Re: Trusting HavenCo [was: Sealand Rant] CPUNK
>petro <[EMAIL PROTECTED]> writes: > >> If the SAS are coming through the front door, you just went bankrupt. >> >> If England, France, Belgium etc. *new* that you would dump a >> massively toxic witches brew into their fishing waters, they might >> make sure that you weren't invaded by guys with guns. >> >> Then again, they just may shoot your off-site personel in >> their sleep, and blockade your platform until you starve. > >It's still a nuclear-power type of scenario. One of the problems with >nuclear powers is that if you back them into a corner, they have >nothing personally to lose by nuking you and anyone else who gets in >your way. They're dead anyway. So long as your adversary thinks that >you're insane enough to detonate your weapon, they'll leave you alone. > >Detonating a dirty nuke sixty miles off the coast of Britain would ITYM 6. Sealand is between England and The Mainland. I think even a clean nuke (think of all the superheated sea[water steam plasma]) would be problematic.
Re: Trusting HavenCo [was: Sealand Rant] CPUNK
petro <[EMAIL PROTECTED]> writes: > If the SAS are coming through the front door, you just went bankrupt. > > If England, France, Belgium etc. *new* that you would dump a > massively toxic witches brew into their fishing waters, they might > make sure that you weren't invaded by guys with guns. > > Then again, they just may shoot your off-site personel in > their sleep, and blockade your platform until you starve. It's still a nuclear-power type of scenario. One of the problems with nuclear powers is that if you back them into a corner, they have nothing personally to lose by nuking you and anyone else who gets in your way. They're dead anyway. So long as your adversary thinks that you're insane enough to detonate your weapon, they'll leave you alone. Detonating a dirty nuke sixty miles off the coast of Britain would cause a toxic cloud to blow over Europe. The public panic might be the worst part. Then again, NATO might just bomb the platform with a low-yield nuclear bomb dropped from an aircraft, too.
RE: ZKS makes the WSJ (again)
Anon wrote: > The well intentioned kindness and patience which cypherpunks have > expressed towards ZKS is undoubtedly a major contributing factor for > why so little has been done to address the privacy lapses which Tim > May describes. Cypherpunks have themselves to blame for allowing this > to happen. ZKS has some very capable, well-known Cypherpunks on staff. It therefore was not unreasonable to presume the product, once shipping, would live up to basic Cypherpunks standards. Now that a product providing for "trust us"-grade security at best has been shipping for 6 months, we know that our hopes and expectations have not been met. ZKS' product as it stands today is simply not very interesting and not worth spending much cycles on. Which includes spending cycles on criticizing it. > Criticizing the company is not disloyal. Turning up the heat when they > fail to follow through on their promises is not unfriendly. Cypherpunks > are actually helping their friends and allies within ZKS when they plainly > state how unacceptable is the current state of the product with regard > to privacy. Only when the company senses that cypherpunks are losing > patience, that they are in danger of seeing articles appear in Wired > or the Times saying that the company's dedication to privacy is being > questioned, will they increase the priority of fixing these problems. I of course do not doubt the good intentions of the long-term Cypherpunks subscribers working at ZKS. But has become clear to most knowledgeable observers that ZKS' current product does not live up to the basic principles that need to be adhered to by such security and privacy sensitive software. If some day ZKS' were to deliver a product worth a closer look, I am sure the Cypherpunks community will spend the time to look at it. Until then, even spending the time I spent writing this email about Freedom(TM) is difficult to justify. --Lucky "six months and still no source"? Green
RE: ZKS makes the WSJ (again)
Declan wrote about the ZKS burn rate: > Offsetting that, as an income stream, would be the deals with ISPs and a > probably relatively small revenue stream from individual subscribers. I > don't see either as generating tens of millions of dollars. In a pinch, > they could raise more cash in a hurry, but that would be at terms > disfavorable to ZKS founders and first-round investors and would mean > ceding control of the company. Unless it has changed recently, ZKS' business model called for *paying* the ISP's, either in cash or as a percentage of sales generated through the ISP. So the ISP deals ZKS has closed should not represent positive cash flow. --Lucky, who doubts that ZKS will run out of money soon, but who very much doubts that they pull in significant revenue. The current product simply doesn't meet market requirements.
