deep messages from voteauction.de

[anonymous]

Whether or not one likes it, the net is NOT a commercial playground a
priori.
It is an open space for ANY communication needs between any people.
If you think it is hard to know for sure if our site was a game or 
a
business, well, then thats a good lesson you have learned.

govt aerial photo privacy

[anonymous]

Countys Aerial Photos Not for Public Sale 
 Supervisors bow to residents 
concerns that the high-detail pictures
   would invade their privacy. 

   By DAVID REYES, Times Staff Writer


Bowing to privacy concerns, 
county supervisors backpedaled Tuesday
   by agreeing not to let the public 
buy the high-detail, digital photographs
   that will be taken during an aerial 
photo shoot of the entire county. 
County officials had 
considered selling the photos--a block-by-block
   sweep of the county--on the 
Internet to help defray the cost of the photo
   missions. 
"I think residents can rest 
assured that there wont be any pictures, any
   Big Brother efforts in the county," 
said Supervisor Tom Wilson, before all
   five supervisors voted to approve a 
$184,000 contract to Pictometry LLC,
   a New York-based corporation. 
Originally, the company won 
approval to fly over Orange County and
   take 60,000 photographs from an 
airplane flying at an altitude of 4,000
   feet. The images would be stored in 
a county database and sold to cities
   and governmental agencies, 
including police and fire departments. 
To recoup its costs, the 
county was going to make photographs
   available for sale on the countys 
Web site for $15 to $25. 
Instead, supervisors were 
forced to reevaluate their decision after
   receiving hundreds of complaints by 
residents, upset that their privacy
   would be invaded or that the photos 
would tumble into the hands of
   criminals. 
As a result, supervisors 
modified Pictometrys contract so it would not
   include selling photographs to the 
public. 
The idea of having "Big 
Brother" peer into her backyard with a camera
   frightened Helen Pegausch of Santa 
Ana. She felt strongly enough that she
   missed work Tuesday to talk with 
supervisors. 
"I tell you having the county 
take photographs and then handing them
   over to cities so they can check 
for violations really bothers me,"
   Pegausch said. "We are paying more 
and more in taxes and voting out more
   and more of our rights." 
Pastor Wiley Drake, an 
outspoken cleric on property rights issues,
   urged the supervisors to reconsider 
whether the county needed the project. 
"Is there a legitimate need 
for this type of photography?" Drake asked,
   as he sought anyone on the board 
with enough "intestinal fortitude" to move
   to postpone the proposal until his 
questions can be answered. 
What makes Pictometry 
different from scores of other aerial products is
   that, rather than being taken from 
directly overhead, pictures are taken at an
   angle that--once combined with the 
companys software--allows users to
   zoom in on neighborhoods and 
measure the height, width and length of any
   feature in an image, including 
gullies, buildings, trees, poles and roads. 
It makes the produc

Coping With Filtering Law

[anonymous]

Librarians Running Into Trouble Monitoring Net Use 

The Associated Press
B E R K L E Y, Mich., Nov. 6 Ñ Librarians trained in opening doors to knowledge must 
find ways to slam some of those doors shut, agitating many who donÕt appreciate laws 
requiring them to censor Internet use.
 ÒLibrarians are in the business of giving people information, not preventing them 
from getting it,Ó said Carol Windorf, Royal OakÕs library director. ÒItÕs an 
uncomfortable position and it makes it tougher for us to do our job.Ó
 A state law approved last spring requires public libraries that offer Internet 
access to keep children from inappropriate sites by installing filters, monitoring 
behavior or requiring parents to be present.

Not Alone 
Minnesota, Arizona, Utah and Colorado have laws similar to MichiganÕs and at least 19 
other states are considering legislative action. More than 75 libraries nationwide 
placed filters on computers last year, bringing the total to about 1,000.
 The American Library Association has raised First Amendment concerns with the 
laws. But most of MichiganÕs libraries are complying, with filters on at least some of 
their computers, said Stephen Kershner, executive director of the Michigan Library 
Association.
 Some librarians have decided not to use filters Ñ calling the software unreliable 
and an inconvenience to everyone.
 ÒThe filters can block computer users from obtaining completely acceptable 
information theyÕre looking for on the Internet,Ó Oxford Library Director Judith 
Doublestein told The Detroit News for a Sunday story.
 Doublestein said some computer users were denied football statistics from Super 
Bowl XXX because a filter confused the Roman numerals with a triple-X-rated 
pornographic Web site.
 Moreover, Doublestein said, children are so adept at computer use that they can 
often easily get around the filters to look at questionable sites.

Surrogate Parents? 
The American Library Association said it sees little merit in filters and believes 
libraries are more comfortable forming their own Internet policies. Some librarians 
said the law forces them to act as parents.
 ÒIdeally, each person should be able to search the Internet on their own,Ó 
Windorf said. ÒIn the case of children, we feel parents are the best guide.Ó
 In Berkley, where filters arenÕt in use, itÕs up to staff members and library 
visitors to decide what is objectionable.
 In Birmingham, which has only one filtered computer, a patron was arrested during 
the summer after he ignored repeated warnings and downloaded photos from pornographic 
sites.
 In Livonia, computers in the adult area donÕt have filters and are equipped with 
privacy screens. Parents must accompany minors under 18 who wish to use them. 
Unaccompanied children must use computers with filters near the childrenÕs area.
 ÒI guess the filters are getting better, but we had a case where a patron was 
unable to research ÒMars ExplorerÓ because the ÔsÕ in Mars and the ÔexÕ in explorer 
triggered to the word sex,Ó said Livonia Library Director Barbara Lewis. 

Tips for the Home 
Some tips for parents and children on Internet use:
  DonÕt give out personal information such as addresses, phone numbers or school 
names and location without parental permission.
  Tell parents right away about any information or message that causes discomfort.
  Never agree to get together with an online contact without checking with parents.
  Never send a personal photo to a person without parental knowledge.
  Decide with parents on the length of time that can be spent online and 
appropriate sites to visit.
  Install software filters on home computers to block inappropriate sites, 
although they canÕt bar access to everything parents might not want children to see 
and may block information that is helpful.
  Place computers in the kitchen, family room, or living room so an adult can see 
the child using it.
  DonÕt let young children surf the Web alone.
 Ñ The Associated Press 

Copyright 2000 The Associated Press. All rights reserved. This material may not be 
published, broadcast, rewritten or redistributed. [ :-) ]

Anthropologists as Spies

[anonymous]

http://www.thenation.com/docPrint.mhtml?i=20001120&s=price 

by DAVID PRICE

On December 20, 1919, under the heading "Scientists as Spies," The Nation published a 
letter by Franz Boas, the father of academic anthropology in America. Boas charged 
that four American anthropologists, whom he did not name, had abused their 
professional research positions by conducting espionage in Central America during the 
First World War. Boas strongly condemned their actions, writing that they had 
"prostituted science by using it as a cover for their activities as spies." 
Anthropologists spying for their country severely betrayed their science and damaged 
the credibility of all anthropological research, Boas wrote; a scientist who uses his 
research as a cover for political spying forfeits the right to be classified as a 
scientist.

The most significant reaction to this letter occurred ten days later at the annual 
meeting of the American Anthropological Association (AAA), when the association's 
governing council voted to censure Boas, effectively removing him from the council and 
pressuring him to resign from the national research council. Three out of four of the 
accused spies (their names, we now know, were Samuel Lothrop, Sylvanus Morley and 
Herbert Spinden) voted for censure; the fourth (John Mason) did not. Later Mason wrote 
Boas an apologetic letter explaining that he'd spied out of a sense of patriotic duty.

A variety of extraneous factors contributed to Boas's censure (chief among these being 
institutional rivalries, personal differences and possibly anti-Semitism). The AAA's 
governing council was concerned less about the accuracy of his charges than about the 
possibility that publicizing them might endanger the ability of others to undertake 
fieldwork. It accused him of "abuse" of his professional position for political ends.

In 1919 American anthropology avoided facing the ethical questions Boas raised about 
anthropologists' using their work as a cover for spying. And it has refused to face 
them ever since. The AAA's current code of ethics contains no specific prohibitions 
concerning espionage or secretive research. Some of the same anthropologists who spied 
during World War I did so in the next war. During the early cold war Ruth Benedict and 
lesser-known colleagues worked for the RAND corporation and the Office of Naval 
Research. In the Vietnam War, anthropologists worked on projects with strategic 
military applications.

Until recently there was little investigation of either the veracity of Boas's 
accusation in 1919 or the ethical strength of his complaint. But FBI documents 
released to me under the Freedom of Information Act shed new light on both of these 
issues.

The FBI produced 280 pages of documents pertaining to one of the individuals Boas 
accused--the Harvard archeologist Samuel Lothrop. Lothrop's FBI file establishes that 
during World War I he indeed spied for Naval Intelligence, performing "highly 
commendable" work in the Caribbean until "his identity as an Agent of Naval 
Intelligence became known." What is more, World War II saw him back in harness, 
serving in the Special Intelligence Service (SIS), which J. Edgar Hoover created 
within the FBI to undertake and coordinate all intelligence activity in Central and 
South America. During the war the SIS stationed approximately 350 agents throughout 
South America, where they collected intelligence, subverted Axis networks and at times 
assisted in the interruption of the flow of raw materials from Axis sources. Lothrop 
was stationed in Lima, Peru, where he monitored imports, exports and political 
developments. To maintain his cover he pretended to undertake archeological 
investigation!
!
!
!
s.


Lothrop was referring to the Rockefeller Foundation, which financed twenty 
archeologists who were excavating in Peru, Chile, Colombia, Mexico, Venezuela and 
Central America. He also used his ties to a variety of academic and research 
institutions--including Harvard, the Peabody Museum, the Institute of Andean Research 
and the Carnegie Institute--as cover in Peru. Archeologist Gordon Willey, who worked 
on an Institute of Andean Research Project in Peru and had some contact with Lothrop 
at this time, recalled that "it was sort of widely known on the loose grapevine that 
Sam was carrying on some kind of espionage work, much of which seemed to be keeping 
his eye on German patrons of the Hotel Bolivar Bar."

In fact, Lothrop was considered a valuable agent who collected important information 
on Peruvian politics and leading public figures of a nature usually difficult to 
secure. An FBI evaluation reported that headquarters "occasionally receive[s] 
information of sufficient importance from Mr. Lothrop to transmit to the President." 
Lothrop's principal source was an assistant to the Peruvian minister of government and 
police. In the spring of 1944 this informant resigned his governmental position and 
began "working

Other fables of olde.

[anonymous]

---
|From: [EMAIL PROTECTED]
|To: [EMAIL PROTECTED]
|Subject: Alternative Journalism
|Date: Thu, 18 Jul 1996 16:04:05 -0700 (PDT)

   THE CYPHERPUNK ENQUIRER PRESENTS:

 "Adventures in Alternative Journalism"

  The Analysis Piece

Alice stared at the two strange creatures.  She was completely
dumbfounded.

"So let me see if I've got this right.  You make really good wheels.  But
if the Queen of Hearts had wheels, her subjects who occasionally raid your
borders would be able to get away faster, and you wouldn't catch as many
of them.  Is that right, Tweedledumb?"

"I'm Tweedledumber.  He's Tweedledumb.  Yes, that's right.  We have a
technological lead over the Cards, and we have to maintain it."

"So you won't sell them wheels?"

"Well, it's more complex than that.  A large part of our population is
engaged in making wheels, and we make a lot of money selling them to the
Cards.  So we made a compromise.  We only sell them SQUARE wheels."

"But of course," Tweedledumb chimed in, "it's very expensive to make both
square and round wheels.  So most of our people only make square wheels,
so they can sell them to both us and the Cards.  Of course, our people are
allowed to buy round wheels, IF they can find them."

"AND," stated Tweedledumber, "since the wheel is patented here, we get to
collect a hefty licensing fee for every wheel sold."

"But the Cards DO have wheels!"  Alice could see over the fence, and the
Cards were happily zipping around all over the place.  "And so do a lot of
people over here.  What happened?"

"Well, we couldn't stop the Cards from building their OWN wheels ... "

"And people like buying the Card wheels because they're faster than our
wheels, and they're cheaper, because they don't have to pay us the
licensing fee ..."

"You see, we have a licensing treaty with the Cards for most things, so if
they make something we have a patent on, they have to pay us, but the
wheel can't be exported, so it can't EXIST over there, so our patents
don't apply ... "

"But I don't understand!  You said you needed to catch people, but now you
can hardly catch anyone!"  Alice was totally astounded at what she was
hearing.

"It's only a stopgap measure anyway."  Tweedledumber clasp his hands
behind his back and started pacing.  "We need to get an agreement with the
Queen of Hearts that both of our people will only use, oh, say, pentagonal
and maybe hexagonical wheels.  That way, everyone can get around faster,
but we'll still be able to catch them."

"But who's WE?"

"Anybody with a TLA on their shirt.  WE get round wheels."

"What's a TLA?"

Alice almost felt relieved when she saw the familiar grin materialize.  
The rest of the Cheshire Cat soon followed.

"A TLA, my dear, is a Three Letter Anachronism.  When people start
referring to you by your initials, you've overstayed your welcome.  If
everyone starts calling ME TCC, I'll know it's time to find another job."

The caterpillar spoke up from its perch on the toadstool.  "Wrong, tuna
breath.  TLA's are the only thing standing between society and total
chaos."

Alice turned to face the caterpillar, who responded by blowing a lungful
of hookah smoke in her face.

"THESE two goons only deal with the dangers of the Queen of Hearts and her
soldiers, I have to worry about the domestic situation.  So we came up
with a solution.  There are certain unscrupulous locals who engage in
terrible things, terrorism, drug dealing, child molestation, money
laundering ... we have to be able to catch them.  If they had wheels, they
could outrun us.  But if we had ACCESS to those wheels when we needed it
... by the way, speaking of drug dealers, we know about that mushroom, and
the pills.  You might want to think really hard about playing ball with
us, the Queen of Hearts is rather fond of cutting off dope addict's
heads."

"Access to wheels?  Does that have anything to do with those ropes hanging
off the back of those carts?"

"Yup.  We pull on that rope, the wheels fall off.  And since we may have
to stop a LOT of people at one time, we could have a riot, or another
Butthole Surfers concert, we figure that we should be able to stop about
ten percent of the population at once, a little less in the rural areas
... well, they've gotta be REALLY LONG ROPES ... and there have to be A
WHOLE LOT of them ... course, the ones with the ropes we let have
octagonal wheels ... "

"But can't just anybody pull the rope?  You'll have wheels falling off all
over the place."

"Price you have to pay for a safe society.  Besides, we have trusted third
parties holding to to the other end."

"How will you get people to use it, when they can get regular wheels from
the Cards?"

"How else?  We could pass a law.  But it's easier just to threaten all the
wheel dealers - put the rope on or we shut you down.  Spread the word that
only criminals don't use ropes - what are you afraid of?  Got something to
hide?  Eventual

Re: Zero Knowledge changes business model (press release)

[anonymous]

At 7:08 PM -0500 11/1/00, Tim May wrote:

> An ordinary little girl using Freedom, the putative target candidate for
> Freedom, say the ads, is not going to need PipeNet-style traffic
> padding!!!

A little girl wanting to sell nude digital snapshots of herself for
milk(bar) money might.  You never can tell what passes for "ordinary"
these days.

