privacy.

Has *anyone* here considered how to rank these public text nntp
servers on the basis of how they protect their users' privacy?

[Bob Prosise]

In article <mvrjba$5fh$1...@news.mixmin.net>

Steve Crook's server.

What good does it do to register with a throwaway email address
if you will use it from your home or work IP all the time?

AIOE is pretty much worthless these days. The panty-sniffers
there have banlisted all the most popular groups because of
troll complainers. The two troll hags responsible for
originating most of the complaint emails don't even post any
longer.

[Les Cargill]

On Sun, 18 Oct 2015 08:43:10 +0100, David Hume wrote:

> This sounds more like anonymity than privacy. Well keeping your identity
> private. But if you wanted complete privacy you would be encrypting
> articles too.

Which ones allow encryption?

Mixmin does, for sure, but what about the others?

[Stephen Wolstenholme]

I don't know any which don't allow encryption.

Steve

--
Neural Network Software for Windows http://www.npsnn.com

[Les Cargill]

On Sun, 18 Oct 2015 08:30:20 +0200, Bob Prosise wrote:

> Steve Crook's server.

I use Steve Crook's server, as you know, mainly because he doesn't
require registration and he scrambles the nntp posting host header.

Every once in a while something goes wrong though, and his server
puts the cleartext nntp posting host into the header, as does Ray
Bananna's server, unfortunately.

All it takes is once.

I haven't seen that IP-outing problem with Jesse Rehmer's server,
nor yet with Paolo Amoroso's server, but Paolo's server, as someone
noted, drops far too many legitimate posts.

Roman Racine's server, which he inherited from Alexander Bartolich,
seems to protect the username and nntp posting host well, but it
doesn't allow encryption (AFAIK).

I was just asking, to see what's changed, over time, for privacy
concerns at the main open nntp servers for protection of
1. nntp posting host
2. user account

Do you have any new information?

[Les Cargill]

On Sun, 18 Oct 2015 14:42:46 +0100, Stephen Wolstenholme wrote:

> I don't know any which don't allow encryption.

To my knowledge, I don't think Roman Racine's server allows any
port other than reader.albasani.net:119, at least last I checked.

Same with news4all, netfront, and sunsite.

Am I wrong?

[Les Cargill]

On Fri, 16 Oct 2015 21:46:56 -0700, Mike Easter wrote:

> Don't stop there. If you want to be more anonymous create an complete
> bogus meatspace identity with transacting capability

What is a "meatspace" identity?
What is "transacting" capability?

I don't understand the suggestion, Mike.

[suzeeq]

Les Cargill wrote:
> On Fri, 16 Oct 2015 21:46:56 -0700, Mike Easter wrote:
>
>> Don't stop there. If you want to be more anonymous create an complete
>> bogus meatspace identity with transacting capability
>
> What is a "meatspace" identity?

Your real life identity.

> What is "transacting" capability?

Dunno that one.

[Steve Crook]

On Sun, 18 Oct 2015 01:02:28 +0000 (UTC), Les Cargill wrote in
Message-Id: <mvur34$vjb$1...@news.mixmin.net>:

> However, the "others" may be less revealing in what they choose to
> display in the header. For example, es sometimes displays the real
> nntp posting host, as does mixmin at times (dunno why, but they do).

This happens because the default INN behaviour is to include identifying
headers. It takes a Perl script to strip them out of the message prior
to posting. If the Perl script breaks for any reason (usually when Perl
gets upgraded), the headers don't get modified/removed.

I recently wrote a patch for INN so that identifying info is hashed or
stripped during message creation. This removes the need to Perl-based
message handling. Providing I remember to apply the patch during INN
upgrades, there shouldn't be a future issue.

> Some though, such as solani or albasani seem to take privacy
> into account by changing the hash for the nntp posting host with
> every post. I'm not sure what news4all does, but I think it's
> similar in that they have the concept of protecting the nntp
> posting host.

I'm only aware of newsguy.com and tornevall.net adopting this behaviour
but there may be others. It's their choice I guess but it makes it
impossible for other NSP's to use EMP filters on posts originating at
those services.

