Bigger, Fuller Breasts Naturally In Just Weeks............ vvi
For women ages to 13 to 60 plus As seen on TV Safely Make Your Breasts Bigger and Fuller In the privacy of your home in JUST weeks. Guaranteed quick results: Click Here For Full Report hkuvrfvlfsnwrehcsugdhbqugesflntnobrgw
Re: Schneier on Palladium and the TCPA
Bruce Schneier wrote about Palladium: > Basically, Pd is Microsoft's attempt to build a trusted computer, much as I > discussed the concept in "Secrets and Lies" (pages 127-130); read it for > background). Actually his discussion in the book is about traditional "secure OS" concepts such as Multics. Trusted computing attempts to go considerably beyond this. > The idea is that different users on the system have > limitations on their abilities, and are walled off from each other. That was the idea for secure OS's. For trusted computing it is more that you can have trust in an application running on a remote system, that it is what it claims, and that it has a certain degree of immunity from being compromised. > Pd provides protection against two broad classes of attacks. Automatic > software attacks (viruses, Trojans, network-mounted exploits) are contained > because an exploited flaw in one part of the system can't affect the rest > of the system. And local software-based attacks (e.g., using debuggers to > pry things open) are protected because of the separation between parts of > the system. It's interesting that Bruce sees it in terms of attacks like this. As he is now in the managed security business, it makes sense that he would look at Palladium in terms of how much security it can add to a system. As far as viruses and such, the protection Palladium offers would seem to be that if you load a trusted component, and it has been infected by a virus since the last time you ran it, its hash will change. This means that it will no longer be able to access sealed data - it won't be able to get into the "virtual vault" because it is no longer the same program. Likewise it would not be able to participate in any trusted networking because the fact of its compromise would be remotely observable (due to the hash change). This is not an all-purpose defense against viruses and such; it would be restricted to the "trusted" parts of applications and it would only work specifically with sealed data and trusted networking. But for some purposes it could be quite useful. Imagine a banking app which keeps your account access info sealed in a virtual vault; then no other app can get to the data, so you are immune to virus attacks elsewhere in the system; and if even the banking app itself is compromised, it will no longer be able to get into its own vault. > There are security features that tie programs and data to CPU and to user, > and encrypt them for privacy. This is probably necessary to make Pd work, > but has a side-effect that I'm sure Microsoft is thrilled with. Like books > and furniture and clothing, the person who currently buys new software can > resell it when he's done with it. People have a right to do this -- it's > called the "First Sale Doctrine" in the United States -- but the software > industry has long claimed that software is not sold, but licensed, and > cannot be transferred. When someone sells a Pd-equipped computer, he is > likely to clear his keys so that his identity can't be used or files can't > be read. This will also serve to erase all the software he purchased. The > end result might be that people won't be able to resell software, even if > they wanted to. This is a pretty far-fetched scenario, for several reasons. First, according to Peter Biddle, Palladium is designed to protect content and not programs. Sure, maybe you don't believe him, but at least he's on record as saying it. And what is known of the Palladium architecture is consistent with his claim. The limited architectural diagrams in the Palladium white paper don't show any mechanism for locking code to a computer. But there are other problems with Bruce's scenario. It assumes (apparently) that you aren't copying your programs to your replacement computer when you get rid of the old one! That doesn't make sense. You have an investment of hundreds or thousands of dollars in software. You'll want to copy it over, and certainly Palladium will allow that. So what's his objection in that case: that you can't sell an illegal copy of your old software once you've installed it on the new system? What's the "First Sale Doctrine" got to do with that? It doesn't allow for you to both keep a copy of your software and to sell it. If he's objecting that Palladium won't let you break the law in some ways you can today, let him say so openly. But as it is he is claiming that Palladium will compromise the First Sale Doctrine, and that interpretation doesn't hold water. It's also not at all clear why you would want to wipe your keys like this. It should be enough to just delete your data files from the disk. It's not like the trusted computing chip will hold kilobytes of sensitive personal data. All it has is a few keys, so if you get rid of the data, the keys don't matter. And then, how different is that from what you do today? If you sell an old computer, you should clear out the sensitive data fi
Cryptographic privacy protection in TCPA
Here are some more thoughts on how cryptography could be used to enhance user privacy in a system like TCPA. Even if the TCPA group is not receptive to these proposals, it would be useful to have an understanding of the security issues. And the same issues arise in many other kinds of systems which use certificates with some degree of anonymity, so the discussion is relevant even beyond TCPA. The basic requirement is that users have a certificate on a long-term key which proves they are part of the system, but they don't want to show that cert or that key for most of their interactions, due to privacy concerns. They want to have their identity protected, while still being able to prove that they do have the appropriate cert. In the case of TCPA the key is locked into the TPM chip, the "endorsement key"; and the cert is called the "endorsement certificate", expected to be issued by the chip manufacturer. Let us call the originating cert issuer the CA in this document, and the long-term cert the "permanent certificate". A secondary requirement is for some kind of revocation in the case of misuse. For TCPA this would mean cracking the TPM and extracting its key. I can see two situations where this might lead to revocation. The first is a "global" crack, where the extracted TPM key is published on the net, so that everyone can falsely claim to be part of the TCPA system. That's a pretty obvious case where the key must be revoked for the system to have any integrity at all. The second case is a "local" crack, where a user has extracted his TPM key but keeps it secret, using it to cheat the TCPA protocols. This would be much harder to detect, and perhaps equally significantly, much harder to prove. Nevertheless, some way of responding to this situation is a desirable security feature. The TCPA solution is to use one or more Privacy CAs. You supply your permanent cert and a new short-term "identity" key; the Privacy CA validates the cert and then signs your key, giving you a new cert on the identity key. For routine use on the net, you show your identity cert and use your identity key; your permanent key and cert are never shown except to the Privacy CA. This means that the Privacy CA has the power to revoke your anonymity; and worse, he (or more precisely, his key) has the power to create bogus identities. On the plus side, the Privacy CA can check a revocation list and not issue a new identity cert of the permanent key has been revoked. And if someone has done a local crack and the evidence is strong enough, the Privacy CA can revoke his anonymity and allow his permanent key to be revoked. Let us now consider some cryptographic alternatives. The first is to use Chaum blinding for the Privacy CA interaction. As before, the user supplies his permanent cert to prove that he is a legitimate part of the system, but instead of providing an identity key to be certified, he supplies it in blinded form. The Privacy CA signs this blinded key, the user strips the blinding, and he is left with a cert from the Privacy CA on his identity key. He uses this as in the previous example, showing his privacy cert and using his privacy key. In this system, the Privacy CA no longer has the power to revoke your anonymity, because he only saw a blinded version of your identity key. However, the Privacy CA retains the power to create bogus identities, so the security risk is still there. If there has been a global crack, and a permanent key has been revoked, the Privacy CA can check the revocation list and prevent that user from acquiring new identities, so revocation works for global cracks. However, for local cracks, where there is suspicious behavior, there is no way to track down the permanent key associated with the cheater. All his interactions are done with an identity key which is unlinkable. So there is no way to respond to local cracks and revoke the keys. Actually, in this system the Privacy CA is not really protecting anyone's privacy, because it doesn't see any identities. There is no need for multiple Privacy CAs and it would make more sense to merge the Privacy CA and the original CA that issues the permanent certs. That way there would be only one agency with the power to forge keys, which would improve accountability and auditability. One problem with revocation in both of these systems, especially the one with Chaum blinding, is that existing identity certs (from before the fraud was detected) may still be usable. It is probably necessary to have identity certs be valid for only a limited time so that users with revoked keys are not able to continue to use their old identity certs. Brands credentials provide a more flexible and powerful approach than Chaum blinding which can potentially provide improvements. The basic setup is the same: users would go to a Privacy CA and show their permanent cert, getting a new cert on an identity key which they would use on the net. The difference i
Geektavists considered harmful.
