[i2p] weekly status notes [nov 30] (fwd from [EMAIL PROTECTED])
- Forwarded message from jrandom <[EMAIL PROTECTED]> - From: jrandom <[EMAIL PROTECTED]> Date: Tue, 30 Nov 2004 13:07:50 -0800 To: [EMAIL PROTECTED] Subject: [i2p] weekly status notes [nov 30] -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi y'all * Index 1) 0.4.2 and 0.4.2.1 2) mail.i2p 3) i2p-bt 4) eepsites 5) ??? * 1) 0.4.2 and 0.4.2.1 Since we finally pushed out 0.4.2, the network's reliability and throughput shot up for a while, until we ran into the brand new bugs we created. IRC connections for most people are lasting for hours on end, though for some who have run into some of the problems, its been a bumpy ride. There have been a slew of fixes [1] though, and later on tonight or early tomorrow we'll have a new 0.4.2.1 release ready for download. [1] http://dev.i2p.net/cgi-bin/cvsweb.cgi/i2p/history.txt?rev=HEAD * 2) mail.i2p Earlier today I got slipped a note from postman saying he had some things he wanted to discuss - for more info, see the meeting logs (or if you're reading this before the meeting, swing on by). * 3) i2p-bt One of the downsides of the new release is that we're running into some trouble with the i2p-bt port. Some of the problems have been identified found and fixed in the streaming lib, but further work is necessary to get it where we need it to be. * 4) eepsites There has been some discussion over the months on the list, in the channel, and on the forum about some problems with how eepsites and the eepproxy work - recently some have mentioned problems with how and what headers are filtered, others have brought up the dangers of poorly configured browsers, and there's also DrWoo's page [2] summarizing many of the risks. One particularly note worthy event is the fact that some people are actively working on applets that will hijack the user's computer if they do not disable applets. (SO DISABLE JAVA AND JAVASCRIPT IN YOUR BROWSER) This, of course, leads to a discussion of how we can secure things. I've heard suggestions of building our own browser or bundling one with preconfigured secure settings, but lets be realistic - thats a lot more work than anyone here is going to bite into. However, there are three other camps: 1) Use a fascist HTML filter and tie it in with the proxy 2) Use a fascist HTML filter as part of a script that fetches pages for you 3) Use a secure macro language The first is pretty much like we have now, except we filter the content rendered through something like muffin or freenet's anonymity filter. The downside here is that it still exposes HTTP headers so we'd have to anonymize the HTTP side as well. The second is much like you can see on http://duck.i2p/ with the CGIproxy, or alternately as you can see in freenet's fproxy. This takes care of the HTTP side as well. The third has its benefits and drawbacks - it lets us use much more compelling interfaces (as we can safely use some known safe javascript, etc), but has the downside of backwards incompatability. Perhaps a merge of this with a filter, allowing you to embed the macros in filtered html? Anyway, this is an important development effort and addresses one of the most compelling uses of I2P - safe and anonymous interactive websites. Perhaps someone has some other ideas or info as to how we could get what is needed? [2] http://brittanyworld.i2p/browsing/ * 5) ??? Ok, I'm running late for the meeting, so I suppose I should sign this and send it on its way, 'eh? =jr [lets see if I get gpg to work right...] -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFBrOBZGnFL2th344YRArtBAJ9YhRvP3MczO96gi4Xwnowie55HlACgzlO3 1uyX1xgZLboelTOSdermS+Q= =e5Xv -END PGP SIGNATURE- ___ i2p mailing list [EMAIL PROTECTED] http://i2p.dnsalias.net/mailman/listinfo/i2p - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpXSd5GT8oe1.pgp Description: PGP signature
Clean System to Zombie Bot in Four Minutes
Link: http://slashdot.org/article.pl?sid=04/11/30/1932245 Posted by: michael, on 2004-11-30 20:05:00 from the takes-five-minutes-to-download-patches dept. [1]Amadaeus writes "According to the latest study by USA Today and [2]Avantgarde, it takes less than [3]4 minutes for an unpatched Windows XP SP1 system to become part of a botnet. Avantgarde has the statistics in [4]their abstract. Stats of note: Although Macs and PC's got hit with equal opportunity, the XP SP1 machine was hit with 5 LSASS and 4 DCOM exploits while the Mac remained clean. The Linux desktop also was impenetrable, but only was only targeted by 0.26% of all attacks." See also our story on the [5]survival time for unpatched systems. [6]Click Here References 1. mailto:[EMAIL PROTECTED] 2. http://www.avantgarde.com/ 3. http://www.usatoday.com/money/industries/technology/2004-11-29-honeypot_x.htm 4. http://avantgarde.com/ttlnabstract113004.pdf 5. http://it.slashdot.org/article.pl?sid=04/08/17/1347214&tid=172 6. http://ads.osdn.com/?ad_id=5671&alloc_id=12342&site_id=1&request_id=4452725&op=click&page=%2farticle%2epl - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgp5ODws2ob0j.pgp Description: PGP signature
3D Biometric Facial Recognition Comes To UK
Link: http://slashdot.org/article.pl?sid=04/11/28/0155210 Posted by: timothy, on 2004-11-28 10:11:00 from the are-you-ready-for-your-closeup? dept. [1]Roland Piquepaille writes "In the UK, where the recent Queen's speech about national identity cards generated lots of -- mostly negative -- coverage, another potentially invasive technology is being tested with very few criticism. For example, several police departments are now testing a 3D biometric facial recognition software from [2]Aurora, a company based near Northampton. The use of facial recognition 'is rapidly becoming the third forensic science alongside fingerprints and DNA,' according to a police officer who talked to BBC News for '[3]How your face could open doors.'" (More below.) [4]Click Here "The company claims its software is so sophisticated it can make the distinction between identical twins. And if the civil liberties groups continue to be neutral, this technology could also be deployed in airports or by private companies. Even banks are thinking to put cameras in their ATM machines to identify you. The good thing is that you will not have to remember your PIN. On the other hand, as with every new technology, is it safe for your privacy and is it possible to hack the system? [5]Read more before making your decision." References 1. http://www.primidi.com/ 2. http://www.facerec.com/ 3. http://news.bbc.co.uk/1/hi/magazine/4035285.stm 4. http://ads.osdn.com/?ad_id=5659&alloc_id=12309&site_id=1&request_id=6430161&op=click&page=%2farticle%2epl 5. http://www.primidi.com/2004/11/26.html - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpjFs7GaXUfI.pgp Description: PGP signature
Tin Foil Passports?
Link: http://slashdot.org/article.pl?sid=04/11/27/0026222 Posted by: michael, on 2004-11-27 05:05:00 from the joke's-on-you dept. Daedala writes "The debate over [1]contactless chips with biometric information in passports continues. Vendors have been chosen for testing in the [2]U.S. and [3]Australia. [4]Privacy advocates are still arguing about the measure, as are [5]security reporters and [6]bloggers. The [7]specs themselves are interesting, to say the least. The EETimes says that [8]in interoperability tests, the potential chips could be read from 30 feet away. However, both they and the New York Times have published [9]articles reporting vendors' low-cost solution: '[I]incorporate a layer of metal foil into the cover of the passport so it could be read only when opened.' Don't they know that the whole tinfoil hat thing is supposed to be a joke?" IFRAME: [10]pos6 References 1. http://yro.slashdot.org/article.pl?sid=04/08/22/0040202&tid=158 2. http://www.eetimes.com/showArticle.jhtml?articleID=52200157 3. http://www.eetimes.com/showArticle.jhtml?articleID=51200486 4. http://www.privacyinternational.org/article.shtml?cmd%5B347%5D=x-347-60594 5. http://www.businessweek.com/bwdaily/dnflash/nov2004/nf2004115_1663_db016.htm 6. http://hasbrouck.org/blog/archives/000434.html 7. http://www.icao.int/mrtd/download/technical.cfm 8. http://www.eetimes.com/showArticle.jhtml?articleID=45400010 9. http://www.nytimes.com/2004/11/26/politics/26passport.html?hp&ex=1101531600&en=6e6254bd574cba42&ei=5094&partner=homepage 10. http://ads.osdn.com/?ad_id=5819&alloc_id=12652&site_id=1&request_id=4960775 - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpQyeC9Lx1ZG.pgp Description: PGP signature
RE: [p2p-hackers] Why UDP and not TCP? (fwd from [EMAIL PROTECTED])
- Forwarded message from Travis Kalanick <[EMAIL PROTECTED]> - From: "Travis Kalanick" <[EMAIL PROTECTED]> Date: Fri, 26 Nov 2004 18:14:16 -0800 To: "'Peer-to-peer development.'" <[EMAIL PROTECTED]> Subject: RE: [p2p-hackers] Why UDP and not TCP? X-Mailer: Microsoft Office Outlook, Build 11.0.5510 Reply-To: [EMAIL PROTECTED], "Peer-to-peer development." <[EMAIL PROTECTED]> David, The main reason P2P is moving toward reliable-flow-controlled-UDP is that UDP allows for widely available straight forward techniques to route around NATs in NAT-to-NAT file delivery scenarios. I believe this was covered in the thread, but it may be such common knowledge by now that we only refer to it implicitly. Mangling TCP to implement similar traversal techniques is a substantially more difficult task. Though not impossible at all, it's a tricky bit of hacking you'll need to do to make it work. Travis -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Barrett Sent: Friday, November 26, 2004 5:45 PM To: P2P Hackers Subject: [p2p-hackers] Why UDP and not TCP? We've had a long-ranging discussion on how to overcome UDP's inherently unreliable nature, but I'm confused: what overwhelming benefits do you see to UDP that can't be found in TCP? Elsewhere, I've heard the general arguments: 1) UDP is faster (ie, lower latency) 2) UDP is more efficient (ie, lower bandwidth) 3) UDP is easier (ie, no TCP shutdown issues) 4) UDP is more scalable (ie, no inbound connection limits) However, it seems these arguments are only really true if in the application: (from http://www.atlasindia.com/multicast.htm) - Messages require no acknowledgement - Messages between hosts are sporadic or irregular - Reliability is implemented at the process level. Reliable file transfer (the impetus for our discussion, I think) doesn't seem to be a good match for the above criteria. Indeed, it would seem to me that in this situation: 1) Latency is less important than throughput 2) TCP/UDP are similarly efficient because the payload will likely dwarf any packet overhead 3) A custom reliability layer in software is harder than a standardized, worldwide, off-the-shelf reliability layer implemented in hardware 4) The user will run out of bandwidth faster than simultaneous TCP inbound connections. At least, that's what my view tells me. What am I missing? Is there another angle to the UDP/TCP protocol selection that I'm not seeing? I've seen mention of congestion -- does UDP somehow help resolve this? Alternatively, do you find yourself forced to use UDP against your will? I really don't want to start a religious war, but I would like to know what holes exist in my reasoning above. Thanks! -david ___ p2p-hackers mailing list [EMAIL PROTECTED] http://zgp.org/mailman/listinfo/p2p-hackers ___ Here is a web page listing P2P Conferences: http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences ___ p2p-hackers mailing list [EMAIL PROTECTED] http://zgp.org/mailman/listinfo/p2p-hackers ___ Here is a web page listing P2P Conferences: http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgp0wM1kGAWWQ.pgp Description: PGP signature
[i2p] 0.4.2 is available (fwd from [EMAIL PROTECTED])
- Forwarded message from jrandom <[EMAIL PROTECTED]> - From: jrandom <[EMAIL PROTECTED]> Date: Fri, 26 Nov 2004 03:12:38 -0800 To: [EMAIL PROTECTED] Subject: [i2p] 0.4.2 is available -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi gang, Its been a long 2 months since the 0.4.1 release, but we've finally got the new 0.4.2 release out and ready for your consumption. As discussed in the meeting logs and weekly status notes, the main change is a new streaming library which will improve reliability, reduce latency, and get more appropriate throughput. The new release is NOT BACKWARDS COMPATIBLE, so you MUST UPGRADE. The update process is largely as before - though there is one important change, so please, read the instructions for updating on http://www.i2p.net/download The installer has also been changed a bit, streamlining some things, and on windows systems, we build shortcuts on in the start menu and on the desktop (if desired). There have also been numerous bugfixes and improvements along the way - please see the full list online for details: http://dev.i2p.net/cgi-bin/cvsweb.cgii2p/history.txt?rev=HEAD Anyway, thats that - please update as soon as possible, because if you don't, you wont be able to do anything on I2P at all - it is NOT BACKWARDS COMPATIBLE (should I repeat that a third time? maybe with blink tags?) If anyone has any problems, please post up on the list [1], the forum [2], or get on #i2p [3]! =jr [1] http://dev.i2p.net/pipermail/i2p/ [2] http://forum.i2p.net/ [3] irc://irc.freenode.net/i2p || irc://irc.duck.i2p/i2p [EMAIL PROTECTED]:~/dev/042_dist$ openssl sha1 * SHA1(i2p.tar.bz2)= 67576badb93cdf081cf7bf6aa738aa6b977a881e SHA1(i2p_0_4_2.tar.bz2)= edb67ea2edd19cd0f974670d3b7e7a965a92d2b6 SHA1(i2pupdate.zip)= b36014d775b406e8854257703db3ff3da50af516 SHA1(install.jar)= dcd7db8cb1ce02e943f0b70748c89a5402bb909f -BEGIN PGP SIGNATURE- Version: PGP 8.1 iQA/AwUBQacPORpxS9rYd+OGEQLkGwCeM9NoB0+Y+ZlR47M6Bw6CLnpU3CEAoPL9 8LEroK97mv2Yvkh2sTHMODLc =W6Tg -END PGP SIGNATURE- ___ i2p mailing list [EMAIL PROTECTED] http://i2p.dnsalias.net/mailman/listinfo/i2p - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpIKN57ovDWO.pgp Description: PGP signature
Re: Patriot Insurance
Can we please get out of the regional fixation? The cypherpunks list isn't about the US, US pissant wars, and similiar boring backwater shit. It's too bad this list is dying a death of a thousand paper cuts inflicted by moronic posts, as so many others had. I haven't used a .procmailrc in a couple years, perhaps we can postpone this with a little collective effort. On Thu, Nov 25, 2004 at 01:38:58PM +, Will Morton wrote: >"US Patriot Financial (USPF) exists to help Americans, who risk > their lives making this world a better place, obtain life insurance. > This includes resident aliens. >Whether you are a soldier deploying overseas, a DOD contractor > helping to rebuild war torn countries, a missionary volunteering to > help the most needy, or a business man or woman traveling the globe to > support our economy we can help. >Using our extensive network of life insurance carriers, we are able > to provide protection to those whose service leads them into some of the > world's most dangerous places. This includes US citizens living abroad." > >http://www.uspfinancial.com/ > >How long have soldiers deployed in war-zones been able to get life > insurance? Would love to see their actuarial process... > >W -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpERaLxkPZB9.pgp Description: PGP signature
CIA Researching Automated IRC Spying (fwd from [EMAIL PROTECTED])
- Forwarded message from [EMAIL PROTECTED] - From: [EMAIL PROTECTED] Date: 24 Nov 2004 23:01:24 - To: [EMAIL PROTECTED] Subject: CIA Researching Automated IRC Spying User-Agent: SlashdotNewsScooper/0.0.3 Link: http://slashdot.org/article.pl?sid=04/11/24/2140209 Posted by: timothy, on 2004-11-24 21:58:00 from the will-u-be-my-friend-lol-j/k dept. Iphtashu Fitz writes "CNet News is reporting that the CIA has been [1]quietly investing in research programs to automatically monitor Internet chat rooms. In a two year agreement with the [2]National Science Foundation, CIA officials were involved with the selection of recipients for research grants to develop automated chat room monitors. Researchers at [3]Rensselaer Polytechnic Institute received $157,673 from the CIA and NSF for their proposal of 'a system to be deployed in the background of any chat room as a silent listener for eavesdropping ... The proposed system could aid the intelligence community to discover hidden communities and communication patterns in chat rooms without human intervention.' How soon until all IM conversations are monitored by [4]Big Brother? The [5]abstract of the proposal is available on the NFS website." [6]Click Here References 1. http://news.com.com/2100-7348_3-5466140.html 2. http://www.nsf.gov/ 3. http://www.rpi.edu/ 4. http://en.wikipedia.org/wiki/Big_Brother_(1984) 5. http://nsf.gov/awardsearch/showAward.do?AwardNumber=0442154 6. http://ads.osdn.com/?ad_id=5671&alloc_id=12342&site_id=1&request_id=2995024&op=click&page=%2farticle%2epl ----- End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpPbaFM7bShM.pgp Description: PGP signature
Re: Fallujah: Marine Eye-Witness Report
On Wed, Nov 24, 2004 at 12:08:37PM -0500, Tyler Durden wrote: > Oh wait, I guess I have to explain that. After the Soviets were pushed out > of Afghanistan the place became a veritable breeding ground for all sorts > of virulent strains of Islam, warlords, and so on. Iraq would likely > denigrate into the same, eventually launching similarly nice little > activities. What do you think the Iraq shenanigan has done to US's prestige? Nevermind terrorists, we're talking hard cold cash here. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpq1lmYF0PMF.pgp Description: PGP signature
Re: Fallujah: Marine Eye-Witness Report
On Tue, Nov 23, 2004 at 10:02:56PM -0800, James A. Donald wrote: > And the problem with a civil war in Iraq is? Because not only you're an evil fuck, but you're letting the others know you're an evil fuck. Now that is stupid. Look into historic records... -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpcYNaBqoTZl.pgp Description: PGP signature
[IP] Government Uses Color Laser Printer Technology to Track Documents (fwd from [EMAIL PROTECTED])
mechanism) in house because several countries had expressed concern about allowing us to sell the printers in their country," Crean says. Since then, he says, many other companies have adopted the practice. The United States is not the only country teaming with private industry to fight counterfeiters. A recent article points to the Dutch government as using similar anticounterfeiting methods, and cites Canon as a company with encoding technology. Canon USA declined to comment. - You are subscribed as [EMAIL PROTECTED] To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpAdSAA9gbjl.pgp Description: PGP signature
Students Tracked By RFID (fwd from brian-slashdotnews@hyperreal.org)
