Re: layered deception
At 12:34 AM 5/2/2001 -0500, Harmon Seaver wrote: >Greg Broiles wrote: > > > Hmm. Can you identify any problems with log files as evidence which aren't > > also present in, say, eyewitness testimony, audiotape recordings, video > > recordings, fingerprints, photographs, tool & die marks, paper records, and > > all of the other evidence which courts admit on a daily basis? > >Not so with log files. I could totally delete and manufacture anew a >log file anyway I wished, and nobody could prove it. You are making unreasonable assumptions about (a) evidentiary law and practice and (b) current capabilities regarding computer/electronic forensics, and those unreasonable assumptions are apparently limiting your ability to reason further. You might see if you can find a copy of _Evidentiary Foundations_ by Edward Imwinkelried at a local law school's library, for part (a); and newspaper articles concerning the investigations and prosecutions of Aldrich Ames, Robert Hanssen, or CJ Parker for part (b). Or take a look at the materials collected regarding the investigation and prosecution (and conviction, and losing appeal) of Randal Schwartz (yeah, the Perl guy), the canonical "I'm a smart computer guy, you stupid cops don't know nothin'" case, at <http://www.lightlink.com/spacenka/fors/>. This is not an area of the law where reasonable people differ. This is easy black-letter stuff that's only mysterious or controversial to people who aren't familiar with the field. If you are trying to make the argument that a few hundred years' worth of evidence law ought to be discarded, your argument will probably be more favorably received if you can show that you at least understand that which you're trying to replace. The mere possibility of tampering or fabrication is nowhere near sufficient to render evidence inadmissible - in fact, it's not even a start. Most trials feature conflicting evidence, all of which was admitted under oath, which cannot all simultaneously be accurate. Life goes on, and the jury or judge (as appropriate) pick out the bits of truth they choose to rely upon, discarding the rest. You're arguing about admissibility when you ought to be arguing about credibility - but even if you make that shift, what you're not seeing is that the "you can't trust evidence which might conceivably be false" argument is a big loser, practically speaking. Sure, you can make it - just like CJ did, as did Jim Bell, twice. That argument is 0-for-3, in recent cypherpunk experience. Maybe Keith Henson tried it too, I don't know - but it's a dead end, especially without a plausible explanation for the fabrication/modification. (Not only is it unconvincing, it shifts the defense away from a "was a crime actually committed?" argument onto a "a crime was committed, but the defendant isn't the guy who did it" argument, which is frequently harder to make .. especially if the defendant looks and acts like the sort of person who would do the sort of thing they're accused of. The rest of the defense's case has got to fit that theory, too - you can't mix "no crime occurred" and "it wasn't me" and "it was an accident" in front of a jury ..) I don't care - believe what you want. But the "mutability of electronic evidence" argument is not going to keep anyone's butt out of jail, no matter how many sysadmins you put on the witness stand. If you can show actual tampering with evidence in a specific case - sure, that's interesting. If not, look for a better issue to fight over. -- Greg Broiles [EMAIL PROTECTED] "Organized crime is the price we pay for organization." -- Raymond Chandler
Re: layered deception
At 11:00 PM 5/1/2001 -0500, Harmon Seaver wrote: > Has anyone given any though to how log files could be accepted as >evidence in the first place? They're just text files, and exceedingly >trivial to alter, forge, erase, whatever. They get edited all the time >by hackers -- how can anyone, even the sysadmin, swear that they are >"true"? We just saw a case of FBI hackers breaking into a computer in >Russia -- why couldn't they break into a server as an ISP and alter the >logs? It would be quite easy for them to do that, even easier if they >had a Carnivore box in house. Hmm. Can you identify any problems with log files as evidence which aren't also present in, say, eyewitness testimony, audiotape recordings, video recordings, fingerprints, photographs, tool & die marks, paper records, and all of the other evidence which courts admit on a daily basis? Electronic logs are admissible to the extent that the meet the thresholds and tests required of all evidence - they must be authenticated, they must be the "best evidence"*, and they must not be hearsay or else must fall within a hearsay exception. If those three qualifications are met, records are admissible - it's common for technical people to make up nonexistent rules of evidence which would exclude evidence which could conceivably be manufactured or altered .. a standard which would exclude virtually all evidence, including (especially) eyewitness testimony. There are now two former cypherpunk list subscribers who are sitting - right this minute - in Federal prisons, following prosecutions which depended on the admissibility and credibility of computer-recorded evidence. It's not like this is cutting-edge stuff any longer - the FBI's now on the second edition of their manual for searching and seizing electronic evidence - the first edition of which was circulating at least as early as 1995-6. * "best evidence" doesn't mean what it sounds like it ought to mean. -- Greg Broiles [EMAIL PROTECTED] "Organized crime is the price we pay for organization." -- Raymond Chandler
Re: Fwd: James Bamford to be on Fresh Air tomorrow (April 24)