Honeywell in Vietnam with the phoenix program.Nuclear launch codes,PROMIS,the rush of Gadarene geeks to the homeland security troughs here and in places like China with its Golden shield...I wish the fuck geeks would stay the hell out of politics. >>If inventing future technologies makes it more difficult for governments to levy high taxes and enforce laws banning consensual activities, well, that's a far more dramatic change than we can ever hope to accomplish through the political process. In other words, I trust the laws of mathematics more than I trust laws created by politicians. Obviously, as I said earlier (http://www.politechbot.com/p-03889.html), I don't recommend giving up on all forms of non-coding activism. But let's evaluate the costs and benefits, and recognize when our efforts could be better spent elsewhere. -Declan << Even a CATO cuckoo clocks right twice a day.
Manhattan Madrassass Murder Mystery.
http://www.manhattan-institute.org/html/cci.htm#faithbasedinitiatives Faith-Based Initiatives The Manhattan Institutes Jeremiah Project is an effort to study, promote and replicate the work inner-city ministers are doing in reducing youth violence and restoring civil society to urban communities across America. Dr. John DiIulio founded the project while he was a Senior Fellow at the Manhattan Institute. Through this effort, the Institute conducts research, hosts conferences and shares information on these faith-based organizations in order to highlight and replicate the most successful efforts around the country. We methodically research their efficacy in the areas of youth violence, drug addiction, teenage pregnancy, illiteracy, joblessness and other social ills that remain so heavily concentrated in predominantly minority, inner-city neighborhoods. Last year the Institute released two new studies on faith-based organizations, in conjunction with the University of Pennsylvanias Center for Research on Religion and Urban Civil Society. Good Dads: Religion, Civic Engagement, and Paternal Involvement in Low-Income Communities by W. Bradford Wilcox shows that residential fathers who are involved in religious organizations are significantly more likely to spend time with their children and be involved in their childrens activities. The Role of African-American Churches in Reducing Crime Among Black Youth, by Dr. Byron Johnson, the current Director of the Jeremiah Project, determines that religious involvement by African-American youth significantly shields them from the effects of neighborhood disorder and decay and reduces the potential that they will turn to crime. Our 1998 conference, Can Churches Save the Inner City?, highlighted scientific evidence showing that religious belief and involvement reduces juvenile criminality. In 1999, we featured five successful Washington, D.C. based ministries at Faith-Based Approaches to Saving Our Capitals Youth, an event we co-sponsored with Empower America. And in 2000, we joined Reverend Herbert H. Lusk, II of the Greater Exodus Baptist Church in Philadelphia to host a roundtable entitled Religious Leaders in the Public Square. Theres more,50 million taxpayers have already been released.Should buy a few Koran's.
I noticed your e-mail
Hello You get emails every day, offering to show you how to make money. Most of these emails are from people who are NOT making any money. And they expect you to listen to them? Enough. If you want to make money with your computer, then you should hook up with a group that is actually DOING it. We are making a large, continuing income every month. What's more - we will show YOU how to do the same thing. This business is done completely by internet and email, and you can even join for free to check it out first. If you can send an email, you can do this. No special "skills" are required. How much are we making? Below are a few examples. These are real people, and most of them work at this business part-time. But keep in mind, they do WORK at it - I am not going to insult your intelligence by saying you can sign up, do no work, and rake in the cash. That kind of job does not exist. But if you are willing to put in 10-12 hours per week, this might be just the thing you are looking for. N. Gallagher: $3000 per month J. Ludes: $1000 per month S. Johnson: $6000 -$7000 per month V. Patalano: $2000 per month M. South: $5000 per month J. Henslin: $7000 per month This is not income that is determined by luck, or work that is done FOR you - it is all based on your effort. But, as I said, there are no special skills required. And this income is RESIDUAL - meaning that it continues each month (and it tends to increase each month also). Interested? I invite you to find out more. You can get in as a free member, at no cost, and no obligation to continue if you decide it is not for you. We are just looking for people who still have that "burning desire" to find an opportunity that will reward them incredibly well, if they work at it. To grab a FREE ID#, click here: http://www.geocities.com/residual88 Once I receive your request for a free membership I will personally send you a special report that will require you to confirm the e-mail by clicking on the link in the e-mail. Once you have confirmed the link, you will be issued your unique id number for your free membership. Please allow 24 hours for delivery of your special report. You can look for an e-mail that will have the title: Activate your free membership today! once you get the e-mail you will be asked to confirm the link to get your unique id number. That's all there's to it. We'll then send you info, and you can make up your own mind. Looking forward to hearing from you! Sincerely, Justin Walter P.S. After having several negative experiences with network marketing companies I had pretty much given up on them. This is different - there is value, integrity, and a REAL opportunity to have your own home-based business... and finally make real money on the internet. Don't pass this up...you can sign up and test-drive the program for FREE. All you need to do is get your free membership. Unsubscribe: Send a blank email to: ([EMAIL PROTECTED]) with "Remove" in the subject line. 8106wZqT5-266gNya9977hqfH2-982KuMx6697VvMI3-l41
I noticed your e-mail
Hello You get emails every day, offering to show you how to make money. Most of these emails are from people who are NOT making any money. And they expect you to listen to them? Enough. If you want to make money with your computer, then you should hook up with a group that is actually DOING it. We are making a large, continuing income every month. What's more - we will show YOU how to do the same thing. This business is done completely by internet and email, and you can even join for free to check it out first. If you can send an email, you can do this. No special "skills" are required. How much are we making? Below are a few examples. These are real people, and most of them work at this business part-time. But keep in mind, they do WORK at it - I am not going to insult your intelligence by saying you can sign up, do no work, and rake in the cash. That kind of job does not exist. But if you are willing to put in 10-12 hours per week, this might be just the thing you are looking for. N. Gallagher: $3000 per month J. Ludes: $1000 per month S. Johnson: $6000 -$7000 per month V. Patalano: $2000 per month M. South: $5000 per month J. Henslin: $7000 per month This is not income that is determined by luck, or work that is done FOR you - it is all based on your effort. But, as I said, there are no special skills required. And this income is RESIDUAL - meaning that it continues each month (and it tends to increase each month also). Interested? I invite you to find out more. You can get in as a free member, at no cost, and no obligation to continue if you decide it is not for you. We are just looking for people who still have that "burning desire" to find an opportunity that will reward them incredibly well, if they work at it. To grab a FREE ID#, click here: http://www.geocities.com/residual88 Once I receive your request for a free membership I will personally send you a special report that will require you to confirm the e-mail by clicking on the link in the e-mail. Once you have confirmed the link, you will be issued your unique id number for your free membership. Please allow 24 hours for delivery of your special report. You can look for an e-mail that will have the title: Activate your free membership today! once you get the e-mail you will be asked to confirm the link to get your unique id number. That's all there's to it. We'll then send you info, and you can make up your own mind. Looking forward to hearing from you! Sincerely, Justin Walter P.S. After having several negative experiences with network marketing companies I had pretty much given up on them. This is different - there is value, integrity, and a REAL opportunity to have your own home-based business... and finally make real money on the internet. Don't pass this up...you can sign up and test-drive the program for FREE. All you need to do is get your free membership. Unsubscribe: Send a blank email to: ([EMAIL PROTECTED]) with "Remove" in the subject line. 0223cgPS0-169AZiZ1014gwKs4-415EhTo6l33
Hasn't Bosnia suffered enough?