I think ZKS just needs to revamp its "little girl" ads.  That should
increase their subscri(b/v)er base.

e-jihad

[anonymous]

EXPERTS FEAR CYBERWARS SPREAD 
Tuesday,October 31,2000 


 By NILES LATHEM 


The growing electronic war between Israeli and
pro-Palestinian hackers threatens to shut down
large portions of the Internet, government and
industry, experts warned last night. 

The FBIs National Infrastructure Protection
Center, the agency that combats cybercrimes,
recently sent out an advisory warning that the
tit-for-tat attacks that have shut down and
defaced Israeli government and Hezbollah and
Hamas Web sites in the last month could "spill
over," into the United States. 

"Due to the credible threat of terrorist acts 
in the
Middle East region and the conduct of these Web
attacks, users should exercise increased
vigilance to the possibility that U.S. 
government
and private-sector Web sites may become
potential targets," the FBI advisory said. 

"In recent days, the overall threat condition 
for
U.S. military forces in the Middle East has
increased due to new credible threats of 
terrorist
acts in the region. Similarly NIPC views the
current conditions as creating the possibility 
for
related cyberattack activity against U.S. 
sites," it
said. 

The cyberwar, or "e-Jihad" as the Palestinian
side calls it, began earlier this month, when 
the
Israeli-Palestinian conflict exploded.
Sophisticated Israeli hackers defaced a 
Hezbollah
Web site that was trying to incite anti-Israel
violence among Palestinians. 

The attacks escalated when Islamic militants
based in Lebanon, London and the United States
set up special "attack Web sites," in which 
users
could send special jamming software via 
e-mail. 

The attacks shut down top Israeli government
Web sites for days. 

ATT, which helped Israeli sites get back 
online,
has become a recent target, according to recent
message traffic from the Palestinian side. 

Ben Venzke, an intelligence analyst for the
Virginia-based iDefense, a computer security 
firm
that is tracking the cyberwar, said hackers 
going
by the names Dodi, ReAList and Nir-MN are
turning to increasingly sophisticated programs
and are now threatening to unleash devastating
viruses and software. 

http://www.nypostonline.com/news/14989.htm 

IRS Tentacles grow

[anonymous]

 IRS Can Access Offshore Credit Info

   By Catherine Wilson
   AP Business Writer
   Tuesday, Oct. 31, 2000 7:38 a.m. EST

   MIAMI  In a sweeping tax-evasion probe, the IRS has
   been granted access to thousands of MasterCard and
   American Express credit card accounts held by U.S.
   taxpayers in three offshore banking havens. 

   U.S. District Judge Adalberto Jordan on Monday agreed with
   the IRS that cardholders may have violated U.S. tax laws and
   that their identities are not readily available from other
   sources. 

   The court order allows the IRS to issue summonses for
   charge, debit and credit cards issued by banks in the
   Bahamas, the Cayman Islands and the country of Antigua
   and Barbuda in 1998 and 1999. 

   Investigators want to look at such things as car, boat and
   airline ticket purchases and hotel and car rentals to learn
   whether the account holders are living beyond their reported
   means. 

   The investigation is one of the largest targeting offshore
   accounts in the history of the Internal Revenue Service. 

   MasterCard International spokeswoman Sharon Gamsin said
   in a statement that the company has "a long history of
   cooperating with governmental agencies." But she also said
   MasterCard keeps transaction records only by account
   number, with the bank keeping personal information. 

   Judy Tenzer, a spokeswoman for American Express Travel
   Related Services Co., said, "We are now speaking to the IRS
   to get a better idea of what theyre looking at." 

   Neither spokeswoman would answer questions. 

   Offshore accounts are legal for U.S. taxpayers, but they must
   file forms with the IRS about them and pay taxes on income
   earned in the United States. 

   The three nations targeted by the IRS have long been known
   as offshore tax havens and favorite spots for drug money
   launderers. 

   Promoters of offshore accounts boast that income can be
   sheltered because the U.S. government cannot penetrate
   some foreign banking secrecy laws. 

   But the IRS believed it could avoid those laws by getting
   records through the Miami headquarters of the companies
   Caribbean operations. 

   The IRS does not know how many accounts created by U.S.
   citizens and residents are involved but believes the number to
   be in the thousands. 

   Banks in the targeted islands require customers to open bank
   accounts before obtaining credit cards. So obtaining the
   names of the cardholders produces the names of the bank
   account holders as well. 

   Fifteen countries and territories have been blacklisted by a
   29-nation task force for failing to cooperate in the fight
   against money laundering. The Bahamas and Cayman Islands
   are among them, but officials in the Cayman Islands promised
   in June to end tax-haven practices within five years. 

   Daniel Mitchell, a tax expert at the conservative Heritage
   Foundation, worried that the IRSs blanket record request
   would affect financial privacy. 

   "We should not be trying to enforce a worldwide tax regime,"
   he said. "It tends to lead to cartel-like behavior, OPEC for
   politicians, for lack of a better phrase." 

http://www.washingtonpost.com/wp-srv/aponline/20001031/aponline073856_000.htm

Words to live by

[anonymous]

 "The advantage of lone wolf and small cell activity is that it is
   untraceable and is the best use of our meager resources- no
   membership dues, rental of meeting halls, driving, lodging and
   time-off for endless conventions," Curtis says in an article on
   his Web site. "All of your personal and cell resources go to
   exactly what you want them for, not to a "leader" who lives off
   you."

   And rather than terrorizing people in public, the 26-year-old
   Curtis says, racists should strive to work in secrecy.

   His site includes articles advising against answering police
   questions under any circumstances.

   "Remember, talk is cheap!" one article says. "But when it
   involves law enforcement authorities, it may cost you, or
   someone close to you, dearly. Remember the 5 words -- I
   have nothing to say. It has worked for us many, MANY
   times."

"Hate site threat to public, group says"
http://www.usatoday.com/life/cyber/tech/cti722.htm

identity theft

[anonymous]

 Bruce McKim
DOB: 2/26/69
Soc Sec. No.: 212-04-8280

Martin Benjamin (for classified)
DOB: 7/6/68
Soc. Sec. No.: 089-56-3596

Mary De Wolfe Stone
DOB: 7/7/63
Soc. Sec. No. : 047-60-6209

http://cryptome.org/usa-v-qaeda-po.htm

when the Fedz come..

[anonymous]

you are not being paranoid enough.  The FBI managed to get a search
warrant based on logs from a firewall, that showed my IP only connecting, not even 
logging in, hours after news
of the cracking had appeared on news sites.  If they can get a search warrant this 
easily, your data is not safe,
sitting on your hard drive.  For the past two months Ive been living in this dorm, I 
locked my doors, securified my
boxes, and backed up my essential things.  I never even imagined the federal 
government would just let
themselves in and take it.

excerpt from http://devrandom.net/~dilinger/
as seen on /.

infowar in palestine

[anonymous]

Israeli government, army
 Web sites crash after hostile
 hits

 JERUSALEM (AP) -- Several official Israeli Web sites crashed
 after being flooded by thousands of simultaneous hostile hits in
 a digital onslaught by Islamic groups abroad, officials said
 Thursday. 

 The cyber attack is the most intense since Israels government
 launched its Internet sites several years ago. It opens a new
 front in Israels confrontation with the Arab world. Palestinian
 rioters have been clashing with Israeli forces for almost a
 month. At a weekend summit, Islamic countries condemned
 Israel and called for cutting relations with the Jewish state. 

 Both sides are emphasizing the public relations aspect of their
 conflict. Interest in the Israeli government Web sites has
 increased noticeably since the riots began Sept. 28, officials
 said. The targeted sites provide information about the conflict
 from an official Israeli point of view. 

 The first shot in the cyberwar was apparently fired by some
 Israeli teenagers, who bragged to a local newspaper last week
 that they had succeeded in sabotaging a Web site of the
 Hezbollah guerrillas in Lebanon. 

 Return fire was not long in coming. Uri Noy, who oversees the
 Foreign Ministry Web site, said that several extremist Islamic
 web sites called on their users to attack Israeli sites, providing
 them access to computer programs that allow users to flood
 sites with huge amounts of electronic mail, jamming them. 

 First to feel the effects was the official site of the Israeli Prime
 Ministers office. After that site was restored, the Foreign
 Ministrys Web site was overwhelmed by incoming mail and
 knocked off the web. Almost two days after the attack began,
 the site had still not been restored. 

 The Israeli army repaired its information Web site, and to
 increase security, switched from a local server to one connected
 to the U.S. communications giant ATT, the military said. 

 The Web site of the Knesset, Israels parliament, was the target
 of a different king of cyber attack. Hackers broke into the site
 and tampered with its files, Knesset spokesman Giora Pordes
 said. He said the attack may have come from Saudi Arabia. 

 "You cannot be perfectly safe. Any system can be infiltrated,"
 Miki Buzaglo, an Israeli who took credit for first sabotaging the
 Hezbollah site, said on Israel TV. "There is a war of brains
 going on here." 

 An Israeli Internet service provider which hosted the three
 targeted sites scrambled to make repairs Thursday. 

 Israeli officials said no damage was done to sensitive computer
 systems used by the army and the government, since they are
 insulated from the Internet. 

 Noy denounced the attacks. "We see the sabotaging of our
 Web site as equivalent to the burning of books," he said. He
 said the bombardment of the site continued even as efforts
 were made to restore it. 

 "Its too bad that the Internet has become another
 battleground," said member of parliament Michael Eitan, the
 Knesset Internet expert. "We need to have a cease-fire on the
 Web."

http://www.cnn.com/2000/WORLD/meast/10/26/israel.cyberwar.ap/index.html 

voteauction moves offshore

[anonymous]

Will the Austrians treat the 
US injunction like Cryptome treats
letters from HRH?


Monday October 23 07:00 PM EDT
   Vote auction site attempts to skirt
   shutdown order 

   By Patricia Jacobus, CNET News.com

   A rogue Web site purporting to sell votes for the upcoming U.S.
   presidential election is back in operation after being shut down
   last week under a federal court order.

The Web site, formerly Voteauction.com, reappeared on the Net
over the weekend under a new address run from outside the 
United
States and beyond the easy reach of election officials.

"The Web site may have started as a parody, but we dont think 
its a
joke," said Thomas Leach, spokesman for the Chicago Board of
Elections, which last Wednesday won an injunction ordering the 
site
taken down. "Its encouraging U.S. citizens to break the law."

   The idea for the site, now Vote-auction.com, is to capitalize on undecided 
voters who
   planned on sitting out the November presidential election. Uncommitted voters 
can sell their
   votes to the Web site. The votes are then auctioned to the highest bidder, who 
decides which
   presidential candidate gets them.

   About 1,131 Illinois voters have participated in this questionable practice, 
according to the
   Web site. In California, 2,546 voters have so far taken part in the auction. 
Selling votes
   carries a maximum three-year federal prison term.

   It is unclear whether the votes being auctioned are legitimate. But with the 
balance of the
   presidential election hanging on a thin margin, the authorities arent taking 
any chances.

   "Could it affect the outcome of the elections? Yes," Leach said. "Should it? 
No."

   Created by James Baumgartner, a graduate student in New York, and later sold to 
a group
   of investors in Austria, the Web site has U.S. election officials up in arms.

   Authorities in New York, Illinois and California moved to shut down the site, 
with Chicagos
   election commission winning an injunction last week against Baumgartner, 
Austrian
   entrepreneur Hans Bernhard and three others, as well as Domain Bank, the 
registrar that
   provided the Internet address. As part of the court order, the judge 
specifically said
   Voteauction.com could not appear on the Net under a different name.

   After the order, Bernhard found a foreign registrar that issued a new, but 
slightly changed,
   Web address.

   Bernhard could not immediately be reached for comment, but information on his 
site
   declares that bidding on votes "works for, not against democracy." It also says 
he had huge
   reader support to keep the site in operation.

   Leach said the Chicago election commission has asked for help from the Austrian 
Embassy
   in Washington, D.C., to permanently shut down Bernhards business. The court 
injunction
   has also been delivered to the Ministry of Austria.

   "Theyre in defiance of a legitimate court order and in contempt of the American 
judicial
   system," Leach said of Bernhard and the others involved in Vote-auction.com.

Zero-Knowledge Open-Sources Linux Client

[anonymous]

from the privacy-for-all dept.
 jailbreakist writes "Zero-Knowledge Systems, a
 Montreal based privacy software company, has released the source
 code to their Linux client. The software in question provides
 anonymous web browsing, pseudonymous email, form filling,
 cookie management and more. You can get the source at
 opensource.zeroknowledge.com. The source is available under the
 MPL, and our clientshim and Yarrow (random number generation)
 implementations are under GPL."

KJOC lists anarchy symbol with occult

[anonymous]

X-Loop: openpgp.net
From: 
Subject: CDR: KJOC lists anarchy symbol with occult
Date: Fri, 20 Oct 2000 20:24:04 +0100
MIME-Version: 1.0
Content-Type: multipart/related;
boundary="=_NextPart_000__01C03AD3.B0AFB6F0";
type="text/html"
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600

This is a multi-part message in MIME format.