- Forwarded message from [EMAIL PROTECTED] - From: [EMAIL PROTECTED] Date: 17 Nov 2004 14:26:03 - To: [EMAIL PROTECTED] Subject: Students Tracked By RFID User-Agent: SlashdotNewsScooper/0.0.3 Link: http://slashdot.org/article.pl?sid=04/11/17/0436214 Posted by: timothy, on 2004-11-17 12:23:00 from the government-schooling dept. [1]TheMeuge writes "The New York Times is reporting a new development in the unrelenting progress of the [2]RFID juggernaut. The school district of [3]Spring, Texas has adopted [4]RFID as a way to track students' arrival and departure. Upon being scanned, the data are transmitted to both the school administrators, as well as city police. I guess cutting class is no longer an option." [5]Click Here References 1. http://www.themeuge.com/ 2. http://en.wikipedia.org/wiki/RFID 3. http://www.google.com/url?oi=map&sa=X&q=http://www.mapquest.com/maps/map.adp?country=US&address=&city=Spring&state=TX 4. http://www.nytimes.com/2004/11/17/technology/17tag.html 5. http://ads.osdn.com/?ad_id=5659&alloc_id=12309&site_id=1&request_id=612248&op=click&page=%2farticle%2epl - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgp9tVkns2VoG.pgp Description: PGP signature
[p2p-hackers] Seth Johnson: Request for the P2P Workshop at the FTC (fwd from seth.johnson@RealMeasures.dyndns.org)
constructive and appropriate insight for this proceeding include the following. I mention them in many cases without specific knowledge of their interest in participating, or of their having actually requested to participate: Jay Sulzberger, New Yorkers for Fair Use, [EMAIL PROTECTED] Brett Wynkoop, Wynn Data Limited, [EMAIL PROTECTED] Michael Smith, LXNY, [EMAIL PROTECTED] Miles Nordin, Developer/Systems Administrator, [EMAIL PROTECTED] Dan Berninger, Technology Analyst, [EMAIL PROTECTED] Adam Kosmin, WindowsRefund.net, [EMAIL PROTECTED] Andrew Odlyzko can provide rigorous empirical analysis and data that are highly pertinent to the subject areas addressed by this workshop: Andrew Odlyzko, University of Minnesota, [EMAIL PROTECTED] The following are just a few people who can represent specific development projects: Kevin Marks, MediAgora, [EMAIL PROTECTED] Lucas Gonze, Webjay, [EMAIL PROTECTED] Bram Cohen, BitTorrent, [EMAIL PROTECTED] The following are good leading voices who would make significant contributions to this workshop: David Reed, SATN.org, [EMAIL PROTECTED] Bob Frankston, SATN.org, [EMAIL PROTECTED] David Isenberg, "The Stupid Network," [EMAIL PROTECTED] Richard Stallman, The GNU project, [EMAIL PROTECTED] David Sugar, Free Software Foundation, [EMAIL PROTECTED] Fred von Lohmann, Electronic Frontier Foundation, [EMAIL PROTECTED] Gigi Sohn, Public Knowledge, [EMAIL PROTECTED] Robin Gross, IP Justice, [EMAIL PROTECTED] Chris Hoofnagle, Electronic Privacy Information Clearinghouse, [EMAIL PROTECTED] Nelson Pavlosky, Free Culture, [EMAIL PROTECTED] Thank you, Seth Johnson Committee for Independent Technology (SNIP Contact Information) ___ p2p-hackers mailing list [EMAIL PROTECTED] http://zgp.org/mailman/listinfo/p2p-hackers _______ Here is a web page listing P2P Conferences: http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpu8yM2383BE.pgp Description: PGP signature
[i2p] weekly status notes [nov 16] (fwd from jrandom@i2p.net)
- Forwarded message from jrandom <[EMAIL PROTECTED]> - From: jrandom <[EMAIL PROTECTED]> Date: Tue, 16 Nov 2004 12:54:18 -0800 To: [EMAIL PROTECTED] Subject: [i2p] weekly status notes [nov 16] -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi y'all, its tuesday again * Index 1) Congestion 2) Streaming 3) BT 4) ??? * 1) Congestion I know, I'm breaking the habit of naming point 1 "Net status", but this week "congestion" seems appropriate. The network itself has been doing pretty well, but as the bittorrent usage increased, things started getting more and more clogged up, leading to an essential congestion collapse [1]. This was expected, and only reinforces our plan - get the new streaming lib out there, and revamp our tunnel management so we have sufficient data about peers to use when our fast peers fail. There were some other factors in play in the recent network problems, but the bulk can be traced to the congestion increase and resulting tunnel failures (which in turn caused all sorts of wild peer selection). [1] http://en.wikipedia.org/wiki/Congestion_collapse * 2) Streaming There has been a lot of progress with the streaming lib, and I've got a squid proxy rigged up to it through the live net that I've been using it frequently for my normal web browsing. With mule's help, we've been hammering the streams pretty hard too by piping frost and FUQID through the network (my god, I never realized how abusive frost was before doing this!) A few significant longstanding bugs have been tracked down this way, and some tweaks to help control massive numbers of connections have been added. Bulk streams are working great too, with both slow start and congestion avoidance, and the quick send/reply connections (ala HTTP get+response) are doing exactly what they should. I expect we'll draft some volunteers to try deploying it further over the next few days, and hopefully get us to the 0.4.2 level soon. I don't want to say it'll be so good that it does your dishes, and I'm sure there'll be bugs that slip through, but it does look promising. * 3) BT Barring the recent network troubles, the i2p-bt port has been making leaps and bounds. I know a few people have pulled down over a GB of data through it, and performance has been as expected (due to the old streaming lib, ~4KBps per peer in the swarm). I try to listen in on the work being discussed in the #i2p-bt channel - perhaps duck could give us a summary in the meeting? * 4) ??? Thazzit from me for now. See y'all in the meeting in a few minutes. =jr -BEGIN PGP SIGNATURE- Version: PGP 8.1 iQA/AwUBQZpoZBpxS9rYd+OGEQJ7hQCgm635Z/qWpcfDiKQE2JO2Q3eAR/UAn2yQ ZEawa8wEMLl1tz/uk4BTENkb =ZS5w -END PGP SIGNATURE- ___ i2p mailing list [EMAIL PROTECTED] http://i2p.dnsalias.net/mailman/listinfo/i2p - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpQLsBF8WCpN.pgp Description: PGP signature
[p2p-hackers] Re: anon-layer comparison (fwd from Euseval@aol.com)
- Forwarded message from [EMAIL PROTECTED] - From: [EMAIL PROTECTED] Date: Mon, 08 Nov 2004 12:50:23 -0500 To: [EMAIL PROTECTED] ("Peer-to-peer development.") Cc: [EMAIL PROTECTED] Subject: [p2p-hackers] Re: anon-layer comparison X-Mailer: Atlas Mailer 2.0 Reply-To: "Peer-to-peer development." <[EMAIL PROTECTED]> jetiants http://www.jetiants.tk Gnu-net http://www.ovmj.org/GNUnet/ I2p http://www.i2p.net/ Tor http://freehaven.net/tor/ These may be naive questions (I don't know GNUnet too well), but > hopefully I am about to learn something: GNUnet tries to achieve at > least three goals at the same time that are not perfectly understood > and should rather be treated individually: > > - anonymity > - censor resistance > - high-performance document distribution Performance is a secondary goal to the first 2 in GNUnet. The first 2 are related so I'm not sure how or why they need to be treated separately. > Also, don't the shortcomings of mix networks also apply to Freenet- / > GNUnet-style anonymization schemes? > I suspect that no matter what (existing) adversary > model you pick, plugging a good mix network into your design on the > transport layer gives you the highest anonymity possible. I don't know how GNUnet's architecture compares to mix networks. I *do* know that GNUnet attempts to protect against traffic analysis. If you think mix networks are better, they better have good protection against traffic analysis. Can you point us to any good URLs or papers on how mix networks protect against traffic analysis? Chris ___ p2p-hackers mailing list [EMAIL PROTECTED] http://zgp.org/mailman/listinfo/p2p-hackers ___ Here is a web page listing P2P Conferences: http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpeIg6wzPheG.pgp Description: PGP signature
Re: [p2p-hackers] MixMinion vs. onion routing & GNUnet question (fwd from seberino@spawar.navy.mil)
- Forwarded message from [EMAIL PROTECTED] - From: [EMAIL PROTECTED] Date: Mon, 8 Nov 2004 09:41:48 -0800 To: [EMAIL PROTECTED] Cc: "Peer-to-peer development." <[EMAIL PROTECTED]> Subject: Re: [p2p-hackers] MixMinion vs. onion routing & GNUnet question User-Agent: Mutt/1.4.1i Reply-To: "Peer-to-peer development." <[EMAIL PROTECTED]> > These may be naive questions (I don't know GNUnet too well), but > hopefully I am about to learn something: GNUnet tries to achieve at > least three goals at the same time that are not perfectly understood > and should rather be treated individually: > > - anonymity > - censor resistance > - high-performance document distribution Performance is a secondary goal to the first 2 in GNUnet. The first 2 are related so I'm not sure how or why they need to be treated separately. > Also, don't the shortcomings of mix networks also apply to Freenet- / > GNUnet-style anonymization schemes? > I suspect that no matter what (existing) adversary > model you pick, plugging a good mix network into your design on the > transport layer gives you the highest anonymity possible. I don't know how GNUnet's architecture compares to mix networks. I *do* know that GNUnet attempts to protect against traffic analysis. If you think mix networks are better, they better have good protection against traffic analysis. Can you point us to any good URLs or papers on how mix networks protect against traffic analysis? Chris ___ p2p-hackers mailing list [EMAIL PROTECTED] http://zgp.org/mailman/listinfo/p2p-hackers ___ Here is a web page listing P2P Conferences: http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgp0hdgrRZzT3.pgp Description: PGP signature
[p2p-hackers] Anti-censorship Proxy Networks (without the HTML this time - sorry!) (fwd from paul@paulbaranowski.org)
- Forwarded message from Paul Baranowski <[EMAIL PROTECTED]> - From: Paul Baranowski <[EMAIL PROTECTED]> Date: Mon, 08 Nov 2004 10:20:53 -0500 To: [EMAIL PROTECTED] Subject: [p2p-hackers] Anti-censorship Proxy Networks (without the HTML this time - sorry!) User-Agent: Mozilla Thunderbird 0.9 (Windows/20041103) Reply-To: "Peer-to-peer development." <[EMAIL PROTECTED]> First I want to thank everyone for posting such good papers on this mailing list - it has given me lots of good reading material! Now I have a chance to give back to the community...I've been researching the problem of web censorship and how to design a system to get around it. Initially I wanted to build a P2P mixnet so that the users would also have anonymity. It turns out that due to various attacks that it isnt possible to build a "totally decentralized" P2P network - instead it looks more like a star where one server manages many proxy nodes. This is one example where p2p just isnt possible (I know, blasphemy on this mailing list!). Zooko encouraged me to write down my findings, and this is what I came up with: Not Too Few, Not Too Many: Enforcing Minimum Network Knowledge In Distributed Systems http://www.peek-a-booty.org/pbhtml/modules.php?name=Downloads&d_op=getit&lid=12 Comments are welcome. Abstract: Some distributed systems require that each node know as few other nodes as possible while still maintaining connectivity to the system. We define this state as "minimum network knowledge". In particular, this is a requirement for Internet censorship circumvention systems. We describe the constraints on such systems: 1) the Sybil attack, 2) the man-in-the-middle attack, and 3) the spidering attack. The resulting design requirements are thus: 1) An address receiver must discover addresses such that the network Node Arrival Rate <= Node Discovery Rate <= Node Departure Rate, 2) There must be a single centralized trusted address provider, 3) The address provider must uniquely identify address receivers, and 4) The discovery mechanism must involve reverse Turing tests (A.K.A. CAPTCHAs). The "minimum network knowledge" requirement also puts limits on the type of routing the network can perform. We describe a new attack, called the Boomerang attack, where it is possible to discover all the nodes in a network if the network uses mixnet routing. Two other well-known attacks limit the types of routing mechanisms: the distributed denial-of-service attack and the untraceable cracker attack. We describe three routing mechanisms that fit within the constraints: single, double, and triple-hop routing. Single-hop is a basic proxy setup, double-hop routing protects the user's data from snooping proxies, and triple hop hides proxy addresses from trusted exit nodes. ___ p2p-hackers mailing list [EMAIL PROTECTED] http://zgp.org/mailman/listinfo/p2p-hackers ___ Here is a web page listing P2P Conferences: http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpvXaaoJg1t0.pgp Description: PGP signature
[p2p-hackers] MixMinion vs. onion routing & GNUnet question (fwd from fis@wiwi.hu-berlin.de)
- Forwarded message from [EMAIL PROTECTED] - From: [EMAIL PROTECTED] Date: Mon, 8 Nov 2004 11:14:49 +0100 To: "Peer-to-peer development." <[EMAIL PROTECTED]> Subject: [p2p-hackers] MixMinion vs. onion routing & GNUnet question Reply-To: "Peer-to-peer development." <[EMAIL PROTECTED]> [EMAIL PROTECTED] writes: > From: [EMAIL PROTECTED] > Date: Fri, 5 Nov 2004 21:24:14 -0800 > Subject: [p2p-hackers] MixMinion vs. onion routing & GNUnet question > [...] > GNUnet seems like a very good project. Probably the > best I've seen. It is a modular framework so pieces can be > borrowed and built upon at many levels. These may be naive questions (I don't know GNUnet too well), but hopefully I am about to learn something: GNUnet tries to achieve at least three goals at the same time that are not perfectly understood and should rather be treated individually: - anonymity - censor resistance - high-performance document distribution What makes you believe the GNUnet-solution for any of these aims can be factored out and used somewhere else? Also, don't the shortcomings of mix networks also apply to Freenet- / GNUnet-style anonymization schemes? In Freenet (at least in some ancient version that I once had a closer look at), I know security is even worse (though still not too bad in my eyes), because the packets don't all travel well-specified mix paths but take shortcuts. To put it more clearly: A network has "perfect anonymity" if any peer in that network can send and receive (variants: a - send only; b - receive only) packets without the contents of the packets being associated with its IP address by the adversary, and it has "high anonymity" if it has perfect anonymity in every transaction with high probability. Then I suspect that no matter what (existing) adversary model you pick, plugging a good mix network into your design on the transport layer gives you the highest anonymity possible. (And at a very good price, too: You can throw more resources at other design requirements, you get more mature anonymity technology, and you can profit from improvements in the field without changing your design at all.) Of course I'd need to define "good mix network" now. But perhaps somebody can already counter or confirm this as is? -matthias ___ p2p-hackers mailing list [EMAIL PROTECTED] http://zgp.org/mailman/listinfo/p2p-hackers ___ Here is a web page listing P2P Conferences: http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgp6TjZRbjq2s.pgp Description: PGP signature
Re: The Values-Vote Myth
On Sat, Nov 06, 2004 at 06:25:19PM +, Justin wrote: > Not true. > > http://www.cnn.com/2004/ALLPOLITICS/11/03/voter.turnout.ap/ > > "[Curtis] Gans puts the total turnout at nearly 120 million people. > That represents just under 60% of eligible voters..." You didn't vote against a candidate, you tacitly accept whatever other voters decide. For you. There isn't "none of the above" option, unfortunately. > 120m * 100%/60% = 200 million eligible voters (The U.S. population > according to census.gov was 290,809,777 as of 2003-07-01 > > http://www.cnn.com/ELECTION/2004/ > "Bush Vote: 59,459,765" > Let's generously round that up to 65 million. > > 65m/200m = 32.5% of eligible voters voted for Bush > 65m/290.8m = 22.4% of the U.S. population voted for Bush > > I can't find an accurate number of registered voters, but one article > suggests 15% of registered voters don't vote. That means there are > probably around 141m registered voters. Bush didn't even win majority > support from /those/. > > 65m/141m = 46% of registered voters voted for Bush Don't mince numbers. About half of those who could and could be bothered to vote voted for more of the same. At least that's how the rest of the world is going to see it. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpr5KdgdTyK1.pgp Description: PGP signature
Re: Why Americans Hate Democrats-A Dialogue
On Sat, Nov 06, 2004 at 09:31:24AM -0800, James Donald wrote: > I routinely call people like you nazi-commies. How novel and interesting. Cut the rhetoric, get on with the program. Cypherpunks write code. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpJ6yWZU03Sk.pgp Description: PGP signature
Re: The Values-Vote Myth
On Sat, Nov 06, 2004 at 08:46:17AM -0500, Tyler Durden wrote: > So: A 'moral values' question for Cypherpunks. Does this election indict > the American people as being complicit in the crime known as "Operation Of course. What kind of question is that? Regardless of voting fraud, about half of US has voted for four more years of the same. Guilty. > Freedom"? (I notice everyone forgot about that name.) Huh? What was the question, again? -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpAkamuQfxSf.pgp Description: PGP signature
Re: Finding Galt's Gulch (fwd)
On Thu, Nov 04, 2004 at 08:05:34PM -0600, J.A. Terranson wrote: > Where does one go today, if they are unwilling to participate in the > Failed Experiment? (BTW: No, Lichtenstein does not accept immigrants, and > yes, I have reverified this recently). Go East. Fortunes are made there. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpJvcNr67xhO.pgp Description: PGP signature
Diebold
So, we know Diebold commited vote fraud. Irregularities, my ass. Why did Kerry just roll over? The second time, after Gore? This just doesn't make sense. There's been over a year to prepare. Or is the entire process just a charade? -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpLA3SlczlSt.pgp Description: PGP signature
[i2p] weekly status notes [nov 2] (fwd from jrandom@i2p.net)