In May, 2002, Mr. Allen travelled to Bosnia at the request of U.S. and European officials of the George C. Marshall European Center for Security Studies to share his experiences as a local prosecutor with foreign officials on meeting threats posed by white collar criminals. As the only American prosecutor chosen, Mr. Allen worked with Bosnian prosecutors, judges and lawmakers in their review of laws in the war-torn country attacking corruption, fraud and money laundering. Afterwards, he and the Bosnian representatives discussed the merits of adopting some aspects of the American criminal justice system, including grand juries, in dealing with white collar crime there. "At a time when we are reminded that the stability of far away places can have a direct impact on the security of our nation, it is important to have an American leader come to Bosnia to share insights into the values and rule of law that serve as the cornerstones of democracy and freedom. Mr. Allen made a tremendous contribution toward these goals in Bosnia," said Alan G. Gorowitz, a Plans Officer for the George C. Marshall Center. Mike and his wife Lisa (Magistrate, Hamilton County Municipal Court), live with their two children, Michael Jr. and Cora, in Miami Township. Contact Information: Hamilton County Prosecutor's Office 230 E. Ninth Street, Suite 4000 Cincinnati, Ohio 45202 Voice - (513) 946-3000 Fax - (513) 946-3017 APster; reach out and kill someone.
RE: employment market for applied cryptographers?
Having devoted security personnel is a low priority at most companies. General engineers will be tasked with figuring out how to incorporate "security" and cryptography into products. I have visited many a company where I am talking to a room full of very sharp engineers, but there is a fundamental lack of understanding of cryptographic primitives and their applications (let alone high-level protocols using those primitives). At large companies, having a few strong security engineers that can provide support to the various engineering areas should be a norm (if anything, from a liability perspective). At small companies, having security engineers who are also capable of general engineering is a good balance. It seems lately that neither is occurring, but this will probably correct itself as security becomes a military/gov't-demanded->(bank-demanded->)corporate-demanded->consumer-d emanded feature. Of note, in my (Washington DC Metro) area there has been plenty of demand for cryptographic/information assurance/security engineers. -Andrew PS One (vague) example of the blunders that occur... A friend of mine worked for a company and wanted me to meet a few of their engineers. We started talking about cryptography and the engineers told me a story. It seemed that this company had wanted to add encryption to their communications products and some engineers were tasked with building this feature. These engineers did some digging and they discovered asymmetric and symmetric cryptography. Since asymmetric cryptography seemed "better," they decided to use it (RSA algorithm) to encrypt/decrypt the traffic. (Bad idea.) (of note, this was eventually changed to using a public key-based key exchange of symmetric keys. These symmetric keys were then used by a symmetric algorithm to encrypt/decrypt the traffic. I do not know the details of the protocol used or if it was standards-based.) Using this example, bringing on a (probably contract) "cryptographic security engineer" would have saved a great deal of time and effort.
Flat Rate Long distance 7311EWdk4-135w-13
Title: LONG DISTANCE LONG DISTANCE $9.95 per month Six Plans To Choose From $9.95 Plan = Unlimited Plan = Travel Plan Canadian Plans = International = Intra/inter State Stop paying the high cost of long distance. Simple to understand all-inclusive pricing so you save big! Email us now with your phone number to hear how crystal clear your connection will be. To be removed please click here 8098shXC6-417mYKjl16
Re: employment market for applied cryptographers?