At 01:01 PM 4/24/2001 -0700, I wrote: >The Bamford interview is online at ><http://www.npr.org/ramfiles/fa/20010424.fa.01.ram> - not sure how long >that URL will be good. The interview is 42 minutes long - if you're busy and mostly interested in current events, skip to about minute 30, where he starts discussing Echelon (he describes it as "a big search engine"), drug intercepts (DEA pushes for lots of intel, NSA doesn't like that), competitor intelligence (Airbus vs. Boeing - he said NSA doesn't play that), personal privacy (says that it's difficult for NSA to get its job done without violating people's privacy, and that NSA's statutory duty to report crimes makes this harder), and recently identified Russian double agent/FBI counterintel specialist Robert Hanssen (a personal friend of Bamford's; Bamford doesn't dish dirt on friends or sources, but was very surprised to hear of the arrest). There's also a Flash-infected website at <http://www.bodyofsecrets.com>, which has some reference and bibliographic detail. -- Greg Broiles [EMAIL PROTECTED] "Organized crime is the price we pay for organization." -- Raymond Chandler
Fwd: James Bamford to be on Fresh Air tomorrow (April 24)
The Bamford interview is online at <http://www.npr.org/ramfiles/fa/20010424.fa.01.ram> - not sure how long that URL will be good. The book was released today - Amazon apparently shipped pre-ordered copies yesterday, mine hasn't arrived yet but is eagerly awaited. >From: "Tim Dierks" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Subject: James Bamford to be on Fresh Air tomorrow (April 24) >Date: Mon, 23 Apr 2001 14:24:12 -0700 > >James Bamford will be plugging his new book on the NSA, _Body of Secrets_, >tomorrow on Fresh Air, the NPR-syndicated interview show normally hosted by >Terry Gross. > >Check local listings for showtimes. >(Or: <http://freshair.npr.org/stationsFA.cfm>). > > - Tim -- Greg Broiles [EMAIL PROTECTED] "Organized crime is the price we pay for organization." -- Raymond Chandler
RE: Making the Agora Vanish
At 10:16 AM 4/17/2001 +0300, Sampo Syreeni wrote: >Agreed, to a degree. But it isn't very difficult to outlaw crypto, and to >effectively control its use for online anonymity - to get a workable >anonymity infrastructure, you need common protocols, participants to create >the mixnets and a certain amount of publicity to make your effort matter. It >is extremely difficult to run such a usable setup without being detected by >a determined TLA. Unlike with IP, porn, prostitution and drug trade, control >of online activities can largely be automated. You're still thinking like a nice middle-class person with a normal job. People who are serious about participating in black markets use human and technological cutouts to do their business, as well as good old-fashioned graft and corruption. In some criminal cultures, prison time is a badge of honor. In many criminal cultures, it's low-level disposable people who commit the actual crimes - it's the John Gottis and the Pablo Escobars and the Dick Nixons back sleeping in their beds who profit from it. If it was easy to stop crime by passing laws, we'd have done it already. Consider Jim Bell in light of your objections above - do you consider him "controlled"? If so, then the control you speak of is hardly sufficient to prevent forbidden activity. If not, then what makes you think that other, more clueful people can be controlled? -- Greg Broiles [EMAIL PROTECTED] "Organized crime is the price we pay for organization." -- Raymond Chandler
RE: Making the Agora Vanish
At 02:33 AM 4/16/2001 +0300, Sampo Syreeni wrote: > >It is true that there is a vast amount of almost-demand on the parts of > >risk-averse people who don't want to act for fear of being wrong - but > >there are a lot of people who have figured out how to get things done > >without depending on "the stick" that is the law, and are doing so already. > >It is the latter group of people whose needs must be met for a > >transjurisdictional commerce system to be successful - the former group can > >come along when they're ready, or not at all. > >However, if the former group is large enough, as one suspects, it may well >repress any attempt to accommodate the needs of the latter. For instance, >legislative attacks on any widespread anonymity infrastructure are pretty >much a given when people, most of whom have precisely the kind of idealistic >conception of the legal system you describe, realize that law can't touch an >anonymous economy. Yes, the laws can be written, and they will enjoy the same efficiency and success that laws against copyright violation, pornography, prostitution, illicit drugs, and so forth have experienced. Not only can the law not touch an anonymous economy, it cannot prevent one, either. It's difficult for people in comfortable democratic countries to fully comprehend that activities like drug trafficking, pornography distribution, and adultery continue in places where punishment for those activities is likely to be summary public execution. Further tinkering with the Sentencing Guidelines, for example, might change the rate at which those things occur, but it will not eliminate them. At a macro policy level, we cannot choose a regulatory configuration where those activities never occur - humans have already experimented with incredibly scary sticks (like death and torture and extended unpleasant imprisonment) and found them inadequate to eliminate them. We will have to plan (to the extent that macro planning is considered important) on those activities continuing; and we should not abandon otherwise productive choices because they fail to achieve the impossible. -- Greg Broiles [EMAIL PROTECTED] "Organized crime is the price we pay for organization." -- Raymond Chandler
Re: Reading List (for the umpteenth time....)
