Re: layered deception (timestamping logs)
On Wednesday, May 2, 2001, at 10:12 PM, Anonymous wrote: At 11:00 PM 05/01/2001 -0500, Harmon Seaver wrote: Has anyone given any though to how log files could be accepted as evidence in the first place? They're just text files, and exceedingly trivial to alter, forge, erase, whatever. They get edited all the time by hackers -- how can anyone, even the sysadmin, swear that they are true? Seems to me that secure digital timestamps on the logs would be really interesting to anyone wanting to preserve their usefulness as evidence. This would obvisouly cut both ways, could be used for either good or ill. Any collective wisdom on the ramifications of such a technology? I'd put it into my messaging infrastructure if I cared about such things. The asymmetry arises this way: almost _never_ does an ISP/operator benefit from having logs, but prosecutors can use logs to prove various crimes and thoughtcrimes. Like digital signatures, they are best used sparingly. (To see this, imagine the benefits of signing everything. What is gained by Joe Sixpack in using digital signatures ubiquitously? Very little. What is potentially lost? Ask Jeff Gordon.) A digital signature, a timestamp, is not something to be given away lightly. --Tim May
Re: layered deception (timestamping logs)
Tim May wrote: The asymmetry arises this way: almost _never_ does an ISP/operator benefit from having logs, but prosecutors can use logs to prove various crimes and thoughtcrimes. Well, that's not quite true -- logs are pretty useful, in fact even necessary, for a number of things. Troubleshooting system problems, for instance. Every time you make a change to the named config on a DNS server, then restart named, you then immediately look in the log to see if everything worked okay. Or say someone is having problems getting to a website, and blaming your firewall or proxy server, you can perhaps find in the DNS server log that the real problem is at the ISP for the webserver they are trying to hit. Mail is the same way. And some customers want the statistics from a webserver's logs -- for a whole year or more, same with the proxy server. Another thing logs are useful for is if someone is trying to hack you, and his IP# is showing up in your logs, so you can cut and paste that portion of the log into email to the hacker's ISP and ask them to do something about the guy -- although with my latest firewall and packet filtering that might be a thing of the past. Other than the afore mentioned web and/or proxy logs for statistical purposes, however, I can't see any rationale for keeping logs very long, certainly not over 30 days, maybe not over a week, possibly just one day. I was at a meeting once with people from the state IT group (who were the ISP for all the higher eds) who were insisting to us that everybody had to log *everything*, including router traffic, and keep it for years. When I asked what law required that, they said there wasn't any, but you'd be in trouble with the FBI or Secret Service if you didn't and they needed those logs. -- Harmon Seaver, MLIS CyberShamanix Work 920-203-9633 [EMAIL PROTECTED] Home 920-233-5820 [EMAIL PROTECTED]
re: layered deception (timestamping logs)
At 10:12 PM 5/2/01 -0700, Anonymous wrote: Seems to me that secure digital timestamps on the logs would be really interesting to anyone wanting to preserve their usefulness as evidence. If you protected some logs (say, local user logins) really well, and left other logs (say HTTP) unprotected then it would be *mighty easy* to bring up degrees-of-trust in a trial. I can imagine good operational reasons why lots of users might need write access to an HTTP log. (E.g., different user-level CGIs writing to the same HTTP log) and why you might want to track user logins more reliably than http hits.
RE: cypherpunks in Desert Island gaming scenario
-- At 06:05 PM 5/2/2001 -0400, Faustine wrote: Yep, good points. But still, fake framework and all, it can be useful if it gets you to clarify and articulate your own assumptions. We have clarified and articulated our assumptions some considerable time ago. You came in late. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG yTfy+YosnXu+IEVKvOcG1035zaYNLSLpWW9QQcah 41apqmMAezJYqa34kg5mr9/RkxBQVJDqrsIQ1R8qp - We have the right to defend ourselves and our property, because of the kind of animals that we are. True law derives from this right, not from the arbitrary power of the omnipotent state. http://www.jim.com/jamesd/ James A. Donald
Re: Undermining government power and authority
Faustine wrote: Too true. But if we want to actually reach people who *would* care if only they knew, it's important to talk about it without coming across like a full-bore paranoid. It seems like a bad idea to risk losing credibility with careless rhetoric and sloppy thinking. More than that, it's important to keep it straight for your own sake. Sunder repiled: There's only one proper response in the english language to your reply. And that's simply this: Go Fuck Yourself. Ok, fair enough, you want the long winded explanation. Here it is: 1. That's for saying I come across like a full-bore paranoid. I wasn't speaking about you in particular AT ALL. I was making a general point on a tangent related to the stream of conversation: I meant you as in one, a person. Sorry you took it personally, I really didn't mean it that way. James Donald wrote: So all of us are full bore paranoids? Is that really what you got out of what I said? Why did you assume I was referring to everyone--or even anyone in particular--here? In fact, I was so far from assuming you or Sunder or anyone else was going to think I was referring to them personally I didn't even think it was necessary to reassure any of you with a disclaimer. Here and in the other threads too, you're assuming a lot of personal ill-will where it just didn't exist, which is really too bad. As for the rest of your message about what I've said or haven't said or the way I said it, people who read the posts will judge for themselves. But keeping in mind I never meant for you to take anything I said as a personal affront might make a difference to the way you come away from them. ~Faustine.