Adam Back <[EMAIL PROTECTED]> writes: > Are there any more definitive security industry stats? Are applied > crypto people suffering higher rates of unemployment than general > application programmers? (From my statistically too small sample of > acquaintances it might appear so.) Hard to say. I've seen very high rates of unemployment among people of all walks of life in New York of late -- I know a lot of lawyers, systems administrators, secretaries, advertising types, etc. who are out of work or have been underemployed for a year or longer. I'm not sure that it is just cryptographers. Always keep in mind when you hear the latest economic statistics that measuring the size of the US economy, or the number of unemployed people, is partially voodoo. When was the last time you saw any estimate of the margin of error on the supposedly "scientific" measurement of quarterly economic growth? How many illegal immigrants are being polled in the employment stats? How much of the revenue of underground businesses gets counted in the GDP figures? (I myself am unemployed at the moment, but voluntarily so I suppose I wouldn't count in the statistics -- starting a company during a recession turns out to be a great way to burn yourself out out, so I decided to take some time off of working. Haven't given much thought to what I'll do to find a job when I decide I want one again...) Perry
Re: trade-offs of secure programming with Palladium (Re: Palladiu m: technical limits and implications)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thursday 15 August 2002 19:53, Trei, Peter wrote: > Take off your economic hat, and try on a law-enforcement one. > > With DMCA, etal, the tools to get around TCPA's taking of your > right to use your property as you please have been criminalized. > (Don't argue that TCPA will always be voluntary. I don't beleive > that). > > I have little patience with arguments which say 'Yeah, they can > make X against the law, but clever people like me can always > get around it, and won't get caught, so I don't care.' Thankx, Peter. I thought a lot of this in the last weeks and this is exactly what worries me. Most people who are able to encryp mails for example say "I do not care about people spying, I know how to encrypt" People who know how to circumvent copy-protection-devices say: "Ah, I am clever enough...I know what to do so why worry?" But I think - are we not forgetting something? Or better: someone? And is that someone not "all the people who do "suffer" under the laws the people "who know what to do" simply accept? Three examples: a) Data Retention: people see the problem but say "I know how to use an anonymous proxy so why worry?" b) Copyright-Protection: people who know how to act with Linux etc say "So what --- I am a coder or programmer, I know what to do to get around it" c) Freedom of Information: for example IP-blocking, censorship People say "yeah, bad, but I know how use an alternative DNS etc..." So all in all the technically clever people see what is happening but rather answer with an "I know how to hide" than with an "I will use my technical skills to help other people" or with an "Even though I know how to hide this is not right --- I will have to do something" > Maybe you can, some of the time, but that's not the point. Most > people won't, either because it's too hard, they don't know what > they've lost, or because of a misplaced respect for the whims of > The Men with Guns. This is not a Good Thing. > A freedom to skulk in the shadows, hoping not to be noticed, is not > the legacy I wish to leave behind. Again thanks. In the last mailinglist someone said that most people do not see the point if it comes to privacy (which has to do with copyright devices etc, with registrating, with open source and with the right to chose...) Why not got from the abstract path of "copyright-protection devices" to a less abstract path? Let us take an unfair law --- for example one which is restricting our privacy in a non-technical way. If someone would introduce a law that says "giving birth to a child withour our admission is forbidden and you have to use a condom or anything else to make sure that your girlfriend...is not getting pregnant" Would you rather say "I know how to use a pin to make a hole in a condom" or say "this is absolute ridiculous etc --- we have to fight against this"? In a technical life, more and more people seem to be the opinion that if they are able to hide (use encryption, have technical knowledge...) this is enough and they do not care about the rest of the people being in the spotlight of the all-seeing-eye. I think if we want to change anything and not only improve our technical skills we have to a) help other people to understand the meaning of something like copyright-protection devices and laws like the DMCA (not in 30 pages, not with technical explainations but with explainations "for the masses " :-) b) go against these laws even though we might be able to "be an outlaw" Just in a simple term: We help people being physically tortured, we do take part in initiatives against torture etc ---> we act None of us would say "well, I know how to avoid tortute so why worry?" Sorry if this was philosophical but if there is something which worries me than it is people seeing the problems in data retention, copyright-protection devices etc. but answering "Well, people should use Linux, use an anonymous proxy...harharhar" To take the example above "I see the problem in torturing but people should use a gun harharhar..." Unfairness can not be defeated by saying "I know your unfairness but I can escape so why should I worry"... Kindest regards (I know I am a hopeless human-rights-talker) Twister -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE9XGP2bWUifFmZwyIRAgGTAJ9cMsCF5LATcYC7sN01AuozuOs71ACbBdd5 wuJn4F3wWwYN4lHiQwonnPc= =bkyg -END PGP SIGNATURE-
Borderhack! NO ONE IS ILLEGAL
Older Features | Newswire | Publish | Links | About U.S. - MEXICO: NO ONE IS ILLEGAL Aug 15 2002 'Borderhack!' Hits San Diego and Tijuana Borderhack! forms part of the 'No one is illegal' chain of bordercamps, which have been held on various national borders throughout Europe since 1998. From August 16-18, a camp will be established in Tijuana, Mexico next to the border fence. The event will include a campground on the beach, conferences, expositions of photography, digital art, documentaries, and interactive multimedia. The festival will also operate online, transmitting live video feeds, net radio, website updates. A similar camp titled 'Una festival de resistencia contra la frontera' examining similar issues will be held at the same time in Nogales, Sonora and Arizona. In San Diego County, the INS and the U.S. Border Patrol are planning to complete the final stages of a three-tiered fence at the U.S.-Mexico border. The fence would run from the ocean eastward destroying environmental and cultural resources. In addition to the borderhack! festival, numerous groups are calling attention to border issues, including the Southwest Alliance to Resist Militarization. Further coverage on these issues can be found in the July26 and July 21 features on the bordercamp in Strasbourg, and the June 7 feature on the No Border movement. [ San Diego IMC | Tijuana CMI | Arizona IMC ]
Re: employment market for applied cryptographers?