- Forwarded message from jrandom <[EMAIL PROTECTED]> - From: jrandom <[EMAIL PROTECTED]> Date: Tue, 2 Nov 2004 13:35:10 -0800 To: [EMAIL PROTECTED] Subject: [i2p] weekly status notes [nov 2] -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi y'all, time for the weekly update * Index: 1) Net status 2) Core updates 3) Streaming lib 4) mail.i2p progress 5) BT progress 6) ??? * 1) Net status Pretty much as before - a steady number of peers, eepsites fairly reachable, and irc for hours on end. You can get a peek at the reachability of various eepsites through a few different pages: - http://gott.i2p/sites.html - http://www.baffled.i2p/links.html - http://thetower.i2p/pings.txt * 2) Core updates For those hanging out in the channel (or reading the CVS logs), you've seen a lot of things going on, even though its been a while since the last release. A full list of changes since the 0.4.1.3 release can be found online [1], but there are two major modifications, one good and one bad: The good one is that we've dramatically cut down on the memory churn caused by all sorts of insane temporary object creation. I finally got fed up with watching the GC go mad while debugging the new streaming lib, so after a few days of profiling, tweaking, and tuning, the ugliest parts are cleaned up. The bad one is a bugfix for how some tunnel routed messages are handled - there were some situations where a message was sent directly to the targeted router rather than tunnel routed prior to delivery, which could be exploited by an adversary who can do a little coding. We now properly tunnel route when in doubt. That may sound good, but the 'bad' part is that it means that there's going to be some increased latency due to the additional hops, though these are hops that needed to be used anyway. There are other debugging activities going on in the core as well, so there hasn't been an official release yet - CVS HEAD is 0.4.1.3-8. In the next few days we'll probably have a 0.4.1.4 release, just to get all that stuff cleared up. It won't contain the new streaming lib, of course. [1] http://dev.i2p.net/cgi-bin/cvsweb.cgi/i2p/history.txt?rev=HEAD * 3) Streaming lib Speaking of the streaming lib, there has been a lot of progress here, and the side by side comparison of the old and new libs are looking good. However, there is still work to be done, and as I said last time, we're not going to rush it out the door. That does mean that the roadmap has slipped, likely in the range of 2-3 weeks. More details when they're available. * 4) mail.i2p progress Lots of new stuff this week - working in and out proxies! See www.postman.i2p for more information. * 5) BT progress There has been a flurry of activity regarding porting a BitTorrent client as of late, as well as updating some tracker settings. Perhaps we can get some updates from those involved during the meeting. * 6) ??? Thats it for me. Sorry for the delay, I forgot about that whole daylight savings thingamabob. Anyway, see y'all in a few. =jr -BEGIN PGP SIGNATURE- Version: PGP 8.1 iQA/AwUBQYf9PBpxS9rYd+OGEQIoGQCgvDKydGRT42tO9bwWutAwnoolpj0AoNyX Z1ThyrjEZjAttC/wChPN43aD =SJDa -END PGP SIGNATURE- ___ i2p mailing list [EMAIL PROTECTED] http://i2p.dnsalias.net/mailman/listinfo/i2p - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgp8Bbu2KrtAF.pgp Description: PGP signature
Re: This Memorable Day
On Tue, Nov 02, 2004 at 08:16:41AM -0500, R. A. Hettinga wrote: > <http://online.wsj.com/article_print/0,,SB109936293065461940,00.html> No cypherpunks content. Just local politics. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpAirLMWm3ex.pgp Description: PGP signature
[IP] Call for Nominations - NRC project on Information Fusion and Data Mining (fwd from dave@farber.net)
ortly. A good illustration of the kinds of persons sought for this project is provided by the committee assembled in 1994-1996 to study national cryptography policy, another highly controversial area. The committee was chaired by a former Deputy Secretary of State, and included (among others) a former Deputy Director of the National Security Agency, a former Attorney General of the United States, a former Deputy Attorney General, the inventor of public-key cryptography, the director of research and development for the Digital Equipment Corporation, and the creator of Lotus Notes. Persons of comparable stature are sought for this project as well. (This report can be found at <http://books.nap.edu/catalog/5131.html>.) Please forward nominations (self-nominations acceptable) to [EMAIL PROTECTED] Submitted nominations should include contact information, biographies (including relevant published works, public statements, and current or former positions of relevance), and indications of relevant expertise and the perspective on the subject that the nominee will bring. The "subject" line of the e-mail should say "committee nomination." While nominations may be submitted at any time, nominations received after November 22, 2004, or without the information described above, may not be fully considered. More information about the project can be found at http://www.cstb.org/project_infofusion.html. ___ Herb Lin, Senior Scientist Computer Science and Telecommunications Board The National Academies (202) 334-3191 voice || (202) 334-2318 fax || [EMAIL PROTECTED] www.cstb.org || Where the nation turns for independent and informed assessments of computing, communications, and public policy - You are subscribed as [EMAIL PROTECTED] To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpUUWpxihIvG.pgp Description: PGP signature
Re: bin Laden gets a Promotion
On Sat, Oct 30, 2004 at 02:42:25PM -0400, Sunder wrote: > As usual, South Park is a great source of wisdom. So, are you voting for > the Giant Douche or the Turd Sandwich? My candidate is Mr Hanky, Poo party. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpCSTaFJcAti.pgp Description: PGP signature
Re: Geodesic neoconservative empire
On Fri, Oct 29, 2004 at 09:24:20PM -0500, J.A. Terranson wrote: > Agreed. Our interest in not in Afghanistan/Iraq per se. Our interest is > in ruling the *planet*, rather than any individual pissant player. Empires never last, and if there's going to be a new one, it's going to be Chinese. (Of course it won't last, either). It sucks to be old-growth in a large new-growth market. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpU3GwFOzodH.pgp Description: PGP signature
[FoRK] Google buys Keyhole (fwd from andrew@ceruleansystems.com)
- Forwarded message from "J. Andrew Rogers" <[EMAIL PROTECTED]> - From: "J. Andrew Rogers" <[EMAIL PROTECTED]> Date: Wed, 27 Oct 2004 10:36:38 -0700 To: [EMAIL PROTECTED] Subject: [FoRK] Google buys Keyhole X-Mailer: WebMail 1.25 Reply-To: [EMAIL PROTECTED] Finally. I've been sitting on this story for weeks, and I was looking forward to this morning because there is a lot about this deal that is worth talking about, particularly with regard to how this fits into Google's portfolio. Even though I knew about the deal, I have no clue as to the reasoning why Google bought them. All the talk about them being a "map provider" is a bit of nonsense, since Keyhole is a hell of a lot more than a map provider. If they wanted maps they could have gone to the source, since it isn't like Keyhole creates their own map data -- Keyhole is more of a data integrator. Salient points: - Keyhole is fussy Windows-only client software (something that won't change soon), which appears to be a departure from Google's normally web-centric applications. - Keyhole can consume some serious bandwidth, and isn't really something that will scale to average home use (in many different ways) without wholesale re-architecting of the system. - Keyhole has terabytes of very interesting databases, many of which are not public. For example, the US DoD has become fond of using Keyhole to process all sorts of reconnaissance, intelligence, and battle planning data. And more Federal agencies and foreign governments are moving to do the same. I've maintained for some time that Google is very aggressively trying to position themselves as a very deep data-mining operation, and are facilitating that by arranging that as much data as possible flow through their systems. I've stated in the past that they have the potential to be super-evil, if only because of the access they are being granted to vast ranges of data, which many people seem more than happy to grant. From that perspective, I find the above points worrisome. It will be very interesting to see what they do with this. cheers, j. andrew rogers ___ FoRK mailing list http://xent.com/mailman/listinfo/fork - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpytrRFl0egC.pgp Description: PGP signature
Re: the simian unelected is blocking the world
On Wed, Oct 27, 2004 at 09:02:48AM -0500, J.A. Terranson wrote: > > On Wed, 27 Oct 2004, Eugen Leitl wrote: > > > Access to http://www.georgewbush.com/ is blocked but from US IP address > > space. > > Works from 204.238.179.0/24. Of course it works. For you. It's US according to ip2location.com 204.238.179.1 US UNITED STATES MISSOURICLAYTON MISSOURI FREENET > Where are your coming in from? Germany, and I'm still blocked. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpazPNa3D4IU.pgp Description: PGP signature
the simian unelected is blocking the world
Access to http://www.georgewbush.com/ is blocked but from US IP address space. Access Denied You don't have permission to access "http://www.georgewbush.com/"; on this server. http://www.anonymization.net/http://www.georgewbush.com works with no problems, though. Ha Ha Curious George. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpG41Dgmwj5r.pgp Description: PGP signature
Re: Donald's Job Description
On Mon, Oct 25, 2004 at 03:20:28PM -0400, R. A. Hettinga wrote: > *Nobody* was a counterbalance to Tim, me or anyone else. Simple fact, no > matter how much he pissed on my shoes, or anyone else's. What's he up to these days? It seems he got tired of of USENET, too http://groups.google.com/groups?q=tcmay%40got.net&hl=en&lr=&c2coff=1&safe=off&sa=G&scoring=d Too bad. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpRpmcltm5BE.pgp Description: PGP signature
[FoRK] "Your papers, citizen" (fwd from deafbox@hotmail.com)
- Forwarded message from Russell Turpin <[EMAIL PROTECTED]> - From: "Russell Turpin" <[EMAIL PROTECTED]> Date: Mon, 25 Oct 2004 15:31:39 + To: [EMAIL PROTECTED] Subject: [FoRK] "Your papers, citizen" This was on Slashdot's political feed. Here's the jaw-dropper: McCain envisions erecting physical checkpoints, dubbed "screening points," near subways, airports, bus stations, train stations, federal buildings, telephone companies, Internet hubs and any other "critical infrastructure" facility deemed vulnerable to terrorist attacks. Secretary Tom Ridge would appear to be authorized to issue new federal IDs--with biometric identifiers--that Americans could be required to show at checkpoints. Here's the article: http://news.zdnet.com/2100-1009_22-5415111.html _ FREE pop-up blocking with the new MSN Toolbar ? get it now! http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/ ___ FoRK mailing list http://xent.com/mailman/listinfo/fork - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpbuN94m47mq.pgp Description: PGP signature
Re: Airport insanity
Can you guys please take it outside? The majority of us just isn't interested. On Sun, Oct 24, 2004 at 12:49:52PM -0700, James A. Donald wrote: > Nail your colors to the mast. Pick one of the above and defend > it. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpcF0sxALbRD.pgp Description: PGP signature
[IP] TSA Says It Can Decide Who Can Learn (fwd from dave@farber.net)
- Forwarded message from David Farber <[EMAIL PROTECTED]> - From: David Farber <[EMAIL PROTECTED]> Date: Sun, 24 Oct 2004 06:27:32 -0400 To: Ip <[EMAIL PROTECTED]> Subject: [IP] TSA Says It Can Decide Who Can Learn X-Mailer: Apple Mail (2.619) Reply-To: [EMAIL PROTECTED] Begin forwarded message: From: John Gilmore <[EMAIL PROTECTED]> Date: October 24, 2004 4:44:16 AM EDT To: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: TSA Says It Can Decide Who Can Learn [for I-P] TSA has started issuing "Learner's Permits" and demanding that people who wish to learn get a Learner's Permit from TSA. Every innocent student is to be forced to be "assessed" for their "threat potential". This violates the fundamental right of freedom of inquiry, which is guaranteed to all persons in the United States, whether they are citizens or not. For the moment, these permits are only required if you want to learn about flying, but I predict that they will soon be required for other areas of forbidden knowledge. Unless the education community and the citizenry reject the whole concept that the government can tell them who is permitted to study and what subjects they are permitted to learn. Don't worry though -- today it only applies at a few schools, and only to non-US citizens. It only delays the student by four to six weeks, and only requires them to provide their full name, passport and visa, current photograph, specifics about their course of study, and $130. Approval is, of course, not guaranteed. It doesn't threaten *you* -- probably. By the time they come for your school and your students and your subject, nobody will remember who Rev. Martin Niemoller was. John Gilmore October 22, 2004 Media Contact: TSA Public Affairs 571-227-2829 TSA Takes Over Security Threat Assessments on Non-U.S. Citizens Seeking Flight School Training Agency also expands program scope to include non-commercial pilot candidates LONG BEACH, CALIF. -- The Transportation Security Administration (TSA) today announced it is now requiring security threat assessments for non-U.S. citizens seeking training at U.S. flight schools, regardless of the type and size of the aircraft. Following the terrorist attacks of September 11, 2001, the Aviation and Transportation Security Act mandated the U.S. Department of Justice to conduct threat assessments for non-U.S. citizens who sought training on aircraft weighing 12,500 pounds or more including commercial aircraft. Vision 100 -- Century of Aviation Reauthorization Act transferred this responsibility from Justice to TSA as of October 5, 2004. "September 11th taught us that terrorists exploited the use of U.S flight schools," said Rear Adm. David M. Stone, USN (Ret.), Assistant Secretary of Homeland Security for TSA. "Fortifying security by knowing who trains at these schools is an integral part of our mission to secure the homeland." The program is designed to prevent terrorists from receiving pilot training from flight schools. As a prerequisite to flight training, non-U.S. citizens must provide to TSA fingerprints, biographical information, including full name, passport and visa information, and training specifics such as the type of aircraft the candidate seeks instruction to operate. In addition to security assessments, TSAs new initiative will: * Streamline the threat assessment process from 45 to 30 days for most applicants, and 5 days for some * Require flight schools to submit a students photograph to TSA to ensure the student reporting for flight training is the same individual who successfully completed a security threat assessment * Implement an application fee of $130 for the security threat assessment * Require flight schools to provide security awareness training for appropriate staff on an annual basis. To help fulfill this requirement, TSA plans to offer an on-line course on the agencys Web site within a few weeks. Beginning this week, TSA will accept applications for non-U.S. citizens seeking flight training in aircraft weighing 12,500 pounds or less who do not currently hold a FAA or foreign pilots certificate. Starting on December 19, 2004, TSA will accept applications for all non-U.S. citizens who seek training in aircraft weighing 12,500 pounds or less, including those who already have an airmans certificate and seeking additional training for a new certificate and/or rating. For more information, please visit our Web site at www.tsa.gov and click on "Industry Partners" and find "Flight Training for non-U.S. Citizens." # # # - You are subscribed as [EMAIL PROTECTED] To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ - End forwarded message - -- Eugen* Leitl http://leitl.o
Re: Airport insanity
On Sat, Oct 23, 2004 at 11:37:02PM -0400, Adam wrote: > None-the-less, this has been one of the more inteteresting (and > infuriating) threads in recent memory of Cypherpunks. I'm glad we're > going through it with such vigor. That thread bores me to tears. I miss technical content. Or, at least, a few pointers of where the action is. I'm tinkering with Nehemiah's RNG (/dev/hw_random is next to useless without a patch), and about to start using PadLock patches, once C5P hardware arrives. I'm also going to look into OpenBSD, once 3.6 is up on mirrors. What is happening in TCP/IP level traffic remixing? P2P apps? Can someone in the know provide a boilerplate, or at least a list of raw URLs? -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpQN0uUSB8Uk.pgp Description: PGP signature
echelon hardware
ss is the name of this game. The US government wants to know what you and I are talking about. Spy in the sky satellites listen in to what we say and look at what we do. Then solid state disk keeps the real time analysis of these calls and images operating at full speed. The world's fastest storage system is used in the world's most sophisticated spying operation. Impressive and scary at the same time. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpjFf5sGwfJd.pgp Description: PGP signature
WiMax Operator's Manual: Building 802.16 Wireless (fwd from brian-slashdotnews@hyperreal.org)
chase [3]WiMax Operator's Manual: Building 802.16 Wireless Networks from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the [4]book review guidelines, then visit the [5]submission page. References 1. mailto:[EMAIL PROTECTED] 2. http://ads.osdn.com/?ad_id=4826&alloc_id=10297&site_id=1&request_id=7629555&op=click&page=%2farticle%2epl 3. http://service.bfast.com/bfast/click?bfmid=2181&sourceid=39391960&isbn=159059357X 4. http://slashdot.org/book.review.guidelines.shtml 5. http://slashdot.org/submit.pl - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpx1DrOerPUg.pgp Description: PGP signature
Re: Airport insanity
