Re: Just to make your life more paranoid:) Re: Surreptitious Tor Messages?

[alan]

On Tue, 4 Oct 2005, Steve Furlong wrote:

> On 10/4/05, gwen hastings <[EMAIL PROTECTED]> wrote:
> > Troll Mode on:
> > TOR was originally developed as a result of CIA/NRL funding:)
> ...
> > BTW running TOR makes you very visible that you are running tor even as
> > a client.. its quite a noisy protocol
> 
> Well, of course that "feature" is built in. The NSA wants to be able
> to easily find anyone who's running it.
> 
> The noisy protocol has the added benefit of causing the network cable
> to emit lots of radiation, frying the brains of TOR users. The only
> defense is a hat made of flexible metal.

Don't do it! That acts as an antenna and only increases the damage!

-- 
"Invoking the supernatural can explain anything, and hence explains nothing." 
  - University of Utah bioengineering professor Gregory Clark

Re: [EMAIL PROTECTED]: Re: [EMAIL PROTECTED]: Re: [EMAIL PROTECTED]: Re: Wikipedia & Tor]]]

[Alan Barrett]

> - Forwarded message from Jimmy Wales <[EMAIL PROTECTED]> -
> We are not looking for a perfect solution.  Yes, Wikis will be
> vandalized.  We're prepared to deal with that, we do deal with that.
> But what I am seeking is some efforts to think usefully about how to
> helpfully reconcile our dual goals of openness and privacy.

Wikipedia should allow Tor users to register Wikipedia nyms.
Then they could block:
 Tor users trying to edit without a nym;
 Tor users trying to edit with a nym that has a bad reputation;
and they could rate-limit
 Tor users trying to edit with a nym that has insufficient history
 to be classified as good or bad;
while not blocking
 Tor users trying to edit with a nym that has a good reputation.

This will require some changes to the MediaWiki software that Wikipedia
uses.  AFAIK, there's currently no way to rate-limit nyms that have
insufficient history, and blocks on IP addresses are currently all or
nothing.

--apb (Alan Barrett)

exchanging links

[alan captain]

Hi:

This is a different
way of doing exchanging links. Instead of exchanging links 1 at a time, you
enter your website just once. You will have about 80 links right away and as
time go on you will have hundreds or even thousands of links to your website
without you doing anything more.  This
will help to get higher rankings on search engines like google.
There are no inappropriate sites such as pornography or link farms, etc
allowed. I will put you on the service for at least 4 months free. See if
works. What do you have to loose? 10 minutes? click here

 

Alan

 

 

 

RE: Researchers Combat Terrorists by Rooting Out Hidden Messages

[Alan]

On Tue, 2005-02-01 at 23:21 -0800, Steve Schear wrote:
> At 02:07 PM 2/1/2005, Tyler Durden wrote:
> 
> >Counter-stego detection.
> >
> >Seems to me a main tool will be a 2-D Fourier analysis...Stego will 
> >certainly have a certain "thumbprint", depending on the algorithm. Are 
> >there certain images that can hide stego more effectively? IN other words, 
> >these images should have a lot of spectral energy in the same frequency 
> >bands where Stego would normally show.
> 
> Images that ideal for hiding secret messages using stego are those that by 
> default contain stego with no particular hidden content.  A sort of Crowds 
> approach to stego.

If you really want to send secret messages, just send it in the chaff in
spam.  Everyone is programmed to ignore it or filter it out.

-- 
"When a student reads in a math book that there are no absolutes,
suddenly every value he's been taught is destroyed. And the next thing
you know, the student turns to crime and drugs." - Mel Gabler - Censor

exile

[Alan Mcgee]

Notification Alert:

Thank you for your inquiry, we have been notified that two lenders are 
interested in offering you a deal. Remember, for this special offer past credit 
history is not a factor.  

In accordance with our terms please verify your information on our secure and 
private site to ensure our records are accurate.


http://www.wemakemtg2.com/index2.php?refid=windsor


Have a Great Holiday Season

--Alan Mcgee
Senior Consultant - Low-Rate Advisors Inc.







If this email has reached you in error please let us know...thx
http://cerulean.peopleneedhtis.net

Re: This Memorable Day

[alan]

On Wed, 3 Nov 2004, Tyler Durden wrote:

> Well, this may actually be less hard than we thought. Indeed, it's the one 
> vaguely silver lining in this toxic cloud. Outsourcing to India will 
> actually add a lot to world stability. Of course, we'll loose a lot of jobs 
> in the process, but in the long run we'll eventually have another strong 
> trading partner like Japan or France or the Dutch. Bush will sell us out to 
> big business and all of the less-well-off will suffer like crazy in the 
> process, but it will actually make things better in the long run. The only 
> thing we need to worry about is not melting the ice caps in the process.

You forget that Bush and his cronies are Evangelical Christians.  They 
believe that the world is going to end *soon* and that it is a good thing. 