Hey, this is off-topic for DRM-punks! ;) more seriously: I think the fundamental issue is that crypto doesn't really solve many business problems, and it may solve fewer security problems. See Bellovin's work on how many vulnerabilities would be blocked by strong crypto. The buying public can't distinguish between well implemented and poorly implemented crypto; the snake oil faq has helped a lot, but now you need to distinguiish between well and poorly coded AES. Is there a business case for doing so, or should you just ship crap? AdamS On Fri, Aug 16, 2002 at 02:23:05AM +0100, Adam Back wrote: | On the employment situation... it seems that a lot of applied | cryptographers are currently unemployed (Tim Dierks, Joseph, a few | ex-colleagues, and friends who asked if I had any leads, the spate of | recent "security consultant" .sigs, plus I heard that a straw poll of | attenders at the codecon conference earlier this year showed close to | 50% out of work). | | Are there any more definitive security industry stats? Are applied | crypto people suffering higher rates of unemployment than general | application programmers? (From my statistically too small sample of | acquaintances it might appear so.) | | If this is so, why is it? | | - you might think the physical security push following the world | political instability worries following Sep 11th would be accompanied | by a corresponding information security push -- jittery companies | improving their disaster recovery and to a lesser extent info sec | plans. | | - governments are still harping on the info-war hype, national | information infrastructure protection, and the US Information Security | Czar Clarke making grandiose pronouncements about how industry ought | to do various things (that the USG spent the last 10 years doing it's | best to frustrate industry from doing with it's dumb export laws) | | - even Microsoft has decided to make a play of cleaning up it's | security act (you'd wonder if this was in fact a cover for Palladium | which I think is likely a big play for them in terms of future control | points and (anti-)competitive strategy -- as well as obviously a play | for the home entertainment system space with DRM) | | However these reasons are perhaps more than cancelled by: | | - dot-com bubble (though I saw some news reports earlier that though | there is lots of churn in programmers in general, that long term | unemployment rates were not that elevated in general) | | - perhaps security infrastructure and software upgrades are the first | things to be canned when cash runs short? | | - software security related contract employees laid off ahead of | full-timers? Certainly contracting seems to be flat in general, and | especially in crypto software contracts look few and far between. At | least in the UK some security people are employed in that way (not | familiar with north america). | | - PKI seems to have fizzled compared to earlier exaggerated | expectations, presumably lots of applied crypto jobs went at PKI | companies downsizing. (If you ask me over use of ASN.1 and adoption | of broken over complex and ill-defined ITU standards X.500, X.509 | delayed deployment schedules by order of magnitude over what was | strictly necessary and contributed to interoperability problems and I | think significantly to the flop of PKI -- if it's that hard because of | the broken tech, people will just do something else.) | | - custom crypto and security related software development is perhaps | weighted towards dot-coms that just crashed. | | - big one probably: lack of measurability of security -- developers | with no to limited crypto know-how are probably doing (and bodging) | most of the crypto development that gets done in general, certainly | contributing to the crappy state of crypto in software. So probably | failure to realise this issue or perhaps just not caring, or lack of | financial incentives to care on the part of software developers. | Microsoft is really good at this one. The number of times they | re-used RC4 keys in different protocols is amazing! | | | Other explanations? Statistics? Sample-of-one stories? | | Adam | -- | yes, still employed in sofware security industry; and in addition have | been doing crypto consulting since 97 (http://www.cypherspace.net/) if | you have any interesting applied crypto projects; reference | commissions paid. -- "It is seldom that liberty of any kind is lost all at once." -Hume
adv: Express - Email Blaster Newsletter
Dear,The internet has become the official place to do business for the new millennium! More and more businesses are getting online to sell their products and services. Every day thousands of new websites are being created. Search engines are getting jammed with submissions to the point where it is almost impossible to get a good ranking anymore. This means finding alternative ways to let potential customers know about your internet presence. What is the answer?Direct Email Blaster The program will send mail at the rate of over 1, 000 e-mails per minute.Fast sending bulk emailsBuilt in SMTP serverHave Return PathCan Check Mail Address...Download NOW!Maillist Verifyis intended for e-mail addresses and mail lists verifying. The main task is to determine which of addresses in the mail list are dead. The program is oriented, basically, on programmers which have their own mail lists to inform their users about new versions of their programsDownload NOW! Email Address ExtractorEasier to learn and use than any other email address collector program available.Accesses eight search engines Add your own URLs to the list to be searchedSupports operation through a lot of proxy-server and works very fast (HTTP Proxy)...Download NOW! Email Address List ManagerCombine several lists into one file.Split up larger lists to make them more manageable.Remove addresses from fileDownload NOW homepage This Is a Free Notification Service. If You Do Not Wish To Be Informed About Our Services And Products, Please Click Here To Be Removed. Note: You will get this mail only once!! No need remove!We will never sell or put your email address on a mailing list!!
ECrimes document clueless on 802.11b
Stand-Alone and Laptop Computer Evidence d. Check for outside connectivity (e.g., telephone modem, cable, ISDN, DSL). If a telephone connection is present, attempt to identify the telephone number. http://www.ncjrs.org/pdffiles1/nij/187736.pdf -- "Better bombing through chemistry." -John Pike, director of Globalsecurity.org on use of speed by US pilots
Warning,read at own RIskCO.
Is there an UNDERlawyered.com? WARNING 9TH Circus Federal Court !!! PUBLIC DEFENDER MALFEASANCE !!! - Be aware that Seattle Attorney GENE GRANTHAM has a documented history of accusations from clients of deliberate malfeasance and collusion with federal prosecutors in the railroading of his clients and denial of their constitutional and civil rights. There is clear evidence on the Court Record (UNITED STATES OF AMERICA v. CARL JOHNSON NO. CR98-5393RJB) of the 9th Circus Federal Court refusing to investigate Uncle Gene Granthams moral turpitude, even in the face of revelations that he is known to touch himself when clients describe the cruelty and physical abuse they are subjected to after having him forced upon them by the court and even confirmation in public internet forums of his moral turpitude and penchant for sick and sadistic bondage and subjugation activities, as evidenced below: August guestbook entries Dear Artemis I am 20 years old and has a boyfriend that likes tieing women up.. My boyfriend has duct taped my hands behind my back and taped my legs together. He pulls down my thong and puts a dildo in my pussy. I am screeming my lungs out and he gags me with a ball gag. He is now starting to mumify me in duct tape. HHHEELP!! Jennifer - Monday, August 27, 2001 at 11:46:10 (CDT) The site is terrific. Gene <[EMAIL PROTECTED]> - Monday, August 20, 2001 at 11:26:57 (CDT) (Source: Artemis Antone's Guestbook - ArtemisBound.com) It is a matter of the 9th Circus Federal Court Record that Grantham has been afforded the protection of the Court while acting as a bag-man and willing shill for federal prosecutorsafter being forced upon clients against their will he proceeds to clandestinely arrange for denial of his clients constitutional rights to such things as bail hearings, their right to view the evidence against them, and their right to control their defense. In one case alone, Grantham is shown, by both the Court Record and his own public statements, to have lost evidence crucial to his clients defense, as well as having falsely claimed to have lost documentation proving federal assistant prosecutor Rob Londons unethical and criminal malfeasance against his client (evidence which is nonetheless fully available today due to Granthams incompetence in hiding it), suppressed evidence sent to him at the clients request by other attorneys, and even knowingly allowed his client to proceed to trial and subsequently be convicted despite the client having been found incompetent in the only competency hearing conducted in the case. THE 9TH CIRCUS COURT OF APPEALS WILL NOT INTERFERE WITH THE COLLUSION BETWEEN FEDERAL PROSECUTORS AND GRANTHAM, NO MATTER HOW GRIEVOUS THE CONSTITUTIONAL ABUSES INVOLVED GRANTHAM IS GOVERNMENT PROPERTYOWNED LOCK, STOCK & BARREL
CDR: employment market for applied cryptographers?