--=_NextPart_000__01C03AD3.B0AFB6F0
Content-Type: text/html;
charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
Content-Location: file://A:\KJOC.html


CDR: KJOC lists anarchy symbol with occult


At 13:09:23 -0500 (CDT) on Wed, 18 Oct 2000, the =
artist=20
formerly known as Phaedrus <[EMAIL PROTECTED]>=20
wrote:>On Wed, 18 Oct 2000 [EMAIL PROTECTED]=20
wrote:>>>http://www.adl.org/hate_symbols/racist_anarchy_symbol.html">http:=
//www.adl.org/hate_symbols/racist_anarchy_symbol.html>>=
>>Although=20
the symbol is more often used by Anarchists, an "A" in a circle=20
is>>also a symbol used by individuals in the white supremacist =

movement who>>are violently anti-government because of their=20
conspiratorial belief that>>Jews control he government. The =
symbol can=20
also signify that an individual>>is part of the Aryan movement =
and=20
disregard authority. >>Looks like an apt description to me =
-- they=20
acknowledge that it isn't>always a hate symbol but is more often =
used by=20
Anarchists>><shrug>>Ph.>
Hot clips from http://www.crossroad.to/text/symbols.html">http://www.crossroad.t=
o/text/symbols.html
http://www.crossroad.to/images/anarchy.jpg" width=3D140> ANARCHY:=20
Popular among school aged =
children today,=20
this symbol for anarchy fits the message that pervades the most popular =
video=20
games, role-playing games, movies and television. The lines of the "A" =
often=20
extend outside the circle.=20
Ah, always good to see that our plans for world domination are =
still on=20
schedule!
 http://www.crossroad.to/images/Symbols/29.gif" width=3D83=20
NATURALSIZEFLAG=3D"3"> SWASTIKA: Ancient occult symbol of the sun =
and the four=20
directions. Revived by Hitler, it represents racism and the "white =
supremacy" of=20
neo-nazis.
Of course historians agree TM that the Swastika always =
was, and=20
always will be, a symbol of evil and white racism. 
 http://www.crossroad.to/images/Symbols/30.jpg" width=3D146=20
NATURALSIZEFLAG=3D"3"> THUNDERBOLT: In ancient mythologies from many =
cultures=20
(Norse, Roman, Greek, Native American, etc.) the lighting bolt would be =
hurled=20
by male sky gods to punish, water, or fertilize the earth or its =
creatures.=20
Navaho myths linked it to the Thunderbird, the symbol of salvation and =
divine=20
gifts. On many children's toys, it represents supernatural power. Double =
bolts,=20
popular with contemporary skinheads, symbolize Nazi =
power.=20
If it isn't the Power Rangers it'll be Pikachu...=20
Does anyone know if the similarity between the Wiccan Pentagram and =
Anarchism=20
"rune", and the likeness of the rubric "Do what thou will, if it harm =
none" and=20
the NIAP, have any link? 
The Anonymous Iconoclast.=20
PS. I always knew that the toad was connected to the black =
arts=20
somehow :)=20
PPS. Check out the "http://www.crossroad.to/text/symbols.html#anchor836168">warning" about=20
the occult power of symbols at the bottom of the page.To badly =
paraphrase=20
Catharine Mackinnon, "Did you ever try to argue with an epiphany?"=20


--=_NextPart_000__01C03AD3.B0AFB6F0
Content-Type: image/jpeg
Content-Transfer-Encoding: base64
Content-Location: http://www.crossroad.to/images/anarchy.jpg

/9j/4AAQSkZJRgABAAEBLAEsAAD//gAcQ3JlYXRlZCBieSBBY2N1U29mdCBDb3JwLgD/wAALCAEQ
AYgBAREA/9sAhAAHBQUGBQQHBgYGCAcHCAoRCwoJCQoUDw8MERgVGRkXFRcXGh0mIBocJBwXFyEs
ISQnKCoqKhkgLjEuKTEmKSooAQcICAoJChMLCxMoGxcbGygoKCgoKCgoKCgoKCgoKCgoKCgoKCgo
KCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCj/xAAfAAABBQEBAQEBAQAAAQIDBAUGBwgJ
Cgv/xAC1EAACAQMDAgQDBQUEBX0BAgMABBEFEiExQQYTUWEHInEUMoGRoQgjQrHBFVLR8CQz
YnKCCQoWFxgZGiUmJygpKjQ1Njc4OTpDREVGR0hJSlNUVVZXWFlaY2RlZmdoaWpzdHV2d3h5eoOE
hYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4eLj5OXm
5+jp6vHy8/T19vf4+fr/2gAIAQEAAD8A+kaKSlpp+uKdTadSGloopKKTPtSA57Yo/D86QLt/+txR
nj2+hox6cfypNw55zil/hxgijB3daTpnp+NGcZA4pMluMj8aaykj5Oo4zmmAFTj5iD0z2oUAgYyP
xp3PHJ29+aYeTjkY/KpMHHUfU80fcG7J98VEq8d6cNyjBOf508ZKnAwR2PWlBY49/TpTd3YAj260
0NxnOCB360o4IH3s9sU4MucLwR3JpuSGzwQPelzhSSw9elIpY/w9Pw/SkPbAA59KduA5yM/0pqyY
fbuyRUucNzmkwM4698VNRSYp1FFIOKWikpaTpS0U0elNz9fypQR0oH0xTcA+v50AheN3T1o3DHof
emjoe3PXGaPMYKOM57ik35wASOe4pAVPygqCOgHSlJJ+Ve/c0zdwVCt7nGaTnpxz7GkVwPzpQuT0
7dxin4zkYAxyPWlAwpAAB9OtNxwORg9u1NAUkdePqKUKMY5J6ZApzEA4YnP04pRwcnOPTFHOeehP
pQG6HPJH50wbmYHggdQeTTueoGB6Y5pOuBwM9M0uCCffn2

No Subject

[anonymous]

Subject: Photograph alteration CPUNK

Last week a cannabis legalisation activist 
handed a posy of said plant, wrapped as if it had been bought in a 
florists' shop to Her Majesty the Queen.  HRH accepted it as just 
another bunch of flowers, and the photographs hit the newsstands 
the next morning.

As expected, all the papers had a different spin.  However, none of the 
front page photographs showed a plant with flower.  It would make no 
sense to hand HRH a handful of ugly weeds, and the guy who claimed 
responsibility referred to it as 'a pretty yellow flower'.

This sent my bullshit meter into overdrive.  Had the photos been 
doctored to distort the message of the activist? 
or merely "pruned" by the editor for one that doesn't advertise 
such horticulture to the masses?

Is there anyone on the internet who is actively tracking forged/spun 
photographs, Photopunks if you will?  I remember the storm here over 
*that* Elian pic.

Perhaps this is in Declan's sphere of interest?


__
Do You Yahoo!?
Yahoo! Messenger - Talk while you surf!  It's FREE.
http://im.yahoo.com/

if not part of the solution youre part of the precipitate

[anonymous]

 If the ultimate motivation of the car siezures is
>to sell them and keep the money, what would happen if somebody acquired a
>few ounces or gallons of PCBs (poly-chlorinated biphenyls common in
>20+year-old (non-electrolytic) capacitors), and sprayed them (only a very
>tiny amount per car should be necessary, maybe 1 milliliter or so?) into
>those siezed cars though a broken window (or injected through door seals).

A better use involves a flare and, um,
an appropriately deserving building :-)

Aloha Plume

thank you Mr. Bin Laden

[anonymous]

Historical and current counter-US
activities seem to be focussing more
on hitting the .mil (and spyhqHHHembassies) 
vs. airlines.

Members of the flying public appreciate
your new, more-to-the-point focus, Osama, and
your PR consultant should be praised.

See you in Utah...


By The Associated Press

 A look at recent terrorist attacks against United States 
interests.

 July 8, 1998 -- U.S. embassies in Kenya and Tanzania bombed, 
killing
 224 people, 12 of whom were Americans.

 June 25, 1996 -- Truck bomb explodes outside the Khobar Towers
 housing complex near Dharan, Saudi Arabia, killing 19 Americans 
and
 injuring more than 500 Americans and Saudis.

 Nov. 13, 1995 -- Car bomb detonates at a U.S. military 
headquarters in
 Riyadh, Saudi Arabia, killing five Americans.

 Sept. 13, 1995 -- Rocket-propelled grenade pierces wall of U.S.
 Embassy in Moscow, but causes no injuries.

 Dec. 21, 1988 -- Pan Am Boeing 747 explodes over Lockerbie, 
Scotland
 on a flight from London to New York, killing 270 people.

 Sept. 5, 1986 -- Hijackers seize Pan Am jumbo jet carrying 358 
people at
 Karachi Airport. Twenty people killed when security forces storm 
the
 plane.

 April 2, 1986 -- Four Americans killed when a bomb under a seat
 explodes on a TWA airliner en route from Rome to Athens.

 June 14, 1985 -- Shiite gunmen seize a TWA airliner and forced it 
to
 Beirut, Lebanon. U.S. Navy diver was killed and 39 Americans held
 hostage for 17 days.

 Sept. 20, 1984 -- Car bomb at U.S. Embassy annex in east Beirut,
 Lebanon kills 16 and injures the ambassador.

 Dec. 12, 1983 -- Shiite extremists set off car bombs in front of 
the U.S.
 and French embassies in Kuwait City, killing five people and 
wounding
 86.

 Oct. 23, 1983 -- Shiite suicide bomber blows up U.S. Marine 
barracks in
 Beirut, Lebanon, killing 241 Americans.

 April 18, 1983 -- Suicide car-bomber blows up U.S. Embassy in 
Beirut,
 killing 17 Americans.

 Nov. 4, 1979 -- Islamic students storm U.S. Embassy in Tehran, 
Iran,
 holding 52 Americans hostage for 444 days.

encryption obsoleted

[Anonymous Remailer]

Well, they are original. I do not recall any other instance when
a government said "we will not snoop."

---

"Former Yugoslav President Slobodan Milosevic has no longer any
influence on the police and army force in the country, and all phone
taps, both fixed and mobile in Serbia have stopped, stated Zoran
Djindjic, one of the leaders of the Democratic Opposition of Serbia
(DOS), in an interview for B2-92."

"Djindjic also said that the first step toward change is that all
telephone tapping has been stopped in Serbia."

delete this judge

[anonymous]

from /.

"According to The New York
  Times (free registration required, for those who care
  about such things), a prominent judge recently wrote an
  article saying that the delete key should actually delete
  things, not just hide them away where lawyers and skilled
  computer geeks can get at them years later. Specifically,
  he proposes that a statute of limitations be imposed upon
  electronic messages--that, for example, an obnoxious
  email you send today could be held against you for six
  months and six months only." 
...
The judges original paper is
http://www.greenbag.org/Rosenbaum/rosenbaum.pdf
  linked off of The Green Bag. 

delete this judge

[anonymous]

from /.

"According to The New York
  Times (free registration required, for those who care
  about such things), a prominent judge recently wrote an
  article saying that the delete key should actually delete
  things, not just hide them away where lawyers and skilled
  computer geeks can get at them years later. Specifically,
  he proposes that a statute of limitations be imposed upon
  electronic messages--that, for example, an obnoxious
  email you send today could be held against you for six
  months and six months only." 
...
The judges original paper is
http://www.greenbag.org/
  linked off of The Green Bag. 

US spy software could devour RIP

[anonymous]

È David Ludlow and Liesbeth Evers, Network News , Wednesday 27 September 2000

Developers in the US have uncovered a way of snubbing the American equivalent of the 
Regulation of Investigatory Powers (RIP) Bill, prompting speculation that a similar 
system could be introduced into the UK. 

The US government's software, called Carnivore, is installed on ISP networks to 
enforce court orders calling for electronic monitoring. 

Operating in a similar way to commercial so-called sniffers, Carnivore looks at all 
data on a network, throwing away information that is not contained by the court order. 
For example, it could capture emails to and from a specific account.

Until now, only the FBI knew how the product worked. Hiding behind claims that 
Carnivore was partially based on commercial software, and that hackers could find a 
way to circumvent it, the FBI refused to open the source code.

But its attempts at secrecy have backfired, after a company called Network Ice 
released the source code for a rival product, altivore.c (www.networkice.com/altivore).

The code complies with the requirements for Carnivore, and is a legal substitute in 
the case of a court order. By making it open source, Network Ice has shown how the 
software works, and how public privacy can be maintained.

The UK's equivalent of Carnivore is a black box that, under the RIP Bill, will be 
placed at ISP premises to monitor emails. It is unclear whether it will be a mandatory 
device, which will leave the public suspicious of what it does, or an open source 
device that meets a defined technical description.

Security analyst Peter Williams, of DataCheck Consultants, said that if the technology 
can be developed in the US there is no reason why it could not be used to scupper the 
RIP in the UK. "The government didn't really think through the technology for this," 
he said.

A Home Office spokesman said that the government intends to discuss the matter with a 
technical advisory board.

First published in Network News 

This article is available online at http://vnunet.com/News/717

New email could confound law enforcement

[anonymous]

By Cecily Barnes
Staff Writer, CNET News.com
September 22, 2000, 12:20 p.m. PT
URL: http://news.cnet.com/news/0-1005-200-2841067.html 

A start-up is set to release a novel messaging service that lets people send heavily 
encrypted email directly to each other, a development that could be a boon for privacy 
advocates but a headache for law enforcement authorities. 

AbsoluteFuture.com of Bellvue, Wash., has dubbed its service "SafeMessage," describing 
it as a "direct messaging" service that transmits messages from party to party without 
the use of a central server. 

This distinction is significant because email, which always passes through mail 
servers, leaves a trace copy of itself that can be subpoenaed, read or otherwise 
accessed by unauthorized readers. 

Besides bypassing a central server, the messages are heavily encrypted and are 
programmed to be automatically erased after a period of time designated by the sender. 
The encryption not only prevents outsiders from reading the message, but also limits 
the message recipient's ability to forward, cut and paste, or print the message. 

"(Email) leaves a permanent trail," said CEO Graham Andrews. "Not only on your 
computer and the receiver's computer, but also three or four servers in the middle." 

Whether or not direct messaging can strip away all traces of a document sent over the 
Internet is unclear, as the system does not do away with the need for an Internet 
service provider to allow parties to share files. 

"It's certainly going to pass through the server that connects you to the Internet and 
the server that connects the recipient to the Internet, but it will not pass through 
the typical mail servers," said Tony McNamara, AbsoluteFuture's chief technology 
officer. 

Amid growing concerns about privacy on the Internet, more people are inquiring about 
the secure transfer of data online, especially in instances of financial and banking 
data. AbsoluteFuture joins a growing list of companies that are responding to this 
market need with encrypted email services. 

Rival products include HushMail, ZixMail, Disappearing Inc. and Authentica. 

Unlike AbsoluteFuture, however, these services use ordinary email delivery systems 
that are prone to online eavesdropping and may leave trace copies behind in the 
computers used to carry them. AbsoluteFuture believes it has found a solution to this 
problem by harnessing technology known as peer-to-peer networking, which connects 
personal computers directly, without the need for a central server to route file 
transfers. 

Meta Group analyst David Thompson calls the market for peer-to-peer or encrypted 
messaging nascent. "People are just starting to realize that this kind of thing is 
even possible," he said. 

Peer-to-peer technology gained widespread notice after file-swapping company Napster 
was sued by the Recording Industry Association of America for allegedly facilitating 
the transfer of copyrighted material. 

While SafeMessage does not present any copyright violation, it could undermine the 
efforts of law enforcement agencies that sift and subpoena email messages to catch 
criminals. Most notably, privacy advocates have called attention to the FBI's 
Carnivore program, which is installed at ISPs and scans massive amounts of email to 
track messages sent by people under investigation. 

AbsoluteFuture's SafeMessage system would potentially allow people to operate below 
this radar screen. 

AbsoluteFuture said it is marketing its product primarily to corporate clients. "We 
believe this should be available to individual consumers, too, but we're not really in 
a position to handle that, so we are going to go the route of licensing to ISPs," 
Graham said. "We are very close to signing up several resellers." 

The company said SafeMessage is already being tested by a number of large corporate 
clients including a major oil trading company in Moscow, a large accounting firm, and 
a couple of stockbrokers. 

To use SafeMessage, a person signs on to the program with an ID and password, 
similarly to an email client. When typing the recipient, the person sends the contact 
to AbsoluteFuture's server, which locates the recipient online and allows the sender 
to send the message directly to the recipient. 

The message is encrypted before it leaves the sender's computer, and the decoder key 
is destroyed. If the recipient is not online, the sender must send the message to 
AbsoluteFuture's server, which will hold the message until the recipient logs on or 
the message times out. 

"In one sense this is slightly less secure because we're looking after it," Graham 
said. "But we don't have the key to get at it. Even if there was a court order for the 
message, it is highly encrypted. We'd say, 'OK, go ahead try to open it.'" 

Meta Group's Thompson said that while the system sounds secure, he is not convinced 
that it is foolproof. He said that during the period of time before the message is 
de

Carnivore 3.0: The Wrath of Olympus

[Anonymous]

By Robert X. Cringely

I wouldn't want to be a cop. It is a difficult and generally thankless job performed 
by people who are often unappreciated and certainly not overpaid. Most of us think of 
the police as the givers of undeserved though probably earned speeding and parking 
tickets. But when real troubles come, we expect the police to be there, to protect 
public safety. For their part, the law enforcement people I have known generally see 
themselves as a tribe a body of professionals who do a job the rest of us don't want 
to do and are, by the nature of that job, special. Ask a cop the last time he or she 
got a speeding ticket, then ask them whether they ever exceed the speed limit. Cops 
generally judge themselves by different rules than they judge the rest of us. 

