Fw: [ISN] Aust Defence wont disclose stance on encryption (fwd)

[Jim Choate]

-- Forwarded message --
Date: Sat, 22 Sep 2001 11:11:01 +0100
From: Jason <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Fw: [ISN] Aust Defence wont disclose stance on encryption 


- Original Message -
From: "InfoSec News" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, September 21, 2001 8:38 AM
Subject: [ISN] Aust Defence wont disclose stance on encryption


>
http://www.zdnet.com.au/newstech/security/story/0,224985,20260593,00.htm
?chkpt=zdnn_nbs_h
>
> By Rachel Lebihan,
> ZDNet Australia
> 20 September 2001
>
> Australias Department of Defence wont disclose if it will answer the
> US governments call to arms in restricting encryption technologies,
> and despite widespread support in the States for a ban on
> cryptography, experts say its unlikely to happen.
>
> ZDNet previously reported that the question of restricting the use of
> encryption tools is a matter of serious debate in the US, where
> officials have been quick to blame the use of cryptography for the
> surveillance breakdown that failed to detect signs of the recent
> US-focused terrorist attacks.
>
> The US has called for international support in its encryption
> crackdown but Australian government departments have been quick to
> pass the buck or keep their mouths shut as to whether or not the
> country will rally to support its US counterpart.
>
> Minister for communications Senator Richard Alstons office didnt
> return phone calls to ZDNet Australia and the Attorney Generals
> department referred the matter to the Department of Defence, which
> said: It goes into the realms of defence and we dont comment on that.
>
> According to reports from the US, there is widespread support for a
> ban on "uncrackable" encryption products, with 72 percent of Americans
> agreeing that anti-encryption laws would be "somewhat" or "very"
> helpful in preventing a repeat of the September 11 terrorist attacks.
>
> However, according to Laura Chappell of US-based Protocol Analysis
> Institute, a ban is unlikely to happen. Although over-the-counter
> decryption tools are readily available over the Internet we use the
> same tools for troubleshooting on our own networksto not allow vendors
> to distribute them is impossible, she told ZDNet Australia.
>
> The encryption issue is a double-edged sword...in the US we want to
> vote electronically so encryption must be tremendously advanced and
> secure. Alternately, we don't want the terrorists to have encryption
> better than our government, she said.
>
> Chappell believes that although a ban on cryptography wont happen,
> those who write encryption technology will probably cooperate more
> with the government to help them detect when terrorist communication
> is going occurring.
>
> This is the first time ISPs have really cooperatedthe government
> usually has to bend over backwards until its nose bleeds to get even a
> little cooperation, Chappell said.
>
> According to Grant Bayley, founder of 2600 Australia (
> www.2600.org.au/), a hub of information on computer security, if there
> are serious moves in the United States to crack down on encryption,
> the Australian Government will surely following suit.
>
> However, such a privacy-restrictive move isn't likely to be a quick
> one, given that additional laws would need to be created, debated,
> presumably senate-examined and passed, according to Bayley. A sudden
> backflip on privacy enhancements to a position of restricting
> cryptography and allowing much greater government surveillance of
> citizens isn't likely to go down well with an election looming, Bayley
> added.
>
> Bayley said it wouldnt surprise him if developers were asked by the
> government for decryption assistance, however, In my opinion, there's
> more problems associated with putting the genie back in the bottle
> than there have been with letting the genie out.
>
> I think the non-technical pollies in Washington are looking for every
> reason to avoid pointing the finger at the reduced human capabilities
> of their surveillance and intelligence organisations, he said.
>
> Alex Shiels, who runs a Web site relating to cryptography, censorship
> and free speech, agrees that no Western government is likely to outlaw
> cryptography because it's essential to the finance and e-commerce
> industry.
>
> What we might see though is mandatory key escrow, where users are
> required to lodge their decryption keys with a government agency, to
> be made accessible to law enforcement when a warrant is granted,
> Shiels said, bringing into the debate the fact that corrupt or
> incompetent escrow agency officials could release keys to the wrong
> person.
>
> US corporations are bracing themselves for cyberterrorism attacks.
> Australia needs to do the same. Encryption forms a critical part of
> online security and internet defences. Any government moves to limit
> the use of encryption, including key escrow schemes, will weaken those
> defences, Shiels said.
>

update.557 (fwd)