On Thu, Oct 21, 2004 at 09:43:16AM -0700, James A. Donald wrote: > When people are under attack, you cannot tell them to suck it > up, which is what you are doing. If we had no government, we I'm not under attack. Are you? The Ghengis Khan thing's been a while back. > might well be doing pogroms against american muslims - and a > good thing to. This ways lies much rotting severed heads on stakes, and screaming. We've been there before. No need for a repetition. > War causes governments, and causes governments to gain power, > but the US government was not the aggressor in this war. US Your reality model is rather unique. Given that what your alleged representatives are doing results in massive loss of prestige, you don't want to associate with defectors. That stink's going to cling for a while. > government meddling in the middle east was unwise and > unnecessary, but it did not provoke, nor does it justify, this > war. > > The intent of a large minority of muslims was to start a holy > war between the west and Islam, and the majority of muslims The only war there is was started by ShrubCo, and was tacitly approved by about half of your countrymen. This isn't Nuremberg, but I color your guilty. > lack the will or courage to stop them, or even criticize them. > That was not the intent of Americans, or the American > government. They started it, they meant to start it. Americans Ha ha. > tried to avoid it, some of them are still trying to avoid it. > All Americans are still trying to conduct the war on the > smallest possible scale, against the smallest possible subset > of Islam, disagreeing only on how small that subset can be. Your reality distortion field manages to make bearded fanatics look good. Quite an accomplishment. Herr Reichspropagandaminister would have been proud. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgplTBDx8zsyH.pgp Description: PGP signature
New Technique Could Trace Documents By Printer (fwd from brian-slashdotnews@hyperreal.org)
- Forwarded message from [EMAIL PROTECTED] - From: [EMAIL PROTECTED] Date: 14 Oct 2004 19:26:02 - To: [EMAIL PROTECTED] Subject: New Technique Could Trace Documents By Printer User-Agent: SlashdotNewsScooper/0.0.3 Link: http://slashdot.org/article.pl?sid=04/10/14/1742224 Posted by: timothy, on 2004-10-14 18:28:00 from the better-than-a-notch-in-the-e dept. An anonymous reader submits "From [1]this article at Purdue News, 'Researchers at Purdue University have developed a method that will enable authorities to trace documents to specific printers, a technique law-enforcement agencies could use to investigate counterfeiting, forgeries and homeland security matters.' The neat thing is that they are exploiting the characteristics of the print process itself to identify the printer." One of the folks e-mailed me to say that [2]the HP LaserJet 9000dn was one of the big ones tested with. IFRAME: [3]pos6 References 1. http://news.uns.purdue.edu/UNS/html4ever/2004/041011.Delp.forensics.html 2. http://productguide.itmanagersjournal.com/page.pl?tid=10541 3. http://ads.osdn.com/?ad_id=2936&alloc_id=10685&site_id=1&request_id=2825914 - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpQjXjSsxrVF.pgp Description: PGP signature
Tor 0.0.9pre3 is out (fwd from arma@mit.edu)
- Forwarded message from Roger Dingledine <[EMAIL PROTECTED]> - From: Roger Dingledine <[EMAIL PROTECTED]> Date: Thu, 14 Oct 2004 06:36:18 -0400 To: [EMAIL PROTECTED] Subject: Tor 0.0.9pre3 is out User-Agent: Mutt/1.2.5.1i Reply-To: [EMAIL PROTECTED] Along with the bugfixes from 0.0.8.1, plus more bugfixes, this release makes the dirservers file obsolete (finally) in favor of config option lines to specify the location and fingerprint of each dirserver you want to trust. We also now support the use of an http proxy for fetching directories. tarball: http://freehaven.net/tor/dist/tor-0.0.9pre3.tar.gz signature: http://freehaven.net/tor/dist/tor-0.0.9pre3.tar.gz.asc (use -dPr tor-0_0_9pre3 if you want to check out from cvs) o Bugfixes on 0.0.8.1: - Better torrc example lines for dirbindaddress and orbindaddress. - Improved bounds checking on parsed ints (e.g. config options and the ones we find in directories.) - Better handling of size_t vs int, so we're more robust on 64 bit platforms. - Fix the rest of the bug where a newly started OR would appear as unverified even after we've added his fingerprint and hupped the dirserver. - Fix a bug from 0.0.7: when read() failed on a stream, we would close it without sending back an end. So 'connection refused' would simply be ignored and the user would get no response. o Bugfixes on 0.0.9pre2: - Serving the cached-on-disk directory to people is bad. We now provide no directory until we've fetched a fresh one. - Workaround for bug on windows where cached-directories get crlf corruption. - Make get_default_conf_file() work on older windows too. - If we write a *:* exit policy line in the descriptor, don't write any more exit policy lines. o Features: - Use only 0.0.9pre1 and later servers for resolve cells. - Make the dirservers file obsolete. - Include a dir-signing-key token in directories to tell the parsing entity which key is being used to sign. - Remove the built-in bulky default dirservers string. - New config option "Dirserver %s:%d [fingerprint]", which can be repeated as many times as needed. If no dirservers specified, default to moria1,moria2,tor26. - Make moria2 advertise a dirport of 80, so people behind firewalls will be able to get a directory. - Http proxy support - Dirservers translate requests for http://%s:%d/x to /x - You can specify "HttpProxy %s[:%d]" and all dir fetches will be routed through this host. - Clients ask for /tor/x rather than /x for new enough dirservers. This way we can one day coexist peacefully with apache. - Clients specify a "Host: %s%d" http header, to be compatible with more proxies, and so running squid on an exit node can work. - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpUidu7i8tdw.pgp Description: PGP signature
China Rewards Porn Snitches (fwd from brian-slashdotnews@hyperreal.org)
- Forwarded message from [EMAIL PROTECTED] - From: [EMAIL PROTECTED] Date: 11 Oct 2004 07:26:00 - To: [EMAIL PROTECTED] Subject: China Rewards Porn Snitches User-Agent: SlashdotNewsScooper/0.0.3 Link: http://slashdot.org/article.pl?sid=04/10/11/0239205 Posted by: timothy, on 2004-10-11 05:29:00 from the don't-look-just-tell dept. [1]MinimeMongo writes that the "Associated Press reports that China's police ministry on Sunday [2]handed out rewards of up to $240 to people who reported pornographic Web sites in a campaign to stamp out online smut...The online crackdown is part of a sweeping official morality campaign launched this year on orders from communist leaders." References 1. mailto:[EMAIL PROTECTED] 2. http://www.newsday.com/technology/business/wire/sns-ap-china-porn-rewards,0,1812553.story?coll=sns-ap-technology-headlines - End forwarded message ----- -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpGFM9cLtIfw.pgp Description: PGP signature
Indymedia Seizures Initiated In Europe (fwd from brian-slashdotnews@hyperreal.org)
- Forwarded message from [EMAIL PROTECTED] - From: [EMAIL PROTECTED] Date: 10 Oct 2004 19:26:02 - To: [EMAIL PROTECTED] Subject: Indymedia Seizures Initiated In Europe User-Agent: SlashdotNewsScooper/0.0.3 Link: http://slashdot.org/article.pl?sid=04/10/10/1716256 Posted by: timothy, on 2004-10-10 17:18:00 from the fbi-just-along-for-the-ride dept. [1]daveschroeder writes "According to [2]this Indymedia.org article and [3]AFP report, the request to seize Indymedia servers hosted by a U.S. company in the UK (covered in this [4]previous slashdot story) originated from government agencies in Italy and Switzerland, not the United States. Because Indymedia's hosting company, Rackspace.com, is a U.S. company, the FBI coordinated the request and accompanied UK Metropolitan Police on the seizure under the auspices of the [5]Mutual Legal Assistance Treaty (MLAT), an international legal treaty, but, according to an FBI spokesman, 'It is not an FBI operation. Through [MLAT], the subpoena was on behalf of a third country.'" Read on below for more. daveschroeder continues: "Rackspace's statement reads, 'In the present matter regarding Indymedia, Rackspace Managed Hosting, a U.S. based company with offices in London, is acting in compliance with a court order pursuant to a Mutual Legal Assistance Treaty (MLAT), which establishes procedures for countries to assist each other in investigations such as international terrorism, kidnapping and money laundering. Rackspace responded to a Commissioner's subpoena, duly issued under Title 28, United States Code, Section 1782 in an investigation that did not arise in the United States. Rackspace is acting as a good corporate citizen and is cooperating with international law enforcement authorities. The court prohibits Rackspace from commenting further on this matter.'" References 1. mailto:[EMAIL PROTECTED] 2. http://www.indymedia.org/en/2004/10/112047.shtml 3. http://story.news.yahoo.com/news?tmpl=story&cid=1509&ncid=738&e=6&u=/afp/20041008/tc_afp/us_internet_justice 4. http://yro.slashdot.org/article.pl?sid=04/10/07/204217&tid=153 5. http://travel.state.gov/law/mlat.html - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpHLp7QFp6ln.pgp Description: PGP signature
[i2p] 0.4.1.2 is available (fwd from jrandom@i2p.net)
- Forwarded message from jrandom <[EMAIL PROTECTED]> - From: jrandom <[EMAIL PROTECTED]> Date: Sun, 10 Oct 2004 07:57:17 -0700 To: [EMAIL PROTECTED] Subject: [i2p] 0.4.1.2 is available -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi everyone, We've got a new 0.4.1.2 release out and about with a bunch of bugfixes, tools to help monitor the health of your node, reduce memory churn, and help cut down on the per-hop message processing time. I don't expect any sort of revolutionary performance improvements with this, but I do hope it'll make the latency a bit smoother. Upgrading is highly recommended. The full list of whats been added since 0.4.1.1 is up and available at http://dev.i2p.net/cgi-bin/cvsweb.cgi/i2p/history.txt?rev=HEAD Its all backwards compatible, and duck has been helping me test out these updates as they've been made (as well as gather truckloads of stats to help identify the bottlenecks on his fairly active router). As always, the goods are up @ http://www.i2p.net/download =jr SHA1(i2p.tar.bz2)= 455b936f0b49ee58ab50739e7b00a482678b9291 SHA1(i2p_0_4_1_2.tar.bz2)= 124ce2e680f8a194d573edc9e688c6ab1f085d05 SHA1(i2pupdate.zip)= e6f140f9a4ccdb59e3784510c9bff5d336dafca4 SHA1(install.jar)= 5a92ffdac4edce942faa2f8fa3b9c468f646a6db -BEGIN PGP SIGNATURE- Version: PGP 8.1 iQA/AwUBQWlNgBpxS9rYd+OGEQJcBQCghZVED/5eHT3L8mEwIiRM34jS9hwAoJ8O hdm6AaL62BKroSQHNfFuXzNH =oKAI -END PGP SIGNATURE- ___ i2p mailing list [EMAIL PROTECTED] http://i2p.dnsalias.net/mailman/listinfo/i2p - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpOgCynQvVEr.pgp Description: PGP signature
Interesting report on Dutch non-use of traffic data (fwd from gnu@toad.com)
- Forwarded message from John Gilmore <[EMAIL PROTECTED]> - From: John Gilmore <[EMAIL PROTECTED]> Date: Tue, 05 Oct 2004 19:07:59 -0700 To: [EMAIL PROTECTED] Subject: Interesting report on Dutch non-use of traffic data From EDRI-gram via Wendy Seltzer: 4. Dutch police report: traffic data seldom essential Telephone traffic data are only necessary to solve crimes in a minority of police investigations. Most cases can be solved without access to traffic data, with the exception of large fraud investigations. These are the conclusions of a Dutch police report produced at the request of the Dutch ministry of Justice. The report was recently obtained by the Dutch civil liberties organisation Bits of Freedom through a public access request. The report undermines the Dutch government's support to the EU draft framework decision on data retention. The report makes no case for the proposed data retention as Dutch police already uses traffic data in 90% of all investigations. The police can already obtain, with a warrant, the traffic data that telecommunication companies store for their own billing- and business purposes. The report also shows that the use of traffic data is a standard tool in police investigations and it not limited to cases of organised crime or terrorism. The report is the result of an evaluation of past investigations by the Dutch police of Rotterdam. Two-thirds of all investigations could have been solved if no traffic data would have been available at all. The three main purposes of traffic data in police investigations are: network analysis (searching for associations of a person to other individuals), tactical support for surveillance and checking of alibis (through GSM location data). Police investigators can compensate a possible lack of traffic data by other investigative methods such as wiretapping, surveillance, a preservation order for traffic data and a longer investigative period. The report states that police officers seldom ask for traffic data older than six months. The report was never sent to the Dutch parliament although members of parliament previously asked for research results about the effectiveness of mandatory data retention. After Bits of Freedom published the report new questions have been raised in the Dutch parliament about the reason for withholding the report. The use of (historic) traffic data in investigations (April 2003, in Dutch) http://www.bof.nl/docs/rapport_verkeersgegevens.pdf (Contribution by Maurice Wessling, EDRI-member Bits of Freedom) - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED] - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpdelIksXBQX.pgp Description: PGP signature
Re: Foreign Travelers Face Fingerprints and Jet Lag
On Fri, Oct 01, 2004 at 09:43:04PM -0400, R. A. Hettinga wrote: > "It was more easy to visit before," she said. "But I will still come back." Well, no, I won't. (And quite a number of others). No biometrics ID for me either. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpwHrRY52CAS.pgp Description: PGP signature
Tor 0.0.9pre1 is out (fwd from arma@mit.edu)
- Forwarded message from Roger Dingledine <[EMAIL PROTECTED]> - From: Roger Dingledine <[EMAIL PROTECTED]> Date: Fri, 1 Oct 2004 03:19:44 -0400 To: [EMAIL PROTECTED] Subject: Tor 0.0.9pre1 is out User-Agent: Mutt/1.2.5.1i Reply-To: [EMAIL PROTECTED] We've fixed quite a few bugs. We've also added compression for directories, and client-side directory caching on disk so you'll have a directory when Tor restarts. tarball: http://freehaven.net/tor/dist/tor-0.0.9pre1.tar.gz signature: http://freehaven.net/tor/dist/tor-0.0.9pre1.tar.gz.asc (use -dPr tor-0_0_9pre1 if you want to check out from cvs) Changes from 0.0.8: o Bugfixes: - Stop using separate defaults for no-config-file and empty-config-file. Now you have to explicitly turn off SocksPort, if you don't want it open. - Fix a bug in OutboundBindAddress so it (hopefully) works. - Improve man page to mention more of the 0.0.8 features. - Fix a rare seg fault for people running hidden services on intermittent connections. - Change our file IO stuff (especially wrt OpenSSL) so win32 is happier. - Fix more dns related bugs: send back resolve_failed and end cells more reliably when the resolve fails, rather than closing the circuit and then trying to send the cell. Also attach dummy resolve connections to a circuit *before* calling dns_resolve(), to fix a bug where cached answers would never be sent in RESOLVED cells. - When we run out of disk space, or other log writing error, don't crash. Just stop logging to that log and continue. - We were starting to daemonize before we opened our logs, so if there were any problems opening logs, we would complain to stderr, which wouldn't work, and then mysteriously exit. - Fix a rare bug where sometimes a verified OR would connect to us before he'd uploaded his descriptor, which would cause us to assign conn->nickname as though he's unverified. Now we look through the fingerprint list to see if he's there. - Fix a rare assert trigger, where routerinfos for entries in our cpath would expire while we're building the path. o Features: - Clients can ask dirservers for /dir.z to get a compressed version of the directory. Only works for servers running 0.0.9, of course. - Make clients cache directories and use them to seed their router lists at startup. This means clients have a datadir again. - Configuration infrastructure support for warning on obsolete options. - Respond to content-encoding headers by trying to uncompress as appropriate. - Reply with a deflated directory when a client asks for "dir.z". We could use allow-encodings instead, but allow-encodings isn't specified in HTTP 1.0. - Raise the max dns workers from 50 to 100. - Discourage people from setting their dirfetchpostperiod more often than once per minute - Protect dirservers from overzealous descriptor uploading -- wait 10 seconds after directory gets dirty, before regenerating. - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpLnU57QhmaI.pgp Description: PGP signature
[IP] Carry Umbrella in DC (fwd from dave@farber.net)
- Forwarded message from David Farber <[EMAIL PROTECTED]> - From: David Farber <[EMAIL PROTECTED]> Date: Wed, 29 Sep 2004 19:18:53 -0400 To: Ip <[EMAIL PROTECTED]> Subject: [IP] Carry Umbrella in DC X-Mailer: Apple Mail (2.619) Reply-To: [EMAIL PROTECTED] Begin forwarded message: From: "James P. Howard, II" <[EMAIL PROTECTED]> Date: September 29, 2004 6:53:37 PM EDT To: [EMAIL PROTECTED] Subject: Carry Umbrella in DC I work in downtown DC (a few blocks from the White House) and this morning saw a plain white blimp over Farragut Park. This thing has no insignia, no numbers, no markings at all and it spent all day circling the city. CNN, and numerous other sources explain this is an Army survellience blimp. Aside from posse comitatus, this is simply immoral. I for one welcome our new art deco overlords. Here's the CNN story: http://edition.cnn.com/2004/US/09/29/security.blimp.ap/ Security blimp tested in Washington skies WASHINGTON (AP) -- Here's a head-turner for a security-nervous city: A large white object was spotted in the skies above the nation's capital in the pre-dawn hours Wednesday. Pentagon police said the Defense Department is testing a security blimp -- fully equipped with surveillance cameras. The white blimp was spotted early Wednesday morning hovering at various times over the Pentagon and the U.S. Capitol. The 178-foot-long device, which is expected to remain in the skies until Thursday, is conducting a mission for the Defense Department. Authorities say the airship is equipped with infrared cameras designed to provide real-time images to military commanders on the ground. The equipment on the blimp already is being used to protect troops in Afghanistan and Iraq. The Army says the device will make at least one 24-hour flight in the District of Columbia area. It has been in the region since last week, and is also being used for test runs over the U.S. Marine Corps Base in nearby Quantico, Virginia, and the Chesapeake Bay. -- James P. Howard, II -- [EMAIL PROTECTED] http://www.jameshoward.us/ -- 202-390-4933 - You are subscribed as [EMAIL PROTECTED] To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpaQzfPowpzt.pgp Description: PGP signature
Re: How to fuck with airports - a 1 step guide for (Redmond) terrorists.
