Re: Gilmore's response

[Marshall Clow]

At 1:38 PM -0500 12/13/02, Adam Shostack wrote:
>PS: Current news in Canada includes the gun registry having undergone
>a 12x cost overrun, and its not clear what will happen to it.  A large
>reason for the overruns have been people making mistakes in filling
>out the complex forms, and thus slowing down implementation. 
>http://cbc.ca/stories/2002/12/12/guns011212
>
>I think its time for me to go get a gun permit, and help the proces
>along.

Adam -

The article that you linked to claims that the projected cost of the
gun registry was $2 million, and the actual cost was (so far) $680 million.

That's a bit more than 12x :-)
-- 
-- Marshall

Marshall Clow Idio Software   
Hey! Who messed with my anti-paranoia shot?

Re: [MPUNKS] Cypherpunks December Mtg: HIGHFIRE Design Session

[Anonymous]

On Fri, 13 Dec 2002, Peter Fairbrother wrote:

> Dave Del Torto wrote:
>
> > Resumes should be in plain
> > ASCII text format with a PGP signature (detached sigs are OK) and on
> > floppy disk or CD-R also containing a copy of the applicant's PGP
> > public key.
>
> Fuck off.

You don't need to worry about this anyway, Peter. It is doubtful that an 
organization such as CryptoRights would hire cypherpunks, given its scope 
of political activities and its association with fascist single world 
governments.

See: http://www.mail-archive.com/cypherpunks@lne.com/msg00052.html

and: http://www.wired.com/news/culture/0,1284,46035,00.html

Re: A Few Words About Palladium

[alan]

On Fri, 13 Dec 2002, Nomen Nescio wrote:

> According to the message below, Palladium will not include a "serial
> number revocation list", "document revocation list", or similar
> mechanism to delete pirated music and other unauthorized content.
> These claims have been made most vocally by Ross Anderson in his TCPA
> FAQ, http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html, and by Lucky Green
> in his DefCon presentation, http://www.cypherpunks.to/.
> 
> Instead, the point of Palladium is to create "a decentralized, trusted
> computing base... whose integrity can be audited by anyone".  This is
> accomplished, as has been discussed at length here and elsewhere,
> by hardware which can compute a secure hash of software as it loads,
> and which can attest to this hash via cryptographic signatures sent to
> remote systems.  This functionality allows software to prove to third
> parties that it is running unmolested, which is the basic functionality
> provided by Palladium.
> 
> Unfortunately, the exaggerated and misleading claims in the links above
> are accepted as truth by most readers, and a false picture of Palladium
> is virtually universal on the net.  Isn't it time for security experts
> to take a responsible position on this technology, and to speak out
> against the spread of these falsehoods?

All of this is speculation until the system is actually implemented.

The questions are "Who do you trust?" and "Do their interests coincide 
with yours?". 

I do not trust Microsoft as far as I can throw them.  They have 
demonstrated in the past that "security" for them means "the check 
cleared".  There have been too many holes, backdoors, and outright 
sabotage of competitors that they have lost any credibility with me.  And 
since they are unwilling to publish source, the code is suspect from the 
start.  (I doubt if they will let a third party that i trust audit the 
software without 42 levels of NDAs and a lein on their immortal souls.)

There are other projects to insure that the software running at the kernel 
level is authorised via cryptographic checksums.  (Both in BSD and in 
Linux.) 

What users are (rightfully) afraid of is that this is yet another effort 
to remove control from the users over what software they can use and how 
they can use it.

Microsoft has already used this method to control just what types of 
protocols and video drivers could be used under Windows terminal server.  
(You had to have the app sighed by Microsoft in order to run and they 
wouldn't sign certain compeating protocols.)  This method was bypassed by 
some interesting hackery, BTW. (Thou shalt not split thy open calls.)

So far the only examples we have is that of Microsoft's past behaviour.  
It is not oriented for your security or mine, but of theirs.

The fear is justified. (And ancient.) 

> 
> 
> > A Few Words About Palladium 
> > By John Manferdelli, General Manager, Trusted Platform Technologies,
> > Microsoft Corporation
> >
> > As you may know, I spent some time on the road in the UK in
> > November. During my visit, I had the chance to meet some of you at
> > the "Meet the Technologists" breakfast at the Microsoft Campus in
> > Reading. Thanks to those of you who were able to attend. It was a great
> > chance to engage in frank discussions about some of the more controversial
> > topics surrounding Palladium.
> >
> > One of the issues we discussed was whether Palladium would include
> > mechanisms that would delete pirated music or other content under remote
> > control or otherwise disable or censor content, files, or programs running
> > on Windows. The truth is, Palladium will not disable any content or file
> > that currently runs. Palladium was designed so that no policy will be
> > imposed that is not approved by the user. Microsoft is firmly opposed to
> > putting "policing functions" into Palladium and we have no intention of
> > doing so. The machine owners - whether an individual or enterprise - have
> > sole discretion to determine what programs run under Palladium. Programs
> > that run under Palladium, just like programs that run under Windows,
> > will do whatever they are allowed to do, based on the security settings
> > on the user's machine. Palladium not only respects existing user controls,
> > it strengthens them.
> >
> > What Palladium does change is the ability for software to be protected
> > from other software. Palladium will enable and safeguard a decentralized
> > trusted computing base on open systems.  These security-oriented
> > capabilities in Windows will be enabled by a relatively small change in
> > hardware, and will help transform the PC into a platform that can perform
> > trusted operations that span multiple computers under a trust policy that
> > can be dynamically created and whose integrity can be authenticated by
> > anyone. In addition, it will preserve the flexibility and extensibility
> > that contributes so much to the entire PC ecosystem.
> >
> > I hope to have a

Re: Gilmore's response

[Mike Rosing]

On Fri, 13 Dec 2002, Adam Shostack wrote:

> The response of the apparatchiks is to increase the penalties until
> we're all cowed, like they did in the old war on drugs.