When there is a pressing problem of public safety, we tend to expect the police to fix 
it, and we usually give them whatever tools they require to do the job. This explains 
why so many cities have Special Weapons and Tactics (SWAT) teams. It's not that every 
city faces problems that require SWAT response, but having a SWAT team is one way of 
keeping up with the other cities. It's cool. And if the perceived threat is bad enough 
and real enough, there is probably no limit, short of the U.S. Constitution, on the 
tools we will give our defenders. Bazookas, anyone? 

Now we jump, for the third and I hope last time, back into the Carnivore debate. 
You'll remember Carnivore is a sealed box that the FBI proposes to install in the 
Network Operations Centers of Internet Service Providers that are known to serve users 
who are criminal suspects and who are under a court-ordered e-mail tap. The way it was 
originally explained, Carnivore boxes would copy and store e-mail to and from the bad 
guy for decryption and examination by appropriate officials. ISPs don't like Carnivore 
because it is a box they don't control or have access to that can potentially screw-up 
the whole network. Privacy advocates don't like Carnivore because it might be 
intercepting and storing e-mails other than just those of the bad guys. They worry 
about the potential for abuse by law enforcement agencies. 

This is a thorny issue and shows how much technology has changed law enforcement. Part 
of the problem is that the Internet -- formerly a province of academic nerds -- is now 
a part of mainstream life, which is to say it has become a crime scene. Enter the 
police. When people use the Internet to deliver threats or commit crimes, the 
technology makes it conducive for law enforcement to deal with it. All that good spy 
technology used by the major intelligence agencies can be used to detect of crime on 
the Internet. 

I wonder whether the end of the Cold War may have accelerated this law enforcement 
trend as intelligence agencies try to stay in business by re-targeting their efforts 
on terrorism, the new bogeyman. 

The scary part about these intelligence-gathering technologies is that they are very 
scaleable. It isn't that much harder to read the mail of a thousand people than to 
read the mail of one person if a machine is doing the reading. And since the Carnivore 
boxes need to be directly in the flow of all e-mail at an ISP, this is doubly 
concerning. Now for the first of two disturbing facts: While the FBI has kept 
generally quiet about Carnivore, the government has maintained that it is intended for 
surgical use. One crook, one e-mail address. Is that why the name Carnivore was 
chosen? Because it is my understanding that the Carnivore program was begun under a 
different name, Omnivore. So much for surgical strikes. 

For the second disturbing fact we jump to the Olympics -- not this year's games in 
Sydney -- but the 2002 Winter games in Utah. Given the 1996 bombing at the Atlanta 
games and the 1972 hostage crisis in Munich, I really, really wouldn't want to be 
responsible for public safety at an Olympic games anywhere. So it isn't surprising 
that the security plans for Salt Lake in 2002 are very robust -- perhaps too robust 
for some people, including me. 

At the Utah games there will be a network of kiosks set up for athletes, journalists, 
and the public to use for e-mail and Net access. This will be the easiest way for many 
people to communicate in an area that will probably have its cellphone circuits 
maxed-out most of the time. Try making a cellphone call in Las Vegas during Comdex or 
the Consumer Electronics Show and you'll know what I mean. Well, the FBI has some 
rather specific requirements for Olympic data security, including the ability to not 
only COPY e-mail from these kiosks containing passwords from users' secret list, but 
to actually INTERCEPT e-mail and deliver it to a security office address rather than 
to the intended recipient. The person manning that address is supposed to make summary 
decisions about what to do with the reviewed email -- maybe it gets passed along as 
intended by its author, maybe bounced as

Re: [OT] California senator tries to mandate remote kill switches

[anonymous]

Michael Motyka wrote:

> I enjoy the rhetorical device of visiting death and destruction on the
> bad guys and clearly there is no shortage of politicians whose actual
> passing out of this life -by unspecified means- would make the world a
> safer, cleaner place but calling McVeigh a "freedom fighter" is off the
> mark. 0 points for that one. 

Why?

Re: Massachusetts steals unregistered children from christians

[anonymous]

David Honig wrote on Tue, 29 Aug 2000:

> The fathers of the two babies, Jacques Robidoux, the sect's reputed
> leader, and David Corneau, are among eight sect members who are behind
> bars for refusing to cooperate in the investigation.

One wonders what 'refusing to cooperate in the investigation' entails
(sufficient to land one in jail.)  Most states have laws against
compulsory spouse-snitching.

Yahoo to offer encrypted email option

[anonymous]

By Paul Festa
Staff Writer, CNET News.com
August 25, 2000, 4:00 a.m. PT
URL: http://news.cnet.com/news/0-1005-200-2605437.html 

Yahoo plans to let its email account holders use data scrambling to protect the 
privacy of their messages, marking a potentially significant advance for the 
mainstream use of encryption. 

The Web portal and ZixIt, an encryption company based in Dallas, confirmed that they 
have inked an agreement to provide encryption to Yahoo Mail users but declined to 
comment further. 

The companies did not disclose a start date for the service. Yahoo Mail began carrying 
a link to ZixIt's ZixMail page this week but said that link was part of its regular 
advertising. 

When the system launches, it will let Yahoo Mail account holders send messages through 
ZixIt's SecureDelivery.com site, scrambling messages so only sender and recipient can 
read them, even if the message is intercepted en route. 

ZixIt's SecureDelivery site this quarter will launch software add-ons for use with 
Lotus Notes and Microsoft's Outlook email application. 

The deal will make Yahoo the first major portal to offer encrypted email. So far, data 
scrambling has been the province of tech-savvy computer users willing to use products 
that require a software download, such as Network Associates' Pretty Good Privacy. 

Yahoo's competition in the free, Web-based encrypted email arena comes from smaller 
players including Hushmail and ZipLip. 

ZipLip, which offers a variety of secure messaging products in addition to its free 
mail site, said Yahoo's move shows that mainstream encryption's time is coming. 

"Yahoo has gotten an understanding that consumers do need more privacy," said ZipLip 
chief executive Kon Leong. "They are addressing the consumer market, so the timing is 
right." 

tempest and caves

[Anonymous]

http://www.users.skynet.be/avalon/avalonuk/technical/radio1.htm

Describes radios that can go through 500 m
of rock.  (This is not easy with conventional
RF; they use an 87 Khz carrier.)  Of passing
interest for TEMPEST afficionados, it indicates
how far certain whispers carry.

FBI admits cellphone gps not for 911

[Anonymous]

 TMI phones also had to be equipped with
geo-positioning technology so the FBI could pinpoint a suspect's location when he made 
a
call. 

This was crucial, as Deputy Attorney General Eric Holder wrote in a June 14, 1999,
letter to FCC Chairman William Kennard. "Finding out that a drug deal, murder or
bombing is about to occur, without having any indication of the location of the 
criminal is
only marginally useful," he wrote. Unless TMI addressed the shortcomings, Mr. Holder
wrote, its phones would become "a communication tool of choice among drug dealers,
organized crime and terrorist groups." 

http://cryptome.org/carnivore-mega.htm

So much for the "its for 911" sham..

pgp bug forest for the trees?

[Anonymous]

At 02:00 AM 8/25/00 -0400, Anonymous wrote:
>While many crypto experts intensely bullshit about the importance
>of the source code to counter "security through obscurity", it appears
>than none really looked at the sources closely.

A lot of metallurgists inspected a lot of beams and bolts
but the overall architecture was not reviewed for weaknesses
when new features were added? 

Anything to learn?  1. They were right about the dangers of 
key escrow 2. Adding features to security products can be dangerous
3. Security reviews are really really hard and have to be repeated
when new features are added.

Marketing: Building insecure systems from secure components..

-Feinkost Paranoia

Re: Black Hoes screw Disney, trample free speech

[Anonymous]

Just because someone has the right to do something doesn't mean they should. 


Mike, whether or not I believe that you are one, I can call you an asshole.
But why would I do that? It would just make for bitter and angry conversation.


Sure, it feels  to sometimes anonymously swear at people. 


But when I'm feeling full of vitriol, I'd rather do a Day of the Jackal and go shoot a 
few melons than swear on this list.


(yes, that was a tip of the hat to A.Melon)


Likewise, continually telling people that they should be killed doesn't engender 
learning or quality conversation.


I'm not here to hone my ridiculing skills: I'm here to learn something and to keep 
myself abreast of what government and the private sector are doing that effects my 
privacy and my rights.


So stop fucking swearing all the time. It's really tiring.

pgp 5/6 bad bug

[Anonymous]

http://cryptome.org/pgp-badbug.htm


To: [EMAIL PROTECTED]
Subject: Serious bug in PGP - versions 5 and 6 
Date: Thu, 24 Aug 2000 08:09:07 +0100
X-Loop: openpgp.net
From: Ross Anderson <[EMAIL PROTECTED]>

Ralf Senderek has found a horrendous bug in PGP versions 5 and 6.
It's of scientific interest because it spectacularly confirms a
prediction made by a number of us in the paper on `The Risks of Key
Recovery, Key Escrow, and Trusted Third-Party Encryption'
 that key escrow would make it
much more difficult than people thought to build secure systems.

He's written a paper on his work and it's at

http://senderek.de/security/key-experiments.html

Since NAI joined the Key Recovery Alliance, PGP has supported
"Additional Decryption Keys" which can be added to a public key.  The
sender will then encrypt the session key to these as well as to your
main public key. The bug is that some versions of PGP respond to ADK
subpackets in the non-signed part of the public key data structure.
The effect is that GCHQ can create a tampered version of your PGP
public key containing a public key whose corresponding private key is
also known to themselves, and circulate it. People who encrypt traffic
to you will encrypt it to them too.

The problem won't go away until all vulnerable versions of PGP are
retired, since it's the sender who is responsible for encrypting to
the ADKs, not the recipient.

In the meantime there might be a nasty denial-of-service attack in
which bad guys upload tampered versions of everybody's public keys to
all the public keyrings.

Ross

Security Through "Fuck Off"

[Anonymous]

http://www.judicialwatch.org/media/preleases/2000/082200b.htm

Mann on privacy and cameras

[Anonymous]

Steve Mann of the wearables group at media.mit
has a well-thought out essay on privacy and
cameras at http://wearcam.org/netcam_privacy_issues.html

He discusses some of the issues that have
been discussed here.

FYI

CompUSA repair works with FBI

[Anonymous]

excerpt: 
He said Nevitt turned in his old
PC to a CompUSA repair shop in July, but they could
not fix the computer and replaced it with a newer one. 

Under the terms of the swap, Mann said, CompUSA
took legal possession of the old computer and then
consented to a search by federal forensics
technicians, who found the pictures on the hard drive. 

http://www.apbnews.com/newscenter/breakingnews/2000/08/17/childporn0817_01.html

UK amends e-mail plans

[anonymous]

By Jean Eaglesham, Legal Correspondent
Published: August 18 2000 19:09GMT | Last Updated: August 18 2000 20:28GMT

The UK government has bowed to industry pressure to change its draft rules on 
companies' monitoring of e-mails and phone calls being introduced under the 
controversial Regulation of Investigatory Powers Act, governing surveillance by the 
police. 

It is also "urgently discussing" ways of extending the four week consultation period 
on the rules beyond next Friday. The change now agreed will allow companies to read 
messages sent to employees who are on holiday or off work ill. 

The government had hoped to rush through the draft rules in time for the October 2 
implementation of the Human Rights Act. The existing law on police phone tapping 
failed a challenge at the European Court of Human Rights and the Home Office is 
adamant that the RIP Act should be in force on October 2. 

But the draft rules on business monitoring have attracted criticism from industry and 
employee representatives. The Department of Trade and Industry said last night it had 
identified some options for extending the "unusually brief" August-only consultation 
period, which it was "urgently discussing" with the Home Office. 

The DTI has also agreed to meet one of the principal industry criticisms. The rules, 
as they stand, would make it illegal for businesses to check up on employee e-mails 
and phone calls without the consent of both the sender and receiver. There are only a 
few, narrowly defined, exceptions to this "no consent" rule. 

This would make it impossible for companies to read e-mails received by people who are 
away from the workplace, since there would be no way of checking whether the sender's 
consent was required or had been given. 

The DTI said the regulations would be changed to "make it clear businesses are able to 
monitor communications such as colleagues' e-mail accounts in order to check whether 
these are business messages that need to be dealt with in their absence". Employees 
would have to be informed such monitoring might occur. 

The Confederation of British Industry, the main employers' organisation, on Friday 
night welcomed the news of the climbdown. But it still wanted to discuss with the DTI 
other issues arising from the rules. 

Industry groups have commissioned lawyers to look at whether the legal basis of the 
rules is flawed. The government claims European legislation - the Telecommunications 
Data Protection Directive - requires it to legislate on companies' surveillance. 
However, lawyers have questioned whether that directive extends to private, as well as 
public, networks. Lawyers also warn the regulations could trigger human rights 
challenges by employers and employees.

Anyone looked at l-3com privatel STU

[Anonymous]

http://www.l-3com.com/cs-east/programs/infosec/priva_tech.htm
describes a 3DES 1024DH in-line cryptounit
for $600.  Anyone have any experience with this?

(Note: l-3com seems to be heavily tied to
.gov/.mil and offers different versions
for 'civilian' vs. other uses.  So caveat crypto.
OTOH Nautilus, Speakfreely, and PGPfone source
are freely available.)

-Feinkost Paranoia

under the deep blue sea

[Anonymous]

Scores of accidents involving nuclear reactors and weapons
   have occurred worldwide since the Nuclear Age began in 1945.
   And an estimated 50 nuclear warheads still lie on the bottom of
   the world's oceans, according to Joshua Handler, a former
   research coordinator for the environmental activist organization
   Greenpeace. 

http://www.cnn.com/SPECIALS/cold.war/experience/the.bomb/broken.arrows/intro.html

Presumably our spookbirds watch the oceans for
non-US recovery teams fishing for plutonium.  
Do the russians watch the oceans for their lost toys, including
dead nuke subs and ocean-dumped 'spent' reactors? 

-Feinkost Paranoia

anonimized test - please delete w/apologies.

[Anonymous]

test - please delete w/apologies.

Re: Quantum Cryptography and resistance

[anonymous]

Quantum cryptography will be of little practical value for the average
person.  That's because you need to get photons unchanged from one
person to the other.  This requires either a line of sight or a fiber
optic cable, neither of which is likely to be available.

Quantum computers allow fast search for symmetric ciphers like DES
or AES.  The effect is essentially to halve the key size.  A 128 bit key
attacked by a QC becomes as strong as a 64 bit key would be attacked by
conventional computers.  The new AES standard provides for 256 bit keys.
These will still provide 128 bits of strength against quantum computers,
making them practically invulnerable.  So QCs will provide no significant
problems against symmetric ciphers once AES is in widespread use.

Quantum computers also allow fast factoring and finding discrete logs,
essentially destroying the principles behind the most widely used
public key systems.  This uses Shor's algorithm, which works by finding
the period of a sequence.  The recent IBM announcement was apparently
an implementation of just this algorithm for a 5 bit QC.