On Tue, Sep 28, 2004 at 03:06:54PM -0700, Bill Stewart wrote: > Either way, if they knew the system was going to crash every 49.7 days, > and they had a process to have a technician reboot it every 30 days, If I knew somebody delivered me a mission critical system like that, I'd sue. The system required a human in the loop to periodically do action XY, or it would reliably fail? And the system before didn't? And it wasn't there as a fallback? The mind boggles. Even more interesting: how many heads have rolled due to this? -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgprQ7KTQDXHy.pgp Description: PGP signature
Re: Geopolitical Darwin Awards
On Mon, Sep 20, 2004 at 08:19:30PM -0700, Major Variola (ret) wrote: > fission rate, ie fewer spare neutrons to spoil the fun. Even pure > Pu-239, > the result of short irradiation, has a problem with premature > ejaculation. So use a tritium-boosted fission nuke. Not as hard to do a true fusion device. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpayYzQLT6py.pgp Description: PGP signature
[i2p] weekly status notes [sep 14] (fwd from jrandom@i2p.net)
ortant, and what we have now is completely unsatisfactory. As DrWoo points out [9], there are significant anonymity risks with the current setup, and even though oOo has made some patches filtering some headers, there is much more work to be done before eepsites can be considered secure. There are a few different approaches to addressing this, all of which can work, but all of which require work. I do know that duck mentioned he had someone working on something, though I don't know how thats coming or whether it could be bundled in with I2P for everyone to use or not. Duck? Another pair of client apps that could help would be either a swarming file transfer app (ala BitTorrent) or a more traditional file sharing app (ala DC/Napster/Gnutella/etc). This is what I suspect a large number of people want, but there are issues with each of these systems. However, they're well known and porting may not be much trouble (perhaps). Ok, so the above isn't anything new - why did I bring them all up? Well, we need to find a way to get an engaging, secure, scalable, and anonymous client application implemented, and it isn't going to happen all by itself out of the blue. I've come to accept that I'm not going to be able to do it myself, so we need to be proactive and find a way to get it done. To do so, I think our bounty system may be able to help, but I think one of the reasons we haven't seen much activity on that front (people working on implementing a bounty) is because they're spread too thin. To get the results we need, I feel we need to prioritize what we want and focus our efforts on that top item, 'sweetening the pot' so as to hopefully encourage someone to step up and work on the bounty. My personal opinion is still that a secure and distributed blogging system like MyI2P would be best. Rather than simply shoveling data back and forth anonymously, it offers a way to build communities, the lifeblood of any development effort. In addition, it offers a relatively high signal to noise ratio, low chance for abuse of the commons, and in general, a light network load. It doesn't, however, offer the full richness of normal websites, but the 1.8 million active LiveJournal users don't seem to mind. Beyond that, securing the eepsite architecture would be my next preference, allowing browsers the safety they need and letting people serve eepsites 'out of the box'. File transfer and distributed data storage are also incredibly powerful, but they don't seem to be as community oriented as we probably want for the first normal end user app. I want all of the apps listed to be implemented yesterday, as well as a thousand other apps I couldn't begin to dream of. I also want world peace, and end to hunger, the destruction of capitalism, freedom from statism, racism, sexism, homophibia, an end to the outright destruction of the environment and all that other evil stuff. However, we are only so many people and we can only accomplish so much. As such, we must prioritize and focus our efforts on achieving what we can rather than sit around overwhelmed with all we want to do. Perhaps we can discuss some ideas about what we should do in the meeting tonight. [6] http://dev.i2p.net/pipermail/i2p/2004-September/000435.html [7] http://www.i2p.net/images/plan.png [8] http://www.freenet.org.nz/python/stasher/ [9] http://brittanyworld.i2p/browsing/ * 6) ??? Well, thats all I've got for the moment, and hey, I got the status notes written up *before* the meeting! So no excuses, swing on by at 9pm GMT and barrage us all with your ideas. =jr -BEGIN PGP SIGNATURE- Version: PGP 8.1 iQA/AwUBQUc1OhpxS9rYd+OGEQLaYQCg0qql8muvuGEh46VICx4t69PuRl8An0Ki 3GEF2jrg/i9csiMO6VdQccxH =4Tip -END PGP SIGNATURE- ___ i2p mailing list [EMAIL PROTECTED] http://i2p.dnsalias.net/mailman/listinfo/i2p - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpfORc0A7rUP.pgp Description: PGP signature
Endorse EDRI's Statement Against Data Retention (fwd from brian-slashdotnews@hyperreal.org)
- Forwarded message from [EMAIL PROTECTED] - From: [EMAIL PROTECTED] Date: 13 Sep 2004 10:26:01 - To: [EMAIL PROTECTED] Subject: Endorse EDRI's Statement Against Data Retention User-Agent: SlashdotNewsScooper/0.0.3 Link: http://slashdot.org/article.pl?sid=04/09/13/0128222 Posted by: timothy, on 2004-09-13 08:31:00 from the but-they're-offering-a-free-backup-service dept. [1]Ville Oksanen writes "Privacy International (PI) and European Digital Rights (EDRI) have published their [2]joint answer to [3]the consultation on mandatory data retention. The European Commission asked for public comments on a proposed retention regime across Europe between 12 and 36 months for all traffic data generated by using fixed and mobile telephony and Internet. As [4]Statewatch puts it: 'This is a proposal so intrusive that Ashcroft, Ridge and company can only dream about it, exceeding even the U.S. Patriot Act.' EDRI and PI are currently collecting endorsements from organizations and companies for their stamement [5]here. This is unfortunately not enough to stop the process - expecially more should be done in the member states, which ultimately decide the fate of the proposal. So contact your local politicians today!" [6]Click Here References 1. http://www.effi.org/ 2. http://www.privacyinternational.org/issues/terrorism/rpt/responsetoretention.html 3. http://europa.eu.int/information_society/topics/ecomm/useful_information/library/public_consult/text_en.htm#data_retention 4. http://www.statewatch.org/ 5. http://www.edri.org/cgi-bin/index?id=00010162 6. http://ads.osdn.com/?ad_id=5137&alloc_id=11055&site_id=1&request_id=9560795&op=click&page=%2farticle%2epl - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpDeuys1WQvM.pgp Description: PGP signature
Re: "Forest Fire" responsible for a 2.5mi *mushroom cloud*?
On Sun, Sep 12, 2004 at 05:07:55PM -0500, J.A. Terranson wrote: > On Sun, 12 Sep 2004, Eugen Leitl wrote: > > > http://www.muenster.org/uiw/fach/chemie/material/gif/oppau.jpg > > Wow! I had no idea ammonium nitrate (ANFO for all intents and purposes, > yes?) could produce that kind of result! How much was there? About 4.5 kT of 50:50 ammonium nitrate/ammonium sulfate mix. One of the largest, if not *the* largest nonnuclear explosions ever. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpEY8Z2iFyDd.pgp Description: PGP signature
potential new IETF WG on anonymous IPSec (fwd from rah@shipwright.com)
- Forwarded message from "R. A. Hettinga" <[EMAIL PROTECTED]> - From: "R. A. Hettinga" <[EMAIL PROTECTED]> Date: Wed, 8 Sep 2004 17:01:31 -0600 To: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: potential new IETF WG on anonymous IPSec --- begin forwarded text Delivered-To: [EMAIL PROTECTED] From: Paul Syverson <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Cc: Paul Syverson <[EMAIL PROTECTED]> Subject: potential new IETF WG on anonymous IPSec User-Agent: Mutt/1.4.1i Sender: [EMAIL PROTECTED] List-Id: Primary NymIP discussion list List-Post: <mailto:[EMAIL PROTECTED]> List-Help: <mailto:[EMAIL PROTECTED]> List-Subscribe: <http://www.nymip.org/mailman/listinfo/nymip-res-group>, <mailto:[EMAIL PROTECTED]> List-Archive: <http://www.nymip.org/pipermail/nymip-res-group/> Date: Wed, 8 Sep 2004 15:24:53 -0400 - Forwarded message from Catherine Meadows <[EMAIL PROTECTED]> - From: Catherine Meadows <[EMAIL PROTECTED]> Date: Tue, 7 Sep 2004 11:29:56 -0400 Paul: The IETF has been discussing setting up a working group for anonymous IPSec. They will have a BOF at the next IETF in DC in November. They're also setting up a mailing list you might be interested in if you haven't heard about it already. Information is below. At 10:08 PM -0700 9/6/04, Joe Touch wrote: >Hi, all, > >To follow-up on related presentations at both SAAG and TCPM, we've >created a mailing list for discussions of anonymous security. > >Further information on the list and how to join it, as well as >pointers to related resources can be found at: > > http://www.postel.org/anonsec > >The mailing list address is: [EMAIL PROTECTED] > >Joe > Cathy - End forwarded message - ___ NymIP-res-group mailing list [EMAIL PROTECTED] http://www.nymip.org/mailman/listinfo/nymip-res-group --- end forwarded text -- - R. A. Hettinga The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpGWv8NVomRu.pgp Description: PGP signature
[IP] New research on foreign intelligence surveillance/wiretapping (fwd from dave@farber.net)
- Forwarded message from Dave Farber <[EMAIL PROTECTED]> - From: Dave Farber <[EMAIL PROTECTED]> Date: Wed, 08 Sep 2004 11:57 -0400 To: [EMAIL PROTECTED] Subject: [IP] New research on foreign intelligence surveillance/wiretapping X-Mailer: SnapperMail 2.0.4.01 by Snapperfish, www.snappermail.com Reply-To: [EMAIL PROTECTED] .. Forwarded Message ... From: Peter Swire <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Date: Wed, 08 Sep 2004 11:50:34 -0400 Subj: New research on foreign intelligence surveillance/wiretapping Dave: Earlier today you posted one of my current research papers on secrecy/openness that a reader sent you. Here is a link to the other new paper, "The System of Foreign Intelligence Surveillance Law." http://papers.ssrn.com/sol3/papers.cfm?abstract_id=586616 Last year, for the first time, more wiretap orders were issued in the United States under the Foreign Intelligence Surveillance Act than for all law enforcement actions. This paper gives the most thorough discussion to date of the history and theory of the special laws and institutions used for foreign intelligence surveillance. It analyzes the major changes in the USA-PATRIOT Act, most of which sunset at the end of 2005. It then provides a number of proposals for reform. As part of the overhaul of the U.S. intelligence system, there should be more discussion of the legal rules that govern intelligence activities conducted within the United States. There are compelling reasons to keep much of this surveillance activity secret. There are also compelling reasons to create effective checks and balances in the system, so that secret surveillance powers do not slide into abuses of those powers. As key FISA provisions sunset in 2005, this paper seeks to provide a basis for a more informed public debate. Best, Peter Prof. Peter P. Swire Moritz College of Law of the Ohio State University John Glenn Scholar in Public Policy Research (240) 994-4142; www.peterswire.net - You are subscribed as [EMAIL PROTECTED] To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgp570470ubmp.pgp Description: PGP signature
Re: JYA in NYT
On Sun, Aug 29, 2004 at 12:42:19AM -0500, J.A. Terranson wrote: > > The on-line NYTimes requires registration - > > if the old "cypherpunks" login doesn't work, > > you can create your own fake id. > > cypherpunks01/cypherpunks01 still works http://bugmenot.com/ Has Mozilla/Firefox extensions too, so you'll get hints via right mouse click on page. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpXDBAEEsPol.pgp Description: PGP signature
[IRR] Army: JetBlue Data Use Was Legal
Army: JetBlue Data Use Was Legal By Ryan Singel 02:00 AM Aug. 23, 2004 PT An Army data-mining project that searched through JetBlue's passenger records and sensitive personal information from a data broker to pinpoint possible terrorists did not violate federal privacy law, according to an investigation by the Army's inspector general. The inspector general's findings (PDF) were accepted by some, but critics say the report simply highlights the inability of the country's privacy laws to cope with 21st-century anti-terrorism efforts. News of the Army project came to light in September 2003 when JetBlue admitted it had violated its privacy policy by turning over 5.1 million passenger records to Torch Concepts , an Alabama-based defense contractor. Torch subsequently enhanced the JetBlue data with information about passengers' salaries, family size and Social Security numbers that it purchased from Acxiom , one of the country's largest data aggregators. The Army says it was testing the data-mining technology as part of a plan to screen visitors to Army bases. ... http://www.wired.com/news/politics/0,1283,64647,00.html - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpAZqNGCumyD.pgp Description: PGP signature
Brin is still a useful idiot
- Forwarded message from David Farber <[EMAIL PROTECTED]> - From: David Farber <[EMAIL PROTECTED]> Date: Wed, 11 Aug 2004 17:20:58 -0400 To: Ip <[EMAIL PROTECTED]> Subject: [IP] Interesting interview with David Brin about privacy, etc. X-Mailer: Apple Mail (2.619) Reply-To: [EMAIL PROTECTED] Begin forwarded message: From: "Bosley, John - BLS" <[EMAIL PROTECTED]> Date: August 11, 2004 3:13:46 PM EDT To: "'Dave Farber ([EMAIL PROTECTED])'" <[EMAIL PROTECTED]> Subject: Interesting interview with David Brin about privacy, etc. For IP if you wish, Dave. John http://www.govtech.net/magazine/story.php?id=90772 <http://www.govtech.net/magazine/story.php?id=90772> John Bosley Office of Survey Methods Research Room 1950, Bureau of Labor Statistics 202-691-7514 fax 202-691-7426 OS X Summary In this place, all the myriad cameras report their urban scenes straight to Police Central, where security officers use sophisticated image-processors to scan for infractions against the public order -- or perhaps against an established way of thought. ...Over by the mall, a teenage shoplifter is taken into custody gingerly, with minute attention to ritual and rights, because the arresting officer knows the entire process is being scrutinized by untold numbers who watch intently, lest her neutral professionalism lapse. ...There, any citizen may tune in on bookings, arraignments, and especially the camera control room itself, making sure that the agents on duty look out for violent crime, and only crime. ...Still, taking that into account, it does seem clearer every day that the 21st century simply has to feature positive-sum games -- or ways everybody can benefit while minimizing the bad. ...I cannot prove with utter certainty that we won't face some genuine tradeoffs between safety and freedom, but I am sick of hearing that it's automatic -- assumed -- that they work against each other, that I must choose between these precious things. ...Q: In one interview about The Transparent Society, you spoke of the need for constant public supervision to enforce accountability on government -- metaphorically a "leash" to remind our guard dogs that they serve us. Does the two-way aspect of information transparency create that leash? ...Not one thing we do will reduce the growing power of elites to look at us. Nor should that matter, or reduce our freedom an iota, so long as we fiercely embrace the other solution. ...There are dozens of potential ways to increase accountability, while at the same time allowing our paid protectors to do their jobs better. ...You can't count the number of times you've seen on TV a debate between some civil libertarian and a "security expert" -- screaming at each other about this so-called "tradeoff." ...Stand on a street corner, and spend five minutes doing a slow turn, taking time to notice all the things that work -- the traffic lights, the sewers, the clean water, all the people being courteous to each other and taking turns. ...I also like having skilled cops, who know they might be on video at any moment, and therefore have decided to stop being paid thugs and instead be the kind of great professionals we saw in fiction, say on Adam 12. ...It's great, and they're getting all sorts of new tools to become better at it -- software tools, cameras, spy tools, biometric ID and surveillance -- tools that might also become dangerous to freedom, if we aren't careful. But even assuming they use these tools both honorably and well, there's just no way anticipation will always work. ...The trend of the 20th century -- toward professionalization of everything -- simply cannot go on. The 21st century has to be a time when people gradually take back some control of their lives. ...Every Cabinet department and military service -- almost every agency -- has an inspector general, whose job is to make sure the law is obeyed by those entrusted with state power. ...Hey, you can look at the future and shiver with fear, or you can peer ahead and say, 'How can we maximize the good while minimizing the bad?' - You are subscribed as [EMAIL PROTECTED] To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpo25ZW70mK8.pgp Description: PGP signature
[IP] The Surveillance Industrial Complex (fwd from dave@farber.net)
- Forwarded message from [EMAIL PROTECTED] - From: [EMAIL PROTECTED] Date: Mon, 09 Aug 2004 10:33 -0400 To: [EMAIL PROTECTED] Subject: [IP] The Surveillance Industrial Complex X-Mailer: SnapperMail 1.9.2.01 by Snapperfish, www.snappermail.com Reply-To: [EMAIL PROTECTED] ___ Dave Farber +1 412 726 9889 .. Forwarded Message ... From: Barry Steinhardt <[EMAIL PROTECTED]> To: David Farber <[EMAIL PROTECTED]> Date: Mon, 09 Aug 2004 10:02:24 -0400 Subj: The Surveillance Industrial Complex Dave, The ACLU is releasing a new report today on the "Surveillance-Industrial Complex," an in-depth look at all the ways that the government is conscripting or recruiting private companies for its war individual privacy and liberty . The report is online at: www.aclu.org/surveillance In conjunction with the release of the report, we have created a new action Web page asking consumers to help us ask companies to take a "no-spy pledge" that they won't willingly cooperate with government demands for their customers' data. The action page is online at:www.aclu.org/privatize The No Spy Pledge says: 1. You will not turn individually identifiable data on your customers over to the government for security purposes unless legally required to do so. 2. You will use every legal means to fight government demands for data that are not authorized by current law, or which violate your Constitutional rights or those of your customers. 3. If the government serves you with a legally binding request to turn over customer information, you will notify customers that our information has been turned over (unless you are subject to a gag order prohibiting you from doing so under the Patriot Act or other legislation) In addition, companies called data aggregators are increasingly becoming a means by which the government accesses information on individuals. I would also like to ask whether you provide information about your customers to data aggregators or any other companies that are in the business of consolidating customer information. If so, which ones Thanks, Barry Steinhardt Director Technology and Liberty Project American Civil Liberties Union (ACLU) 125 Broad Street NYC 10004 www.aclu.org - You are subscribed as [EMAIL PROTECTED] To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpUKIBnI6T6O.pgp Description: PGP signature
BBC on privacy
purposes. CAIRNCROSS: Self-restraint in the use of a powerful new technology is incredibly difficult. Imaginative regulation is certainly worth a try. But, if monitoring and tracking bring benefits, to commerce or to public safety, there will be huge pressure to use it. The limits on personal privacy have shifted permanently. We.ve left the relative anonymity of the 20th century free world and we.re returning to the days of the village, where everybody knew a lot about what everybody else was doing. But, whereas it was possible then to escape the village and hide from view, now we may no longer have that option . at least, not if we want to take full advantage of the benefits of the electronic world. 13 -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpSsemcyypKR.pgp Description: PGP signature
name of the Tor twin?