As long as they are that successful, we don't have too much to worry
about!  Besides, the CIA ships more drugs into the US than all the
other cartels combined.

Hmmm... be an aparatchik and get all the drugs, guns and money you want,
fight it and die in a torture chamber.  Sounds like Iraq to me!  And
Columbia and Afghanistan and 

I think the problem is that the US governemnet is so used to dealing with
totalitarian regiems it sets up all over the world that the bureaucrats
figured they might as well set one up in the US too.  Might work, for
a while.  Might be a good reason they hired Kisenger to burry the facts.

Patience, persistence, truth,
Dr. mike

Re: Gilmore's response

[Adam Shostack]

On Fri, Dec 13, 2002 at 10:54:06AM -0800, Marshall Clow wrote:
| At 1:38 PM -0500 12/13/02, Adam Shostack wrote:
| >PS: Current news in Canada includes the gun registry having undergone
| >a 12x cost overrun, and its not clear what will happen to it.  A large
| >reason for the overruns have been people making mistakes in filling
| >out the complex forms, and thus slowing down implementation. 
| >http://cbc.ca/stories/2002/12/12/guns011212
| >
| >I think its time for me to go get a gun permit, and help the proces
| >along.
| 
| Adam -
| 
| The article that you linked to claims that the projected cost of the
| gun registry was $2 million, and the actual cost was (so far) $680 million.
| 
| That's a bit more than 12x :-)

Yeah, that was a marketing claim as they put the program forward, as I
recall.  The original budgeted number was 85 million, and current
projections are that it will cost upwards of a billion to complete.
Of course, I could be totally off.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
   -Hume

Re: Extradition, Snatching, and the Danger of Traveling to Other Countries

[Morlock Elloi]

> Interesting approach. But exactly how does that hinder the FBI 
> demanding a booksellers customer list, or a library's patron 
> check out record, or a black bag job on a personal computer, or 
> thousands of CALEA taps, or the Total Information Awareness 
> project, or the process of designating a US citizen as an enemy 
> combatant, or the suspension of habeas corpus, etc.
> 
> I was not aware that simple management of my own eyeballs could 
> have such dramatic, widespread, external effects on gangs of 
> thugs with guns and high tech surveillance gear all carrying a 
> "do-whatever-you-like, get-out-of-jail-free card from the US 
> Congress, and essentially no oversight. Is this kind of like 
> mind control, or what?

Do not underestimate the power of detox.

Guns et al are just symbols, 99.999% of proles are kept at bay with software.
It is economically unfeasible to use hardware for that.

Take a look at happenings in the last decade in europe - anti-comm uprisings
had one and only one focal point - TV stations.

They live.





=
end
(of original message)

Y-a*h*o-o (yes, they scan for this) spam follows:
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

Re: Gilmore's response

[Steve Schear]

At 12:43 PM 12/13/2002 -0500, you wrote:

Gilmore's legal response to secret laws, etc.

http://cryptome.org/gilmore-v-usa-god.htm


I have a possible trip coming up soon.  I intend to have my tickets 
purchased by a third party and fly under an assumed name (maybe Tyler 
Durden ;-)  I will carry no ID on my person. Perhaps there is now a need to 
have large numbers of refusnik travelers assume the same "nom de avion" 
identity.  Sort of like the Killroy in WW II.

steve

Re: Gilmore's response

[Adam Shostack]

On Fri, Dec 13, 2002 at 10:15:22AM -0800, Steve Schear wrote:
| At 12:43 PM 12/13/2002 -0500, you wrote:
| >Gilmore's legal response to secret laws, etc.
| >
| >http://cryptome.org/gilmore-v-usa-god.htm
| 
| I have a possible trip coming up soon.  I intend to have my tickets 
| purchased by a third party and fly under an assumed name (maybe Tyler 
| Durden ;-)  I will carry no ID on my person. Perhaps there is now a need to 
| have large numbers of refusnik travelers assume the same "nom de avion" 
| identity.  Sort of like the Killroy in WW II.

Let us know how it goes.

Duncan would doubtless argue that there are already large numbers of
travellers using assumed names, including migrant mexican workers, US
government employees, terrorists, actors and actresses, etc.  The
immigration laws have done a good job of making it easy to get
quality secondary id.

The response of the apparatchiks is to increase the penalties until
we're all cowed, like they did in the old war on drugs.

Adam

PS: Current news in Canada includes the gun registry having undergone
a 12x cost overrun, and its not clear what will happen to it.  A large
reason for the overruns have been people making mistakes in filling
out the complex forms, and thus slowing down implementation.  
http://cbc.ca/stories/2002/12/12/guns011212

I think its time for me to go get a gun permit, and help the proces
along.




-- 
"It is seldom that liberty of any kind is lost all at once."
   -Hume

A Few Words About Palladium

[Nomen Nescio]

According to the message below, Palladium will not include a "serial
number revocation list", "document revocation list", or similar
mechanism to delete pirated music and other unauthorized content.
These claims have been made most vocally by Ross Anderson in his TCPA
FAQ, http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html, and by Lucky Green
in his DefCon presentation, http://www.cypherpunks.to/.