At 11:35 PM 4/15/2001 -0700, Alan Olsen wrote: >One of the other problems with reputation capital is that reputation >depends on perspective. > >The people who I respect and listen to are not always the ones that you >will repect and listen to. reputation is a more individual thing. I think >if you mapped who people found worthy of reputation that it would break up >into a number of different groupings. This is why it's unlikely that identities will ever have objective "reputation capital" numbers - different people have different information about the identity, and interpret it differently. However, it's possible to sharpen these fuzzy, relative perspectives by restating them as insurance (or bets, or positions, or guaranties, depending on your moral and regulatory perspective) on the subject of the ratings. Even in the current credit report market, most merchants don't want to deal with the fine details of a person's full credit report, with years' worth of data about debts owed .. which is why Fair Isaac and the credit agencies will boil the credit reports down into credit scores, making it easy to sort credit applications into different "accept at rate X" or "accept at rate Y" or "deny" bins. I suspect that we won't see traditional "credit rating agencies" on the TRW/Equifax model, but risk transfer agencies - who put some assets at risk behind their ratings - e.g., agencies who will take a cut from the profits of a given loan, and who are on the hook as (partial) guarantors of the loan if it's not repaid. This mostly means restating the "credit score" as a "risk factor" - e.g., instead of saying "this person doesn't pay their bills", they'll say "you should get 5% down up front" or "you should get 95% down up front" or "we'd make an unsecured loan to this entity at an interest rate of X%". On one hand, this makes privacy "violations" (judged against current ideals) more widespread - on the other hand, it's likely to make identity theft less likely, as the credit guarantor has a stronger motivation to make sure that the party receiving the loan really does match the dossier supplied to rate the risk involved in making the loan. Getting the credit agencies involved as lenders or guarantors means it's actually good if different agencies rate risk differently - because it means that the transaction can be financed at the lowest available rate, where that rate reflects either especially good or especially poor information and analysis, with the expected effects on the survival of the agency. Credit agencies which include bad (because it was never correct, or because it is obsolete) credit data will end up mispricing the risk involved, which means they'll end up with no business (because they rated risk too high, charged too much interest, and made few/no loans) or too much business. -- Greg Broiles [EMAIL PROTECTED] "Organized crime is the price we pay for organization." -- Raymond Chandler
RE: Making the Agora Vanish
is greater than the value of the underlying goods, but is perceived as smaller than the cost to either party of ending their relationship. Easy examples of transactions without legal enforcement or reputation are street-level illegal transactions - e.g., purchases of drugs, sex, or forbidden information. At least initially, neither buyer nor seller knows if their counterparty is trustworthy - but these transactions take place, because both participants think that the value they get from the exchange is valuable .. in fact, more valuable than the risk that their counterparty is going to swindle them, or turn out to be an undercover cop. Even higher-level or repeat transactions, where participants have some level of experience with one another, present each with an opportunity to injure the other while denying the other access to traditional legal means of redressing that wrong. More examples about in the import-export arena - there are a number of private transaction patterns which have evolved to minimize risk and misunderstanding, but participants in international trade understand that there's some risk that they'll spend money to purchase unusable/unsalable product, or that they'll manufacture or reserve a specific quantity of goods for a buyer who may never appear .. and people doing business in those lines find that, most of the time, most people would rather conclude a deal well in hopes of gaining further business, either from that customer or via referrals. It is true that there is a vast amount of almost-demand on the parts of risk-averse people who don't want to act for fear of being wrong - but there are a lot of people who have figured out how to get things done without depending on "the stick" that is the law, and are doing so already. It is the latter group of people whose needs must be met for a transjurisdictional commerce system to be successful - the former group can come along when they're ready, or not at all. -- Greg Broiles [EMAIL PROTECTED] "Organized crime is the price we pay for organization." -- Raymond Chandler
Re: Making the Agora Vanish | OSINT distributed haven (Intellagora)