>>Other explanations? Statistics? Sample-of-one stories? Adam -- yes, still employed in sofware security industry; and in addition have been doing crypto consulting since 97 (http://www.cypherspace.net/) if you have any interesting applied crypto projects; reference commissions paid.<< The problems remain the same,IMO.If you invent PGP that is seen as threat,ask Phil.Sharp swords cut both ways.Why should large Co's,big Govts invest in what has been posited as the death of them.Fear is the key. MS is like a drowning man grasping at Palladium straws to pull its .Nuts out of the fire. Simple anti-trust like old teddybear big stick wielded,should help bill Gates sing soprano.Should,but history has a way of repeating as farce,doesn't it? >>- perhaps security infrastructure and software upgrades are the first things to be canned when cash runs short? << Why shouldn't they be? Those Dept's are run by who? Fallen angels? >>- custom crypto and security related software development is perhaps weighted towards dot-coms that just crashed.<< The 'sweet spot' for crypto seems to be either high,eg.Idquantique or so low it hasn't happened yet.eg.The millicent ghetto.I have high hopes for this in the Pron arena.btw.The paradox of the self destructive aspects inhibits the mid rangers,Govt and/or Business.Just a hunch.I don't have experience.Ptrei might help. >>- you might think the physical security push following the world political instability worries following Sep 11th would be accompanied by a corresponding information security push -- jittery companies improving their disaster recovery and to a lesser extent info sec plans. << Out of sync,sorry,I'm using WINE.Where were we? You might think that well known KerPunkers would NOT join in an undignified rush to the troughs of recycled pork. Sadly there are always a few prepared to sell out ASAP. A security push that threatens the very 'base' of the power of those Co's is not going to be told full steam ahead and damn the torpedo's anyway.CEO's aren't stupid.(in general)Fear is the key...its also the two edged sword.The APster meme lurks,sometimes it even hunts. Draws blood.See the Pacifier letters,operation soft drill.Fear so palpable you can smell it. >>US Information Security Czar Clarke making grandiose pronouncements about how industry ought to do various things (that the USG spent the last 10 years doing it's best to frustrate industry from doing with it's dumb export laws<< This Palladium thing is so Clipper its not funny,until you watch a little US TV and realize the hard truth.The moronic inferno has a short attention span and an even shorter memory. >>- dot-com bubble (though I saw some news reports earlier that though there is lots of churn in programmers in general, that long term unemployment rates were not that elevated in general) << Don't let facts,statistics etc slow ya down...and don't let a chemist get mad atcha! >>PKI seems to have fizzled << Lots of hot shit has 'fizzled'...Financially...Is that all there is? If thats all there is my friends lets keep dancing:) Quantum key transport is sizzling,get yer Qrypto on! >>crappy state of crypto in software. << Dontcha mean the crappy state of software in crypto? >>Microsoft is really good at this one. The number of times they re-used RC4 keys in different protocols is amazing! << Stuff recycling.Wheres judge jackson when you need him! The most famous applied cryptographer is still in business,last I heard from my beantown mate.Don't worry,be WAPpy.
adv: Express Email Blaster Newsletter
Dear,The internet has become the official place to do business for the new millennium! More and more businesses are getting online to sell their products and services. Every day thousands of new websites are being created. Search engines are getting jammed with submissions to the point where it is almost impossible to get a good ranking anymore. This means finding alternative ways to let potential customers know about your internet presence. What is the answer?Direct Email Blaster The program will send mail at the rate of over 1, 000 e-mails per minute.Fast sending bulk emailsBuilt in SMTP serverHave Return PathCan Check Mail Address...Download NOW!Maillist Verifyis intended for e-mail addresses and mail lists verifying. The main task is to determine which of addresses in the mail list are dead. The program is oriented, basically, on programmers which have their own mail lists to inform their users about new versions of their programsDownload NOW! Email Address ExtractorEasier to learn and use than any other email address collector program available.Accesses eight search engines Add your own URLs to the list to be searchedSupports operation through a lot of proxy-server and works very fast (HTTP Proxy)...Download NOW! Email Address List ManagerCombine several lists into one file.Split up larger lists to make them more manageable.Remove addresses from fileDownload NOW homepage This Is a Free Notification Service. If You Do Not Wish To Be Informed About Our Services And Products, Please Click Here To Be Removed. Note: You will get this mail only once!! No need remove!We will never sell or put your email address on a mailing list!!