> Of course, one or more of those servers (or all of them) are fronts
> for the authorities (or worse), but we're not talking criminality
> here - we're just talking basic privacy.
>
> Has *anyone* here considered how to rank these public text nntp
> servers on the basis of how they protect their users' privacy?

I'd strongly suggest that none of them grant you anonymity. They munge
headers so that readers can't tell where a post originated. That really
it the limit of the privacy they afford. Post something that attracts
the attention of <insert local law enforcement here> and you'll be
extremely vulnerable. If you want real anonymity, use Tor (and use it
well) or use Remailers.

--
And with glasses high we raised a cry for freedom had arrived

[Les Cargill]

On Sun, 18 Oct 2015 18:37:55 +0000, Steve Crook wrote:

> This happens because the default INN behaviour is to include identifying
> headers. It takes a Perl script to strip them out of the message prior
> to posting. If the Perl script breaks for any reason (usually when Perl
> gets upgraded), the headers don't get modified/removed.

Thanks Steve for explaining. I have been horrified, at times, to find that
three servers which didn't "normally" reveal the true NNTP posting host
revealed it in some headers (es, mixmin, & mozilla).

At least now I know how it can happen.
Thank you for that explanation.

> I'm only aware of newsguy.com and tornevall.net adopting this behaviour
> but there may be others. It's their choice I guess but it makes it
> impossible for other NSP's to use EMP filters on posts originating at
> those services.

I don't know what an EMP filter is but a search brings up something called
"cleanfeed" which may be related.

I'm guessing what you mean is that those NNTP servers who change the
hash for both the user account and for the nntp server make it harder
for folks like you to filter out spammers based on their hashed user
account and hashed nntp server IP address.

That's a fair drawback, to you. To us, it's the same drawback though,
in that an unchanging hash makes it *easier* to identify us, which is
a privacy issue (to me anyway).

Paolo's server, aioe, uses the same "IP hash" all the time = BAD.
Roman's server, albasani, I think changes both IP & username hashes = GOOD.
Likewise with solani = GOOD.
Ray's server, es, I think, uses the same IP & username hashes all the time = BAD.
Jesse's server, blueworld, I think, changes both IP & username hashes = GOOD.
I think your server, mixmin, repeats the same "IP hash" all the time.

Is that information (on your server) correct?

> I'd strongly suggest that none of them grant you anonymity. They munge
> headers so that readers can't tell where a post originated. That really

> is the limit of the privacy they afford.

That's all "I" want.
Basic privacy.
If I post a question about, oh, let's say my medical condition of AIDs or
a reaction I had when I used too much Viagra (or whatever), I just don't
want my kids' kids to figure out it was me, a dozen years from now.

Privacy is something you have to actively seek every day.

> Post something that attracts the attention of <insert local law enforcement
> here> and you'll be extremely vulnerable. If you want real anonymity,
> use Tor (and use it well) or use Remailers.

I'm not talking at all about criminal acts. I'm just talking about basic
everyday privacy. All I want is my conversation not to be tracked to me
today, tomorrow, or next year by some script kiddie who can cull nntp
headers en masse, off of the net.

Mostly what I'm asking about are really two things that are in our headers:
1. Username privacy (which you don't have an issue with since you don't require it)
2. NNTP posting host privacy (which you put in your headers with static hashes)

I really don't understand how the "encryption" part protects privacy, so,
I'm not specifically asking about that (although it "must" be a good thing).

I did just now try port 563 on aoio and it failed, so, it's not so simple
to get port 563 working on at least aioe's server nntp.aioe.org:563 but
I didn't try 443 so maybe I got the port number or server name wrong
(because 119 worked fine afterward).

[Les Cargill]

On Sun, 18 Oct 2015 18:13:30 +0100, David Hume wrote:

> When I say encryption, I am talking about encrypting the article so that
> only the intended recipients can see it, not just encrypting it in
> transit.

Oh. I never really understood the value of encryption for NNTP posts, since
the whole value of NNTP is that everyone can see it in order to help get
me the answers I seek.

Since everyone can see it, that's why HEADER PRIVACY is the issue here.