Instead, the point of Palladium is to create "a decentralized, trusted
computing base... whose integrity can be audited by anyone".  This is
accomplished, as has been discussed at length here and elsewhere,
by hardware which can compute a secure hash of software as it loads,
and which can attest to this hash via cryptographic signatures sent to
remote systems.  This functionality allows software to prove to third
parties that it is running unmolested, which is the basic functionality
provided by Palladium.

Unfortunately, the exaggerated and misleading claims in the links above
are accepted as truth by most readers, and a false picture of Palladium
is virtually universal on the net.  Isn't it time for security experts
to take a responsible position on this technology, and to speak out
against the spread of these falsehoods?


> A Few Words About Palladium 
> By John Manferdelli, General Manager, Trusted Platform Technologies,
> Microsoft Corporation
>
> As you may know, I spent some time on the road in the UK in
> November. During my visit, I had the chance to meet some of you at
> the "Meet the Technologists" breakfast at the Microsoft Campus in
> Reading. Thanks to those of you who were able to attend. It was a great
> chance to engage in frank discussions about some of the more controversial
> topics surrounding Palladium.
>
> One of the issues we discussed was whether Palladium would include
> mechanisms that would delete pirated music or other content under remote
> control or otherwise disable or censor content, files, or programs running
> on Windows. The truth is, Palladium will not disable any content or file
> that currently runs. Palladium was designed so that no policy will be
> imposed that is not approved by the user. Microsoft is firmly opposed to
> putting "policing functions" into Palladium and we have no intention of
> doing so. The machine owners - whether an individual or enterprise - have
> sole discretion to determine what programs run under Palladium. Programs
> that run under Palladium, just like programs that run under Windows,
> will do whatever they are allowed to do, based on the security settings
> on the user's machine. Palladium not only respects existing user controls,
> it strengthens them.
>
> What Palladium does change is the ability for software to be protected
> from other software. Palladium will enable and safeguard a decentralized
> trusted computing base on open systems.  These security-oriented
> capabilities in Windows will be enabled by a relatively small change in
> hardware, and will help transform the PC into a platform that can perform
> trusted operations that span multiple computers under a trust policy that
> can be dynamically created and whose integrity can be authenticated by
> anyone. In addition, it will preserve the flexibility and extensibility
> that contributes so much to the entire PC ecosystem.
>
> I hope to have an opportunity to meet more of you in the New Year. We'll
> keep you posted about Palladium-related industry events and other "Meet
> the Technologist" opportunities.
>
> Happy holidays!
> - John Manferdelli
>
> P.S. While I was in London, I also had the opportunity to speak about
> Trustworthy Computing and the Palladium initiative at the Trusted
> Computing Masterclass in London. The event included participants from
> Hewlett Packard Labs, Red Hat, and Cambridge University, among others. You
> can read more about the event at www.netproject.com.

Re: [IP] The TIA and fighting terrorism

[Anonymous via the Cypherpunks Tonga Remailer]

And this from a 1987 post:

"Current online database vendors like Dialog and Mead Data 
Central are already foreshadowings (albeit extremely primitive) 
of a GHA. It is interesting to recall that under the reign of 
John Poindexter, of Irangate fame, the NSC was seeking to gain 
legal access to the records of these companies, which store 
sensitive information about the search targets and patterns of 
their users. As I recall, the NSC was denied legal access by 
Congress, but then there is always the problem of illegal 
access, which is relatively trivial to accomplish wholesale by 
intercepting telecommunications."

see google...

[e-gold-list] Announcing Seagold.net: E-mail Privacy, Secure, Encrypted, accepts e-gold

[R. A. Hettinga]

...It had to happen sooner or later, I suppose...

Cheers,
RAH
--
--- begin forwarded text


Status: RO
From: <[EMAIL PROTECTED]>
To: "e-gold Discussion" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Subject: [e-gold-list] Announcing Seagold.net: E-mail Privacy, Secure,
Encrypted, accepts e-gold
Date: Fri, 13 Dec 2002 00:37:03 + (UTC)

CONCERNED ABOUT EMAIL PRIVACY?

In these increasingly troubled times where personal and financial
privacy is at the forefront of our minds, we must search for viable
solutions. Seagold.net offers that very solution:

Private Email with the Power of 2

Introducing Seagold.net, a secure web-based email service located in
the Principality of Sealand, outside the jurisdiction of any
government on earth!

* Read and compose emails securely from anywhere on the planet using
any SSL-enabled web browser
* Encrypt messages with pass phrases using PGP or GPG
* Store messages securely on the Sealand platform in the North Sea,
where there will never be a Carnivore
* Chat securely using 128-bit SSL encryption
* Secure Message Boards
* User's actual ISP is masked from recipients, all outgoing messages
originate from Sealand.
* Reduce the threat of viruses with a system wholly based on
OpenSource Linux, Java, and Apache technology
* Protect your privacy with 100% anonymous accounts
* Use and refer the service and receive monthly residual commissions.
* Seagold accepts e-gold for payment and pays commissions in e-gold.
* Try it for free for 30 days!

(you will need a sponsor Id number in order to sign up for the free 30
day trial membership. Please use the system sponsor ID # 1 if you do
not have a sponsor).

https://sealand.seagold.net
http://seagold.net

What is Seagold.net?