RE: layered deception
At 11:36 AM 5/2/01 -0700, Greg Broiles wrote: In any scenario, it seems like a few points are likely to be crucial - 1. Was the logging foreseeable at the time the statement/promise regarding no logging was made? If there was no intentional misrepresention, pretty much everything except breach of contract fails. 2. Was the transaction between user and service provider a sale - e.g., was there consideration? a contract? If the activity between the parties did not involve the exchange of value, then it's hard to argue that there's been a fraud, a breached contract, or an unfair business practice. So, if I were designing a system which hoped to rely (only in part, hopefully) on legal impediments to the creation of logs, I would make that system one which (a) involved an exchange of value and (b) frequently restates the operator's promise not to keep logs, ideally as part of the transaction, such that the transaction can be aborted if the promise is missing or otherwise unsatisfactory .. and can be said to rely (perhaps detrimentally) on the statement about the lack of logging. And conversely: there is no legal impediment for a self-claimed free anonymizing website to keep logs. Even so, that's pretty weak protection. Yep, this is all academic, rely on math physics not law.
FT review: Filtering a Dim Life
Review: Filtering a dim life Chance encounters with new ideas broaden the mind. What, then, of technology that filters out the unfamiliar? Published: May 2 2001 17:55GMT | Last Updated: May 3 2001 10:28GMT Patti Waldmeir Financial Times The US constitution protects freedom of speech. Does it also protect my freedom to tune out anything I do not wish to hear? Professor Cass Sunstein, one of America's leading constitutional scholars, has written a new book, Republic.com*, which argues against the unfettered right to block one's ears. It is an intriguing argument, which starts from the premise that new technologies - and especially the internet - will dramatically narrow the life experience of citizens by allowing them to filter out the wealth of human diversity. That will, in turn, jeopardise democracy, free speech and the American republic. Prof Sunstein, professor of jurisprudence at the University of Chicago, worries that instead of broadening man's horizons by providing a mad profusion of information and viewpoints, the internet might actually drive him back into his cave, where he can bar entrance to all but the most ideologically congenial visitors. Many of us, of course, would prefer to dwell in such a cave, where we could tune our antennae to receive only those messages of most immediate relevance to the troglodytic life - tips on bat control, say, or on smokeless cooking. Life in the internet-enabled cave of the future may, Prof Sunstein speculates, be sheltered by filtering technology that will ensure that we never have to listen to, see or read anything we do not choose in advance. On Monday this week, I spent the whole day in just such isolation. I visited only websites congenial to my political views. I read only my own personalised newspaper, a sort of Waldmeir Times, delivered electronically by individual.com, the aptly named website. It covered only topics that I had selected in advance and it included news about gene therapy for doggy blindness, job losses at Knight Ridder, the media group, and the financial results of Pearson, which owns the Financial Times. The Waldmeir Times did not inform me (as Monday's printed newspapers did) that 3m people had died in the Congolese civil war or that anti-globalisation protests in Washington, DC, had fizzled. It did not tell me of the demise of a particularly virulent northern Michigan militia or of the good deeds of octogenarian volunteers in New York City. It did not tell me because I did not ask. I am in general bored by globalisation and small wars in Africa, by violent conservatives and benevolent octogenarians. So I did not include them in topics to be covered by the Waldmeir Times. But when The New York Times or the Financial Times forces me to page past such stories, I quite often stop to read them. I would never choose to do so in advance but in an unplanned encounter with a story about African genocide, my better nature triumphs. That is Prof Sunstein's point. In the world of imperfect filtering, we stumble over ideas and views we would never seek out and with which we may violently disagree. But at least we encounter them; and these encounters are central to the US model of democracy. They are also central to freedom of speech, Prof Sunstein argues. For freeing speech means not only forbidding government censorship but also making space for those who wish to be heard. He points to a US Supreme Court ruling from early this century that held that American streets and parks must be kept open to the public for expressive activity. This public forum doctrine of free speech law forces me, by municipal taxes, to subsidise speech that I may find absurd, if not dangerous. It guarantees that even nutters can have their say and prevents me avoiding them. Filtering will keep such intruders from the streets and parks I visit digitally. Prof Sunstein thinks that is dangerous. Digital isolation will make it harder for society to solve common problems as it diminishes the range of experiences we share. It may mean social fragmentation and polarisation. Prof Sunstein admits he may be overstating the problem and common sense tells me he is: many Americans already filter out almost all news related to public issues. Many never read a newspaper, listen to a news broadcast or, for that matter, walk down a public street. It is hard to imagine how new technology could increase their isolation. Common sense also tells me that his proposals to counteract filtering will not work. He suggests, for example, that visitors to popular or distinctively political websites might find themselves automatically linked to opposition viewpoints or sites of others who wish to be heard. Visitors to the Time magazine site might find themselves opening a web page posted by opponents of nuclear power. Less intrusively, net users might find, when they visit popular websites, a voluntary link to a