1. NNTP POSTING HOST privacy
2. USER ACCOUNT privacy

What I know is that, in twenty years, my grandkids can still see on the net
what I asked about where's the best place to get a super-sized long-lasting
dildo to better please their insatiable grandma. I just don't want them to
be able to easily link that post right back to me.

It's basic privacy I'm asking whether it has been ranked yet.

[Steve Crook]

On Mon, 19 Oct 2015 00:08:56 +0000 (UTC), Les Cargill wrote in
Message-Id: <n01can$84l$1...@news.mixmin.net>:

> I don't know what an EMP filter is but a search brings up something called
> "cleanfeed" which may be related.

Cleanfeed is the standard filtering software that many news providers
run on their services. In some cases, providers demand their peers run
it to prevent propagation of floods and spam. EMP stands for Excessive
Multi-Posting. It's a group of filters that try to detect non-human
behaviour, such as high volumes of posts from a single source in a short
period of time.

> I'm guessing what you mean is that those NNTP servers who change the
> hash for both the user account and for the nntp server make it harder
> for folks like you to filter out spammers based on their hashed user
> account and hashed nntp server IP address.

Yes, there is no means to identify that multiple posts are originating
from the same source.

> That's a fair drawback, to you. To us, it's the same drawback though,
> in that an unchanging hash makes it *easier* to identify us, which is
> a privacy issue (to me anyway).
>
> Paolo's server, aioe, uses the same "IP hash" all the time = BAD.
> Roman's server, albasani, I think changes both IP & username hashes = GOOD.
> Likewise with solani = GOOD.
> Ray's server, es, I think, uses the same IP & username hashes all the time = BAD.
> Jesse's server, blueworld, I think, changes both IP & username hashes = GOOD.
> I think your server, mixmin, repeats the same "IP hash" all the time.

It did, but you persuaded me to change it slightly. :)

The date, formatted YYYYMMDD, is now integrated into the hashing
mechanism. This means a posting host will only generate a repeating
hash for a single day. In other words, posts from 20151019 can't be
linked to the same source as those on 20151020. Hopefully this improves
your privacy while not harming the effectiveness of EMP filtering.

[Les Cargill]

On Mon, 19 Oct 2015 10:10:34 +0000, Steve Crook wrote:

> The date, formatted YYYYMMDD, is now integrated into the hashing
> mechanism. This means a posting host will only generate a repeating
> hash for a single day. In other words, posts from 20151019 can't be
> linked to the same source as those on 20151020. Hopefully this improves
> your privacy while not harming the effectiveness of EMP filtering.

Thank you Steve, for understanding the issue, and for doing something
about it. Yes. This helps greatly. Obfuscation was never meant to be
absolute. It should simply make it harder for script kiddies to easily
cull out all your posts, years from now.

I, for one, love the freedom of expression that the Usenet provides,
where there is freedom of discussion. However, if I knew my boss,
my neighbor, my wife, my kids, etc., would know of everything I posted,
I wouldn't post most of it. Not because it's illegal; but just because
it would be embarrassing for them to know *that* much about me.

So, a little bit of obfuscation goes a long way, and I, for one,
appreciate your efforts.

I'll switch to a new nym now, so as to continue to preserve my privacy,
all the while NEVER being a troll.

[The Sorceress of Qar]

Use mixmin with tor.

--
A Paradoxial World, for Sure.

[Mike Easter]

Les Cargill wrote:
> Mike Easter wrote:
>
>> Don't stop there. If you want to be more anonymous create an complete
>> bogus meatspace identity with transacting capability
>
> What is a "meatspace" identity?
> What is "transacting" capability?
>
> I don't understand the suggestion, Mike.

Your real-life persona can transact, pay bills. That persona lives in
meatspace^1, not cyberspace. That real-life persona is the identity you
are trying to protect. If you 'manufacture' a bogus persona which can
similarly transact which is not connected to the real you, it protects
your identity while being able to do the same kinds of things you can do.


^1 https://en.wikipedia.org/wiki/Real_life#Related_terminology Some
Internet users use the idioms "face time", "meatspace" or "meat world",
which contrast with the term "cyberspace".