I recall a TCP/IP traffic remixing network (not a socks proxy like Tor) coming over the list a while back. My bookmarks are away, what's the name of the thing? Not p2net, something similiar. Hello Brain, this is Pinky. Please help. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgp3BWsUuiweP.pgp Description: PGP signature
Bluesniper Creator Interviewed on Gizmodo (fwd from brian-slashdotnews@hyperreal.org)
- Forwarded message from [EMAIL PROTECTED] - From: [EMAIL PROTECTED] Date: 7 Aug 2004 13:26:02 - To: [EMAIL PROTECTED] Subject: Bluesniper Creator Interviewed on Gizmodo User-Agent: SlashdotNewsScooper/0.0.3 Link: http://slashdot.org/article.pl?sid=04/08/06/2242224 Posted by: michael, on 2004-08-07 12:19:00 from the long-shot dept. [1]carbolic writes "[2]Gizmodo interviews John Hering, one of the Bluedriving crew (of which I was one: [3]picture) and creator of the [4]Bluesniper rifle. Get the backstory on the recent 1.08 mile cellphone [5]Bluesnarf attack and find out his motivation for building the rifle and trying a snarf to a cellphone you can't even see." [6]Click Here References 1. http://www.wifi-toys.com/ 2. http://www.gizmodo.com/archives/imterview-with-bluetooth-hacking-flexiliss-john-hering-019057.php 3. http://www.gizmodo.com/archives/images/team_flexilis.jpg 4. http://www.engadget.com/entry/3093445122266423/ 5. file://slashdot.org/article.pl?sid=04/08/06/149207&tid=172 6. http://ads.osdn.com/?ad_id=4826&alloc_id=10297&site_id=1&request_id=8513374&op=click&page=%2farticle%2epl - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpzlORgmwcRL.pgp Description: PGP signature
[IP] more on a police state (fwd from dave@farber.net)
- Forwarded message from David Farber <[EMAIL PROTECTED]> - From: David Farber <[EMAIL PROTECTED]> Date: Fri, 6 Aug 2004 04:56:51 -0400 To: Ip <[EMAIL PROTECTED]> Subject: [IP] more on a police state X-Mailer: Apple Mail (2.618) Reply-To: [EMAIL PROTECTED] Begin forwarded message: From: [EMAIL PROTECTED] Date: August 5, 2004 10:32:22 PM EDT To: [EMAIL PROTECTED] Subject: Re: a police state Well, since the fastest growing black household in America is the cellblock; since here in Philadelphia I still can hear cops step from their cars asking, "Where'd the nigger go?" in front of black onlookers; since Independence Hall now has a clearly visible surveillance camera in its tower and visitors to the Liberty Bell are searched and wanded multiple times; since the fastest growing group of armed police in the US are private security and prison guard, since without trying very hard, I can read more and more about police getting no-knock powers, about prisoners held incommunicado, etc. -- I think we shouldn't wait until we are all getting routinely Taser'd for getting smart at the latest "preventive" roadblock. It's enough like a police state--or a hall monitor's wet dream -- to get me nervous. --Michael McGettigan One recent example -- a friend of mine who worked transmitters for Motorola was sent to a crime-ridden North Philly high-rise project. His mission -- inspect a repeater transmitter that was inside a steel-doored room atop the building -- the transmitter's function was to boost the signals of the various law enforcement/drug authorities that raided it on a regular basis. They'd found that their hand radios often didn't work well enough. The idea that this high-rise should maybe be razed rather than rigged for a permanent state of drug busts didn't seem to occur to anyone. - You are subscribed as [EMAIL PROTECTED] To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpLB8STYKtqf.pgp Description: PGP signature
[IP] Your people are growing increasingly worried about a 'police state.' For such an educated audience, (fwd from dave@farber.net)
- Forwarded message from David Farber <[EMAIL PROTECTED]> - From: David Farber <[EMAIL PROTECTED]> Date: Thu, 5 Aug 2004 18:21:43 -0400 To: Ip <[EMAIL PROTECTED]> Subject: [IP] Your people are growing increasingly worried about a 'police state.' For such an educated audience, X-Mailer: Apple Mail (2.618) Reply-To: [EMAIL PROTECTED] Begin forwarded message: From: Brad Templeton <[EMAIL PROTECTED]> Date: August 5, 2004 5:47:16 PM EDT To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: [IP] Your people are growing increasingly worried about a 'police state.' For such an educated audience, >Subj: Your people are growing increasingly worried about a 'police >state.' >For such an educated audience, they seem to lack any sense of >proportion, a sense of history or an > awareness of human nature. > Indeed, as you cite, there are many police states and history is littered with ones that have risen and fallen as well. Each time a police state rose, there were those who cried that a police state was coming and were called paranoid. There were those who actively assisted the police state in coming, seeking the security it promised. There were those who assisted the police state in coming, not wanting one, but feeling those who called out the warnings were paranoid. There were those who said and did nothing. Free states are the abberation in the history of mankind. Police states (for the level of technology of the day) the norm. So perhaps when Mr. Ashcroft erodes civil rights, you can make a valid claim that it introduces only a very slight risk of a police state, or is only the start of a trend. How much risk is enough? If events only presented a 1% chance of taking the path to a police state, would you want to tolerate it? Would you find it acceptable to teeter on the edge of a police state, because you were still on the free side of the line? Often, in the defence of free speech, we find ourselves defending people expressing ideas we loathe. Nazis, pedophiles and other scum. We do it not because we welcome a world full of their messages, but because we know that if the Holocaust deniers can publish, we are _really, really_ sure that we can publish. It's not paranoia. - You are subscribed as [EMAIL PROTECTED] To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpn4nDBKNQGU.pgp Description: PGP signature
Re: [FoRK] ECC and the web (fwd from robert.harley@gmail.com)
- Forwarded message from Robert Harley <[EMAIL PROTECTED]> - From: Robert Harley <[EMAIL PROTECTED]> Date: Thu, 5 Aug 2004 00:10:32 +0100 To: FoRK <[EMAIL PROTECTED]> Subject: Re: [FoRK] ECC and the web Reply-To: [EMAIL PROTECTED] >Came across this today and thought it would be of interest to some of you... > >*Integrating elliptic curve cryptography into the web's security infrastructure * >Vipul Gupta, Douglas Stebila, Sheueling Chang Shantz >[...] Sheueling contacted me a couple of times a couple of years ago about the same stuff... described her research at Sun... enquired about working together but decided it wasn't a go-er since I was in Paris and her in the Bay area... >RSA is the most popular public-key cryptosystem on the Web today but long-term trends >such as [...] increasing security needs will make continued reliance on RSA more >challenging over time. [...] I've long doubted the security of RSA and have more concrete reasons for doubting these days... won't say more than that... ;) R ___ FoRK mailing list http://xent.com/mailman/listinfo/fork - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpwkVNJJ0xRt.pgp Description: PGP signature
Re: planet sized processors (Re: On what the NSA does with its tech)
On Wed, Aug 04, 2004 at 06:16:14PM -0400, Adam Back wrote: > The planet sized processor stuff reminds me of Charlie Stross' sci-fi > short story "Scratch Monkey" which features nanotech, planet sized Not a coincidence, as he's been mining diverse transhumanist/extropian communities for raw bits. Kudos to his work, very nicely done. > processors which colonize space and build more planet-sized > processors. The application is upload, real-time memory backup, and > afterlife in DreamTime (distributed simulation environment), and an > option of reincarnation. http://www.aleph.se/Trans/ is a bit dated, but is still a very good resource. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgphf1meO6HBY.pgp Description: PGP signature
Re: On what the NSA does with its tech
On Wed, Aug 04, 2004 at 04:44:58PM -0400, Jack Lloyd wrote: > If I did my unit conversions right, such a disk would be over 30,000 miles in Drexler's estimate for computers are coservative (purely mechanical rod logic). SWNT-based reversible logic (in spintronics? even utilizing nontrivial amounts of entangled electron spins in solid state qubits for specific codes?) could do a lot better. So today's secrets perhaps won't be in a few decades. What else is new? Rather, who's passphrase has 128 bits of pure entropy? Certainly not mine. So the weakest link is elsewhere. > diameter. So we'll probably get some advance notice - "Hey, what's that big-ass > thing orbiting around the Moon?" By that time the question is rather "do you think that's air you're breathing?" Check out some of the stuff on http://moleculardevices.org/ you might get a surprise. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpOLxe6Kd3ot.pgp Description: PGP signature
Re: Giesecke & Devrient
On Tue, Aug 03, 2004 at 03:57:02AM +1200, Peter Gutmann wrote: > Nothing you can't get from a pile of other vendors who will actually talk to > you. Unless you've got some business reason to deal with them, I wouldn't > bother (I have nothing against them per se, they just do business in a way > that isn't useful to me... and I'm sure they think the same of me). I'm just investigating alternative uses for stuff I already need for HBCI (a kraut homebanking standard). The state of the art (especially for open source smart card support) looks pretty rudimentary. The Dell Smart Card keyboard I've got has some CCID drivers which run under Win2k but refuse XP, and this thing isn't yet properly supported by the Muscle folks or libchipcard2. We're not even talking about higher order functionality yet (RSA and 3DES), just dumb data store. Gnucash on Fink doesn't seem to support HBCI at all yet, not even mentioning smart cards. What's weird is that the banks aren't pushing this to the customers (readers are somewhere between 50 and 100 EUR, and the cheapest RSA card some 13 EUR). The phishing issues aren't yet painful here apparently, due to predominance of PIN/TAN (the dead tree variant) in online banking. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpn55dp0sGuL.pgp Description: PGP signature
Re: Giesecke & Devrient
On Tue, Aug 03, 2004 at 03:36:45AM +1200, Peter Gutmann wrote: > G&D produce (or help produce) things like banknotes and passports (and have > been doing so for more than a century), the secrecy comes with the territory. I have no smart card background, unfortunately. I've heard G&D ignores requests from open source developer people, though. Are keywords like STARCOS SPK2.3 (Philips P8WE5032 chip), ITSEC E4 certification (with StarCert v 2.2.) etc. associated with a good security track? Features * ISO/IEC compatible * Secure messaging * Hierarchical ISO file system * DES, 3DES * State machine * Logical Channels support * Deletion of files (EF) and applications (DF) * Enhanced hardware security * High performance * Implementation of various access controls (authentication) * Data encryption with asymmetric RSA keys up to a key length of 1,024 * bits * Generation and verification of digital signatures with RSA and DSA * On-card RSA key generation up to a key length of 1,024 bits * The digital signature application StarCert is ITSEC E4 high certified STARCOS SPK2.3 is available on a Philips chip with 32 kByte. Symmetric (DES, 3DES) as well as asymmetric (DSA, RSA) cryptograhic methods are supported. For further information please contact: Industry & Government Team Phone: +49 (0)89 4119-1957 Fax: +49 (0)89 4119-2802 [EMAIL PROTECTED] -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpNWKJWTQg60.pgp Description: PGP signature
Giesecke & Devrient
Assuming I generate a key on a RSA smart card made by G&D, what kind of prestige track do these people have? They seem to be pretty secretive, that's not a good sign. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpEO0QTLUH4M.pgp Description: PGP signature
[IP] Cybersecurity: they just don't get it... (fwd from dave@farber.net)
- Forwarded message from David Farber <[EMAIL PROTECTED]> - From: David Farber <[EMAIL PROTECTED]> Date: Mon, 26 Jul 2004 16:44:37 -0700 To: Ip <[EMAIL PROTECTED]> Subject: [IP] Cybersecurity: they just don't get it... X-Mailer: Apple Mail (2.618) Reply-To: [EMAIL PROTECTED] Begin forwarded message: From: "John F. McMullen" <[EMAIL PROTECTED]> Date: July 26, 2004 2:09:11 PM PDT To: Dave Farber <[EMAIL PROTECTED]>, Declan McCullagh <[EMAIL PROTECTED]>, Peter Neumann <[EMAIL PROTECTED]> Subject: [johnmacsgroup] Cybersecurity: they just don't get it... FYI -- Forwarded message -- From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [johnmacsgroup] Cybersecurity: they just don't get it... I'm watching CNN's Headline News, and they run a story on security preparations for this week's Democratic Convention in Boston. They go on, at great length, about the extensive network of cameras--approximately 75 of them, scattered around various Federal buildings and convention sites--and make it a point to illustrate how the security force, with their wireless networks and handheld devices, can grab the feed from any of these cameras at the tap of a stylus. So, they show one such device - with it's 802.11b card clearly identifiable - and show another agent viewing a webcam of the Boston Harbor shoreline - with the URL of the hosting site clearly readable. When talking about the cameras, they show several different cameras on different buildings, some of which seem fairly unusual in their architecture. I now know that they're using 802.11b, and I know the name at least one system handling the webcam feeds, and (with a bit of reconaissance) I can probably determine the position of at least one camera. So much for cybersecurity; I can't believe that the Feds even let that stuff on the air, much less that they did so without obfuscating critical information. *sigh* What were they thinking? ~-> "When you come to the fork in the road, take it" - L.P. Berra "Always make new mistakes" -- Esther Dyson "Any sufficiently advanced technology is indistinguishable from magic" -- Arthur C. Clarke "You Gotta Believe" - Frank "Tug" McGraw (1944 - 2004 RIP) John F. McMullen [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] ICQ: 4368412 Skype, AIM & Yahoo Messenger: johnmac13 http://www.westnet.com/~observer - You are subscribed as [EMAIL PROTECTED] To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgp0xjgcv1pP1.pgp Description: PGP signature
Re: [FoRK] For those indoctrinated by the military (fwd from andrew@ceruleansystems.com)
- Forwarded message from "J. Andrew Rogers" <[EMAIL PROTECTED]> - From: "J. Andrew Rogers" <[EMAIL PROTECTED]> Date: Wed, 21 Jul 2004 12:36:37 -0700 To: [EMAIL PROTECTED] Subject: Re: [FoRK] For those indoctrinated by the military X-Mailer: WebMail 1.25 Reply-To: [EMAIL PROTECTED] > An alternative perspective. You should try to cultivate more of them. > Attack helicopters - I guess that would be one of the things the Russians > copied from Vietnam - dumbasses. That is simply the evolution of warfare. Helicopters were great for about twenty years, and then the US started deploying effective countermeasures against them in the 1980s (as the Russians learned in Afghanistan). The Russians learned how to design for close air support the very expensive way. The US has actually been scrapping new helicopter development, though it is committed to upgrading existing ones. While I don't remember where I heard it very recently, but the A-10 (a very well-engineered combat aircraft) has been granted a last minute reprieve and is slated to be upgraded i.e. they are substantially extending its service life. The US is still mostly using Cold War equipment that has been patched with some upgrades. A broad slate of completely new technology platforms is scheduled for deployment over the next several years, bringing a very substantial leap in capability over what the US already has. The new platforms are, quite frankly, pretty scary to the extent they completely obsolete existing platforms. The ability to effectively and methodically destroy irregular forces and guerillas in urban and not so urban settings were explicit design goals in many of these systems. The targeting and tracking granularity of the automated fire control and surveillance systems is no longer vehicle and unit size nor is it dependent on the centralization of resources in big capital equipment. Instead it is more like a decentralized swarm of smaller machines that can work at the granularity of a specific individual. This is actually big picture bad in the same way that strong AI is big picture bad. In an environment where such things exist, all you can do is hope that it isn't used against you because there isn't much you can do about it in such cases. If the initial conditions aren't favorable, then you are all but hosed. Naturally, the US military is already testing primitive active countermeasures against such weapons. j. andrew rogers ___ FoRK mailing list http://xent.com/mailman/listinfo/fork - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpDzplK4Hifp.pgp Description: PGP signature
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
On Tue, Jul 20, 2004 at 08:55:36PM -0700, Major Variola (ret) wrote: > The thread was about wiretapping. My point was that you can record > at linespeed an analyze at leisure. Nothing more, nothing less. This makes no sense. Most of the traffic out there is garbage, and it is ridiculously expensive to record all of it. It is not at all difficult to analyze it, and extract useful info: all plain text information, which endpoints use which crypto, VoIP streams, etc. We *do* remember the Pakistan-UK email on wire intercept, don't we? How else is this supposed to have happened by means other than a total tap? You better believe they're doing it -- but they capture only traffic that contains useful information. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpYeYEUUZ9S1.pgp Description: PGP signature
Re: Reputation Capital Article - 1st Monday: Manifesto for the Reputation Society
On Mon, Jul 19, 2004 at 02:09:59PM -0400, Steve Furlong wrote: > It's ok, you can still say "Tim May" around here. You rang? http://groups.google.com/groups?q=%22Tim+May%22&hl=en&lr=&ie=UTF-8&sa=G&scoring=d -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgp0qwALUAoEp.pgp Description: PGP signature
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
On Mon, Jul 19, 2004 at 07:56:05AM -0500, J.A. Terranson wrote: > None of which qualify here - remember, the discussion was based upon a > "quiet" implementation. A VPN link from a *nivore box streaming filtered info is pretty quiet. There are plenty of dedicated network processors for packet filtering purposes: http://leitl.org/ct/2004.1/01/160/art.htm As suggested, tapping oversea fibres in shallow waters is probably the Way To Do It. No way to store the entire traffic, and expect to still be able to mine it. What is interesting is how they do VoIP voice recognition, if at all. Too mancy simultaneous channels to screen them all, or are they? -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpzqzuMEcpGd.pgp Description: PGP signature
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
On Sun, Jul 18, 2004 at 07:50:16AM -0500, J.A. Terranson wrote: > I have seen a passive tap on a gig line used for IDS, true, but that's > pretty close to the state of the art right now. There's an issue with There are dedicated network processors, though, and one can outsorce the filter bottlenecks into an FPGA board. This is still reasonably small and cheap. > getting the interfaces for the 1U Dell, and then you have the secondary > issues of just how much encapsulated crap do you need to strip off, and > how fast. Remeber, you only get 1 shot, and you *can't* ask for more time > - if your buffer runneth over, you be screwed. > > It's not as easy as it feels. I think it would be far easier if WAN protocols were plain GBit Ethernet. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpbV8mKfJvcX.pgp Description: PGP signature
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
On Sun, Jul 18, 2004 at 06:13:49AM -0500, J.A. Terranson wrote: > A NIC? You gotta realize that we're talking about mesh circuits here: > OC3-OC48 trunks, OC192 backbones... This is no small job. A mom/pop or At times of 10 GBit Ethernet, OC192 data rate doesn't seem all that intimidating. A standard 1U Dell should have enough crunch to just filter out the plain text packets of a 1 GBps Ethernet line. > midsized regional maybe you could do this - you know, the guy with a half > a dozen DS3s. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpw7vAYFna25.pgp Description: PGP signature
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
On Sun, Jul 18, 2004 at 05:55:02AM -0500, J.A. Terranson wrote: > Now, *mirroring* to a couple of choke points, sure, but then you ave > transit and other associated costs (you gotta haul the data to all of the > collectors). I was thinking about a box at each incoming/outgoing point with a NIC in passive mode. Filtered traffic is a tiny fraction of total, and should be easy to send to a central location (I presume because it's feasible to process and store world's entire relevant text traffic in a pretty small central facility, no one is going to bother with true distributed processing; though filtering at the periphery already qualifies as such). Otoh, presence of a number of such boxes is goign to need a gag order, and a really major ISP. Small shops are too informal to be able to hide something like that. > Just not feasible to do it quietly. Note, I said quietly. Hardware required for tapping major arteries is going to need modified high-end routers (filtering of cloned traffic), no? I don't see how this is going to be a limit on organization of the size of NSA & consorts. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgp5MmNpI8LsN.pgp Description: PGP signature
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
On Sat, Jul 17, 2004 at 02:06:40PM -0700, Bill Stewart wrote: > On the other hand, 100,000 employees times two disk drives per desktop > and a few departmental servers can get you that much capacity. I understand there is this thing called a black budget. The production rate limit of plain text is human fingers. If you want to keep it all online, your burn rate is a kilobuck/day for hardware. Filtering traffic to extract relevant parts is going to cost a bit more, especially if you're using centralized taps and not server clouds in the periphery. For those of you who have worked at major ISPs, can the fact that traffic is routed through a few "customer" boxes be hidden from employees? -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpOrL6gpmqMF.pgp Description: PGP signature
[IP] Government Is 'Reshaping' Airport Screening System (fwd from dave@farber.net)
e a house of cards." The government should improve aviation security by concentrating on simpler challenges, like access control at airports, she said. <http://www.nytimes.com/2004/07/16/politics/16fly.html> - You are subscribed as [EMAIL PROTECTED] To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpVZ5XKyhCE6.pgp Description: PGP signature
Re: vacuum-safe laptops ?