Seagold.net is a secure web-based email platform. It works with your
browser to utilize high-quality 128-bit SSL encryption so that you can
view, manage, and compose messages over a secure connection. All of
your email messages are stored on our server based on Sealand, a
premiere international secure data haven located in the territory of
the Principality of Sealand near London, England, which is outside the
boundaries of any other recognized nation. (See www.havenco.com for
more information about Sealand.)

Seagold.net is a members-only service, marketed through a network
marketing referral program using a 2x10 matrix. Members recieve
hassle-free secure web based email account for $25 per month, together
with the opportunity to earn significant referral commission income
from referring new members. Seagold is a "friends-and-family"
business; absolutely no email spamming is tolerated to promote Seagold
memberships.

Seagold exclusively utilizes e-gold to receive payments from and pay
referral commissions to its members.

Seagold is run by an international business company, BRHS, Ltd.,
domiciled in St. Vincent and the Grenadines.

Seagold runs exclusively on top of Linux, Java, Apache, and other Open
Source technologies. It is 100% Microsoft-free.

Seagold is a completely international operation, of the Internet, by
the Internet, and for the Internet.

Wishing you Peace, Prosperity and Privacy,

The Seagold Group
https://sealand.seagold.net




---
You are currently subscribed to e-gold-list as: [EMAIL PROTECTED]
To unsubscribe send a blank email to [EMAIL PROTECTED]

Use e-gold's Secure Randomized Keyboard (SRK) when accessing your e-gold
account(s) via the web and shopping cart interfaces to help thwart
keystroke loggers and common viruses.

--- end forwarded text


-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: Extradition, Snatching, and the Danger of Traveling to Other Countries

[Anonymous]

On Thu, 12 Dec 2002 20:01:05 -0800 (PST), you wrote:
>
> > society, what can the regular person do to strike a blow in
> > opposition to the direct attack on the Constitution and civil
> > liberties and civil rights?
>
> Stop watching TV ?
>

Interesting approach. But exactly how does that hinder the FBI 
demanding a booksellers customer list, or a library's patron 
check out record, or a black bag job on a personal computer, or 
thousands of CALEA taps, or the Total Information Awareness 
project, or the process of designating a US citizen as an enemy 
combatant, or the suspension of habeas corpus, etc.

I was not aware that simple management of my own eyeballs could 
have such dramatic, widespread, external effects on gangs of 
thugs with guns and high tech surveillance gear all carrying a 
"do-whatever-you-like, get-out-of-jail-free card from the US 
Congress, and essentially no oversight. Is this kind of like 
mind control, or what?

Re: Extradition, Snatching, and the Danger of Traveling to Other Countries

[Mike Rosing]

On Fri, 13 Dec 2002, Anonymous wrote:

> Vote? Are you kidding? OK, here is your task. Since all but one
> member of congress voted FOR the USA PATRIOT ACT, exactly what
> party or what candidates do you suggest be elected in support of
> civil liberties in the US? You don't seem to get this. Or on
> Iraq, the democrat and republican leadership, and the republican
> and democrat majority in both houses of congress voted for the
> carte blanche Iraq war resolution. Exactly who is a voter to
> vote for if he prefers peace, or going after real threats like
> North Korea instead of just tyrants that pissed off W's daddy?
>
> We can always pretend we actually have a choice by voting for
> the democrat who wants to wiretap you, instead of the republican
> that wants to wiretap you. Our choice is not whether or not to
> get wiretapped, rather it is to select the administration that
> wiretaps us. Ah, DEMOCRACY!

There are more choices than that.  It just takes a while for the
masses to figure that out.  When there are no choices, then we
can fight with weapons.  For now, words are sufficient.

Patience, persistence, truth,
Dr. mike

Re: Extradition, Snatching, and the Danger of Traveling to Other Countries

[Mike Rosing]

On Fri, 13 Dec 2002, Anonymous wrote:

> Interesting approach. But exactly how does that hinder the FBI
> demanding a booksellers customer list, or a library's patron
> check out record, or a black bag job on a personal computer, or
> thousands of CALEA taps, or the Total Information Awareness
> project, or the process of designating a US citizen as an enemy
> combatant, or the suspension of habeas corpus, etc.
>
> I was not aware that simple management of my own eyeballs could
> have such dramatic, widespread, external effects on gangs of
> thugs with guns and high tech surveillance gear all carrying a
> "do-whatever-you-like, get-out-of-jail-free card from the US
> Congress, and essentially no oversight. Is this kind of like
> mind control, or what?

All represive regiemes are short lived in a historical context.
Living thru them is hell.  This one has already begun a rather
interesting hypocrisy - they say they support gun ownership, but
they have no problem with letting the courts say the opposite.
So far they are picking their targets small enough that the masses
aren't actually worried that they will be next.  But to take total
control, they will have to scare the masses in a more effective way.
And it's unlikely that "they" will be able to scare them into
giving up weapons.  And that's the point of an armed citizenry,
to overthrow represive regiems.

When we can't vote, we can fight.  So far the number of horror
stories is small.  But when everyone has a personal friend or
relative that's been shot, abused, tortured or even just roughed
up - then they'll know they might be next.  And they might vote to change
things.  So from a purely machivellian perspective, the faster
"they" become more repressive and the more people "they" harm,
the faster things will change.

We just have a few years of hell to go thru, that's all.