Hence it will be necessary to scale up the QC from 5 bits to 1024 bits
or more.  This will take years of work and no one knows if it will be
possible.  If it happens, people will have to switch to keys larger than
the largest quantum computers, which will probably be a losing battle;
or they will have to use the more obscure, less efficient and possibly
less secure public key alternatives.  No doubt if large QCs appear on
the horizon we will see considerably more cryptographic effort put into
developing and establishing the security of alternative methods for PKC.

Re: horseflesh und piggies

[anonymous]

> But remember, in California, you can't sell the meat for food.
> (Of the horse, that is; the recent "you can't sell horses
> for food" referendum 

You can't *sell* horses for food, but could you host a free BBQ?

(Imagine protesters making signs for "Official DNC BBQ -->" and serving up
 horse and pig in the park.)

Heh.

> said nothing about cannibalism, or even eating pork.)

*Are* there any anti-cannibalism laws?  (Assuming, of course, that you
came into the meat lawfully...)

horseflesh und piggies

[Anonymous]

At 05:46 PM 8/14/00 -0400, [EMAIL PROTECTED] wrote:
>If you are going to go to all of that trouble you might 
>as well just shoot the horse and its rider.

But remember, in California, you can't sell the meat for food.
(Of the horse, that is; the recent "you can't sell horses
for food" referendum said nothing about cannibalism, 
or even eating pork.)

Mail-order cat piss (was Re: Trolls)

[anonymous]

On Monday, August 14, 2000, [EMAIL PROTECTED] wrote:

> I could probably come up with uses for cat pee if I set my mind to it.
> I'm having considerable difficulty with the idea of commercially-
> available cat pee. Is it sanitized? Are Dept of Health certificates
> needed? How on earth can you make a profit selling cat pee by mail?
> Who _thought_ of selling cat pee, let alone by mail?

IIRC it is used by squishy-centered gardeners who want to keep Bambi away
from their basil.  (I know you can order "Bobcat" for this purpose.  I
don't know if it comes in other flavours.)

Yep:  http://www.critterridders.com/urine.htm offers fox, bobcat, wolf,
and coyote.  Whee!

Re:Do police horses know about rubber rattlesnakes

[anonymous]

Anonymous wrote:

>  Don't know -- but I've been wondering about other
> like attacks.Red Pepper? A lot of horses freak pretty
> easily at various things -- birds flying up in front
> of them, etc., so maybe lots of whirly-flashy things
> would do it?

If you are going to go to all of that trouble you might 
as well just shoot the horse and its rider.

HorseMeatMonger

Welcome to LA, bring your gas mask!

[Anonymous]

It would be nice if someone got a copy of 
the Police-Only version of the city's flyer
and say forwarded it to cryptome..




City Employee Booklets Draw Criticism
   Security: Officials decry lists of 
delegates'
 hotels and casual instructions on dealing
 with tear gas. 

 By TINA DAUNT, Times Staff Writer

  Local law enforcement officials
 coordinating security for the Democratic
 National Convention issued booklets to Los
 Angeles city employees this week listing all
 the hotels where hundreds of delegates are
 staying and tidbits on how to deal with
 such issues as bomb threats, suspicious
 packages and tear gas exposure.
  "Our role in the DNC 2000 is to ensure a
 safe and orderly environment for this
 historic event," Mayor Richard Riordan
 wrote to employees in one version of the
 pamphlet. "This challenge provides us with
 the opportunity to demonstrate our
 professionalism while excelling at all
 levels."
  But some City Hall insiders said they
 were alarmed to find that tear gas exposure
 was casually mentioned, along with
 common health hazards like sunburns and
 heat cramps. For weeks, city officials have
 expressed concern that police and
 protesters will engage in violent clashes
 during the convention.
  "It's like, 'Welcome to L.A., bring your
 gas mask,' " said one official.
  Councilman Mark Ridley-Thomas also
 questioned the wisdom of listing the
 delegates' hotels.
  "Why on one hand do you give
 instructions about tear gas and on the other
 hand you blatantly publicize where
 delegates will be housed?" Ridley-Thomas
 said. "It doesn't really demonstrate a
 sophistication with respect to a security
 plan, does it?"
  The Democratic National Convention
 Planning Group--headed by the Los
 Angeles Police Department--handed out
 two versions of the booklet, one for sworn
 officers and the other for civilians.
  The police version includes a section on
 the problems the "anarchists" caused during
 the 1999 World Trade Organization meeting
 in Seattle and an overview of mass arrest
 procedures.
  Officers are also urged to bring an extra
 uniform "in case of extended deployment to
 a DNC-related incident."
  LAPD Cmdr. David Kalish, a
 department spokesman, said the booklets
 were intended as "informational material
 for concerned representatives" of the city.
  "If people get asked questions by
 delegates or visitors, they will have the
 information," Kalish said. "They'll also
 have the information that is relative to their
   

Anticompromise Emergency Destruct

[Anonymous]

Anticompromise Emergency Destruct (ACED)
3) Until the ACED system is available, the M-610 incendiary file

destroyers and thermite grenades, employed primarily to destroy

crypto materials, will be used for all PRIORITY ONE emergency

destruction within appropriate Army activities. Adequate

quantities of the M-610, or other comparable devices, will be

maintained for PRIORITY ONE bulk emergency destruction purposes in

lieu of the ACED system.
http://www.army.cz/vtciacr/secupage/orig/ar380-5/v.htm

Frogs dont want freedom

[Anonymous]

Yes, we definately shouldn't be exporting
freedom to other countries.  They can't
handle it. 


LICRA's Knobel, however, says U.S. constitutional guarantees on
   freedom of speech leave greater scope for racist groups and that this
   degree of tolerance should not be exported to other democratic
   countries by Internet.


excerpted from http://dailynews.yahoo.com/h/nm/2810/wr/france_yahoo_dc_1.html

1st U.S. Online Gambling Conviction

[Anonymous]

Gambling is stupid but voluntary, 
criminalizing it is evil.  The US
needs to get slapped upside its head.


Thursday August 10 2:49 AM ET
   Man Jailed in 1st U.S. Online
   Gambling Conviction 

   By Gail Appleson, Law Correspondent

   NEW YORK (Reuters) - The first person to be
   convicted on federal charges of running an illegal
   offshore Internet sports gambling operation was
   sentenced to nearly two years in prison.

   Jay Cohen, co-owner of World Sports Exchange, based on the
   Caribbean island of Antigua, was sentenced to 21 months in prison and
   fined $5,000 by U.S. District Judge Thomas Griesa.

   A Manhattan federal jury in February found Cohen guilty of operating a
   sports betting business that illegally accepted bets and wagers on
   sporting events from Americans over the Internet and telephones.

   Cohen, originally from Long Island, New York, lives in San Francisco.

   He was the first defendant to stand trial in a series of Internet offshore
   sports gambling cases brought under the federal Wire Wager Act.

   Under that law, it is illegal to use telephone lines in interstate or foreign
   commerce to place sports bets. The act also outlaws the transmission of
   information that helps gamblers bet on sporting events and contests.

   Manhattan U.S. Attorney Mary Jo White said the case showed that
   sportsbook operators who take bets from Americans could not avoid
   the federal wager law by taking their business overseas.

   ``An Internet communication is no different than a telephone call for
   purpose of liability under the Wire Wager Act,'' she said. ``As this case
   demonstrates, persons convicted of operating Internet sportsbooks
   offshore face very serious consequences -- imprisonment and
   thousands of dollars in fines.''

   Prosecutors alleged Cohen and other defendants tried to skirt U.S. law
   by running their operations from jurisdictions that allow gambling, such
   as Curacao, Panama, the Dominican Republic, Antigua and Costa Rica.

   According to evidence presented at the two-week trial, Cohen's
   company solicited Americans through the Internet site www.sex.com
   and through a toll-free telephone number.

   Prosecutors said Cohen's business also advertised in U.S. newspapers
   and magazines. The ads said U.S. customers could open a betting
   account with the company, wire money to fund the account and then
   bet on U.S. sporting events and contests.

   Prosecutors said undercover FBI agents accessed the Internet sites and
   found information about betting on professional and college sporting
   events such as basketball, hockey, baseball and football.

   The undercover agents then opened accounts by transferring money via
   Western Union. They placed wagers on the games from computers and
   telephones in New York.

   Cohen and 21 other defendants were indicted in 1998 for their alleged
   involvement in offshore sports betting operations. Ten of the
   defendants previously pleaded guilty to conspiring to break the wager
   law.

   Three have pleaded guilty to related misdemeanor counts and seven
   remain fugitives, including Steve Schillinger, vice president and
   director of wagering for World Sports Exchange.

   Schillinger told Reuters late last year that the company does not believe
   that what it is doing is illegal and that the federal government does not
   have jurisdiction over the offshore business.

   He said the operation took annual bets of between $100 million and
   $200 million. 

Kosovar Assasination Politics and UN Censorship

[Anonymous]

Friday, 28 July 2000 13:08 (ET)

 UN suspends Kosovo Albanian newspaper
 By LULZIM COTA

  TIRANA, Albania, July 28 (UPI) - An Albanian-language newspaper was
 ordered shut Friday for violating a Kosovo press law.

  The temporary media commissioner in Kosovo ordered the Dita newspaper shut
 for publishing an article on July 4 in which two Serbs were accused of
 committing war crimes. The publication of the allegations reportedly
 violated laws set up by the Organization for Security and Cooperation in
 Europe. Douglas Davidson, the interim media commissioner in Kosovo, ordered
 Dita to publish the Serbs' rebuttal of the newspaper's story.

  Davidson also ordered Dita to pay a fine of DM 25,000 for repeatedly
 publishing pictures and personal details about alleged Serb war criminals.
 In June, Dita was banned for 10 days by the United Nations. At least one
 man, a Serb U.N. worker was killed following the publicity surrounding the
 story.

  Dita's editor, however, condemned the ban.

  "With this measure, the international community is trying to control the
 media in Kosovo," Belul Beqja, Dita's editor, said.

  Roland Bless, an OSCE spokesman in Kosovo, warned that if Ditar did not
 respect the media commissioner's order, force would be used to close the
 newspaper.

  Bless said the order did not try to restrict information on crimes. But,
 he said, stories must not put people's lives at risk. Beqja, however,
 accused the U.N. administration in Kosovo of protecting alleged war
 criminals and giving them jobs in UNMIK.

  In April, Dita published many personal details and pictures of Petar
 Topolskij, 25, a Serb UNIMIK worker in the provincial capital, Pristina. The
 stories described him as a war criminal. Three weeks later, Topolskij was
 found murdered with multiple stab wounds.

http://www.vny.com/cf/News/upidetail.cfm?QID=105723

internet robustness analyzed

[Anonymous]

Scientists spot Achilles heel of the Internet



 Updated 2:29 PM ET July 26, 2000

  By Patricia Reaney

  LONDON (Reuters) - The complex structure of the Internet makes it
  resistant to errors or failure but is also its Achilles heel, scientists in the
  United States said Wednesday.

  Because the system is so varied, if one or more nodes --- the crossroads
  through which Internet data travel -- go down, it has very little impact.

  But researchers at Notre Dame University in Indiana, who have analyzed
  the connections within the Internet, have found that if the networks with
  the most highly connected nodes were attacked by cyber-terrorists it
  could fragment the Web into isolated parts.

  "The Achilles heel (of the Internet) is that the structure has this double
  feature. Like Achilles it is very hard to kill it, but if you know something
  about the system then you could," Albert-Lazlo Barabasi, a structural
  physicist, said in a telephone interview.

  An estimated 3 percent of nodes are down at an given time but no one
  notices because the system copes with it.

  "The reason this is so is because there are a couple of very big nodes and
  all messages are going through them. But if someone maliciously takes
  down the biggest nodes you can harm the system in incredible ways. You
  can very easily destroy the function of the Internet," he added.

  TOPOLOGY OF INTERNET SIMILAR TO US AIRLINE NETWORKS

  Barabasi, whose research is published in the science journal Nature,
  compared the structure of the Internet to the airline network of the
  United States.

  The majority of airports are small but they are all connected to much
  larger hubs -- cities such as Chicago, Atlanta, New York and Los
  Angeles.

  "That's exactly the situation on the Internet: there are a couple of hubs
  that are crucial to the system," he explained.

  Those big hubs or nodes control the traffic in the system.

  If the Internet hubs are taken out simultaneously, there would be a
  serious problem, but Barabasi said the probability of random errors
  hitting the big nodes was very small.

  In a commentary on the research, Yuhai Tu of the IBM T.J. Watson
  Research Center in New York said the research was a first step toward
  understanding the robustness of the Internet.

  "The good news is that we do not have to worry about random
  fluctuations of these networks. The bad news is that Internet terrorists
  could cause great damage by targeting the most connected router," he
  said. 

domestic surveillance for LA Dems

[Anonymous]

Officials said they already have found signs that
anarchists from a national organization based in
Oregon are in Los Angeles. Within the past few
weeks, police have arrested a handful of people
for taking pictures of downtown buildings from
rooftops and other unusual places, Butler said.
The suspects' addresses all trace back to
Oregon, he said. 

http://www.washingtonpost.com/wp-srv/aponline/2726/aponline205616_000.htm

"The careful application of terror is another form of communication."

caymen govt bends over for Fedz

[Anonymous]

Cayman Islands passes anti-money-laundering laws



Updated 12:33 PM ET July 25, 2000

  GEORGE TOWN, Cayman Islands (Reuters) - The Cayman Islands
  government has passed four anti-money-laundering bills in an effort to
  confront critical scrutiny by international financial regulatory agencies
  and the U.S. Treasury Department.

  The bills were hurried through parliament Monday despite objections
  from some members of parliament and lawyers that they were not given
  enough time to examine or debate the bills.

  The move came just one week after the U.S. Treasury Department issued
  an "advisory" to U.S. banks about the Caymans' lack of
  money-laundering regulation, and one month after the Financial Action
  Task Force (FATF), a Group of Seven (G7) watchdog, listed the country
  as lacking in financial controls to deal with criminal money-laundering.

  The Cayman Islands, a tiny British territory in the Caribbean, is the
  world's fifth-largest banking center with more than $500 billion of assets
  at its 590 banks and trust companies.

  The Financial Action Task Force (FATF), created a decade ago by the G7
  economic powers to coordinate international efforts to halt
  money-laundering, put the Caymans on its June 21 blacklist of 15
  financial centers it deemed uncooperative in stemming the flow of
  ill-gotten cash.

  BILLS SAID FILLING GAPS

  Cayman Islands Finance Minister George McCarthy said the bills passed
  Monday will help the Cayman Islands "fill what overseas authorities have
  expressed as significant gaps in (our) anti-money-laundering system."

  At the same time, said McCarthy, the bills will prevent "fishing
  expeditions" from other jurisdictions while allowing the Cayman Islands
  Monetary Authority access to private banking information when
  necessary.

  Without the legislation, the Monetary Authority must obtain a court order
  to inspect banking records, McCarthy noted.

  In addition to the Monetary Authority law, other bills address the use of
  computers and electronic mail for banking transactions. In addition, parts
  of the Code of Conduct for the banking industry have been made
  mandatory by law, rather than voluntary under the old system.

  Not everyone was pleased with the speed that the government moved the
  measures through.

  Backbench Member of Parliament Kirk Tibbetts said he and his
  colleagues "would have liked more time to peruse what was involved."