--
Mike Easter

[Les Cargill]

On Sun, 18 Oct 2015 13:45:35 +0000, Les Cargill wrote:

> Do you have any new information?

The one bit of new information, as of this thread, is that
Steve Crook took it upon himself to supplement his users'
privacy by adding a salt of the DATE into the NNTP header
hash so that two things would be accomplished:

1. He can still catch any daily excessive multiposting (EMP)
2. His users get a different NNTP-posting-host hash each day

This is great news which now makes Mixmin one of the safest
(if not the safest) of the intentionally free nntp news
servers to date (from a users' privacy protection standpoint).

[Les Cargill]

On Mon, 19 Oct 2015 09:17:38 -0500, The Sorceress of Qar wrote:

> Use mixmin with tor.

What exactly does that mean?

I often use the Firefox Tor Browser Bundle, but, that's for port 80.

I guess I could point the TBB to http://news.mixmin.net:563/alt.test

Is that what you're suggesting?

However, when I did that, the TBB gave this error:
This address is restricted
This address uses a network port which is normally used for
purposes other than Web browsing.
Firefox has canceled the request for your protection.

What did I do wrong to implement your Tor-with-Mixmin suggestion?

[Les Cargill]

On Mon, 19 Oct 2015 19:17:28 +0000, Les Cargill wrote:

> I guess I could point the TBB to http://news.mixmin.net:563/alt.test
> Is that what you're suggesting?

I meant instead of http://news.mixmin.net:563/alt.test
news://news.mixmin.net:563/alt.test

Trying out your suggestion, I pointed the TBB to that news:// URL, but,
all the browser did in response was run a search on disconnect.me instead.

The same odd "search" happened when I plugged the news:// url into a
normal (non-Tor) Firefox browser news://news.mixmin.net:563/alt.test

What am I doing wrong to test your suggestion out?

[Michael Baeuerle]

The URI scheme "news" is for references to Message-IDs or group names:
<http://tools.ietf.org/html/rfc1738#section-3.6>

[§nühw¤Łf]

"Sir Gregory Hall, Esq. DoW #10" <greghall@yacht_master.fake> wrote in
news:h0152bh956m50hh0c...@4ax.com:

its a character encoding issue from using linux which is teh
communizims!!!!!!!!!!!!11111111!!!!!!!!!!!!!!!!


--
http://signon.org/sign/protect-americas-wolves
www.snuhwolf.9f.com|www.savewolves.org

[The Sorceress of Qar]

Run your tor browser bundle. On FF bring up:
Tools-->Options-->Advanced-->Network-->Connection-->Settings

See how its configured as a Socks-v5 proxy with remote DNS enabled,
directed to 127.0.0.1:9150, or perhaps a different port, that is the
tor proxy running on your localhost. Point your usenet client to the
same thing and it will go through tor proxy and it works just dandy. If
you shutdown FF, the tor proxy is also shutdown, so leave it up. I use
Fossamail and have used Thunderbird this way. Under Fossamail you need
to modify the config for remote DNS like this:

Tools-->Options-->Advanced-->General-->Config Editor

In search put DNS

Double click on the name network.proxy.socks_remote_dns to change it to
true.

This is how I run mine. I always have FF up running with a few tabs
connected to various sites. You could also get fancy and install tor
components and keep a proxy running all the time...I find that the
browser bundle is the easiest method and it updates whenever a new
version becomes available.

Ocassionally, you may need to add a certificate exception for mixmin in
your usenet client.

[The Sorceress of Qar]

Don't change the network.proxy.socks_remote_dns to true leave it false,
me bad.

[Les Cargill]

On Tue, 20 Oct 2015 10:10:37 -0500, The Sorceress of Qar wrote:

> Run your tor browser bundle. On FF bring up:
> Tools-->Options-->Advanced-->Network-->Connection-->Settings

For Linux, it's Edit > Preferences (but the rest is the same).

> See how its configured as a Socks-v5 proxy with remote DNS enabled,
> directed to 127.0.0.1:9150, or perhaps a different port, that is the
> tor proxy running on your localhost.

It's set to Socks V5, remote DNS, 127.0.0.1, port 9150, as you said.

> Point your usenet client to the
> same thing and it will go through tor proxy and it works just dandy.