At 01:46 AM 4/15/2001 -0700, Ryan Sorensen wrote: > > Read the hundreds of articles on these matters. Read "The Enterprise > > of Law: Justice without the State," by Bruce Benson. Read David > > Friedman's "Machinery of Freedom," and his other books. Read... > > > > The point is, Aimee, _read the background material_. > > >Admittedly, I'm not Aimee. >I was wondering if I could get a few helpful pointers towards the >background material? >Any assistance would be much appreciated. You might also take a look at Robert Axelrod's _The Evolution of Cooperation_. -- Greg Broiles [EMAIL PROTECTED] "Organized crime is the price we pay for organization." -- Raymond Chandler
ICC's problem with the Internet
According to the article at <http://dailynews.yahoo.com/h/nm/20010412/wr/tech_fraud_dc_1.html>, the International Chamber of Commerce's Commercial Crime Bureau and Cybercrime Unit - which apparently "polices all financial and intellectual property rights breaches on the Internet" - has identified "the problem with the Internet", specifically - "The problem with the Net is that it is not secure because Internet service providers don't run identity checks on their clients . . . [i]t is very easy to set up an email account and web page on an ISP offering free web space and no checks are done on the people setting them up." That's funny. I was just thinking that the problem with the Internet is that it gives every control freak with a tinfoil badge and an AOL account the idea that they ought to "police" people and things they've never seen or heard of. -- Greg Broiles [EMAIL PROTECTED] "Organized crime is the price we pay for organization." -- Raymond Chandler
Re: tcs-gateway13.treas.gov
At 05:36 PM 4/11/2001 -0400, An Metet wrote: >Does anyone know who is behind this proxy? They visited one of my >websites not too long ago. > >tcs-gateway13.treas.gov I don't know anything about tcs-gateway13, but there's been some discussion on-list about tcs_gateway2 - <http://www.inet-one.com/cypherpunks/dir.97.07.31-97.08.06/msg00267.html> and tcs_gateway6 - <http://www.inet-one.com/cypherpunks/dir.99.05.17-99.05.23/msg00010.html> with followups - <http://www.inet-one.com/cypherpunks/dir.99.05.17-99.05.23/msg00046.html> <http://www.inet-one.com/cypherpunks/dir.99.05.24-99.05.30/msg00033.html> <http://www.inet-one.com/cypherpunks/dir.99.05.24-99.05.30/msg00037.html> -- Greg Broiles [EMAIL PROTECTED] "Organized crime is the price we pay for organization." -- Raymond Chandler
Re: Seth Finkelstein, reluctant cypherpunk?
At 04:22 AM 4/4/2001 -0400, Seth Finkelstein wrote: > I occasionally read articles on list, from the web through >http://www.inet-one.com/cypherpunks. I've been following the Jim Bell >case off and on, and more closely since you were subpoenaed. Amusing >anecdote: At the start of CFP 2001, I was telling someone not to trust you, >that you "use" people, and they should avoid you at all costs. I said: >"Declan writes stories encouraging people to be sued, and then he writes >about the lawsuit". I could see they were dubious of my account. After >the subpoena, I said with a grin: "Remember what I told you? *BINGO*". Is there any indication that the things that Jim said to Declan weren't meant for publication? Your outrage would seem reasonable if Jim and Declan were friends, and Declan had published things told to him apparently in confidence - but he's a reporter, and that's why Jim talked to him. Jim likes publicity and attention. Jim wanted to see his name and his ideas and his allegations about the federal government in Wired, or on the Wired website. Jim got what he wanted. I doubt he's angry. Have you asked him yourself? > I didn't/don't understand why people who apparently feel >themselves at risk of serious Federal criminal prosecution, tolerate >someone who in the end sings like a canary every time he's called to >be a prosecution witness. Because he's got a big sign on his hat saying "CANARY", and because people who talk to him (or post their ideas publicly) are looking for widespread attention. Cypherpunks isn't about "tolerating" people, it's a collection of mailing lists which some people use to discuss politics, technology, and privacy. Just as it's not possible to exclude you, the feds, or any of the annoying Jims, it's not possible to exclude Declan even if that seemed like a good idea. But that would be counterproductive - cypherpunks isn't a list for hatching great conspiracies, where secrecy is important or expected. It is a list for identifying and sharpening good ideas, and a variety of participants is helpful towards that goal. People who expect privacy vis-a-vis grand jury or trial subpoenas need to learn to speak only to people or in environments which are privileged against subpoena and monitoring. Or, don't expect privacy, and don't say anything which would be damaging if it were repeated in court. It's not nearly good enough to avoid people who consider themselves likely to be defendants in criminal cases - anybody can end up as a witness, or as a party to a civil case. -- Greg Broiles [EMAIL PROTECTED] "Organized crime is the price we pay for organization." -- Raymond Chandler