These are people who are doing everything they can to make the world a 
less stable place because in doing so they bring about armagedon.  (Then 
Jesus will come back and they will be rewarded for bringing about the 
deaths of billions.

Sometimes i wonder if they worship Jesus or Cthulhu.  (Maybe they are the 
same.  How else could he walk on water?)

-- 
Q: Why do programmers confuse Halloween and Christmas?
A: Because OCT 31 == DEC 25.

Re: US Retardation of Free Markets (was Airport insanity)

[alan]

On Wed, 27 Oct 2004, Roy M. Silvernail wrote:

> On Tue, 2004-10-26 at 21:10 -0700, James A. Donald wrote:
> > --
> > James A. Donald:
> > > > Moral equivalence, the rationale of those who defend 
> > > > tyranny and slavery.
> > 
> > Roy M. Silvernail
> > > Moral superiority, the rationale of both sides of any given 
> > > violent conflict.  The winner gets to use the victory to 
> > > proclaim the correctness of their interpretation.
> > 
> > A claim that presupposes that the west is just as totalitarian 
> > as its enemies, that well known reality is not to be trusted, 
> > that newsmen and historians are servants of the vast capitalist 
> > conspiracy, 
> 
> No claim in evidence.  Just the observation that any justificaton for a
> violent conflict is necessarily subjective.

It does not have to be *true*, you just have to get others to believe it.

Of course, the current administration has been handing them example after 
example to point to to make the point...

-- 
chown -R us ./base

Re: Cash, Credit -- or Prints?

[Alan Barrett]

On Tue, 12 Oct 2004, John Kelsey wrote:
> but there doesn't seem to be a clean process for determining how
> skilled an attacker needs to be to, say, scan my finger once, and
> produce either a fake finger or a machine for projecting a fake
> fingerprint into the reader.

... or a replacement reader that fakes the signals to the rest of the
security system.

--apb (Alan Barrett)

Re: Cryptographers and U.S. Immigration

[alan]

On Fri, 23 Jul 2004, R. A. Hettinga wrote:

> <<
> 
> http://www.schneier.com/crypto-gram-0407.html#3
> 
> Cryptographers and U.S. Immigration
> 
> Seems like cryptographers are being questioned when they enter the U.S.
> these days. Recently I received this (anonymous) comment: "It seems that
> the U.S. State Department has a keen interest in foreign cryptographers:
> Yesterday I tried to renew my visa to the States, and after standing in
> line and getting fingerprinted, my interviewer, upon hearing that my
> company sells [a cryptography product], informed me that "due to new
> regulations," Washington needs to approve my visa application, and that to
> do so, they need to know exactly which companies I plan to visit in the
> States, points of contact, etc. etc. Quite a change from my last visa
> application, for which I didn't even have to show up."
> 
> I'm curious if any of my foreign readers have similar stories. There are
> international cryptography conferences held in the United States all the
> time. It would be a shame if they lost much of their value because of visa
> regulations.
> 
> 

It makes you wonder what they are going to do to cryptographers that try 
to leave the country.

"Please step onto the square marked 'trap door'."

RE: Texas oil refineries, a White Van, and Al Qaeda

[alan]

On Tue, 20 Jul 2004, Trei, Peter wrote:

> 
> 
> > -Original Message-
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED] Behalf Of Thomas Shaddack
> > Sent: Tuesday, July 20, 2004 3:48 PM
> > To: Justin
> > Cc: [EMAIL PROTECTED]
> > Subject: Re: Texas oil refineries, a White Van, and Al Qaeda
> > 
> > 
> > 
> > On Tue, 20 Jul 2004, Justin wrote:
> > 
> > > HOUSTON (Reuters) - Law enforcement officials said on 
> > Monday they are
> > > looking for a man seen taking pictures of two refineries in 
> > Texas City,
> > > Texas.
> > 
> 
> > 
> > The person in question was just somebody with a weakness for 
> > industrial 
> > architecture.
> 
> Indeed. Among the endless variety of things people do with
> their spare time are trainspotters and planespotters. This
> seems to be more popular in Britain than in the US, but
> I wonder if even over there people who park themselves near
> airports railway statiions, obsessively noting the arrival
> and departure of each vehicle, attract the attention of 
> security?

Maybe the Patriot Act can get struck down because it violates the 
American's With Disablities Act.  It discriminates against 
obsesive-compulsives.

