On Sun, Jul 09, 2006 at 11:51:56PM +0200, Peter Philipp wrote: > On Sun, Jul 09, 2006 at 10:55:47PM +0200, Tobias Ulmer wrote: > > Depends on your needs. If want to protect against a casual attacker, it > > may just be enough, but it's wasted time if some TLA tries to shut > > down your international muslim terrorist attack planing mailinglist server > > somewhere in russia.... good luck ;) > > Sorry, but I believe that my right to privacy, and right to working USB > devices that don't blow up at random because some programmer thought I > entered a terrorist word outweighs any hassling TLA. This is a legal > issue and should be continued in federal and international courts. > > I just don't find it cool that a "TLA" shuts someone down at all. Who'd want > to buy these products then? And how stupid do you have to be? Lastly why > would a state allow its citizens to buy such products? Oh yeah warranty > right? Who's really got time to go back to the store they bought something > at just because they entered a suspicious word, or had another "suspicious" > device on the hub? > > The danger here is that people will be turned off from technology increasing > the gap between an elite and regular people. When such a gap widens > productivity and evolution suffers. Orwellian societies evolve out of it; > but "TLA" sounds so great doesn't it? It's like bragging about your big > brother that beats everyone up. What joy.
Hey Peter, the last few sentences sound a bit like you are angry at me? If so, sorry but i don't know why?! EU/US both have TLA's, so what's wrong using that term? These are the executive organs you have to deal with. They the have money, computing power, you name it. They are not only interrested in terrorists. industrial espionage, political affairs, left- and rightwing activists etc. It's easy to get them as your enemy. Just demonstrate against Bush and let the police catch you. What about: - Build a shielded USB keybord. Rip the electronics out - Get a small computer board that is capable of doing aes/blowfish in software and has a programmable usb controller. They are not that expensive and should fit in a not too small keyboard. - Random data could be gathered from the time between a keypress, light sensitive resistor, etc. - Program the board to emulate a keyboard, encryption, rng, translate the keystrokes. React on a certain key combination to set a new PSK/ delete the old one in case "somebody" comes into your house. - Patch the kernel to understand your AES encrypted keycodes. - Add random noise on the wire, to make it hard to analyze your keystrokes. - Set a preshared secret on the keyboard and on your computer. - Enjoy. This looks like it could be done if you have some (a lot of) experience with electronics and programming. I guess it would cost arround 200 - 300Eur to buy all the needed stuff? If it's worth it for you, why not? Create a nice printable circuit layout and make it available to everyone. reading it again, i've just found a flaw... You need to encrypt the PSK somehow, else all recorded communication could be decrypted if someone gets physical access to your box . On the keyboard, that's not a problem, but on a computer without a keyboard? Smartcard + built-in secure card reader maybe. Anyway, i'm out of this thread since it has nothing to do with OpenBSD. There are probably better mailinglists for such stuff (e.g. FD?). Tobias > -peter > > -- > Here my ticker tape .signature #### My name is Peter Philipp #### lynx -dump > "http://en.wikipedia.org/w/index.php?title=Pufferfish&oldid=20768394"; | sed > -n 131,136p #### So long and thanks for all the fish!!!