  The Cayman Islands was "doing what it was doing to please another
  entity (the U.S. Treasury)," Tibbetts added.

  Alden McLaughlin, the president of the Caymanian Bar Association,
  blasted the measures, saying the damaging advisories by the U.S.
  Treasury and FATF had already been issued and both bodies
  acknowledged that the Cayman Islands "was actively working to address
  the alleged deficiencies and to be cooperating with the FATF," he said.

  Attorney General David Ballantyne, who drafted and introduced the
  measures for government, replied that the country had no "guarantee"
  from the United States or the FATF that these measures would result in
  favorable ratings on the financial regulation ladder, but "these steps were
  taken to support the Cayman Islands' position." 

RE: ZKS economic analysis

[Anonymous]

Bill Stewart wrote:

> And US public schools can ban funny-colored hair,

Has this actually happened?

Re: John Young, Freedom Fighter Extraordinaire

[Anonymous]

On 23 Jul 2000, at 14:40, Anonymous wrote:
> >How are you transferring $100 anonymously?
 
> 4. Drop into a blue box marked "US Mail" - those can be seen on streets.
> 
> US post may be scanning for that metal thread in the note, but
> it is unlikely that one would trigger anything. If paranoid,
> wrap the note in Al foil.
 

If you are referring to approx. 1/16 inch thread that runs vertically down
the bill (it's about 1/2 inch in from the left on the new twenties and has
"TWENTY USA" typed on it") then those can be removed quite easily.  I've
done it a number of times for experimentation's sake.  What you have to do
is make a small "V" near the bottom or top of the thread using an Exacto
knife or razor blade.  Then use your finger nails (tweezers may work but
I've yet to try) and get a hold of the thread and pull.  It will take a bit
of force and you may have to try another bill if one doesn't come out too
easily.  

And I believe they're plastic, not metal.

Jim und Dave as unregistered foreign agents?

[Anonymous]

US citizens who work for a foreign government
have to register with the US govt.  Agents
Jim & Dave are clearly working for the Japs.
They ought to register, or being FBI, self-destruct.

sleeping with the emperor

[Anonymous]

21 July 2000. Add message and names. 

20 July 2000 



To: [EMAIL PROTECTED]
X-Loop: openpgp.net
From: John Young <[EMAIL PROTECTED]>
Date: 20 July 2000
Subject: PSIA Request

July 20, 2000

Federal Bureau of Investigation
NCCS, New York
C37

Dear FBI,

This confirms my telephone remarks today that I decline
your request to remove the list of members of Japan's 
Public Security Investigation Agency posted on Cryptome:

  http://cryptome.org/psia-lists.htm

The file shall not be removed except in response to a US 
court order.

You have informed me that your telephone request to remove
the list was made at the request of the Japanese Ministry of
Justice and that no US criminal investigation is underway in this 
matter.

You said that you will convey to the Ministry of Justice that I
have declined to remove the list and that I should expect
to be contacted directly by the Ministry of Justice as a result
of declining to remove the list.

You said that you will speak to the US Attorney and call me
again.

I have agreed with your request not to identify the two FBI Special 
Agents to whom I spoke today.

I told you that I would be publishing an account of this on Cryptome.

Regards,

John Young
Cryptome



Note: Yes, it is contradictory that Cryptome will publish the PSIA names but not those 
of the FBI
Special Agents. The senior Special Agent said at the end of the conversation that if 
his and the other
agent's names were published "you are going to be in real trouble." Until that time 
both agents had been
very polite. He then said he was going to take the matter up with the US Attorney and 
call again. 

So we're brooding on that threat, pondering the FBI names on this notepad, comparing 
this situation
with that of the MI6 names and the MI5 names and the Iranian names and the PSIA names 
and the CIA
names Cryptome has published. In none of the other instances was Cryptome threatened. 
And are
wondering why the FBI carnivores deserve privacy we don't get from them and the 
world's surveillance
agencies. 

More later. 

Meanwhile, if curious send an inquiry to the FBI address on our e-mail. Or telephone: 
212-384-3155. 



Date: Fri, 21 Jul 2000 00:34:27 -0400
To: [EMAIL PROTECTED]
X-Loop: openpgp.net
From: John Young <[EMAIL PROTECTED]>
Subject: PSIA Request

July 21, 2000

Federal Bureau of Investigation
NCCS, New York
C37

Dear FBI,

This supplements my message yesterday on declining to
remove a list of names of members of Japan's Public Security
Investigation Agency from the Internet site Cryptome.org.

In that message I wrote that I agreed with your request to not 
identify the two Special Agents who spoke to me on this matter.

After reflecttion on this I have decided that publishing the names
of the Special Agents would be consistent with publishing the
names of the PSIA members, and in both cases the purpose
of publishing is to contribute to public awareness of how
government functions and to identify who performs those 
functions. I believe this is why the two Special Agents readily
identified themselves to me and that it would be appropriate
for me to share that information with readers of Cryptome.

Therefore I shall publish the names of the two Special Agents 
who spoke with me at:

   http://cryptome.org/fbi-psia.htm

Sincerely,

John Young
Cryptome




The FBI Special Agent who initially telephoned was James Castano. Mr. Castano 
explained the Ministry
of Justice request to remove the PSIA material and answered all my questions about it. 
I explained my
intention to publish an account of the FBI's request on Cryptome because there had 
been interest in
how such requests are processed between governments. I asked if I could provide his 
name in the
account. He asked with emphasis that I not do so. I agreed. 

In the course of discussing my sending an e-mail to Mr. Castano, his supervisor, 
Special Agent Dave
Marzigliano (I believe he spelled it), came on the phone and repeated the information 
Mr. Castano
provided about the Ministry of Justice request. 

Both agents were very courteous during most of the conversations. Except toward the 
end of the
conversation with Mr. Marzigliano, when I mentioned my intention to publish an account 
without
revealing his and Mr. Castano's names, he warned me there would be "serious trouble" 
if their names
were published, and that he would be speaking with the US Attorney about the matter 
and call me
again. 

Mr. Marzigliano did not explain why their two names should be concealed, why there 
would be
"serious trouble" if revealed, what "serious trouble" meant, the legal basis for such 
trouble, nor what it
was in my comments that alarmed him. 

When the Geeks Get Snide

[Anonymous]

I'm posting the whole thing here rather than the URL since NYT requires a log-in.

CRITIC'S NOTEBOOK 
http://www.nytimes.com/library/tech/00/06/biztech/articles/27note.html
When the Geeks Get Snide


Computer Slang Scoffs at Wetware (the Humans) 
By MICHIKO KAKUTANI

 

A SLANG SAMPLER 
domainist : someone who judges people by the domain of their e-mail addresses; esp. 
someone who dismisses anyone who posts from a public internet provider, like aol.com 

the five and dime : refers to American telephone area code 510. It covers the east 
from San Francisco Bay area, most notably Oakland and Berkeley, and is commonly used 
by telco and telecom workers. 

granular : generally, and rather peculiarly, used in tandem with the verb "to get," as 
in "We need to get granular on this issue," meaning to examine the fine details. 

idea hamsters : people who always seem to have their idea generators running. "That 
guy's a real idea hamster. Give him a raw concept and he'll turn it over till he comes 
up with something useful." 

kevork : (after Dr. Jack Kevorkian) to kill something. "Look, kevork that project and 
let's go out for a beer," or "I read half the article, got bored and kevorked it." 

kubris : an extreme form of arrogance found in multimedia auteurs who think they're 
Stanley Kubrick. 

low-hanging fruit : the simplest, most readily solvable issues or objectives. 

PANS : pretty amazing new stuff 

Sources: The New Hacker's Dictionary, third edition (M.I.T. Press); the Ultimate 
Silicon Valley Slang Page (www.sabram.com/site/slang.html); The Microsoft Lexicon 
(www.udel.edu/eli/rw4/language/mslex.html); "Jargon Watch" (Hardwired); "Cyberspeak: 
An Online Dictionary" (Random House) 


 
As couch potatoes become "mouse potatoes," as teenagers become "screenagers," the once 
lowly geek has become a cultural icon, studied by the fashionistas of Seventh Avenue 
and the Nasdaq watchers of Wall Street alike. And as geek chic takes hold of the 
technology-obsessed culture, geek-speak seeps into everyday language. 

Most people now know that "viruses" aren't just germs spread from person to person but 
malicious programs that can spread overnight from one computer to millions of others 
around the world. "Spam" is no longer a ham product but a form of computer junk-mail; 
"toast" refers not to a breakfast choice but to a state of being dead or burned out; 
and "cookies" aren't fattening, chocolate-chip-studded snacks but tiny files 
containing information about our computers that can be used by advertisers to track 
users' online interests and tastes. 

Earlier technological developments left their mark on the language. The railroads gave 
rise to expressions like "going off the rails" and "getting sidetracked"; the steam 
engine produced "working up a head of steam" and "full steam ahead"; and the 
automobile left us with "pedal to the metal," "firing on all cylinders" and "eatin' 
concrete." Not surprisingly, phrases generated by the computer age tend to be more 
sardonic and pejorative. "Blamestorming" refers to group discussions devoted to the 
assignment of blame; the acronym "kiss" means "keep it simple stupid"; and 
"ego-surfing" alludes to Internet searches for one's own name. 

So what does cyberslang say about the digerati and the brave new world? As collections 
of slang found in books like "Jargon Watch" (assembled by Gareth Branwyn), The New 
Hacker's Dictionary (compiled by Eric S. Raymond) and "Cyberspeak" (by Andy Ihnatko), 
as well as a host of online slang sites (most notably The Microsoft Lexicon, Netlingo 
and The Ultimate Silicon Valley Slang Page) readily attest, geek-speak conjures up a 
chilly, utilitarian world in which people are equated with machines and social 
Darwinism rules. 

Cyberland has been heavily influenced by pop culture and it boasts its share of 
counterculture phrases drawn from comic books, children's stories, sci-fi movies and 
New Age movements. "Deep magic" (meaning "an awesomely arcane technique central to a 
program or system") comes from C. S. Lewis's "Narnia" books; the online abbreviation 
TTFN (meaning "ta-ta for now") comes from "Winnie the Pooh"; and "fear and loathing" 
(meaning the state of mind "inspired by the prospect of dealing with certain 
real-world systems and standards that are totally brain-damaged but ubiquitous") 
comes, of course, from Hunter S. Thompson. 

E-mail abbreviations like "4-ever" and "2B or not 2B" sound like outtakes from a 
Prince song, while emoticons (those sideways smiley faces like :-) used to indicate a 
user's feelings) summon visions of Hello-Kitty lunchboxes. 

But for all its playful love of puns and cool disdain for "suits," the high-tech world 
is, at heart, a cruel, unforgiving plac

Oakland Gungrabbing Gimmick

[Anonymous Sender]

Computers offered if weapons are turned in
Associated Press

OAKLAND -- City officials have a deal for owners of legal and illegal guns
alike: turn in your weapon, get a free computer.

The exchange is good for the first 200 or so people who show up at the
Oakland Coliseum between 8 a.m. and 2 p.m. Saturday.

The city ran a similar program in 1995 and drew about 300 people. Back
then, they were handing out free 286s.  Now, they've upgraded to
Internet-ready Pentiums donated by area companies.

Those who don't want a computer may trade their guns for tickets to see
the Oakland raiders or Athletics. Turn in an assault or semiautomatic
weapon, and you get both.

(Anon. wishes turning in a 286 would result in a free "assault" weapon.)

Re: technology naming

[anonymous]

On 06/27/2000, David Honig wrote:

> Would you use the L Ron Hubbard Anonymizing Service?

The local Co$ has a big "Now Hiring" sign in their window.  
I wonder if I should doctor my resume and apply.

Objective:  To open the L. Ron Hubbard Anonymizing Service.

Re: bombs

[anonymous]

On Mon, 26 Jun 2000, Harmon Seaver wrote:

>  And the below poster is absolutely right, of course --
> Swinestein's efforts are futile.  Perhaps some nice anon poster should
> start plastering the net with explosive recipes.  E-mail them to
> Swinestein herself, along with Reno and Freeh.

Sure!  Please post your favourite such recipe here.  :)

It might be fun, though, to adapt bxabozo for such purposes.  Throw in
some crypto source and send your tasty bomb recipes off to our dear
friends at the BXA as well.

Re: bombs

[anonymous]

> Seems to me that this whole question was settled years ago when the
> US Supreme ruled that a newspaper couldn't be stopped from publishing
> instructions for making a nuclear bomb. Can't remember the exact case,
> but it was around the time of the Pentagon Papers case.

Not quite.  It didn't make it to the Supreme Court.

In early 1979, the United States government sought to prevent The
Progressive from publishing free-lance writer Howard Morland's article,
"The H-Bomb Secret: How We Got It -- Why We're Telling It."  (It was
eventually published, in the November 1979 edition.)

The Progressive was enjoined for ~6 months by a federal court order penned
by Judge Robert W. Warren (Eastern District of Wisconsin).  Judge Warren
commented that this was "the first instance of prior restraint against a
publication in this fashion in the history of this country."  (467 F.
Supp. at 996.)

Judge Warren claimed he made his decision based on sworn affidavits by 
people such as the Secretary of State, Sec. of Defense, and Sec. of
Energy claiming that publication of the article would (of course)
endanger national security.  

A nice quote from Warren:  "I want to think a long hard time before I'd
give a hydrogen bomb to Idi Amin."

The matter was appealed to the 7th Circuit, but the government dropped its
case before the court issued a ruling.

No Subject

[anonymous]

Subject: cryptome slashdotted


Oh dear.  JY's request for DMCA
letters has been mentioned on
/.  

No Subject

[anonymous]

Subject: dipoles in space

The Radio Plasma Imager instrument provides a
three-dimensional view of the plasmasphere by
sounding it with radio pulses, like an ultrasound image
of the human body. To accomplish this, it uses the
longest antennas ever deployed in space, longer than
the height of the Empire State Building. 

http://spaceflightnow.com/news/n0006/01image/index.html

..and that's with a *science* budget..

police state

[anonymous]

Dogs inspect vehicles 

  The scanners were provided to the DOT-organized event by the
  National Guard, under a federal law that allows it to participate in
  civilian anti-drug efforts. 

  DOT spokeswoman Dena M. Gray-Fisher said the selected drivers
  were taken into a building at the station, where they presented
  their licenses and logbooks. Those items were then passed under
  the ion scanner's "sniffer," a device that looks like a hand-held
  vacuum. 

  The data were then fed into the main scanning machine. 

  Forty-six of the 623 drivers tested positive for traces of drugs,
  Gray-Fisher said. Police and drug dogs then inspected their
  vehicles. Six drivers were eventually arrested for possessing small
  quantities of cocaine, methamphetamine, marijuana and LSD, she
  said. 
http://www.apbnews.com/cjsystem/findingjustice/2000/04/06/truckerscan0406_01.html

Re: "indeterministic cryptosystems" and mix-nets

[anonymous]

David Molnar Wrote:
> Anyway, recipient-hiding is most obviously useful when public bulletin
> boards are involved. I'm not so sure it's useful between remailers, since
> the underlying transport protocol will tend to reveal the ID of the next
> hop anyway...but it strikes me as something to have as a hedge against
> future clever attacks I can't think of. 

Missed most of this thread (victim of nym-revelation attack, luckily
being anyminous it won't apply...).