RE: ZKS makes the WSJ (again)
>I hate press releases more than most folks. A well-known >Cypherpunks-dominated company used to issue press releases in which >the press release would have commentary from the president, almost as >if a reporter was writing the story. You probably know this already, as I assume it was being done during your time at intel, but many of those "quotes" never touched the lips of the person speaking them. The marketing people made them up, wrote the press release, and then showed it to the people being quoted. >It seems to be the way reporters write their stories, not counting >the first tier of journalists who can read between the lines. But aren't allowed to.
Re: Musings on the Economics of ZKS
Mr May: >Will they sign up tens of millions? > >Myself, I'm wondering if they'll sign up a fraction of the 300,000 >they need at minimum. Ever, not just per year. "Freedom 1.1 is currently available for Windows 95 or 98 only." It's been what, a year now? No Unix/Linux/Solaris client. No NT/Win2k Client. No Mac Client. No one who is worried about security runs Windows 95/98. Then again, maybe the clueless *is* their target market.
Help add strong crypto to AirPorts
Apple is taking a customer survey which features to add to the next generation Apple AirPort (IEEE 802.11). The current version only does weak crypto. You can cast your vote for strong crypto here: http://survey.apple.com/AirPort/ --Lucky
Re: losing laptops, opsec
David Honig <[EMAIL PROTECTED]> writes: > When you read about losing laptops in Los Alamos (and London), you have > to wonder: why don't those folks encrypt their drives? They > are somehow thinking physical security is sufficient, and slacking > off otherwise. The recent uproar over two hard disk drives disappearing from the Department of Energy's care makes me wonder this too. If they have any sense, they do have physical security, but also *never* allow unencrypted data to touch the drive. If it's stolen or misplaced, they won't have to worry that much about it, though they'll obviously want to make sure it doesn't happen again. More than likely, the hard drives in question were encrypted and the media just got it wrong again. The laptop drives may or may not have been. If the laptops were used by lusers who just like to turn the machine on and go without any attempt at security whatsoever, then there's a major problem. Still, I doubt that the government is really *that* incompetent when it comes to compu---nevermind, they probably are.
Re: ZKS makes the WSJ (again)
Tim May wrote: > (Is it readily available now? Is the Mac version out yet? I know > someone was talking about using the Windows version running inside a > password-secured Windows session on a Mac--using either Virtual PC or > SoftWindows--but I haven't seen this user mentioning this in a while. > And while I have Virtual PC 3.0 w Windows 98 available for my Mac G4, > it's not something I fire up very often.) > I tried the beta under loser98 running on vmware on a linux box, couldn't get it to connect, seems like Freedom thought it was going thru a proxy server and I couldn't find a way around that. Never tried it on my Mac's Virtual PC, but it only has DOS and w3.1. And I can't see the point of trying to run something you want security for on a totally insecure windoze system anyway. Not to mention the hassle of having to fire up another OS just to post. Come to think of it, what's the point of them posting source for Freedom anyway, if it only runs on windoze and you can't figure out what windoze is actually doing with the code? M$ has rigged most everything to pass on ID. -- Harmon Seaver, MLIS Systems Librarian Arrowhead Library SystemVirginia, MN (218) 741-3840 [EMAIL PROTECTED] http://harmon.arrowhead.lib.mn.us
Re: ZKS makes the WSJ (again)