Patience, persistence, truth,
Dr. mike

Re: Extradition, Snatching, and the Danger of Traveling to Other Countries

[Anonymous]

On Fri, 13 Dec 2002 06:43:53 +, you wrote:
> If you don't choose to use these methods, the consequences are up to you.
> But secure comms alone will only provide you with useful information, by
> themselves they aren't enough; you need to vote. Lots of you.
>
> Nothing else really matters. To "them", and you.
>
> --
> Peter Fairbrother

Vote? Are you kidding? OK, here is your task. Since all but one 
member of congress voted FOR the USA PATRIOT ACT, exactly what 
party or what candidates do you suggest be elected in support of 
civil liberties in the US? You don't seem to get this. Or on 
Iraq, the democrat and republican leadership, and the republican 
and democrat majority in both houses of congress voted for the 
carte blanche Iraq war resolution. Exactly who is a voter to 
vote for if he prefers peace, or going after real threats like 
North Korea instead of just tyrants that pissed off W's daddy?

We can always pretend we actually have a choice by voting for 
the democrat who wants to wiretap you, instead of the republican 
that wants to wiretap you. Our choice is not whether or not to 
get wiretapped, rather it is to select the administration that 
wiretaps us. Ah, DEMOCRACY!

Re: Extradition, Snatching, and the Danger of Traveling to Other Countries

[Major Variola (ret)]

> Spot on. But what, if anything, do you think can be done to
> reverse this slide to Red White and Blue Stalinism with good PR?
> I trust you are not one of those who will prattle something like
> "exercise your right to vote", or "write your
> congressperson/MP", etc. In practical terms, in a surveillance
> society, what can the regular person do to strike a blow in
> opposition to the direct attack on the Constitution and civil
> liberties and civil rights?
>
> Do we need a program to oppose the progrom?

See Gilmore's proposal.  Consider the meaning of
reverse-panopticon.  Find federal employees
and let them know "we're watching you" but don't
identify "we".  Publish public info.  Do this
for executives in firms that pander to the Evil.
Not just e.g., Ellison ---there are more next-level-down
underlings who might just live in your neighborhood.

Anyone got ideas for a "neighborhood watch" type
sticker which expresses the reverse-panopticon
visually?

Re: Extradition, Snatching, and the Danger of Traveling to Other Countries

[Adam Shostack]

On Fri, Dec 13, 2002 at 08:17:27AM -0800, Mike Rosing wrote:
| All represive regiemes are short lived in a historical context.
| Living thru them is hell.  This one has already begun a rather
| interesting hypocrisy - they say they support gun ownership, but
| they have no problem with letting the courts say the opposite.
| So far they are picking their targets small enough that the masses
| aren't actually worried that they will be next.  But to take total
| control, they will have to scare the masses in a more effective way.
| And it's unlikely that "they" will be able to scare them into
| giving up weapons.  And that's the point of an armed citizenry,
| to overthrow represive regiems.
| 
| When we can't vote, we can fight.  So far the number of horror
| stories is small.  But when everyone has a personal friend or
| relative that's been shot, abused, tortured or even just roughed
| up - then they'll know they might be next.  And they might vote to change
| things.  So from a purely machivellian perspective, the faster
| "they" become more repressive and the more people "they" harm,
| the faster things will change.
| 
| We just have a few years of hell to go thru, that's all.

Your comments remind me greatly of the Gulag Archipeligo, especially
the bits about those crushed early after the revolution.


-- 
"It is seldom that liberty of any kind is lost all at once."
   -Hume

RE: Extradition, Snatching, and the Danger of Traveling to Other Countries

[Mike Rosing]

On Fri, 13 Dec 2002, Trei, Peter wrote:

> For the Russians, 'a few' was over 70.
> I hope for a non-violent restoration - this sort
> of thing could give the Libertarian Party legs,
> if they handled it right.

Agreed.  And they may have not even need to handle it perfectly
right, since the main theme of the Libertarians is to restore
the Constitution.  I certainly hope for a non-violent solution.

Patience, persistence, truth,
Dr. mike

Re: [IP] The TIA and fighting terrorism

[Anonymous]

A couple of lessons from the 1990 news report below. First, the 
violation of law by high government officials illegally selling 
shoulder fired missiles and other arms to Iran, and using the 
illegal profits to fund the illegal state-supported terrorism 
against Nicaragua, is not punished, as usual (Poindexter won on 
appeal based on his claim that he wouldn't have been convicted 
except for testimony given to congress under a grant of 
immunity). Second, you need not face any public accountability 
and arms for hostages, and profits for terrorism in Nicaragua 
need not be a barrier, in fact it is a qualification, for 
building a big brother system to surveil US citizens (except of 
course those breaking the law at the behest of the government 
itself).

WASHINGTON (UPI) -- John Poindexter, one of President Ronald 
Reagan's highest-ranking aides and the last of the original Iran-
Contra defendants, was the first person sentenced to prison in 
the arms-for-hostages scandal.

Poindexter, 53, who was Reagan's national security adviser, was 
sentenced to six months in jail Monday for masterminding the 
effort to cover up White House involvement in the Iran-Contra 
affair.

U.S. District Judge Harold Greene said Poindexter should be 
imprisoned because he was ``the decision-making head of the Iran-
Contra operation'' in the White House.

Greene sentenced Poindexter to six months in prison on each of 
five felony counts, but allowed the sentences to run 
concurrently. Because of Poindexter's huge legal fees, the judge 
did not impose a fine.

But the retired Navy rear admiral was required to pay a standard 
$50 court assessment for each of the five counts.