There seem to be three points:

 A. How to achieve recipient hiding encryption

 B. When and whether it is useful to use recipient hiding

 C. How to efficiently tell whether a message is for use if recipient
hiding is in use.

(A) is easy, but it sounds like it has already been discussed.  El Gamal
with a common p&g does it automatically.  RSA can do it easily, just pad
the ciphertext with a random multiple of the modulus to bring it up to
some standard size.

(B) can probably be justified (the nym server idea may not apply, as
the public key of the nym is public knowledge).

(C) is the interesting part, but although there are several partial
solutions there doesn't seem to be a perfect one.  This has been discussed
many times in years past.

If two parties are communicating many messages, each message can contain
(in the encrypted payload) a random nonce which will appear in the clear
as the header of the next message.  This provides very fast screening.
Variations on this idea seem to be the most effective approach.

For other messages, it may be safe to put a few bits of the public key
into the clear - maybe 4-5 bits or so.  If there are many people using the
channel then this will not reveal much information about the recipient.
Each additional bit reduces the chaff by a factor of 2.

Beyond this, you'd like some kind of PK system where you can send a
very small message, just a few bits, with extremely cheap decryption.
There don't seem to be any which satisfy this.

Shamir pointed out that RSA decryption can be sped up if you know the
plaintext is less than one of the primes.  You do the decryption mod p
and not mod q, and skip the CRT.  It's a factor of 2 faster but this is
only a modest gain.  (A few more primes could be used to make the RSA
modulus for slightly more improvement.)

You can also design fast-decryption RSA exponents, at some theoretical
risk of increasing vulnerability.  Pick a "d" which has a fast addition
chain, but still has appropriate entropy (100-150 bits for a 1024 bit
key).  This will speed things up a factor of 5 or so for a 1024 bit key.
Using short exponents is already common in DL systems of course.  Combining
this idea with the previous paragraph gives you perhaps a factor of 10
speedup, and combining with the key-leakage idea gives you another factor
of about 20, for a total factor of about 200.

To go beyond this, you can use a batch decryption system.  See "Batch
RSA" by Fiat in Crypto 89, or "Batch Diffie-Hellman..." by Beller &
Yacobi in Eurocrypt 92.

Fiat's system allows you to do a bunch of RSA decryptions in the cost
asymptotically of about one large exponentiation.  The catch is that each
decryption must use a different public exponent.  So for this to work,
the public key would include the modulus plus several public exponents,
say 16 of them.  To encrypt, one exponent is chosen at random and the
RSA encryption is performed.  The cyphertext could be appended with four
bits which show which exponent was used.  Since these are random it does
not leak any information about which key it is for.

The decryption batching must then collect 16 messages, all with a
different four-bit field telling which exponent is used.  It then uses
Fiat's algorithm and efficiently calculates all 16 decryptions.  These
can then be inspected to see which produced well formed messages; those
are the ones which are actually directed towards this key.

Fiat's system is a bit complicated but he shows the basic idea with
a simple example.  Suppose you have two messages, M1 and M2.  M1 is
encrypted with the exponent 3, and M2 with the exponent 5.  You want to
compute M1^(1/3) and M2^(1/5).

Compute M = M1^5 * M2^3.  Then do one full-sized exponentiation and
compute I = M^(1/15).  This means that I is the product M1^(1/3) *
M2^(1/5) of the two values that we want.

To get M2^(1/5), compute I^6 / (M1^2 * M2).  Once you have that you
can get M1^(1/3) just by dividing it into I: I / M2^(1/5).

So we had to do several short exponentiations and one long one to get
the two results.  With Fiat's more general technique you construct a
binary tree and essentially apply the same idea recursively.

Unfortunately Fiat's batches become inefficient beyond about 16.  So
this is just another constant-factor speedup.

For earlier versions of the concepts in this message see:

http://cypherpunks.venona.com/date/1998/01/msg00203.html and
http://jya.com/RSA-stego.htm

Practically paying for MP3s and then replacing government.

[Anonymous]

Recently I saw at comment on slashdot suggesting how to pay for MP3s. Suppose you know 
100,000 people like a particular artist. If they all aggree to pay $1 upfront for the 
release of the next album then it is released. If the artist does their job - and 
keeps turning out good albums people will keep buying. Payment is based on reputation. 
It turns out that there is a site set up to do stuff like that - loudvoices.com. 
It looks like this could be used for any IP and most anything that government does - 
and could essentially replace the tax system. Immagine funding a space program this 
way !

-
Sent with AnonEmail at http://anonymouse.home.pages.de/

None

[anonymous]

Subject: brits to listen to GSM on Mayday

Police to tap calls
 at May Day
 protest 

 Civil rights group attacks move
 as unjustified intrusion 

 Nick Paton Walsh 
 Sunday April 23, 2000 

 Police will be listening in when
 demonstrators use mobile phones to
 plan tactics during the expected 1 May
 demonstrations in London, The
 Observer has learnt. 

 Scotland Yard has said it will 'pursue
 all legal avenues' to prevent and
 monitor crime. A number of legal
 loopholes give police the power to
 intercept conversations. 

 May Day is known to be the date of
 the next series of anti-capitalist
 protests, and Special Branch is
 believed to have kept alleged
 ringleaders under surveillance. The
 protests are expected to be organised
 by a few individuals in constant
 contact by mobile phone. This was the
 pattern at the 'N30' demonstration
 outside Euston station on 30
 November last year, where organisers
 co-ordinated attacks on financial
 institutions. 

 Mobile phones may be legally
 monitored in two ways. The network to
 which the phones are connected can
 be tapped if the police obtain a
 warrant from the Home Secretary. But
 to do so, they must suspect that a
 crime may be committed which carries
 a penalty of more than three years or
 which involves a number of people. A
 warrant allows the police to intercept
 all communications to and from one
 individual. Riots such as those caused
 by the N30 protests involve 
sufficiently
 serious crimes for such warrants to be
 issued. 

 Additionally and more controversially,
 police may also intercept signals
 between a mobile phone and a phone
 mast. While it was all too easy to
 intercept old analogue phones, the
 vast majority of new digital phones
 send encrypted signals, and the
 equipment required to tap such
 phones is not publicly available.
 'Technology of that sort would only be
 owned by the Government,' said an
 engineer with telecoms security firm
 Spymaster. 

 John Wadham, director of civil rights
 group Liberty, said: 'Listening in to
 someone's telephone conversations is
   

Novell NDS Authentication Protocol

[Anonymous Bastard]

A while back, I was at a conference, expecting to be totally bored.
Imagine my surprise, when the guy next to me turned out to be a former
Novell coder. He seemed really hot on NDS, and willing to talk about the
secret parts, if I promised to keep his name anonymous. I took a lot of
notes, and filled in some details later. Here's what I figured out about
the authentication system. Enjoy.


BASIC ALGORITHMS
= ==

H(p,i)   NetWare Password Hash
p: password
i: NetWare userID (4 bytes)

They use the same old algorithm that hashes together the user's
password and ID, generating a 16-byte hash.

K(I,k)   Keyed Hash
I: initialization vector (length in bytes l(I))
k: key (length in bytes l(k))

P: permutation of [0 ... 255]:
189, 86, 234, 242, 162, 241, 172, 42, 176, 147, 209, 156, 27,
51, 253, 208, 48, 4, 182, 220, 125, 223, 50, 75, 247, 203, 69,
155, 49, 187, 33, 90, 65, 159, 225, 217, 74, 77, 158, 218,
160, 104, 44, 195, 39, 95, 128, 54, 62, 238, 251, 149, 26,
254, 206, 168, 52, 169, 19, 240, 166, 63, 216, 12, 120, 36,
175, 35, 82, 193, 103, 23, 245, 102, 144, 231, 232, 7, 184,
96, 72, 230, 30, 83, 243, 146, 164, 114, 140, 8, 21, 110, 134,
0, 132, 250, 244, 127, 138, 66, 25, 246, 219, 205, 20, 141,
80, 18, 186, 60, 6, 78, 236, 179, 53, 17, 161, 136, 142, 43,
148, 153, 183, 113, 116, 211, 228, 191, 58, 222, 150, 14, 188,
10, 237, 119, 252, 55, 107, 3, 121, 137, 98, 198, 215, 192,
210, 124, 106, 139, 34, 163, 91, 5, 93, 2, 117, 213, 97, 227,
24, 143, 85, 81, 173, 31, 11, 94, 133, 229, 194, 87, 99, 202,
61, 108, 180, 197, 204, 112, 178, 145, 89, 13, 71, 32, 200,
79, 88, 224, 1, 226, 22, 56, 196, 111, 59, 15, 101, 70, 190,
126, 45, 123, 130, 249, 64, 181, 29, 115, 248, 235, 38, 199,
135, 151, 37, 84, 177, 40, 170, 152, 157, 165, 100, 109, 122,
212, 16, 129, 68, 239, 73, 214, 174, 46, 221, 118, 92, 47,
167, 28, 201, 9, 105, 154, 131, 207, 41, 57, 185, 233, 76,
255, 67, 171

The result H has the same lenght as I and is computed like this:

Set H = I

For each key byte k[i] (i = 0, 1, ... l(k)-1)
set H[i mod l(I)] = k[i] XOR P[H[i mod l(I)] XOR
H[i+1 mod l(I)]]

Rotate H left (l(k) mod l(I)) bytes. (H[l(k) mod l(I)] is moved to
H[0], H[l(k)+1 mod l(I)] is moved to H[1], etc.)

C(l,m)   Checksum
l: length of result (in bytes)
m: message

The checksum is a keyed hash, using the message as key and
initialization vector of all 0's:

C(l,m) = K(0(length l),m)

M(m)   Message Digest
m: message

Generate a 16 byte message digest. The algorithm differs from MD2 (RFC
1319) in two ways:

1...The permutation listed above for K(I,k) replaces the PI_SUBST
permutation from RFC 1319.

2...MD2Transform is modified slightly. Here's a patch to apply to RFC
1319:

===
***
*** 553,560 
t = 0;
for (i = 0; i < 18; i++) {
  for (j = 0; j < 48; j++)
!   t = x[j] ^= PI_SUBST[t];
! t = (t + i) & 0xff;
}
  
  
--- 553,559 
t = 0;
for (i = 0; i < 18; i++) {
  for (j = 0; j < 48; j++)
!   t = x[j] ^= PI_SUBST[(t+48-j)&0xff];
}
  
  
===

E(m,k) and D(m,k)   Block Cipher Encryption and Decryption
m: message (lenght in bytes always a multiple of 8)
k: key

They use RC2 (RFC 2268) in CBC mode. The key k isn't used directly in
RC2, it's first hashed to an 8 byte (64 bit) effective key, e:

Set e = 0 (length 8)
Repeat 10 times:
set e = K(e,k)


NDS AUTHENTICATION
=== ==

NDS Authentication takes place in two phases, called "login" and
"authentication." During login, the client attaches to an NDS server,
obtains the user's RSA private key, and builds blocks called the
"credential" and the "signiture." During authentication, the client
attaches to a desired fileserver and builds a block called the "proof."
The credential and proof are transmitted on the network, but the signiture
is nown only to the client. The proof represents a Gillou-Quisquater zero
knowledge proof that the clie

None

[anonymous]

Subject: kasumi notes

An Amateur's Notes on the Weaknesses
of the Kasumi Encryption Algorithm 

Kasumi[1] is a 64-bit block cipher with a 128 bit key.  Clearly
with a key of such length one must analyze the algorithm to break it; 
naif brute force fails. So here are some early observations to interest those
more capable than I.  Perhaps the cipher won't be the easiest path in
the phuture phones, but the privacy/MAC protocols or the key management
will be the open window.

Kasumi is an 8 round Feistel cipher.
Kasumi has a very simple key schedule, and is fully pipeline-able,
much like DES.  It uses gratitous xors with hardwired constants in
its key schedule, which probably indicate amateur design rather
than subversion, at least in this frill.

It uses only 2 S-tables, 7 bits in, 7 out;  or 9 in, 9 out.  The
S tables are readily implemented in logic or a LUT.  In logic,
the 7 -> 7 S-table has a maximum comlexity of 13 xor terms, each with no more than  
3 logical-ands.  The 9 -> 9 table has a complexity of 12 xor terms each with no more 
than 2 ands. 
There may of course be faster boolean reductions.

Kasumi uses a "FI" function which alternately truncates data and pads with zeroes.  
This is
inside an *asymmetric* mini-Feistel structure, with 9 and 7 bits partitioning a 16 bit 
word.
Asymmetric Feistels are weaker than symmetric ones (see Schneier et al on McGuffin 
IIRC).

Have fun!

[1] Specs of the 3GPP Confid. & Integr Algs, Doc 2: KASUMI Spec
Version 1.0 23 Dec 99 copy on jya.com

Re: The Death of the Cypherpunks

[anonymous]

Why is cypherpunks dying? Because, all crypto is economics, and the
economics of crypto isn't as favorable as we thought. As the saying goes,
those who live by the sword shall die by the sword. 

Declan McCullagh wrote:
> * Instead of digital cash taking over the world, we're all using credit   
> cards. Cybercash has, I'm told, not just moved to credit cards, but it's
> even purchased a cash register -- yep, the meatspace kind -- company. 

This may be somewhat of a historical accident. If only Netscape wasn't so
quick to come out with SSL, or David Chaum forgot to patent blinding, or
his company had a better business model, or ... But as Tim pointed out, for
online shopping digital cash doesn't really buy you very much privacy since
UPS needs your address anyway. For the more interesting uses of digital
cash you need an untraceable network, which brings us to ZKS.

> * Instead of Zero Knowlege, the company that wanted to be as cypherpunkly
> as possible, doing the right thing, it still has not released source code,
> it has acquired exclusive rights to key patents and said it will not
> license them freely, and it has not implemented (last I checked) basic
> features like link padding in its technology.

The real killer is this: strong untraceability is expensive. If you want to
achieve strong secrecy you can just spend one millisecond of your CPU time
to encrypt a message that can't be decrypted in a million years. But if you
want to achieve strong untraceability you have to increase your bandwidth
usage a hundred fold and make changes to network protocols that make them
more prone to failures both accidental and intentional. If ZKS decides
there is not enough of a market for strong untraceability at a price they
can offer, can we really blame them? If we have to blame someone we should
blame economics and ultimately physics and mathematics.

gaming software to scan users disks

[anonymous]

Wednesday April 05 10:00 PM EDT 



 Online game backs away from privacy threat



 John Borland, CNET News.com





 Sony's popular online game EverQuest dodged a public relations bullet today, as a new 
policy was rescinded

 after some players had called it a potentially massive violation of their privacy.



  Game developers Verant Interactive, worried about tools which allow 
people to cheat or

  disrupt the online game, wanted to examine players' personal 
computers for "hacking

  tools" as a part of a new software upgrade. As recently as last 
night, executives said they

  would bar people from the game who didn't agree to open their 
systems to the digital

  bloodhounds' inspection.



  But after an outcry on electronic bulletin boards devoted to the 
game and threats by some

  devoted players to leave the game, the company backtracked.



 "We can admit when we make mistakes, and I believe this is a case where we owe an 
apology to our player

 base," wrote Verant Interactive chief executive John Smedley in a message to players 
this afternoon. "In our

 haste to try and thwart people from damaging the game, we went overboard."