[Jim Choate]

-- Forwarded message --
Date: Thu, 20 Sep 2001 13:34:25 -0400 (EDT)
From: AIP listserver <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: update.557


PHYSICS NEWS UPDATE 
The American Institute of Physics Bulletin of Physics News
Number 557  September 20, 2001   by Phillip F. Schewe, Ben Stein,
and James Riordon

THE GREENING OF NORTH LATITUDES.  A new study shows
[SSZ: text deleted]

AN ANOMALOUS ACOUSTOELECTRIC EFFECT has been
[SSZ: text deleted]

MULTIPLAYER QUANTUM GAMES.  Played with atoms and
photons rather than dice and coins, quantum games are contests
whose outcomes are governed by the unusual logic of the
submicroscopic world.   The basic token in a quantum game is a
"qubit," a bit of data which is stored in an object such as an atomic
nucleus.  While a classical coin can only be heads (data value 0) or
tails (data value 1), a qubit can effectively be both heads (0) and
tails (1) at the same time, since the nucleus can be in a
combination or superposition of spin-up (0) and spin-down (1). 
What's more, one can interlink or "entangle" qubits held by
separate players so that manipulating one qubit strongly affects the
others.  More than a diversion, playing quantum games can reveal
new information-processing tasks (possibly even certain types of
financial transactions) that quantum computers could perform
more efficiently than classical computers.  Towards these ends,
theorists have been taking traditional games, adapting them for the
quantum realm, and checking if new or better strategies emerge for
winning.  While past quantum games have focused on two players
(Update 411), Oxford researchers (Patrick Hayden,
[EMAIL PROTECTED]) have now identified multiplayer games
in which the player's optimal strategy differs from that of the
classical version of the game.  The researchers discovered unique
strategies in a three-player quantum version of the Dilemma game,
in which three partners engaged in a venture (such as getting the
best seats at a concert) each decide whether or not to betray the
others in efforts to maximize personal gain.  In the quantum
version, the qubits are entangled, then each person uses his qubit to
choose between the following strategies: try for good seat (0),
settle for poor seat (1) or some superposition of the two.  
Entanglement actually destroys the incentive for a player to
contradict and thereby betray his opponents and it removes the
classical dilemma entirely. Although quantum games are mostly
played on paper at this point, a Chinese group has just reported the
experimental realization of a quantum Prisoner's Dilemma (Los
Alamos preprint quant-ph/0104087).  (Benjamin and Hayden,
Physical Review A, September 2001)

Slashdot | Analysis of New Internet Wiretap Laws

[Jim Choate]

http://slashdot.org/articles/01/09/22/0045251.shtml
-- 

 --


 Kill them all, take their land, and go there for vacation.

 Rage Against The Machine

   The Armadillo Group   ,::;::-.  James Choate
   Austin, Tx   /:'/ ``::>/|/  [EMAIL PROTECTED]
   www.ssz.com.',  `/( e\  512-451-7087
   -~~mm-'`-```-mm --'-

RE: Redux: mass hate

[Aimee Farr]

> On Fri, 21 Sep 2001, Aimee Farr wrote:
>
> > 
> > And this, from Choate
> > 
> >
> > http://groups.yahoo.com/group/psychohistory/message/2810
>
> 
>
> What ARE you smoking? I did't write that, you did. I just forwarded it
> (w/o commentary other than for folks not to take up issue with me since I
> didn't write it).

I know you just FWDd it.

I didn't know what "psychohistory" was. The term sort of lends itself to
misconstruction. I've been pissed at you for months over that.