Poindexter was convicted April 7 of conspiring to deceive 
Congress, making false statements to lawmakers and obstructing 
congressional inquiries into the Iran-Contra scandal.

Although Poindexter is the last of the original Iran-Contra 
defendants, a special prosecutor is still investigating the case 
and new indictments are still possible.

What Poindexter did when he lied to Congress was ``not a part of 
the normal political process,'' said Greene.

The judge said Poindexter, Lt. Col. Oliver North and others in 
Reagan's White House tried to ``nullify'' a decision by Congress 
to cut off aid to the rebel Nicaraguan Contras.

Congress is elected by the American people, Greene said, and its 
decisions cannot be ``nullified by appointed officials.'' 
Furthermore, he said, Poindexter and North ``engaged in the 
destruction of evidence on a large scale.''

Poindexter headed the White House effort to subvert Congress, 
Greene said, and a ``meaningful'' penalty was necessary to deter 
future activity by public officials.

Poindexter stood stiffly as Greene imposed the sentence. But he 
smiled at his chief lawyer, Richard Beckler, who said he would 
appeal.

Poindexter was accompanied by his wife, Linda, an Episcopal 
priest who wore her clerical collar, and his large legal team. 
He remained free, pending his appeal.

Beckler had asked Greene not to send Poindexter to prison, 
saying ``he has served his country for 33 years'' and made no 
personal profit from his actions in the Iran-Contra scandal. 
``The world is a somewhat different world today than it was when 
John Poindexter entered the White House,'' Beckler said. ``The 
world is safer,'' terrorism is on the decline and there are free 
elections in Eastern Europe, Beckler said.

Before imposing the prison sentence, Greene asked Poindexter if 
he wanted to speak. Poindexter stood up and said softly, ``Your 
honor, I don't have any comment.''

Chief prosecutor Dan Webb asked Greene to put Poindexter behind 
bars, saying he and ``a very misguided and confused Marine 
lieutenant colonel'' -- North -- ``operated a private war in the 
nation of Nicaragua.''

They kept that war hidden from Congress, Webb said, through a 
deliberate campaign of lies, deception and obstruction.

Webb also noted that Poindexter ``destroyed the single most 
important document in the case'' -- a document signed by Ronald 
Reagan authorizing a direct arms-for-hostages deal with Iran in 
an effort to free Americans held in Lebanon.

Although Poindexter did not testify during his trial, he told 
Congress in nationally televised testimony during the summer of 
1987 that he never told Reagan about the subsequent diversion of 
Iran arms sale profits to assist the Contras. Congress had 
banned such Contra aid.

Poindexter said he destroyed the diversion document because it 
would cause grave political damage to Reagan.

Webb later told reporters: ``We think the sentence imposed today 
by Judge Greene is a fair and proper sentence.''

Poindexter was the head of his class at the Naval Academy and 
had a brilliant Navy career until the Iran-Contra scandal 
erupted in November
1986. He faced a maximum possible sentence of 25 years in prison 
and
$1.25 million in fines.

Greene said he would have imposed a harsher sentence -- 21 to 27 
months in

RE: Extradition, Snatching, and the Danger of Traveling to Other Countries

[Trei, Peter]

Mike Rosing wrote:
[...]
> When we can't vote, we can fight.  So far the number of horror
> stories is small.  But when everyone has a personal friend or
> relative that's been shot, abused, tortured or even just roughed
> up - then they'll know they might be next.  And they might vote to change
> things.  So from a purely machivellian perspective, the faster
> "they" become more repressive and the more people "they" harm,
> the faster things will change.
> 
> We just have a few years of hell to go thru, that's all.
> 
> Patience, persistence, truth,
> 
For the Russians, 'a few' was over 70. 
I hope for a non-violent restoration - this sort
of thing could give the Libertarian Party legs,
if they handled it right. 

Peter Trei

[p2p-hackers] REMINDER: (SF Bay Area) South Bay PeerPunks meeting next Tuesday (fwd)

[Eugen Leitl]

-- Forwarded message --
Date: Fri, 13 Dec 2002 09:11:30 -0800 (PST)
From: James D. Levine <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: [p2p-hackers] REMINDER: (SF Bay Area) South Bay PeerPunks meeting
next Tuesday



Just a friendly reminder -- next Tuesday 7pm onward in 
Mountain View.   

James

--

The second monthly...er, semi-annual South Bay 
PeerPunks meeting will convene Tuesday December 17 - that's
a week from next Tuesday at the time/place below.

PeerPunks is just my clever name for the Silicon Valley 
contingent of p2p enthusiasts, hackers, well-wishers, 
etc. who can't make it up to Bram's monthly meeting
in SF on a regular basis.  Any and all are welcome, so
please come and join in...

If you don't know what I look like, just look for the guy
in the red EFF "Fair Use Has A Possee" t-shirt. 


See you there and then.

James



Where:

Dana Street Roasting Company
744 W Dana St, Mountain View,CA 94041
Phone: (650) 390-9638

This is just 1/2 block off Castro St.


When:  7:00 pm onward, Tuesday December 17

 


-- 





___
p2p-hackers mailing list
[EMAIL PROTECTED]
http://zgp.org/mailman/listinfo/p2p-hackers

XSS flaw found at "https://www.e-gold.com" (fwd)

[Eugen Leitl]

-- Forwarded message --
Date: 10 Dec 2002 12:50:03 -
From: Liu Die Yu <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: XSS flaw found at "https://www.e-gold.com";



i know bugtraq doesn't accept vulnerability on one site, but the following 
info is important; please suggest a forum for me to post.