My Usenet client asks only for a few things:
1. Server & port (e.g., nntp.aioe.org:119)
2. Optional username & login (e.g., blank, blank)

Are you suggesting, while the TBB is still running, I simply add a
new Usenet newsserver of the following to my Usenet client?
1. Server name & port = 127.0.0.1:9150

I just tried that but my Usenet client (pan) needs to have the a.f.n
group for the Usenet server 127.0.0.1:9150 before it will post.

So my Usetnet client stalled on "Getting grouplist from
127.0.0.1:9150" so it can't post.

Any idea how to post or read without being able to get the group?

[Les Cargill]

On Tue, 20 Oct 2015 10:11:54 -0500, The Sorceress of Qar wrote:

> Don't change the network.proxy.socks_remote_dns to true leave it false,
> me bad.

Mine is already set by a checkbox.

[The Sorceress of Qar]

You just add a socks 5 proxy for pan if possible or use Thunderbird
instead for usenet. The news server should be mixmin.

[Jubee]

In article <n05lhf$erk$1...@news.mixmin.net>

For Xnews, snag a copy of Omnimix.

Xnews, configure as normal, except afterwards, go into the
server name settings and change it to 127.0.0.1, put the port to
119. username and password are "omnimix".

On the Omnimix News tab, add the news server you want to connect
to, just type it in the box.

The first server appearing in the box is the default your news
client will connect to using Tor.

Change it if desired by using the dropdown box, then stopping
and starting the services. This is key with Omnimix. Make a
change, stop / start services.

The default is mixmin (Or whatever you put in the box). You're
going to read from this server, not directly post to it.

On the Omnimix Anon tab, make the desired adjustments for anon
or originator name on the post, stop / start services.

You're ready to go.

All reads will occur over the Tor circuit, all postings will
occur using anon remailers.

Posting ain't fast, but it's secure. Not good for binaries.

[Jubee]

In article <n05lhf$erk$1...@news.mixmin.net>
"The Sorceress of Qar" <sorc...@qar.qanar.com> wrote:
>

[Les Cargill]

On Thu, 22 Oct 2015 11:05:45 +0200, Jubee wrote:

> For Xnews, snag a copy of Omnimix.
>
> Xnews, configure as normal, except afterwards, go into the
> server name settings and change it to 127.0.0.1, put the port to
> 119. username and password are "omnimix".
>
> On the Omnimix News tab, add the news server you want to connect
> to, just type it in the box.

I'm reading up on what Omnimix is, but posting anonymously
appeals greatly to me. So does the use model of the news reader
itself.

I use "Pan" on Linux/Windows but since I had never heard of "Omnimix",
Googling, I find a few hits, the main one seems to be:
http://www.danner-net.de/om.htm

[Les Cargill]

On Wed, 21 Oct 2015 12:59:16 -0500, The Sorceress of Qar wrote:

> You just add a socks 5 proxy for pan if possible or use Thunderbird
> instead for usenet. The news server should be mixmin.

That's probably why it didn't work with Pan, as I don't even know
what a socks proxy is, let alone how to add it to Pan on Linux.

Googling, I find a lot of hits for adding a socks proxy to Linux,
so, I guess that's the same thing as adding it to pan.

http://www.catonmat.net/blog/linux-socks5-proxy/
http://justintung.com/2013/04/25/how-to-configure-proxy-settings-in-linux/
http://www.makeuseof.com/tag/set-proxy-server-ubuntu-linux/
etc.

[Jubee]

In article <n0asti$u5t$1...@news.mixmin.net>

That would be it.

There are two packages available.

OmniMix 2.1.2 (Precompiled, ready to go) Get this one.

http://www.danner-net.de/om/OmniMix_2.1.2_Uno_Setup.exe

OmniMix IDE 2.1.2 (If you want to compile it yourself.)

http://www.danner-net.de/om/OmniMix_IDE_2.1.2_Uno_Setup.exe

Will need to d/l a lot of stuff and will take a few hours
depending on your cpu. It does this automatically per a .bat
file. Read and follow the instructions or it won't work. A
clever user will be able to meet prereqs in a few minutes.