~Aimee

More on Pakistan's nukes...and the Taliban getting to them

[Tim May]

Apropos of what I was saying about India hitting Pakistan's nukes if it
looks like the fundamentalist Muslims will get to them, here's an
article I just saw, excerpted.

Adding to this report, I saw some Pakistani high school kids, in a
physics class (BTW, a physics class such as one might see at the Bronx
High School of Science, not your typical h.s.), explaining with great
enthusiasm that they were all planning to become "mujuhadeen" to
sacrifice themselves for the Jihad. This is what the West will be facing
over the next generation. Keep your powder dry.


http://www.thetimes.co.uk/article/0,,2001320010-2001324777,00.html

THURSDAY SEPTEMBER 20 2001
The nuclear threat
Pakistan could lose control of its arsenal
BY NIGEL HAWKES
West's worst scenario
A LEADING authority on Pakistans nuclear programme has given warning of
a nightmare scenario in which a destabilised Pakistan lost control of
its nuclear weapons to supporters of the Taleban.
...
Mr Perkovich said that Pakistan has about two to three dozen potential
nuclear weapons, all based on highly enriched uranium. Tests carried out
in 1998 demonstrated that they work. Pakistan also has medium-range
missiles capable of reaching targets in India, if no farther afield.

In normal times, they keep the warheads separate from the missiles, he
said, and the fissile uranium  the core of the weapon  is not kept in
the warhead, which consists of electronics and high explosives, but
doesnt have the fissile core in it. Its all dressed up and nowhere to
go.
...
The fissile core, about the size of a melon and weighing up to 66lb, can
be sub-divided into segments that can be stored separately. So the
entire weapon can be split into components that in themselves are
innocuous.
--end excerpt--


DAY-BY-DAY
COVERAGE


*   Sept 14
*   Sept 15
*   Sept 17
*   Sept 18
*   Sept 19
*   Sept 20

DONATIONS
 

HELPCROSSWORD   SEARCH  CONTACT US 
 TERMS & CONDITIONS

Re: anonymous digital cash and other (now) iffy stuff

[Ryan Lackey]

Quoting Phillip Hallam-Baker <[EMAIL PROTECTED]>:

> I never thought much of the idea at the time. In todays climate I
> suspect that E-Gold, ZeroKnowledge and Sealand might as well
> start packing up their servers before they get busted.

(it's "HavenCo" not "Sealand", just as ZKS is ZKS and not "Canada")

I agree the current climate is substantially worse, in terms of respect for
the rule of law, individual liberty, and the prospects for freedom of 
speech, than it was before the WTC bombing.   However, none of this was
unanticipated; this incident just accelerates our descent into a future
dystopia of universal monitoring, global statism, and individual 
subjugation, but does not at all affect where we're going.  We've been on 
this path for at least the past 50 years, and if this attack and the 
aftermath pushes us forward another 20 years in a single day, that's certainly 
important, but no one should be surprised when they look around themselves 
and don't like what they see.

(I assume you mean legislative/legal/political climate; while the 
nay-sayers said we'd be out of business before the end of 2000 due to lack
of demand, HavenCo at least is profitable, and I think E-Gold is as well.)

This trend is far more damaging to firms whose core business is not the 
provision of anonymity and privacy to clients, but which require
privacy and anonymity provided by others to make their services useful.
If it becomes more difficult to provide privacy/anonymity/security, the
demand for such services will increase even faster than the costs of 
providing them.  Some firms with relatively weak technical or other
basis may be unable to scale up to provide more secure solutions, but the
ensuing vacuum will encourage others to step up to the plate.

The greatest enemy of secure electronic mail, for instance, being widely
deployed is the LACK of widespread monitoring.  If every internet
connection in the US were monitored actively, and the contents were
routinely used in civil and criminal legal actions, technologies
like ZKS Freedom, PGP, SSL would be in far wider use than they are now.