Hard drives won't be able to, you'd need solid state flash disks. Sustainable operation will dry out lubricant in bearings, so any fans won't last very long. Any cooling requiring convection won't work, radiative cooling only. I suppose backlighting should be able to do, don't see how LCDs will get damaged. If high voltage is sufficiently good insulated, otherwise it will arc. It all depends on how hard your vacuum is, of course. And how long you want to operate the device. You'd need an old laptop, passively cooled (if it won't foul up your vacuum, immerse it in silicon oil), outfitted with flash sticks or flash drives. All of this is an educated guess, of course. On Fri, Jul 16, 2004 at 06:35:02AM -0400, An Metet wrote: > Does anyone *know* (first or second hand, I can speculate myself) which laptops, if > any, can safely go to zero air pressure (dropping from 1 atm to 0 in, say, 1 minute.) -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpN77MXfOJqe.pgp Description: PGP signature
USA PATRIOT Act Survives Amendment Attempt (fwd from brian-slashdotnews@hyperreal.org)
- Forwarded message from [EMAIL PROTECTED] - From: [EMAIL PROTECTED] Date: 9 Jul 2004 13:26:01 - To: [EMAIL PROTECTED] Subject: USA PATRIOT Act Survives Amendment Attempt User-Agent: SlashdotNewsScooper/0.0.3 Link: http://slashdot.org/article.pl?sid=04/07/09/1145225 Posted by: michael, on 2004-07-09 12:49:00 Topic: us, 90 comments from the i-feel-safer-already dept. crem_d_genes writes "A bill to modify the USA PATRIOT Act that would have blocked part of the legislation's provisions that allow for the investigation of people's reading habits [1]was defeated by a 210-210 vote in the U.S House of Representives. The House leaders kept the roll call open for 23 minutes past the 15 minute deadline to persuade 10 Representatives to change votes. According to the article 'Rep. Zach Wamp, R-Tenn., said he switched his initial "yes" vote to "no" after being shown Justice Department documents asserting that terrorists have communicated over the Internet via public library computers.' On the other hand, 'Critics of the Patriot Act argued that even without it, investigators can get book store and other records simply by obtaining subpoenas or search warrants.'" References 1. http://story.news.yahoo.com/news?tmpl=story&u=/ap/20040708/ap_on_go_co/congress_patriot_act - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpQAKoSancdT.pgp Description: PGP signature
Re: [IP] Hi-tech rays to aid terror fight
On Thu, Jul 08, 2004 at 06:52:22PM -0700, Major Variola (ret) wrote: > Whatever, its still pornography if the resolution is high enough. THz EM radiation only has a (relatively shallow) penetration depth for clothes, plastic, wood, sand and soil. It might do to detect a ceramics knife on a person through clothes, or for (say, skin cancer) diagnostics, but it will only pick up an explosive spectrum if it's wrapped in paper/cardboard/plastic foil, or not wrapped at all. Looking for nitrogen doesn't cover all explosives, but most of them. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpfYJZksNBhZ.pgp Description: PGP signature
[IP] Hi-tech rays to aid terror fight (fwd from dave@farber.net)
- Forwarded message from David Farber <[EMAIL PROTECTED]> - From: David Farber <[EMAIL PROTECTED]> Date: Thu, 8 Jul 2004 10:09:31 -0400 To: Ip <[EMAIL PROTECTED]> Subject: [IP] Hi-tech rays to aid terror fight X-Mailer: Apple Mail (2.618) Reply-To: [EMAIL PROTECTED] Begin forwarded message: From: Dewayne Hendricks <[EMAIL PROTECTED]> Date: July 8, 2004 4:53:34 AM EDT To: Dewayne-Net Technology List <[EMAIL PROTECTED]> Subject: [Dewayne-Net] Hi-tech rays to aid terror fight Reply-To: [EMAIL PROTECTED] Hi-tech rays to aid terror fight A new way of identifying metal and explosives could provide a valuable tool in the fight against terrorism. Airport security has become big business following the terrorist attacks in the US. A system that detects both metal and non-metallic weapons using terahertz light has been developed by technology firm TeraView. It could make passenger screening at airports more effective and quicker, say experts. Safe to humans Dr Ruth Woodward, an independent scientific adviser for terahertz consultancy firm HT Consultants, said the technology could provide one of the most innovative ways of dealing with security threats. "It presents a positive step forward, although the economic benefits are yet to be determined," she told BBC News Online. Terahertz light sits between microwave and infrared on the electro-magnetic spectrum. It has a number of properties that can be harnessed to screen passengers. Unlike X-ray, it is perfectly safe to use on people. It can pass through clothing, paper and plastics to detect metal, ceramic or plastic weapons. And it can identify explosives by reading their characteristic spectral 'fingerprints'. Magic wand TeraView is a firm looking at ways of exploiting terahertz light. It is developing a handheld security wand that could be used by airport security guards to pass over the body of passengers. It is expected that the product will be available for commercial use within two years, following a trial at an as yet unspecified airport. The firm is partnering with detection equipment firm Smiths Detection on the project. The terahertz 'wand' will be attached to a box which will bleep when suspicious objects are found. Eventually the firm also hopes to make a walk-through portal that uses the same techniques as the wand to scan passengers. "The big challenge for airports is to keep the passengers happy and provide a high level of security," said Dr Mike Kemp, the vice-president of TeraView. "What we are trying to do with terahertz light is create something that is more automatic and reduces the dependence on the sharp-eyed operator," he said. Turning to technology The technology is not likely to replace current methods of scanning, rather will sit alongside them, he explained. And there is no substitute for old-fashioned human alertness. "Any technology, whether it is new or old, is only there to complement commonsense," said Dr Woodward. Following the September 11 attacks, airport security has taken on a new-found urgency. "Many companies are looking at new technologies that can offer substantially increased security," said Chris Yates, aviation security editor at Jane's Transport. A system that blows air at passengers to detect explosives is under trial at Terminal One of Manchester airport. And several US airports are testing technology that can virtually undress passengers to detect any suspicious items. This has caused uproar from civil liberty organisations in the US and led to some modification to allow passengers a degree of modesty. "Basically the most sensitive areas of the body have been blocked out," said Mr Yates. Terahertz light is the last unexplored frontier of the radio wave and light spectrum. and can be also be utilised in a variety of ways such as medical imaging. Story from BBC NEWS: <http://news.bbc.co.uk/go/pr/fr/-/1/hi/technology/3833275.stm> Published: 2004/07/08 08:05:37 GMT Archives at: <http://Wireless.Com/Dewayne-Net> Weblog at: <http://weblog.warpspeed.com> - You are subscribed as [EMAIL PROTECTED] To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpcgrcVXaZ2c.pgp Description: PGP signature
petabyte on a budget
Since we were talking about how much storage is available these days: http://www.archive.org/web/petabox.php For a backup just mirror to a number of similiar clusters offsite. Large Scale Data Repository: Petabox OVERVIEW The petabox by the Internet Archive is a machine designed to safely store and process one petabyte of information (a petabyte is a million gigabytes). The goals-- and current design points are: * Low power-- 6kWatts per rack, and 60kWatts for the whole system * High density-- 100 Terabytes per rack * Local computing to process the data-- 800 low-end PC's * Multi-OS possible, linux standard * Colocation friendly-- requires our own rack to get 100TB/rack, or 50TB in a * standard rack * Shipping container friendly-- Able to be run in a 20' by 8' by 8' shipping * container * Easy Maintenance-- one system administrator per petabyte * Software to automate mirroring with itself * Inexpensive design * Inexpensive storage PILOT STATUS 5/2004 * The first 100TB Rack is up and running! * The second 100TB Rack will be up by the end of May * Thermal Targets have been met * Systems Bootstrapped from USB Flash Device * Reiser FS running * PC-based Router running AVAILABILITY For more details, please contact: [EMAIL PROTECTED] -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpQfieeIl6IA.pgp Description: PGP signature
Re: Faster than Moore's law
On Wed, Jul 07, 2004 at 09:31:45PM -0700, Major Variola (ret) wrote: > Just want to remind y'all that drive capacity has increased *faster* > than semiconductor throughput, which has an 18 month doubling time. Yes. Also, human-generated traffic (the relevant part: which email you write, which sites you browse) has an upper bound for each meat person. Even if one doesn't have access to your ISP's logs this should be enough to identify (not necessarily link to a specific fed-issued ID, though) almost every person within a session. I think it is safe to assume that every relevant traffic which is in clear is being recorded, some or all of it forever. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpIthKAkxkmY.pgp Description: PGP signature
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
On Wed, Jul 07, 2004 at 10:28:01AM -0400, Tyler Durden wrote: > Well, I don't actually believe it's all recorded. As I've attempted to > explain previously, "they" almost certainly have risk models in place. When > several variables twinkle enough (eg, origination area, IP address, > presence of crypto...) some rule fires and then diverts a copy into the > WASP'S Nest. There's probably some kind of key word search that either > diverts the copy into storage or into the short list for an analyst to peek > it. How much plain text can ~10^9 online monkeys daily enter into their keyboard? A ~10^3 average ballpark gives you a TByte/day (minus the redundancy), which is currently a 1U worth of SATA RAID/day, or 3 years worth of world's entire traffic in a 10^3 node cluster, which is on the low side these days. Hard drive storage density goes up exponentially, and probably faster than people can go online (the old world has saturated) -- it isn't a problem, given that population increase doesn't occur at these growth rates. You don't have to delete anything, ever. Given what Google manages with some 10^4..10^5 nodes, this problem set looks puny in comparison. Keeping the data on a cluster gives you the local crunch to do some very nontrivial data mining, especially if you narrow the scope down sufficiently to be able to lock the data in memory and crunch it there. Fax OCR/telex is just as easy, speech recognition doable, given the budget. We don't know whether they are actually doing it (I *think* these people are too conservative to be doing clusters right now, so they're probably doing storage hierarchies with tape libraries -- but then they as well could be MIB types years ahead of the mainstream), the point it is that they could, given the documented amount of hired talent and official budget. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpnEUmDOqIab.pgp Description: PGP signature
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
On Tue, Jul 06, 2004 at 11:36:11PM -0700, Major Variola (ret) wrote: > At 06:58 AM 7/7/04 +0200, Eugen Leitl wrote: > >I can't imagine any intelligence professional wasting her time reading > >the crap at times coming over this list. > > Frankly sir, that's because you have no idea of their budget, > or their fascistic urges.Its not paranoia to think you're tapped, > its rationality. Of course we're tapped, despite funky headers like Received: from positron.jfet.org (positron.jfet.org [66.136.223.122]) (using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)) (Client CN "positron.mit.edu", Issuer "positron.mit.edu" (not verified)) by leitl.org (Postfix) with ESMTP id BDD9D3A8326 for <[EMAIL PROTECTED]>; Wed, 7 Jul 2004 08:39:41 +0200 (CEST) Received: from positron.jfet.org (localhost [127.0.0.1]) by positron.jfet.org (8.12.11/8.12.11/Debian-3) with ESMTP id i676giK6021720 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for <[EMAIL PROTECTED]>; Wed, 7 Jul 2004 01:42:44 -0500 just don't fool yourself about all your fans at Mt. Spook central ejecting coffee through their nose at our jokes and witticisms. Databases, despite much improved, don't have a good sense of humor. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpeATTdhm8eV.pgp Description: PGP signature
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
On Tue, Jul 06, 2004 at 09:40:29PM -0700, Major Variola (ret) wrote: > smoking something I've run out of. Its all recorded. I'm sure the > archiving > and database groups in Ft. Meade will get a chuckle out of your > "the right to" idioms. All this stuff goes into some database slot. It will only get reviewed by a human analyst if the ranking function trips over threshold (or reviewed forensically after the fact). I can't imagine any intelligence professional wasting her time reading the crap at times coming over this list. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpqD6CjLE4NI.pgp Description: PGP signature
[IP] Syndicated Dave and Declan... RSS (fwd from dave@farber.net)
- Forwarded message from David Farber <[EMAIL PROTECTED]> - From: David Farber <[EMAIL PROTECTED]> Date: Mon, 5 Jul 2004 17:28:27 -0400 To: Ip <[EMAIL PROTECTED]> Subject: [IP] Syndicated Dave and Declan... RSS X-Mailer: Apple Mail (2.618) Reply-To: [EMAIL PROTECTED] Begin forwarded message: From: Joseph Lorenzo Hall <[EMAIL PROTECTED]> Date: July 5, 2004 4:43:05 PM EDT To: Dave Farber <[EMAIL PROTECTED]>, Declan McCullagh <[EMAIL PROTECTED]> Subject: Syndicated Dave and Declan... RSS Reply-To: [EMAIL PROTECTED] Hi Declan, Dave (for IP, if you wish), Being one of the many of your pesky readers that spends a good deal of time in a news aggregator and likes syndicated news (RSS, ATOM, etc.), I've bugged you both before about setting up something with RSS. (Declan finally caved and is using some sort of blog software with RSS and ATOM feeds: http://www.politechbot.com/ ) As for building a feed of Dave's IP list, I finally had to take matters into my own hands and hire a mercenary. I got Carlo Zottmann to build an RSS feed for Dave's Interesting People List... here's the RSS feed: http://bootleg-rss.g-blog.net/ d.interesting_people_org_archives_interesting-people.php A special feature that Carlo included was the ability to add '?date=MM' (ex: 200407) to the end of the script to access the archive for a previous month. When no date is given, the script defaults to the current month. Further, Carlo will scrape any site that you wished had syndication for $2 (If you like the IP syndication and would like to make a donation to Carlo's efforts, let me know): http://bootleg-rss.g-blog.net/journal/2004/07/announcement-accepting- feed-requests.html (via Boing Boing originally) I also asked him to syndicate the Drudge Report for fun (which appeared to be a major pain in the ass considering it seems to be hand-edited): http://bootleg-rss.g-blog.net/d.drudgereport_com.php Joe Joseph Lorenzo Hall, SIMS PhD Student; UC Berkeley. [web:<http://pobox.com/~joehall/>, blog:<http://pobox.com/~joehall/nqb>] - You are subscribed as [EMAIL PROTECTED] To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpXB1SOFQtzF.pgp Description: PGP signature
Re: UBL is George Washington
On Mon, Jul 05, 2004 at 09:32:16PM +0200, Anonymous wrote: > But asymm warfare has to accomplish its goal. It's not being very > successful. The only people who are siding with al-qaeda are those whose Au contraire. People in the US (stupid gits) are genuinely afraid. They're voting law and order types into office, with strongarm tendencies in foreign politics which is about the best recruitment program the mange-bearded turbaned fringe could ever come up with. They'd cream their pants with the thought of Shrubya being reelected. It's about the best thing that could happen to them. If they knew the right place and time to bomb the Xtian terrorists into office, they'd be on the plane already. > brains are already mush -statist socialists, to be precise. If al qaeda This is not an accurate view of what is happening in the EU. > bombed government buildings or targetted the private residences or offices > of government officials, they might get more sympathy, from me at least. > Destroying an pair of buildings and killing thousands of citizens -most of > whom couldn't give an accurate account of U.S. forces distribution in the > MidEast- is not a step forward. Yes, it is. You're just confused about what their goals are. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgp1W9uMzjH09.pgp Description: PGP signature
[IP] more on more on E-mail intercept ruling - good grief!! (fwd from dave@farber.net)
- Forwarded message from David Farber <[EMAIL PROTECTED]> - From: David Farber <[EMAIL PROTECTED]> Date: Fri, 2 Jul 2004 09:07:14 -0400 To: Ip <[EMAIL PROTECTED]> Subject: [IP] more on more on E-mail intercept ruling - good grief!! X-Mailer: Apple Mail (2.618) Reply-To: [EMAIL PROTECTED] Begin forwarded message: From: Peter Swire <[EMAIL PROTECTED]> Date: July 1, 2004 2:52:11 PM EDT To: [EMAIL PROTECTED] Subject: RE: [IP] more on E-mail intercept ruling - good grief!! Reply-To: [EMAIL PROTECTED] Dave: On VOIP interception, there is a statutory and a constitutional issue. The statutory issue is whether VOIP is a "wire" communication (like a phone call) or an "electronic" communication (like an e-mail or web communication). The Councilman court said that "wire" communications are considered "intercepted" even if they are in temporary storage. The key holding of the case was that "electronic" communications are not "intercepted" if the wiretap takes place while the communication is in temporary storage. "Wire communication" is defined as "any aural transfer made in whole or in part through the use of facilities for the transmission of communications by the aid of wire, cable or other like connection between the point of origin and the point of reception." I do not know whether a court has ruled on whether VOIP counts as a "wire communication." Quick research just now suggests we don't have a case on that yet. I can see arguments either way, based in part on whether a packet-switched communication counts as "aural." Under Councilman, if VOIP is an "electronic communication", then the provider therefore could intercept the VOIP calls for the provider's own use without it counting as an "interception." Providers already can intercept communications with user consent or to protect the system, but this would be blanket permission to intercept communications. The constitutional question is whether users have a "reasonable expectation of privacy" in VOIP phone calls. Since the 1960's, the Supreme Court has found a 4th Amendment protection for voice phone calls. Meanwhile, it has found no constitutional protection for stored records. In an article coming out shortly from the Michigan Law Review, I show why VOIP calls quite possibly will be found NOT to have constitutional protection under the 4th Amendment. It would then be up to Congress to fix this, or else have the Supreme Court change its doctrine to provide more protections against future wiretaps. Article at http://papers.ssrn.com/sol3/papers.cfm?abstract_id=490623 . Peter Prof. Peter P. Swire Moritz College of Law, Ohio State University John Glenn Scholar in Public Policy Research (240) 994-4142, www.peterswire.net -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Farber Sent: Thursday, July 01, 2004 12:12 PM To: Ip Subject: [IP] more on E-mail intercept ruling - good grief!! Begin forwarded message: From: Ed Belove <[EMAIL PROTECTED]> Date: July 1, 2004 12:50:19 PM EDT To: [EMAIL PROTECTED] Subject: Re: [IP] E-mail intercept ruling - good grief!! But Councilman argued that no violation of the Wiretap Act had occurred because the e-mails were copied while in "electronic storage" -- the messages were in the process of being routed through a network of servers to recipients. A scary thought: does this mean that VOIP packets can be copied from routers (by ISPs or anyone else) while they are "stored"? - You are subscribed as [EMAIL PROTECTED] To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ - You are subscribed as [EMAIL PROTECTED] To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpZDBrYkbb0J.pgp Description: PGP signature