===--



XSSatEGOLD-Content-Tech

XSS flaw found at "https://www.e-gold.com";

technically, it's nothing new. 

XSS at E-gold is very dangerous. E-gold is one of the most popular way to 
do international business. and unlike credit card system, e-gold sent, it 
never comes back. there is no refund policy. 

so stealing passphrase means stealing real gold. 

it's important, so i take it seriously.


[tested]
browser:MSIEv6 
time:2002/12/10 UTC+800


[demo]
at
http://www16.brinkster.com/liudieyu/XSSatEGOLD/XSSatEGOLD-MyPage.htm
or
http://clik.to/liudieyu ==>XSSatEGOLD
or
[CODE.URL START]
https://www.e-gold.com/acct/historycsv.asp?
initial=1">&startmonth=12&startday=4&startyear=1996&endmonth=12&end
day=4&endyear=2003&paymentsreceived=1&oldsort=tstamp&page=1
[CODE.URL END]

[exp]

technically, there is only one thing important for XSS attackers:
some CGI can only be found when you are logged in, but they can be reached 
even if you are not logged in.
of course, the module dealing with logged-in users is different from the 
one dealing with un-logged-in users.
so, you have to test in both situations to ensure it's not XSS vulnerable.


[contact]
http://clik.to/liudieyu ==> "how to contact liu die yu" section

[BTW]
this flaw can be found easily with FASX at
http://clik.to/fasx

Re: [MPUNKS] Cypherpunks December Mtg: HIGHFIRE Design Session

[Bill Stewart]

At 05:21 AM 12/13/2002 +, Peter Fairbrother wrote:

Dave Del Torto wrote:

> Resumes should be in plain
> ASCII text format with a PGP signature (detached sigs are OK) and on
> floppy disk or CD-R also containing a copy of the applicant's PGP
> public key.

Fuck off.

If you think that a PGP key is good enough, you don't know the threats you
are facing with GAK and the like. If you think a resume should be
required...
--
Peter Fairbrother


He didn't say you needed a resume to get into the meeting;
he said you needed it if you wanted to apply for a job
so they can show the people they're asking for grant money
that they've got a bunch of highly qualified people that
are interested in working on the project.
If it's like most projects, the resume is largely separate from
whether everybody knows whether you write great code quickly,
but it can be a hook to remind them who's interested.

Personally, I like resumes to be in hand-written well-styled HTML :-)

Re: Extradition, Snatching, and the Danger of Traveling to Other Countries

[Peter Fairbrother]

Anonymous wrote:

> On Thu, 12 Dec 2002 10:47:25 -0800, Tim May wrote:
>> 
>> America used to disdain the secret trials, the Star Chamber proceedings so
>> endemic in other parts of the world. Now we have them.
>> 
>> We will reap what we sow.
>> 
>> --Tim May
> 
> Spot on. But what, if anything, do you think can be done to
> reverse this slide to Red White and Blue Stalinism with good PR?
> I trust you are not one of those who will prattle something like
> "exercise your right to vote", or "write your
> congressperson/MP", etc. In practical terms, in a surveillance
> society, what can the regular person do to strike a blow in
> opposition to the direct attack on the Constitution and civil
> liberties and civil rights?
> 
> Do we need a program to oppose the progrom?



Dear America,

Yes, It's hard, but here's how. First, you can make comms unreadable. There
are well-known ways to do this. Second, you can make comms untraceable. Ways
to do this exist, and better ones are being developed*. Third, you can make
comms available to everyone - the 'net might help here.


If you don't choose to use these methods, the consequences are up to you.
But secure comms alone will only provide you with useful information, by
themselves they aren't enough; you need to vote. Lots of you.

Nothing else really matters. To "them", and you.

-- 
Peter Fairbrother

Re: [MPUNKS] Cypherpunks December Mtg: HIGHFIRE Design Session

[Peter Fairbrother]

Dave Del Torto wrote:

> Resumes should be in plain
> ASCII text format with a PGP signature (detached sigs are OK) and on
> floppy disk or CD-R also containing a copy of the applicant's PGP
> public key. 

Fuck off. 

If you think that a PGP key is good enough, you don't know the threats you
are facing with GAK and the like. If you think a resume should be
required...

-- 
Peter Fairbrother


   i sing of Olaf glad and big
   whose warmest heart recoiled at war:
   a conscientious object-or
   
   his wellbelovid colonel (trig
   westpointer most succinctly bred)
   took erring Olaf soon in hand;
   but-though an host of overjoyed
   noncoms (first knocking on the head
   him) do through icy waters roll
   that helplessness which others stroke
   with brushes recently employed
   anent this muddy toiletbowl,
   while kindred intellects evoke
   allegiance per blunt instruments-
   Olaf (being to all intents
   a corpse and wanting any rag
   upon what God unto him gave)
   responds, without getting annoyed
   "I will not kiss your fucking flag"
   
   straightaway the silver bird looked grave
   (departing hurriedly to shave)
   
   but -though all kinds of officers
   (a yearning nation's blueeyed pride)
   their passive prey did kick and curse
   until for wear their clarion
   voices and boots were much the worse,
   and egged the firstclassprivates on
   his rectum wickedly to tease
   by means of skillfully applied
   bayonets roasted hot with heat-
   Olaf (upon what were once knees)
   does almost ceaselessly repeat
   "there is some shit I will not eat"
   
   our president,being of which
   assertions duly notified
   threw the yellowsonofabitch
   into a dungeon,where he died
   
   Christ (of His mercy infinite)
   i pray to see;and Olaf,too
   
   preponderatingly because
   unless statistics lie he was
   more brave than me:more blond than you

by ee cummings

who was an American
and a man
but he's dead now

Re: Anonymous blogging

[GaryJeffers]

My Fellow Cypherpunks,

   My defense against getting overwhelmed with Cypherpunks list mail is to use Guan Sin Ong 's excellent archieve:
http://www.inet-one.com/cypherpunks    .
   I find this easy and I don't have to delete tons of mail.