Certainly an argument can be made that it is more complex to offer such
services with active government prosecution in one or more jurisdictions
around the world.  However, certain fundamental technical conditions
do not cease to be true simply due to terrorist action, political will,
or legislative fiat.  Blowing up the WTC is unlikely to have made factoring
RSA any easier than it was on 10 September, it is unlikely to have found
a backdoor in widely deployed symmetric ciphers, and it has not affected
the laws of thermodynamics to lessen the difficulty of defeating 
steganography.  Sure, identifiable persons, physical assets, etc. can now
be more easily attacked through legal means, at least in most of the world,
and there is public support in many countries for international military
action against others, provided at least a tenuous link to the "global
terrorist conspiracy".  However, the fundamental game is not changed.

All that is required for "cypherpunk" reality is:

[*] at least one computer with secure local execution environment 
(processor, some internal secure memory for interim results)
   
[*] some means of permanently storing data (which can be 
unreliable, monitored, etc.)

[*] some means of communication (even highly monitored, maliciously 
modified, or other) to the humans involved

[*] plus, for anything reasonable, multiple such setups and some means 
of communication among them in a large network, even monitored or 
modified, with traffic analysis possibly limited to "a member of the 
overall network" where "network" can be massively more broad than 
"conspirators").  

[*] Code[1].

I think it highly unlikely even a new "War on Terrorism", even if 100 times
more forceful than the "War on Drugs", will be able to eliminate every
last pre-2001 laptop computer, PDA, etc. from the earth, or the ability
for people to send email (even if monitored, and outright encrypted email
is a capital crime) and connect to a global network.  

On top of that infrastructure, viable electronic cash systems protected
from traffic analysis and resistant to censorship, anonymous publication
systems, etc. can be built.  Indeed, most of the technical challenges have
been solved since the 1980s; the only difficulty has been general lack of
demand from the public, standard software engineering complexity issues,
excessive concern for legality and intellectual property concerns,
and the distraction of the dotcom boom.  If, as you seem to imply,
open warfare on personal liberty shall be declared, most of those concerns
go away; if it's a felony to deploy ecash, you'll want to be anonymous
anyway, and then violating someone's patent just doesn't seem like a big
deal in comparison.

> [...]

> Sealand will probably still keep maintaining its idiotic claim to be an
> independent state, but if the UK government 

ADV: FED CUTS RATE .. AGAIN !! FREE MORTGAGE RATE QUOTE hzbmf

[freequote]

Don't waste money EVERY SINGLE MONTH!!
 
Home Mortgage Rates have DROPPED! AGAIN !!
 
Simply fill out our FREE NO OBLIGATION form and find out how much you can save on your 
mortgage every month.
 
It's That Easy!
 
Visit our website:
http://www.www42.com
   
   
**

To unsubscribe, simply click here: 
mailto:[EMAIL PROTECTED]?subject=unsubscribe

Re: CDR: Re: Preparedness

[Jim Choate]

On Fri, 21 Sep 2001, Tim May wrote:

> near the movie's end. Like diverting the asteroids and comets. Like 
> stopping the Andromeda Strain from escaping. When a nuke _does_ go off, 

Sorry, but your memory is gone. They didn't stop it from escaping. That(!)
was the whole point of the movie. All the plans, all the technology, the
unknown defeated them and rain dumping the alien organism into the sea
where it was killed by the appropriate pH. Simple blind luck.

(It's out on DVD for about $15)


 --


 Kill them all, take their land, and go there for vacation.

 Rage Against The Machine

   The Armadillo Group   ,::;::-.  James Choate
   Austin, Tx   /:'/ ``::>/|/  [EMAIL PROTECTED]
   www.ssz.com.',  `/( e\  512-451-7087
   -~~mm-'`-```-mm --'-

RE: Preparedness

[Blanc]

>From Declan:

:>Even before the fire at the crippled Pentagon across the Potomac had been
:>extinguished, frightening shortcomings in the District's emergency
:>preparedness were laid bare. Communications broke down, and key District
:>leaders scrambled to exchange information via e-mail and pagers. The fire
:>department had scant reserve equipment, a single hazardous-materials unit,
:>and no search-and-rescue units available to dispatch. There was no master
:>terrorism-response plan in place, so agency heads reached for whatever was
:>available on the nearest shelfwhich for some meant Y2K plans and, for the
:>fire department, a 1968 deployment guideline drafted in response to the
:>riots following the assassination of the Rev. Martin Luther King Jr.