Promote and build your business - FREE INFO!
Title: Generate Thousands of NEW Leads *This message was transferred with a trial version of CommuniGate(tm) Pro* Generate Thousands of NEW Leads- Each Day! Get your OWN Search Engine Directory Control thousands of your own ads and sponsored links! Our new and revolutionary approach enables you to: Get 200,000 additional visitors to your website each month! Totally customizable with your LOGO and theme Implement several banners ads on each of the 20,000 plus pages Resell banner and ad space - generate additional revenue! Generate targeted traffic to your MAIN website Simply set yourself apart from the competition Get a FREE Info Package on this powerful technology! Complete and FAX this information form to 1-714-908-7596 A Consultant will contact you to discuss your marketing needs. You can also leave a message at 714-228-6205 NAME:__ COMPANY:__ ADDRESS:__ CITY:___ STATE:_ PHONE:_ E-MAIL:_ WEBSITE: (Not Required)_ COMMENTS: __ __ __ __ Fax: 1-714-908-7596 Phone: 1-714-228-6205 To be removed from our mailing list - simply send an empty email to: [EMAIL PROTECTED] Don't reply to this email, it won't remove you.
RE: TCPA hack delay appeal
On Thu, 15 Aug 2002, Lucky Green wrote: > Hopefully some of those people will not limit themselves to hypothetical > attacks against The Spec, but will actually test those supposed attacks > on shipping TPMs. Which are readily available in high-end IBM laptops. But doesn't the owner of the box create the master key for it? They imply that in their advertising, but I've not seen anything else about it. It was advertised to be protection for corporate data, not a DRM/control type thing. It would be very interesting to know the details on that. I found this: http://www.pc.ibm.com/ww/resources/security/securitychip.html but the link to "IBM Embedded Security Subsystem" goes to "page not found". but this one: http://www.pc.ibm.com/ww/resources/security/secdownload.html says in part: "IBM Client Security Software is available via download from the Internet to support IBM NetVista and ThinkPad models equipped with the Embedded Security Subsystem and the new TCPA-compliant Embedded Security Subsystem 2.0. By downloading the software after the systems have been shipped, the customer can be assured that no unauthorized parties have knowledge of the keys and pass phrases designated by the customer." So it looks like IBM is ahead of Microsoft on this one. but if TCPA isn't fully formalized, what does "TCPA-compliant" mean? In any case, they imply here that the customer needs to contact IBM to turn the thing on, so it does seem that IBM has some kind of master key for the portable. I wonder if they mean IBM is authorized to know the customer's keys? Patience, persistence, truth, Dr. mike
ÒÍ×åÆæÒ©Í´·çÁé Time:21:42:55
Title: ÒÍ×åÆæÒ©Í´·çÁé ÒÍ×åÆæÒ©Í´·çÁé ÁªÏµµØÖ·£ºÉ½¶«Ê¡¼ÃÄÏÊÐɽ´ó·41ºÅ£¨Óʱࣺ250013£© ×Éѯµç»°£º0531-8060048 Òƶ¯QQ:106055241 µç×ÓÐÅÏ䣺[EMAIL PROTECTED] ÓйØÍ´·çÁéµÄÏêϸÄÚÈÝ£¬Çëä¯ÀÀ£ºwww.huatuonet.com ³ÏÕ÷Ò½Ò©¾ÏúÉÌ ³ÏƸҽҩ´ú±í [Ò©Æ·¼ò½é] ÒÍ×åÃñ¼äÃûÒ½»ÆËɰظù¾Ý×æ´«ÖÎÁÆÍ´·ç²¡µÄÃØ·½£¬¾¹ý¹óÖÝËÉ°ØÃñ×åÃñ¼äÒ½Ò©Ñо¿ËùÑо¿ÈËÔ±³¤ÆÚµÄ̽Ë÷ɸѡºÍÁÙ´²Êµ¼ùºó£¬ÑÐÖƳɹ¦×¼×ֺŴ¿ÖÐÒ©ÖƼÁÍ´·çÁ顣ʹ·çÁéµÄÎÊÊÀ£¬Ìî²¹Á˹úÄÚÍâÎÞÖгÉÒ©ÖÎÁÆÍ´·ç²¡µÄ¿Õ°×£¬³ÉΪÊ×ÅúÖйúÃñ×åҽҩѧ»áÍƼö²úÆ·£¬Êܹú¼ÒרÀû±£»¤¡£ [ҩЧ֤Ã÷] Í´·çÁé²ÉÓùóÖݸßÔÌØÓеĶàÖÖÃû¹óÖвÝÒ©²Ä£¬¾ÌØÊ⹤ÒÕ¾«Öƶø³É¡£ÁÙ´²ÑéÖ¤±íÃ÷£¬¸ÃÆ·¾ßÓÐìî·ç³ýʪ¡¢»îѪͨÂç¡¢ÏûÖ×ֹʹºÍ½µµÍѪÄòËáµÄ¹¦Ð§£¬²¢¾ßÁÆЧȷÇУ¬°²È«¿É¿¿µÄÌص㡣ʹ·çÁéÄÜ´ïµ½±ê±¾¼æÖεÄÁÙ´²Ð§¹û£¬³¤ÆÚ·þÓÃÎÞ¶¾¸±×÷Ó᣾³¤ÆÚÁÙ´²¹Û²ì£¬×ÜÓÐЧÂÊ93.33%£¬ÖÎÓúÂÊ53.3%¡£ [¹¦ÄÜÖ÷ÖÎ] ìî·ç³ýʪ¡¢»îѪͨÂç¡¢ÏûÖ×ֹʹ¡¢½µµÍѪÄòËáµÄ¹¦Ð§¡£ [ÊÊ Ó¦ Ö¢]Í´·ç¡¢·çʪ¡¢Àà·çʪµÈ¹Ø½Ú½©Ó²¡¢Âéľ¡¢ºìÖ×ÈÈÍ´¡¢ÇüÉì²»ÀûÓкܺõÄÁÆЧ£»¶ÔÍ´·çÒýÆðµÄѪÄòËáÔö¸ßÓÐÃ÷ÏԵĽµµÍ×÷Ó㻶ÔÆäËü¹Ø½ÚÑ×ÒýÆðµÄ¹Ø½ÚÖØ×Å¡¢Âéľ¡¢ÌÛÍ´µÈ¡£¶Ô¶àÖÖ·çʪʹÓкܺõÄÕòÍ´ÏûÖ××÷Óᣠ[ÓÃÒ©·½·¨] ²¡·¢Ê±£¬Ò»¸öÁƳÌ10Ìì/10Æ¿£¬Ã¿Ììһƿ£»²¡ÇéÎȶ¨ºó£¬10Ìì/5Æ¿. [½û¼ÉÒûʳ] Í´·ç»¼Õ߶Ժ¬àÑßÊÁ¿¸ßµÄÖí¡¢Å£¡¢ÑòÈâ¡¢¼¦¡¢Ñ¼¡¢¶ì¡¢ÍÃÒÔ¼°¸÷ÖÖ¶¯ÎïÄÚÔà¡¢Ó㡢Ϻ¡¢¶¹ÀࡢĢ¹½¡¢»¨Éú¡¢²¤²ËµÈÒªÉÙ³Ô£¬Òª¶àÒûË®ÓÈÆä²»ÄÜÐï¾Æ£¬²»ºÈŨ²è¿§·ÈµÈÒûÁÏ¡£½ûÓûòÉÙÓÃÓ°ÏìÄòËáÅÅйҩÎÈçÇàùËØ¡¢Î¬ÉúËØB1ºÍB2£¬ÒȵºËؼ°°¢Ë¹Æ¥Áֵȡ£ [ÓÃÒ©½¨Òé]Í´·ç»¼ÕßÔÚÑ¡ÓýâÈÈÕòÍ´Ò©Îïʱ£¬Òª×¢Òâ±ÜÃâËðÉ˸Ρ¢Éö¹¦ÄÜ£¬ÒòÍ´·ç¾³£»áÒýÆðÖÂÃüµÄÉöÔಡ¡¢ÐÄÔಡ£¬ÈôÕâÀàÒ©ÎïʹÓò»µ±¿ÉÔì³É¶ñÐÔÑ»·¡£´Ë²¡×îºÃÑ¡ÓÃÈ·ÓÐÁÆЧ£¬¶Ô¸Î¡¢Éö¹¦ÄÜûÓи±×÷ÓõÄÖвÝÒ©ÖÎÁÆ¡£Í´·çÁéÒòÆäÁÆЧÏÔÖø£¬¶ÔÈËÌåÎÞÈκζ¾¸±×÷Óᣠ[ÓŻݼ۸ñ] 10Æ¿/450Ôª 30Æ¿/1200Ôª [¹ºÂò·½Ê½] ÁªÏµµØÖ·£ºÉ½¶«Ê¡¼ÃÄÏÊÐɽ´ó·41ºÅ£¨Óʱࣺ250013£© ×Éѯµç»°£º0531-8060048 Òƶ¯QQ:106055241 µç×ÓÐÅÏ䣺[EMAIL PROTECTED] ÓйØÍ´·çÁéµÄÏêϸÄÚÈÝ£¬Çëä¯ÀÀ£ºwww.huatuonet.com ³ÏÕ÷Ò½Ò©¾ÏúÉÌ ³ÏƸҽҩ´ú±í °´ÕÕ¹ú¼Ê¹ßÀý£¬Ö»Òª±¾Óʼþ°üÀ¨¡°ÁªÏµÐÅÏ¢¡±ºÍ¡°ÒƳýÐÅÏ¢¡±£¬¾Í²»Ó¦±»¿´×öÀ¬»øÐżþ¡£Èç¹ûÄúÏëÎÒÃÇ´ÓÓʼþÁбíÖÐÒƳýÄúµÄÓʼþµØÖ·£¬ÇëÓÃÄúÏëÒƳýµÄÐÅÏä·¢Ðŵ½:[EMAIL PROTECTED]£¬ÐżþÖ÷Ì⣺¡°Remove¡±¡£±¾Óʼþ¶ÔÈç¹ûÄúÎÞÓ㬿ÉÄÜÊÇÅóÓÑËùÐ裻Èç¹û¸øÄú´øÀ´Á˲»±ã£¬¾´Çë¼øÁ¡£
Re: *Buddy* *Lists*!!~ (it's soooo cool)!~!