Free Certificate Authority Unveiled by Aussies (fwd from brian-slashdotnews@hyperreal.org)
- Forwarded message from [EMAIL PROTECTED] - From: [EMAIL PROTECTED] Date: 2 Jul 2004 07:26:02 - To: [EMAIL PROTECTED] Subject: Free Certificate Authority Unveiled by Aussies User-Agent: SlashdotNewsScooper/0.0.3 Link: http://slashdot.org/article.pl?sid=04/07/02/0116236 Posted by: CowboyNeal, on 2004-07-02 04:21:00 Topic: privacy, 124 comments from the good-things-from-down-under dept. [1]SonOfGates writes "Well, the Aussies have invaded Boston but at least they're not throwing tea into the harbor. AU-based nonprofit [2]CAcert Inc has spent the last few days at [3]USENIX '04 registering new users by the truckload. They bill themselves as a 'Community-Based CA.' Could this be the begining of a true 'open' certificate authority? See the [4]O'Reilly story and [5]press release." IFRAME: [6]pos6 References 1. http://www.cacert.org/ 2. http://www.cacert.org/ 3. http://www.usenix.org/ 4. http://www.onlamp.com/pub/wlg/5142 5. http://www.cacert.org/media/boston1.pdf 6. http://ads.osdn.com/?ad_id=2936&alloc_id=8587&site_id=1&request_id=2048979 - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpswZJabPkdY.pgp Description: PGP signature
Appeals Circuit Ruling: ISPs Can Read E-Mail (fwd from brian-slashdotnews@hyperreal.org)
- Forwarded message from [EMAIL PROTECTED] - From: [EMAIL PROTECTED] Date: 30 Jun 2004 22:26:03 - To: [EMAIL PROTECTED] Subject: Appeals Circuit Ruling: ISPs Can Read E-Mail User-Agent: SlashdotNewsScooper/0.0.3 Link: http://slashdot.org/article.pl?sid=04/06/30/2014242 Posted by: timothy, on 2004-06-30 20:54:00 Topic: privacy, 248 comments from the odd-distinctions dept. leviramsey writes "The US Court of Appeals for the First Circuit (covering Massachusetts, Maine, New Hampshire, and Rhode Island) has ruled that [1]e-mail providers are not violating the law by reading users' e-mail without the user's consent. The [2]decision finds that the Wiretap Act does not cover interception of communications where the communications are being stored, not transmitted. Perhaps OSDN should send the defendant, accused in 2001 of reading users emails in order to find out what they were interested in purchasing from Amazon, a [3]T-shirt from ThinkGeek?" References 1. http://www.wired.com/news/politics/0,1283,64043,00.html?tw=wn_tophead_1 2. http://www.ca1.uscourts.gov/pdf.opinions/03-1383-01A.pdf 3. http://www.thinkgeek.com/tshirts/frustrations/31fb/ - End forwarded message ----- -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgp87hiduCkUs.pgp Description: PGP signature
Re: Silicon carbide in the machine
On Tue, Jun 29, 2004 at 05:51:42AM +0200, Thomas Shaddack wrote: > > Yes. But a jammer will draw a Hellfire. A very local jammer won't. You underestimate how weak GPS signals are http://www.globallocate.com/resources_main.shtml > Which is good, because once the adversary starts relying exclusively on > GPS and lets the other monitoring systems decay, we have easier way to GPS will be obsolete in urban environments in less than a decade. Jamming UWB is much more difficult, since being local -- especially if the target doesn't cooperate (you don't know the PRNG state). And of course you can't send without revealing your position if location services are locked into the protocol. Use onion routing, then. > "deny that service" from our handhelds. Physics is more difficult to cheat > than chips. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpsBv1WU4c0O.pgp Description: PGP signature
Fingerprint Scanners Still Easy to Fool (fwd from brian-slashdotnews@hyperreal.org)
- Forwarded message from [EMAIL PROTECTED] - From: [EMAIL PROTECTED] Date: 25 Jun 2004 16:26:08 - To: [EMAIL PROTECTED] Subject: Fingerprint Scanners Still Easy to Fool User-Agent: SlashdotNewsScooper/0.0.3 Link: http://slashdot.org/article.pl?sid=04/06/25/1315254 Posted by: michael, on 2004-06-25 14:11:00 Topic: security, 237 comments from the mission-possible dept. [1]Anlan writes "A Swedish student wrote her [2]Master's thesis about current fingerprint technology. After a thorough literature study some live testing took place. Simple DIY fingerprint copies were used (detailed how-to in the thesis). Have current commercial products improved as much as proponents claim? Well, this qoute from the abstract says it all: 'The experiments focus on making artificial fingerprints in gelatin from a latent fingerprint. Nine different systems were tested at the CeBIT trade fair in Germany and all were deceived. Three other different systems were put up against more extensive tests with three different subjects. All systems were circumvented with all subjects' artificial fingerprints, but with varying results.' You can guess how happy the sales people at CeBIT were - most systems claim to be spoof proof..." IFRAME: [3]pos6 References 1. mailto:[EMAIL PROTECTED] 2. http://www.ep.liu.se/exjobb/isy/2004/3557/ 3. http://ads.osdn.com/?ad_id=2936&alloc_id=8587&site_id=1&request_id=3363465 ----- End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpCkvUhYaPon.pgp Description: PGP signature
Re: [IP] When police ask your name,
On Thu, Jun 24, 2004 at 09:45:09PM -0700, Major Variola (ret) wrote: > How many names can a person have? Anyone can change > their name any number of times if not for fraudulent > purposes. My brother changed his middle name from It is precisely for these reasons that changing your name in Germany is a major undertaking (costs money, too), and is associated with a background check (clean rap sheet requried). The transcription rules for furriner names are strict, too. No Phn'glui M'gl wna'f, Cthulhu R'lyeh Wgha Nagl Ftaghn for you. Such legislation, of course, is easy to introduce in the U.S. as well. I'd be really surprised of you US cpunks didn't have a national ID cum biometrics issued (er, make that rammed down your throat) a few years downstream. Unless the general populace wakes up to the fact what's been going on since the 1970s. Fat chance. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpLlL4mGkH0D.pgp Description: PGP signature
[>Htech] Infoshop News: Surveillance and Domestication (fwd from checker@panix.com)
learning to laugh at them and (with consequent increased self-confidence) yourself and your past folly * Unplugging others through irreverent satire and sheer indifference to the manufactured dreams they undoubtedly hold so dear. You'll probably start with the people you know best (typically a tiny number now people have careers, not friends) but best try to broaden it out a bit more than that, as a key factor for sustaining a surveillance society is intolerance and fear of anyone at all different. The new / old you will have better things to do and talk about, maybe even the recreation of authentic, trusting human connections without constant manufactured electronic babble and distraction, of baseless paranoia. * Disconnection and direct action of a more 'hands on' kind, a refusal to fill in tax returns and other official or quasi-official requests for information--the census, market research, card applications--.or responding to them in absurd, misleading ways to gradually fill their databases with (even more) useless shit. Believe me - when up against it, you'll find it's really possible to live without that credit card and all the form-filling bureaucratic BS, especially with a few mates on board with you too. Reformists please note: denying paperwotk and opportunities to surveil the public cuts the lifeblood of the dozens of agencies that exist principly for that purpose, so they can start being laid off as irrelevant too. And the campaign against speed cameras is way to go for all intrusive surveillance and related records, the creation of genuine unmonitored space (at risk of sounding bogus: 'liberated zones') and the return of the lawless, deprogrammed 18th century King Mob! In conclusion, I'd like to say that I am not arguing for 'privacy', a thoroughly bourgeois concept based on self-disgust and shame. No, let yourself go and do what comes naturally - fuck in the streets, I say! I am arguing for the revolutionary re-creation of original, genuine community where there are no secrets, no shame and no surveillance of the powerful as a tool to rule over the powerless. NOTES 1 In his Human Cycle (Touchstone, 1983), Colin Turnbull cites a Mbutu (Pygmy) lad taking a nanny goat as his 'wife', something his band members discourage not with the horror of taboos against inter-species sex being violated you might expect in this society (they have none, though the situation was unusual) but because, as a domesticated village animal, the she-goat could not be expected to cope adequately in their beloved forest. The Mbutu typically extend refusal of the distinction between self and other to that between human and other. 2 It had its origins in the early individualism of monasticism, of course. We have not missed the irony that though denouncing 'monkery', Protestants bought monastic practice outside its traditional confines, universalising its body-loathing codes of behaviour. 3 The first such panoptican was HMP Pentonville, London, where I was myself confined in 1988. 3 Ruth Richardson's Death, Dissection and the Destitute (Routledge & Kegan Paul, 1987) is excellent on this. See also my forthcoming essay, 'When Doctors Were Hated'. 5 In fact they did not. As with Bertillonage, there is an outside statistical chance of accidental correlation of fingerprints from otherwise dissimilar individuals--and there have been documented miscarriages of 'justice' arising from this--and twins always have identical fingerprints. As de facto clones, even DNA doesn't distinguish twins, only retinal scans as the pattern of blood vessels at the back of the eye develops post-natum. The latest issue of Green Anarchist (UK) #71/72 is out now. Availble for £1 from BCM 1715, London, WC1N 3XX. Or in the US from Black and Green distribution, P.O. Box 835, Greensburg, PA 15601, USA. This issues core focusses on Surveillance and the Big Brother society. References 1. http://www.infoshop.org/inews/profiles.php?Author=Anon&[EMAIL PROTECTED]&AuthorURL=http%3A%2F%2Fwww.greenanarchist.org 2. http://www.infoshop.org/inews/stories.php?topic=18 Yahoo! Groups Sponsor ~--> Yahoo! Domains - Claim yours for only $14.70 http://us.click.yahoo.com/Z1wmxD/DREIAA/yQLSAA/PMYolB/TM ~-> -BEGIN TRANSHUMANTECH SIGNATURE- Post message: [EMAIL PROTECTED] Subscribe:[EMAIL PROTECTED] Unsubscribe: [EMAIL PROTECTED] List owner: [EMAIL PROTECTED] List home:http://www.yahoogroups.com/group/transhumantech/ -END TRANSHUMANTECH SIGNATURE- Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/transhumantech/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/ - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgppcGWjl67ie.pgp Description: PGP signature
[p2p-hackers] The Fifth HOPE in NYC (fwd from vab@cryptnet.net)
- Forwarded message from "V. Alex Brennen" <[EMAIL PROTECTED]> - From: "V. Alex Brennen" <[EMAIL PROTECTED]> Date: Thu, 24 Jun 2004 09:24:56 -0400 To: "Peer-to-peer development." <[EMAIL PROTECTED]> Subject: [p2p-hackers] The Fifth HOPE in NYC User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7) Gecko/20040616 Reply-To: "Peer-to-peer development." <[EMAIL PROTECTED]> At The Fifth HOPE a talk will be given on how to break anonymity networks. Some commonly used p2p code such as Tor and the remailers will be covered. I cannot attend the conference. Is anyone on the list going who could report back? I'm interested to hear if anything other than what's already been widely published is covered in this talk. I'm working on a p2p anonymity project. Thanks, - VAB The Fifth HOPE, NYC July 9-11th, 2004 http://www.the-fifth-hope.org/ How To Break Anonymity Networks Nick Mathewson Today's anonymous communication software (such as Mixmaster, Mixminion, Nymservers, JAP, Tor, Anonymizer, etc.) allows people to communicate while concealing their identities from each other and from external attackers. But no deployed system is strong enough to protect every pattern of user behavior against a sufficiently resourceful adversary, and many of them fall to far simpler attacks. In this talk, Nick will discuss working attacks against today's anonymity networks, drawing from past technical and social attacks on deployed networks and from recent academic research in traffic analysis, stylometry, and mix-net design. He will present defenses to these attacks when such defenses are known to exist. Saturday 2300 Area "B" ___ p2p-hackers mailing list [EMAIL PROTECTED] http://zgp.org/mailman/listinfo/p2p-hackers ___ Here is a web page listing P2P Conferences: http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences - End forwarded message - -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgptxZZEYSYjU.pgp Description: PGP signature
[IP] Bruce Schneier: Unchecked police and military power is a security threat (fwd from dave@farber.net)
- Forwarded message from David Farber <[EMAIL PROTECTED]> - From: David Farber <[EMAIL PROTECTED]> Date: Thu, 24 Jun 2004 11:07:35 -0400 To: Ip <[EMAIL PROTECTED]> Subject: [IP] Bruce Schneier: Unchecked police and military power is a security threat X-Mailer: Apple Mail (2.618) Reply-To: [EMAIL PROTECTED] Bruce Schneier: Unchecked police and military power is a security threat Bruce Schneier June 24, 2004 SCHNEIER0624 As the U.S. Supreme Court decides three legal challenges to the Bush administration's legal maneuverings against terrorism, it is important to keep in mind how critical these cases are to our nation's security. Security is multifaceted; there are many threats from many different directions. It includes the security of people against terrorism, and also the security of people against tyrannical government. The three challenges are all similar, but vary slightly. In one case, the families of 12 Kuwaiti and two Australian men imprisoned in Guantanamo Bay argue that their detention is an illegal one under U.S. law. In the other two cases, lawyers argue whether U.S. citizens -- one captured in the United States and the other in Afghanistan -- can be detained indefinitely without charge, trial or access to an attorney. In all these cases, the administration argues that these detentions are lawful, based on the current "war on terrorism." The complainants argue that these people have rights under the U.S. Constitution, rights that cannot be stripped away. Legal details aside, I see very broad security issues at work here. The Constitution and the Bill of Rights were designed to ensure the security of people: American citizens and visitors. Their limitations of governmental power are a security measure. Their enshrinement of human rights is a security measure. These measures were developed in response to colonial tyranny by Britain, and have been extended in response to abuses of power in our own country. Laws mandating speedy trial by jury, laws prohibiting detention without charge, laws regulating police behavior -- these are all laws that make us more secure. Without them, government and police power remains unchecked. The case of Jose Padilla is a good illustration. Arrested in Chicago in May 2002, he has never been charged with a crime. John Ashcroft held a press conference accusing him of trying to build a "dirty bomb," but no court has ever seen any evidence to support this accusation. If he's guilty, he deserves punishment; there's no doubt about that. But the way to determine guilt or innocence is by a trial on a specific indictment (charge or accusation of a crime). Without an indictment, there can be no trial, and the prisoner is held in limbo. Surely none of us wants to live under a government with the right to arrest anyone at any time for any reason, and to hold them without trial indefinitely. The Bush administration has countered that it cannot try these people in public because that would compromise its methods and intelligence. Our government has made this claim before, and invariably it turned out to be a red herring. In 1985, retired Naval officer John Walker was caught spying for the Soviet Union; the evidence given by the National Security Agency was enough to convict him without giving away military secrets. More recently, John Walker Lindh -- the "American Taliban" captured in Afghanistan -- was processed by the justice system, and received a 20-year prison sentence. Even during World War II, German spies captured in the United States were given attorneys and tried in public court. We need to carry on these principles of fair and open justice, both because it is the right thing to do and because it makes us all more secure. The United States is admired throughout the world because of our freedoms and our liberties. The very rights that are being discussed within the halls of the Supreme Court are the rights that keep us all safe and secure. The more our fight against terrorism is conducted within the confines of law, the more it gives consideration to the principles of fair and open trial, due process and "innocent until proven guilty," the safer we all are. Unchecked police and military power is a security threat -- just as important a threat as unchecked terrorism. There is no reason to sacrifice the former to obtain the latter, and there are very good reasons not to. Bruce Schneier, Minneapolis, is chief technology officer of Counterpane Internet Security Inc. and the author of "Beyond Fear: Thinking Sensibly About Security in an Uncertain World." <http://www.startribune.com/stories/562/4843840.html> - You are subscribed as [EMAIL PROTECTED] To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.in