I've been hearing about the budget for the CIA/NSA/etc. defense budgets of
numbers like 30 billion - B I L L I O N - at the same time that I hear about
how their technology is outmoded, outdated, that they're all ignorant of
useful knowledge of the enemy (like how to communicate in their language),
that they are under-manned, etc.  Considering all the tax money which has
been spent by these and other departments for useless symbolic projects
which accomplish nothing, I am just taken aback at how the important things
which are truly useful, especially at a time like this, that
"infrastructure" which was the big buzzword some time ago, has been
neglected.  There are weights which fall upon you; then there are sinking
holes which pull you down.  Keep pouring that money into that sieve, y'all.
  ..
Blanc

Re: Preparedness

[Declan McCullagh]

At 06:12 PM 9/21/01 -0700, Tim May wrote:
>Look, friends (and non-friends), I need to say a few words about 
>"preparedness." I've gotten questions from list readers about where to get 
>KI tablets, what to stock up on, etc. A kind of replay of Y2K.
>
>The odds of anything "really bad" hitting any particular reader of this 
>list are small indeed. Even the WTC event which hit NYC only had a small 
>chance of hitting any list members working or living in NYC.

Some brief thoughts in response:

* It's not just getting hit by an attack that we citydwellers may need to 
worry about, but the disruption afterward. It seems, based on news reports, 
that many thousands of New Yorkers were left without basic 
water-gas-electricity-phone service after last week's attacks. Water, food, 
warm clothes -- lucky it wasn't winter -- can be vital. Better than a Red 
Cross handout shelter.

* Folks in DC are starting to think through this. My intern told me today 
he has a gas mask (not new, he's had it a while). It's sorta a nervous joke 
-- echo of Y2K -- but as soon as there's another attack anywhere, folks in 
DC and NYC will get serious real fast. Biochemwomdnuke attack and all bets 
are off.

* I have family in NYC who were out of the country during the attacks. Now 
they're back, and they say they're not as willing to live in NYC 
permanently. Suburbia is looking far more attractive.

* Aimee posted something in the last week or so that was comprehensible for 
once (I've since lost the post), which was a URL for a folding plastic 
gas-mask with a charcoal filter. I recall it didn't seem designed for 
chemattacks; it would be interesting to know what it could filter.

* The Washington City Paper has a horrific cover story this week on the 
city's beyond-pathetic response to Tuesday's attacks:
http://www.washingtoncitypaper.com/cover/cover.html
>Even before the fire at the crippled Pentagon across the Potomac had been 
>extinguished, frightening shortcomings in the District's emergency 
>preparedness were laid bare. Communications broke down, and key District 
>leaders scrambled to exchange information via e-mail and pagers. The fire 
>department had scant reserve equipment, a single hazardous-materials unit, 
>and no search-and-rescue units available to dispatch. There was no master 
>terrorism-response plan in place, so agency heads reached for whatever was 
>available on the nearest shelfwhich for some meant Y2K plans and, for the 
>fire department, a 1968 deployment guideline drafted in response to the 
>riots following the assassination of the Rev. Martin Luther King Jr.

* Based on this kind of report, you've got to wonder what would happen if 
there were biochemwomdnuke attacks. I note this WOMD is coming up a bit 
more on the news than last week; part of it may be the news networks 
looking for another story. Or it could be that DC-NYC city dwellers are a 
bit more worried, and what they're worried about is reflected on the air.