Re: RF Weapons
At 8:54 AM -0700 5/3/01, David Honig wrote: At 01:35 AM 5/3/01 -0400, An Metet wrote: [I wonder if our more unpopular Federal agencies house their mainframes in facilities that are shielded from this sort of attack] Simple RF Weapon Can Fry PC Circuits J Scientists show device that could make the electromagnetic spectrum the terrorist weapon of choice. Old news. One thing I haven't heard of being used in herfgun design is the new commercial 'ultracapacitors' which have multi-FARAD capacitances in very small sizes, and some have very low ESR (ie, you can drain them fast). Yep, old news. But the Horrors of the Unfettered HERF Gun (Dad, he just said the G word!) get trotted out periodically to remind the sheeple why new limitations on access to technology by NGAs must be restricted. (NGAs = Non-Governmental Actors) Information Warfare is again being trotted out in the context of currently-deteriorating relations between the U.S.G. and the P.R.C. (China). Wanna bet we start seeing recycled reports about plans to knock out the stock exchanges, with Chinese info-terrorists replacing the IRA terrorists who were said to be planning EMP/HERF attacks on London several years ago? --Tim May -- Timothy C. May [EMAIL PROTECTED]Corralitos, California Political: Co-founder Cypherpunks/crypto anarchy/Cyphernomicon Technical: physics/soft errors/Smalltalk/Squeak/agents/games/Go Personal: b.1951/UCSB/Intel '74-'86/retired/investor/motorcycles/guns
Re: RF Weapons
Tim May wrote: Information Warfare is again being trotted out in the context of currently-deteriorating relations between the U.S.G. and the P.R.C. (China). Wanna bet we start seeing recycled reports about plans to knock out the stock exchanges, with Chinese info-terrorists replacing the IRA terrorists who were said to be planning EMP/HERF attacks on London several years ago? DoJ's rep at the recent 2600 appeal hearing, Daniel Alter, said that DeCSS is comparable to a terrorist weapon that can knock out air control or other vital infrastructure. Some laughed at that, but Jim Bell got hung for using legal databases because of alleged intent to harm which meant he was not a protected journalist. As 2600 was distinguished from the New York Times though both linked to DeCSS. That intent to harm tips benign use of information into criminality. It is probable that such tipping will soon be applied retroactively to information liberators. Thanks heavens nobody here is likely to be found guilty of that. No matter that actual attacks on information instructure is most likely to be made by its alleged protectors needing clearcut reasons to raid and bust and send up the river those who dare to broadcast information about government perfidy. What will be less entertaining is when a recalcitrant log administrator is shot for resisting a lawful command or a site operator assassinated for refusing to pull an embarassing document. As seems is sure to happen with the alleged perps who have legally posted police officers' personal data up in Seattle. What is it with Seattle, anyhow, all the crybercrime fighters there having a field day. Ah, yes they are they are the lynch folks who describe cybercrime as terrorism, in accord with OMB, DoD and DoJ instructions commaned by Congressional edict. Robb London accused Jim Bell in WWA of what Daniel Alter accused Emmanuel Goldstein in SDNY -- distributing information is mass destruction. Intending to harm they chant.
RE: layered deception
At 07:45 AM 05/02/2001 -0700, David Honig wrote: Yeah but is there a (contract etc.) *law* being broken or is this a legally-null claim? After all, if click-through EULAs are legally binding... Maybe a real lawyer could tell you. The answer may depend on whether there's valuable consideration exchanged, and viewing banner ads probably doesn't count (especially since the banner ads typically come from banner ad companies who aren't giving you any promises of keeping your information private.) While occasionally there may be a web site deliberately lying about whether they're keeping logs No, we won't sell your information to spammers!, a more likely scenario is - web site content provider isn't keeping logs of content access but they're using a shared hosting service. - web hosting provider is keeping logs for technical support, debugging, problem resolution, etc. - banner ad vendor keeps everything they can get - web site's ISP keeps logs of connections (e.g. IP addresses and TCP port numbers, but not content of communications.) Actually, many corps have explicitly decided to shred their email after a while. You can thank Ollie North the MS judges for cluing in the public. So the corp counsels are actively blowing off the suggestion you're claiming. A long time ago, in a phone company far, far away, we had incredibly detailed sets of requirements for record-keeping because of the regulatory environment. My wife had a summer job in college translating one database from a hand-rolled mostly-undocumented format into a (then-)current commercial database system so they could get the data just in case they got sued about it - something along the lines of promptness or pricing of wholesale telecom services in PacBellLand. Of course, the commercially available database also rotted into technical obsolescence after a few years, but by then nobody'd sued them about it in enough years that there was no need to preserve it longer.