[EMAIL PROTECTED] wrote: > Criticizing the company is not disloyal. Turning up the heat when they > fail to follow through on their promises is not unfriendly. Cypherpunks > are actually helping their friends and allies within ZKS when they plainly > state how unacceptable is the current state of the product with regard > to privacy. Only when the company senses that cypherpunks are losing > patience, that they are in danger of seeing articles appear in Wired > or the Times saying that the company's dedication to privacy is being > questioned, will they increase the priority of fixing these problems. Then I guess we need to start critiquing -- I'd really like to buy the product, and I have no problem with paying $50 @ year, but I'd never pay a cent for anything like this that wasn't open source. Why? I could care less who is involved with the company -- lots of people sell out. But then I also *can't* use it because they have neither a linux nor a Mac client. And I don't do windoz. -- Harmon Seaver, MLIS Systems Librarian Arrowhead Library SystemVirginia, MN (218) 741-3840 [EMAIL PROTECTED] http://harmon.arrowhead.lib.mn.us
RE: ZKS makes the WSJ (again)
At 02:20 PM 6/13/00 -0400, [EMAIL PROTECTED] wrote: >> While we're fantasizing, let's imagine that it uses some kind of crypto >> credential system to prevent abuse. Is this feasible? > >What do you mean by "abuse"? Abuse in such a system definable, e.g., someone who pretends to be someone else to rate themselves. You could, for instance, do this with slashdot's audience-editor system (where readers rate other readers' constributions). And yes, crypto protocols can make such a system robust against a number of 'abuses', at a cost of various degrees of inconvenience. Strong links to electronic voting. More subtle forms of abuse are common, e.g., grad students over-citing their advisors' works... anonymous posters having arguments with themselves.. etc. [Supposedly the Fedz are investigating someone for fraud who had his friends bid up his item at e-auction; this strikes me as yet more fascism. Other bidders were not coerced or defrauded. One grocery store charges more for beer than another; should the Feds go in and set mark-ups?]
Re: losing laptops, opsec
On Tue, Jun 13, 2000 at 12:12:01PM -0400, David Honig wrote: > > When you read about losing laptops in Los Alamos (and London), you have > to wonder: why don't those folks encrypt their drives? They > are somehow thinking physical security is sufficient, and slacking > off otherwise. > The laptops lost in London (assuming you're talking about the MI5 ones) did have encrypted drives. AGL -- There is no grief which time does not lessen and soften. PGP signature
losing laptops, opsec
When you read about losing laptops in Los Alamos (and London), you have to wonder: why don't those folks encrypt their drives? They are somehow thinking physical security is sufficient, and slacking off otherwise.
Re: Trusting HavenCo [was: Sealand Rant] CPUNK
At 06:34 PM 6/12/00 -0400, David Marshall wrote: At the press conference, the government just >tells the truth: Gimme a break. The crater was a 'federal day care center', at least on the first floor...
Re: jolly roger
At 05:46 PM 6/12/00 -0400, David Marshall wrote: >Libertarian ideals are something altogether different as are, I would >assume, the more refined anarchist ideals. A libertarian accepts a minimal government to protect against nonconsensual acts (violence, fraud) and invasion. An anarchist favors no govt at all: biker gangs vs. mafia. No offense to biker or Sicilian entrepreneurs...
RE: Trusting HavenCo [was: Sealand Rant] CPUNK
> >Simply fill one of the lower legs of the platfrom with > >mercury, and a little high explosives. Have a panic button in the ops > >center. The SAS lands, and 1000 gallons of pure mercury are blasted > >out into the channel. That wouldn't be nice. > >Plays heck with your mercury delay line memory :-) > > >Also, while pure mercury is bad stuff, it's not as dangerous as >mercury compounds, such as organics or the oxide, >or lots of other stuff. Similarly, you could store toxic waste, >making your self-defense system a profit-making business... > >But if you explicitly dump the waste yourself, not only >are you harming a bunch of non-participants in your fight, >you've got a liability problem that exceeds any profits you may have made. >Ain't worth it. If the SAS are coming through the front door, you just went bankrupt. If England, France, Belgium etc. *new* that you would dump a massively toxic witches brew into their fishing waters, they might make sure that you weren't invaded by guys with guns. Then again, they just may shoot your off-site personel in their sleep, and blockade your platform until you starve.