* If we knew what we know now and were building a terrorist-resistant 
society, we could. Not terrorist-proof, but resistant. No high buildings, 
no large underground complexes, very spread out, transportation perhaps 
based on cars, bicycles and light rail. Airports far away from city 
centers, ala Denver and Pittsburgh, to avoid the problem that 
still-not-open Reagan National airport is having, and other airports like 
LaGuardia, Logan, and SF could have. The problem is that we already have a 
terrorist-prone society, or at least terrorist-vulnerable, and instead of 
rebuilding and "flattening" our vertical construction, we're trying to 
terrorist-proof it.

-Declan

Redux: mass hate

[Jim Choate]

On Fri, 21 Sep 2001, Aimee Farr wrote:

> 
> And this, from Choate
> 
> 
> http://groups.yahoo.com/group/psychohistory/message/2810



What ARE you smoking? I did't write that, you did. I just forwarded it
(w/o commentary other than for folks not to take up issue with me since I
didn't write it).


 --


 Kill them all, take their land, and go there for vacation.

 Rage Against The Machine

   The Armadillo Group   ,::;::-.  James Choate
   Austin, Tx   /:'/ ``::>/|/  [EMAIL PROTECTED]
   www.ssz.com.',  `/( e\  512-451-7087
   -~~mm-'`-```-mm --'-

Re: Preparedness

[Tim May]

On Friday, September 21, 2001, at 08:44 PM, Declan McCullagh wrote:

> * The Washington City Paper has a horrific cover story this week on the 
> city's beyond-pathetic response to Tuesday's attacks:
> http://www.washingtoncitypaper.com/cover/cover.html
>> Even before the fire at the crippled Pentagon across the Potomac had 
>> been extinguished, frightening shortcomings in the District's 
>> emergency preparedness were laid bare. Communications broke down, and 
>> key District leaders scrambled to exchange information via e-mail and 
>> pagers. The fire department had scant reserve equipment, a single 
>> hazardous-materials unit, and no search-and-rescue units available to 
>> dispatch. There was no master terrorism-response plan in place, so 
>> agency heads reached for whatever was available on the nearest 
>> shelfwhich for some meant Y2K plans and, for the fire department, a 
>> 1968 deployment guideline drafted in response to the riots following 
>> the assassination of the Rev. Martin Luther King Jr.

This confusion and chaos was pretty much anticipated by Y2K worriers: 
had anything disrupted transport or communications, D.C. looked to be in 
bad shape. (I recall comparisons made to Montgomery County, which had 
some problems with emergency systems, but seemed much better prepared.

It's also surprising that an attack on the Pentagon, across the river, 
triggered chaos inside D.C. per se.

A friend of mine thinks NYC may actually be a target a second time 
around: moving vans or other large trucks loaded with explosives and 
detonated inside the Holland and other tunnel(s).

(I think there was a Sylvester Stallone movie which I never saw about a 
similar plan..."Daylight" was the name, I think. Interestingly, 
Hollywood usually has the hero stopping the timer at the 4-second mark, 
near the movie's end. Like diverting the asteroids and comets. Like 
stopping the Andromeda Strain from escaping. When a nuke _does_ go off, 
as in "True Lies," it's several miles away and only produces some 
suntans. Reality is not so antiseptic.)


--Tim May

Re: Zimmermann\\\'s shameful display...

[citizenq]

My god - you've hit on something here!  Thank you, I forgot - everyone IS that way on 
the list.  Just more so now.  It's kind of like the guys in the inner city, they're 
always tough -insulting and challenging in in a way that's both threatening and 
jocular at the same time- on each other and you either have to harden to it and 
develop the skills for handling that particular kind of repartee and hold your own, or 
you are shunned from the social group.  It's a way of bonding together and excluding 
"outsiders."

No, I'm not new to the list.  And I'm not worried about it.  But I definitely detect a 
heightened level of anxiety in the posts.


>On Fri, Sep 21, 2001 at 04:37:36PM -0700, [EMAIL PROTECTED] wrote:
>
>> Everyone is acting like a bunch of assholes, snotty know-it-alls,
>
>So you're new to the list?
>
>-Declan