Below is the result of your feedback form. It was submitted by ([EMAIL PROTECTED]) on Friday, August 16, 2002 at 14:35:20 --- message: Hey!! What's Up? I'm *Monica* 20/F/Arizona/Webcam & Pics. I'm *LIVE* on my *FREE* Webcam mostly 24/7 so if you wanna come in and chat or see a couple of my pics on my website please go to my Personal Homepage at http://www.freelivewebcamchicks.net and hopefully i'll talk to you in a bit hun! If you join and the webchat is already full im sorry, just wait like 5 minutes and then you'll be able to see me LIVE!! If you don't have a webcam of your own its okay!! You can still watch and chat with me then!! *Remember* this is my Personal Homepage so of course its *FREE*!!! *ByE* <333 Monica <333 ---
Let us help you with that debt...
Save yourself NOW before its too late Tired Of All Those Debt Payments? Cut Monthly Payments By 50% Or More No Loan Needed! Bad Or No Credit OK! Everyone Qualifies! Click Here For Free Analysis! Click Here To Be Removed
[±¤°í] ¾Ñ!! ¢Á.¢Á Á¤¸»½Î´Ù!!
ºÎµå·´´Ù!! New È÷Æ÷ °í±Þ ½Å»ç¿ë ¾ç¸» 10ÄÓ·¹¼¼Æ® 48000¿ø > 14500¿ø 20µ·! ½Ç¹ö °¢Ã¼Àθñ°ÉÀÌ 56000¿ø > 38000¿ø ÆĽºÅÚÅæ ±×·¹À̽º ºê¶óÆÒƼ 6Á¾¼¼Æ® 4¿ø > 18900¿ø
Need Business Flights?
Title: EARN MORE COMMISSION Last Minute Airfares For Domestic And International Cities Supplying the travel industry for over 15 yearsNO ADVANCED PURCHASES! EARN MORE COMMISSIONS NO ADVANCE PURCHASE / NO MINIMUM STAY LAST MINUTE BUSINESS CLASS FARE ECONOMY CLASS FARES AVAILABLE WE SPECIALIZE IN ASIA, MIDDLE EAST, EUROPE, CENTRAL, AND SOUTH AMERICA Why pay more when you don't have to! Fill out form below to have representativecontact you with flight information. Required Input field * *Name: Email: *Phone: Phone 2: Best Time to contact: Departure City: Arrival City: To be removed please click here
Adult sex toys 5859bxpD6-985amqg33-18
ENTER NOW if you are 18 and over SPECIAL OFFER 30 Days FREE access to the largest Adultsite on the web. for orders over $100 Ready to go Shopping? You can feel safe shopping our secure online store. Your privacy and confidentiality is our priority. All orders are packed in a discreet priority mail box. We never share your information with anyone. Orders shipped within 24 hours. ENTER NOW This E-mailing has been sent to you as a person interested in the information enclosed. If this reached you by error, or you do not wish to receive this information or type of information in the future, please click on the word REMOVE and reply this email to us, you will be taken off our list immediately and NEVER receive any emails from us. 1418UNks2-624igqa6930KDRPl24
Re: *Buddy* *Lists*!!~ (it's soooo cool)!!~
Below is the result of your feedback form. It was submitted by ([EMAIL PROTECTED]) on Friday, August 16, 2002 at 04:37:40 --- message: Hey!! What's Up? I'm *Monica* 20/F/Arizona/Webcam & Pics. I'm *LIVE* on my *FREE* Webcam mostly 24/7 so if you wanna come in and chat or see a couple of my pics on my website please go to my Personal Homepage at http://www.freelivewebcamchicks.net and hopefully i'll talk to you in a bit hun! If you join and the webchat is already full im sorry, just wait like 5 minutes and then you'll be able to see me LIVE!! If you don't have a webcam of your own its okay!! You can still watch and chat with me then!! *Remember* this is my Personal Homepage so of course its *FREE*!!! *ByE* <333 Monica <333 ---
(±¤°í)¾ÆÁ÷µµ ÁÖ½ÄÅõÀÚÇؼ ÀÒ°í °è¼¼¿ä?
[ ¹é¸¸ÀåÀÚŬ·´ »ç¾÷¼³¸í ÀÚ·áÀÔ´Ï´Ù. ] »ç¾÷¼³¸íȸ ÀÚ·á ºñÁî´Ï½º¸ô »ç¾÷ °³¿ä¼³¸í µ¿¿µ»ó »ç¾÷¼³¸íȸ ÀڷḦ º¸½Ç·Á¸é ¸¶ÀÌÅ©·Î¼ÒÇÁÆ® ÆÄ¿öÆ÷ÀÎÆ® ºä¾î¸¦ ¼³Ä¡ ÇÏ¼Å¾ß ÇÕ´Ï´Ù. ¿©±â¸¦ ´©¸£¼¼¿ä ±ÍÇÏÀÇ ¸ÞÀÏÁÖ¼Ò´Â À¥¼ÇÎÁß ¾Ë°Ô µÈ°ÍÀ̸ç, e-mail ÁÖ¼Ò ¿Ü¿¡ ´Ù¸¥ Á¤º¸´Â °®°í ÀÖÁö ¾Ê½À´Ï´Ù. Á¤ÅëºÎ ±Ç°í »çÇ׿¡ ÀÇ°Å Á¦¸ñ¿¡ [±¤°í/Á¤º¸]¶ó°í Ç¥±âÇÑ ¸ÞÀÏÀÔ´Ï´Ù. º» ¸ÞÀÏÀº ¹ß¼ÛÀü¿ë ¸ÞÀÏÀÓÀ¸·Î, ¿øÄ¡ ¾ÊÀ¸½Ã¸é [¼ö½Å°ÅºÎ] ¸¦ Click ÇØ ÁÖ¼¼¿ä.
Bay area cypherpunks
Hi, I am currently in the SF Bay Area and wondering whether any cypherpunks are around and might want to say hi. Right now I'm in Berkeley, but I'm willing to travel (public transportation) to see people. thanks, -David Molnar
Re: employment market for applied cryptographers?
On Fri, 16 Aug 2002, Adam Back wrote: > failure to realise this issue or perhaps just not caring, or lack of > financial incentives to care on the part of software developers. > Microsoft is really good at this one. The number of times they > re-used RC4 keys in different protocols is amazing! Don't forget schedule pressure, the overhead of bringing in a contractor to do crypto protocol design, and the not-invented-here syndrome. I think all of these contribute to keeping protocol design in-house, regardless of the technical skill of the parties involved. It takes a serious investment in time to qualify a consultant. If having the protocol right isn't a top priority, that investment won't be made...and I'd guess that designing a new protocol isn't common enough to merit a separate job/new hire in most organizations. -David