 Privacy concerns have been an increasingly potent weapon with which consumers can 
change corporate policy

 online. Recent concerns over Internet advertising firm DoubleClick's plans to collect 
and distribute personal

 information gave that company's reputation a black eye and forced it to swerve from 
its goals.



 Even companies as powerful as Intel have been affected, as when the chipmaker backed 
away from its

 controversial Pentium III "serial number" identification system.



 EverQuest is one of the most popular "massively multiplayer" games now on the market. 
Like peers Ultima

 Online or Asharon's Call, it creates an online world in which tens of thousands of 
players can interact at once.



 But the game's developers were concerned about unauthorized software that apparently 
gave some players extra

 information that they could use to take advantages of others, or even try to disrupt 
the game's servers.



 In a message to players yesterday, the company said it was changing its game software 
to include a small

 program that would identify these "hacking" programs when players tried to use them.



 "You also grant us permission to access, extract and upload … data relating to any 
program that we, in our

 reasonable discretion, determine interferes with the proper operation of EverQuest," 
the new clause read.



 After the complaints erupted, the company took an online poll this morning and had 
backed down by late this

 afternoon. 

None

[anonymous]

Subject: 911 DoS attack

Monday April 3 6:58 PM ET 

 FBI Investigating Computer Virus That Calls 911

 HOUSTON (Reuters) - A computer virus that could disrupt 911 emergency services is 
being investigated after it
 was detected in the Houston area, the FBI said in a statement on Monday.

 Search warrants were issued in the case last week but no arrests have been made, said 
a spokesman for the
 agency, which has made computer security a top priority since leading Web sites came 
under cyber-attack in
 February.

 In a statement, the agency said the self-propagating Texas virus erases hard drives, 
then causes infected
 computers to dial 911 emergency telephone numbers and leave the line open.

 ``A call of this nature could potentially cause local emergency personnel to respond 
to false 911 calls,'' the
 agency said. It said local 911 services in Houston had not detected a ''significant 
increase'' in the number of such
 calls.

The National Infrastructure Protection Center in Washington, D.C., 
said in a separate
statement the virus is not widespread.

``To this point, information and known victims suggest a 
relatively limited
dissemination of this script in the Houston, Texas area,'' said 
the statement, which
was posted on the Internet.

 The NPIC, which is a joint government-private sector agency created in 1998 to assess 
threats to computer
 networks and other infrastructures, said the virus was spread by source computers 
that ``scanned several
 thousand computers through four Internet service providers (including) America On 
Line, AT&T, MCI and
 Netzero.''

 The virus spreads by attacking computers with Windows operating systems set up to 
allow users to share files
 over the Internet, it said. 

None

[anonymous]

Subject: node vs. server


Here the popular press refers to 
distributed file sharing server-client
programs as "clients", implying that 
no "server setup" (whatever that means) 
means you're not a server.

Re a thread a while back on "servers"
on cable modems.


"Fans of Hotline (for the PC or the Mac) are used to the idea of
  sharing files with unknown parties, but these new applications are different: you
  don't have to set yourself up as a server in order to share your files. Installing 
the
  client is all you need to do, because files go from user to user with only indexing
  information passing through the central server."

http://www.cnet.com/consumerelectronics/0-1577583-7-1582832.html?st.ce.1582831.txt.1577583-7-1582832

No Subject

[anonymous]

Subject: body scan





 Customs Expands Body

 Search X-ray Plan

 But Civil Libertarians See Privacy Violations 



 March 27, 2000 



 By Jane A. Zanca 



 NEW YORK (APBnews.com) -- A U.S.

 Customs Service plan to expand use of

 an X-ray device that can see beneath a

 person's clothing and undergarments is

 raising questions about whether the

 scan can -- or should -- replace

 pat-down searches to detect illegal

 drugs, weapons and other contraband. 



 Though the BodySearch scan is seen

 by some as less intrusive than having a

 Customs inspector running hands over

 a suspect's body, civil libertarians warn

 that the images are detailed enough to

 constitute a serious privacy violation. 



 Additionally, the new device is not powerful enough to detect

 drug-filled vials or packets that have been swallowed -- so

 suspects still could be subject to a medical X-ray or body cavity

 search. 



 Critics of the nation's drug interdiction policies say the

 BodySearch X-ray -- at $125,000 a unit -- is a waste of money,

 because only a small fraction of the drugs that enter U.S. borders

 are smuggled through Customs. 



 Coming to an airport near you? 



 At present, the BodySearch scan is

 used only for international air

 passengers entering the United

 States via six airports: Hartsfield in

 Atlanta, O'Hare International in

 Chicago, Houston Intercontinental,

 Los Angeles International, Miami

 International and John F. Kennedy

 International in New York. 



 The device is being installed in about

 20 other major airports nationwide. 



 "We had received a lot of complaints

 about pat-downs," said Dean Boyd, a

 U.S. Customs Service spokesman.

 "The BodySearch gives a choice that

 is not so intrusive." 



 'Dim and unattractive' images 



 But Gregory Nojeim, legislative

 counsel at the American Civil Liberties

 Union's (ACLU) national office,

 warned that it is not an ideal solution. 



 "An electronic strip search is not an

 advance in passenger privacy,"

 Nojeim said. The images are so

 graphic that "even a person's navel is

 apparent," he said. 



 "If you saw the pictures -- no one

 would want to see them, with so much

 real pornography on the Internet,"

 said Amitai Etzioni, professor of social

 sciences at George Washington

 University, and author of The Limits of Privacy (Basic Books,

 1999). "The [BodySearch] images are dim and unattractive." 



 In fact, identifying features -- such as

 hair, skin color and facial features such

 as moles, scars and mustaches -- are

 not visible. And when the image is

 projected on the machine's

 video-display terminal, it creates a

 distorted fun-house effect that depicts

 the body as shorter and stockier than it

 is. 



 As with a pat-down search, the scan is

 performed by a Customs inspector of

 the same sex as the suspect. In

 addition, Customs inspectors are

 required to get a supervisor's approval

 as well as the suspect's written consent before the scan is

 performed. Etzioni feels this protocol protects an individual's

 privacy. 



 Most people choose pat-down 



 In any case, when given the choice, most people choose the

 pat-down, "especially smugglers -- they may assume [contraband]

 will be missed on a pat-down," Boyd said. 



 "Getting as far as a pat-down is rare in the big scheme," Boyd

 said. 



 According to Customs estimates, of the 75 million international air

 passengers who passed through Customs checkpoints in 1999,

 one in every 2,000 was selected for a "secondary search." 



 Some dispute those figures and accuse Customs inspectors of

 disproportionately singling out women and minorities for

 searches. In response to allegations of racial profiling by the

 agency, a House Ways and Means subcommittee held hearings

 on passenger-selection criteria and frequency of searches in May

 1999. 



 A matter of 'reasonable suspicion' 



 The hearings put thousands of Customs inspectors on the hot

 seat. 



 "[Customs] conducts far too many searches on private people,"

 Nojeim said. "The racial profiling aspect magnifies the problem." 



 Recognizing drug traffickers is not easy, and it boils down to a

 matter of reasonable suspicion, Boyd said. "There is no profile of

 a smuggler," he said. "[They] come in all shapes and sizes, every

 race, gender, nationality and all ages." 



 He added, "Every scenario you can imagine has been tried.

 We've seen every[one] from priests to handicapped people to

 children." He cited a 

None

[anonymous]

Subject: stop huffing, reese

At 05:45 AM 3/24/00 -0500, Reese wrote:
>>and under the Buchanan Administration they probably will,
>>during the War On Something.
>
>Under the Buchanan admin, they probably will?
>
>And just wtf makes you think Buchanan has a candles chance in a tornado?
>
>
>Jesus Bill, I thought you were smarter than that.
>
>Reese

Reese, stop huffing.  Bad for your brain.

Your absolute literalism is reaching
new extremes of thick as a fucking brick 
idiocy.  Please think before spewing
from your keyboard.

Thank you, 
The Management.

No Subject

[anonymous]

Subject: customs surfing for kidz

Friday March 17 03:39 AM EST 



 LAUSD Teacher Charged With Pornography



 A 60-year-old elementary school teacher in the Los Angeles Unified School District 
was arrested Thursday and

 charged with possessing child pornography. 



 Paul Kreutzer allegedly had more than 60 images of children engaged in sexually 
explicit acts on his home

 computer, according to court documents. 



 At least nine involved real children, authorities say. 



 Kreutzer, who teaches at Liggett Street Elementary School in Panorama City has been 
put on unpaid leave. 



 U.S. Customs agents investigating a Netherlands-based child pornography Website were 
led to Kreutzer after he

 allegedly downloaded the images. 



 Kreutzer, arrested at the school about 12:30 p.m., appeared in court late Thursday 
afternoon. He was expected to

 post $30,000 bail and return to his home in Canyon Country in the Santa Clarita 
Valley. 

None

[anonymous]

Subject: big bro under the hood


Black Boxes Come
Down to Earth
Once Only for Plane Crashes, Devices Now
on Cars, Trains, Buses 

March 16, 2000 

By Ann Ferrar 

  DETROIT (APBnews.com)
  -- They are the elusive
  objects investigators seek
  after an airplane crashes. 

  Black boxes tell the hidden
  story: what was going on,
  what the pilot was doing
  and what condition the
  airplane was in before the
  accident. And now they are
  finding their way into cars. 

  The technical name for the
  devices is event data
  retrieval units (EDRUs).
  They work continuously, but
only save in memory the data recorded in the
last five seconds before a crash. At impact,
the device also records what researchers call
delta-v, the velocity of the crash itself. (A
crash into a brick wall, for example, at 20
mph, would have a delta-v of 20). 

What EDRUs do is yield critical information
about crashes, especially when there are no
bystanders available. "This is the only
unbiased eyewitness available," said John
Hinch, a research engineer at the National
Highway Transportation Safety Administration
(NHTSA). 

According to the NHTSA, there are 6,335,000
severe car crashes a year, or 17,350 a day, in
the United States. 

"Cars are designed in labs and tested with
certain benchmarks against walls, curbs and
potholes," Hinch said. "But in the real world ...
we really don't know how a car will behave in
every situation. The devices provide us with
real-life data that will help manufacturers
develop better crash sensor technology." 

The data also can help police and insurance
companies figure out what happened, Hinch
said. 

Latest models have them 

General Motors Corp. (GM) and Ford both
have begun installing black boxes in their
latest models. Since 1999, EDRUs have been
put in the airbag sensor systems of nine of
GM's model lines to record pre-crash vehicle
speed, engine rpm, whether or not the driver
applied the brake and how much foot pressure
was applied on the gas pedal. 

The black boxes are put under the driver or
passenger seat or under the dashboard and
have been built into the Pontiac Firebird;
Chevy Camaro and Corvette; Buick Park
Avenue, Regal and Century; and Cadillac
SeVille, El Dorado, and DeVille. 

The latest EDRUs are the
third generation of a
device first installed by
GM in the late 1980s. The
early version recorded
whether the driver had his
seatbelt on and how much
time elapsed between
impact and airbag
deployment. The second
version, introduced on
some cars in 1994, also
recorded the velocity of
the crash. 

Secrecy limits data 

Ford has installed what it calls a Personal
Safety System, a limited version of the EDRU,
on its Taurus and Mercury Sable model lines.
Ford's system uses sensors to analyze certain
crash conditions and automatically deploy the
most suitable safety devices for the situation,
including dual-stage airbags for the driver and
front-seat passenger. 

GM, however, is the first manufacturer to
make the data accessible to consumers. This
spring, a tool will be introduced that w

None

[anonymous]

Subject: censorware reveng under legal attack

from slashdot

A few weeks ago we ran Keep It Legal to Embarrass Big
   Companies, detailing Peacefire's decryption of X-Stop's
   blacklist. Then just a few days ago, we noted that CyberPatrol's
   encrypted list had also been cracked. Well, Mattel, the maker
   of CyberPatrol and a Big Company, decided it didn't like to be
   embarrassed -- so it's filing suit against the coders in Canada
   and Sweden. In addition to demanding the removal of the
   decryption utility, Mattel is also seeking the logfiles of the
   Swedish ISP that hosts the decryption utility, to identify
   everyone who has downloaded it to date. 

Re: Who is bankrolling the anti privacy agenda of Missouri Freenet?

[anonymous]

William H. Geiger III wrote:
> 
> I fail to see the problem. If you don't want your messages archived then
> don't post them to a public forum.
> 

or unencrypted to an echelon searchable medium...

None

[anonymous]

Subject: new bird

http://www.vny.com/cf/News/upidetail.cfm?QID=70424

  Its purpose is to test new sensors for detecting camouflaged installations
 back on Earth. More sophisticated military spy satellites and new commercial
 space imaging services have led to increased use of masking interesting
 targets. This satellite is part of the U.S. Department of Defense's efforts
 to stay ahead of such countermeasures.

Just how much will they spend to
get Osama?

None

[anonymous]

Subject: Boiling FrogCards

 Friday March 10 10:07 AM ET 

 Internet Pirate Code Sparks Bank Card Alert

 By Catherine Bremer

 PARIS (Reuters) - France prepared for a wave of petty bank card fraud after officials 
admitted on Friday that a
 trick posted on the Internet showing how to forge cards could work.

 The security-code busting formula, posted anonymously on the Internet, did not put 
people's bank accounts at
 risk of being emptied, the Cartes Bancaires interbank payment system group said.

 But it could be used to make cards for transactions such as buying train tickets, 
paying parking meters or toll
 booths, Cartes Bancaires spokesman Herve de Lacotte told Reuters.

 ``For the first time in 10 years, a lock has been sprung,'' he said.

 ``But springing a lock will not necessarily open the door and let you in. There is a 
theoretical risk of fraud but the
 problem concerns banks, not consumers or shops,'' he said.

 Newspapers leapt on the story, quoting experts as saying the complex 96-digit code 
could be used to forge three
 in four of France's 34 million bank cards.

 Headlines like ``Chip card secret out'' left anyone with a bank card wondering 
whether their money was safe and
 triggered a furious response from consumer groups.

 ``Consumers have been paying for bank cards that aren't even secure. They've been 
cheated and lied to,'' said
 Eric April, Secretary-General of the AFOC consumer group.

 However, Lacotte said the scare stories were over-the-top. Despite claims to the 
contrary, he said, extra security
 measures meant cards made with the stolen code could not be used in cash dispensers, 
to make shop purchases
 or for expensive goods.

 Cards issued since last autumn had added security which meant the pirate formula 
would not work for them, he
 added.

 SCSSI, the government body in charge of information security systems, urged banks to 
replace older cards with
 updated ones.

 ``Banks must launch a large-scale operation fast to improve chip cards, which will 
mean replacing millions of
 cards and card readers,'' SCSSI chief Jean-Louis Desvignes told the Paris daily 
Liberation.

 Computer whizzkid Serge Humpich, who set alarm bells ringing when he first cracked 
the algorithm three years
 ago, said that, armed with a chip card kit which can be bought for around $370, 
pirates could be turning out false
 bank cards within weeks.

 ``Decrypting the code was easy enough. A few weeks from now dozens of false cards are 
going to appear,'' he
 told Liberation.

 Humpich, who was landed with a 10-month suspended prison term for discovering the 
trick, claimed at the time
 it could have earned him $2,000 in cash every 15 minutes as well as countless 
holidays and goods paid for by
 card.