Yours Truly,
Gary Jeffers

RE: Libel lunacy -all laws apply fnord everywhere

[R. A. Hettinga]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

At 6:11 PM -0800 on 12/12/02, Lucky Green wrote:


> Agreed. A few years ago, some would advocate that on the Internet,
> no national laws apply. This was, of course, nonsense. Instead,
> every single national, regional, and local law in effect today
> anywhere in the world applies to anything you do to the extent that
> said law can be enforced.

Everything illegal everywhere all the time.


A legislative singularity akin to early modern discoveries in physics
(the end of the geocentric universe) and engineering (peasant-fired
projectile weapons making noble armor obsolete) once and forever
violating the "laws" of god.


The next trick will be to drive a stake into the heart of modern
society's  present mystification of identity and is-a-person
credentials by moving money and financial assets, significantly
cheaper than we do now, using systems that don't require identity at
all to clear and settle transactions. Systems which are,
paradoxically, cheaper *because* they're anonymous, or at least,
identity "agnostic", just like physics is religiously agnostic.


If that works, sooner or later we'll have the technical equivalent of
the thirty years' war, which only the ubiquitous and instantaneous
application or threat of  private, local, force will solve. The
result will be a software/protocol "Treaty of Westphalia", giving us
actual markets for force instead of confiscatory monopolies for same.

In the end, if necessary we'll know, absolutely, where *every*body
is, and what they're doing, all the time, because we'll all be
watching our *own* stuff, supervising our *own* property with our
*own* equipment, like, um, god, meant us to do :-). But,
paradoxically, because it'll be cheaper and more secure to do
instantaneously-settled functionally anonymous transactions, we won't
know, we won't *care* where anybody gets, spends, or invests their
money, and we won't give damn about it because it works better than
the Friedmanian mummenschantz(1) we currently call "law and order".
Markets will create better order than laws ever could.

Cheers,
RAH

(1) See David Friedman's "The Machinery of Freedom" where he
describes the finance of the modern nation state as this ceremonial
game in which 50 people sit in a circle with a hundred pennies
stacked in front of each person. The politician comes along, and with
great pomp and circumstance (and two guys with guns on either side of
him), takes everyone's pennies and dumps them into a fancy bowl.
Then, at random, he stands in front of someone, and slowly, with
great fanfare, counts off 50 pennies and gives them to the lucky
recipient. After repeating this 49 more times without repeating
anyone, the politician and his associates go off to the local pub and
buy themselves a beer. The victims are left marvelling at all the
free money they just got.

-BEGIN PGP SIGNATURE-
Version: PGP 8.0 - not licensed for commercial use: www.pgp.com

iQA/AwUBPfldFsPxH8jf3ohaEQIdqwCg3KMwGcxZP+JiAFcq3/+GgPVMGbAAoJvX
rMD2BLN0WvuZC8i7ZhBVu5Sc
=YJy7
-END PGP SIGNATURE-

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"Every election is a sort of advance auction of stolen goods." -- H.L. Mencken

Re: [IP] The TIA and fighting terrorism

[Steve Schear]

-- Forwarded Message
From: Marc Hedlund <[EMAIL PROTECTED]>
Date: Tue, 10 Dec 2002 14:13:11 -0800 (PST)
To: Dave Farber <[EMAIL PROTECTED]>
Subject: The TIA and fighting terrorism


We could be taking this approach, but we're not. We could be improving
the ability of local law enforcement to detect terrorism -- but
instead we're degrading that ability, since we're shifting the FBI's
traditional crime-fighting work onto local resources. The one method
that has actually prevented a terrorist attack on US soil is not being
used, and is instead being inhibited. We are focusing on centralizing
intelligence and resources when instead -- or at least in addition --
we should be decomposing, distributing, decentralizing.


We could be seriously examining the contributions of U.S. behavior around 
the world to catalyzing asymmetrical warfare but we're not.  We could be 
considering that the reason U.S. military are prime targets the world over 
for disgruntled foreigners is that we have armed forces in over 100 
countries (mostly invited by "friendly" regimes on the dole who rarely find 
their own citizens supporting a U.S. presence).  How many has Britain, 
France or Germany?  When was the last time we heard of their troops being 
attacked outside of a war zone or former war zone?  When was the last time 
you saw a British, French or German soldier walking down a U.S. street?

If we want world peace we must work for world justice.  I suggest we cannot 
simultaneously have empire, security and liberty.  It is time to choose.

steve

Re: Extradition, Snatching, and the Danger of Traveling to Other Countries

[Morlock Elloi]

> society, what can the regular person do to strike a blow in 
> opposition to the direct attack on the Constitution and civil 
> liberties and civil rights?

Stop watching TV ?


=
end
(of original message)

Y-a*h*o-o (yes, they scan for this) spam follows:
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com