Re: USA PATRIOT Act Survives Amendment Attempt (fwd from brian-slashdotnews@hyperreal.org)

[alan]

On Fri, 9 Jul 2004, Thomas Shaddack wrote:

> 
> On Fri, 9 Jul 2004, Steve Schear wrote:
> 
> > Quite a few book stores (including the local Half-Priced Books) now keep no
> > records not required and some do not even automate and encourage their patron
> > to pay cash.  In California book sellers to such used/remaindered stores must
> > identify themselves for tax purposes.
> 
> The Patriot gag orders lead me to a thought.
> 
> Is it possible to write a database access protocol, that would in some 
> mathematically bulletproof way ensure that the fact a database record is 
> accessed is made known to at least n people? A way that would ensure that 
> either nobody can see the data, or at least n people reliably know the 
> record was accessed and by whom?
> 
> When somebody comes with a paper and asks for the data, the one currently 
> in charge of the database has to give them out, and may be gag-ordered. 
> However, when way too many people know about a secret, which the protocol 
> should ensure, it's better chance it leaks out, and less likely to 
> identify the one person responsible for the leak, who could be jailed 
> then. Especially when at least one of n is outside of the reach of the 
> paws of the given jurisdiction.
> 
> The question is this: How to allow access to a specific file/db record in 
> a way that it can't be achieved without a specified list of parties (or, 
> for added system reliability, at least m of n parties) reliably knowing 
> about who and when accessed what record? With any attempt to prevent the 
> parties from knowing about the access leading to access failure?
> 
> Note a peculiarity here; we don't ask for consent of the parties (that 
> would be a different threat-response model), we only make sure they know 
> about it. (We can deny the access, when at least (n-m)+1 parties refuse to 
> participate, though.)

That would crash the system.

UNMETERED Premium Cable Movies IN:n7rtk37088

[Alan Newton]

Digital Cable TV Users,

Why Not Unlock Your Digital Cable Box Tonight?

Discover the power of the New and Improved PPVF5 Now:

http://www.ttlive.com?refid=1001878493097&action=1&eid=jne

http://www.ttlive.com?refid=1001878493097&action=8&eid=jne";>AOL Members 
Now


* Block Unwanted Billing Signals Sent From You Cable Box

* Watch Unlimited_Movies, Playboy, Boxing and Concerts.

* Works With ALL Digital Cable Boxes.

* Proven to be 100% effective.

* Intruders can not ZAP or Detect the newer improved PPVF-5

* Blocks unwanted interference while surfing on a cable modem

* Premium quality

* Enjoy the freedom to play movies without being billed.

Works On All...

Pay Per View Channels
Mature_Channels
Pay Per View Movies
Special_Order_Sport Channels
Special Events such as Boxing Fights and Wrestling Events


Find out more:
http://www.ttlive.com?refid=1001878493097&action=1&eid=jne

http://www.ttlive.com?refid=1001878493097&action=8&eid=jne";>AOL Members 
Now









Manage your_settings here:
http://www.ttlive.com?unsub=1001878493097&action=2&eid=jne

but picket becalm expanse coven avocado mum bistable psychotic jitter vitriol gabble 
swahili 

Re: [osint] Assassination Plans Found On Internet

[alan]

On Mon, 14 Jun 2004, Tyler Durden wrote:

> Remember too that terrorism is really a form of PR, rather than (in most 
> cases) an actual destruction of infrastructure or whatnot. Smart terrorists 
> will obviously leverage any channel available to cause a population to view 
> their world as unstable.
> 
> Also remember too that plans such as this may be "fishing"...in other words, 
> communications in the hope that somebody out there (not directly known to 
> the issuer of the communique) will take the info and work out his own plans 
> for attacking the target.
> 
> I'm sure our boys at the School of the Americas (or whatever it's called 
> now) use these mthods all the time. In fact, they're probably the ones who 
> taught the Mujahadin (and bin Laden) a lot of these techniques.

Also don't forget that by telling people where you "plan" to attack, you 
get them to spend a bunch of money that they would not have already spent.

Give them enough "targets" and they will be chasing shadows all over the 
place.  When they have done this enough, the oposition will not know what 
to believe.

A mind-fuck is a terrible thing to waste.

> 
> -TD
> 
> 
> >From: "R. A. Hettinga" <[EMAIL PROTECTED]>
> >To: Thomas Shaddack <[EMAIL PROTECTED]>
> >CC: [EMAIL PROTECTED]
> >Subject: Re: [osint] Assassination Plans Found On Internet
> >Date: Mon, 14 Jun 2004 17:05:53 -0400
> >
> >At 10:45 PM +0200 6/14/04, Thomas Shaddack wrote:
> > >It may be also a very cheap method of "attack".
> >
> >True enough.
> >
> >Cheers,
> >RAH
> >
> >--
> >-
> >R. A. Hettinga 
> >The Internet Bearer Underwriting Corporation 
> >44 Farquhar Street, Boston, MA 02131 USA
> >"... however it may deserve respect for its usefulness and antiquity,
> >[predicting the end of the world] has not been found agreeable to
> >experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
> >
> 
> _
> Stop worrying about overloading your inbox - get MSN Hotmail Extra Storage! 
> http://join.msn.click-url.com/go/onm00200362ave/direct/01/
> 

Allow us to help you succeed

[alan jenkins]

  

  Successful business of one's own.
Large profit handling Money Judgments.
  


  

  
Your office and be anywhere.
Determine your work schedule.
Be in the top 1% of income earners.
Outstanding customer support and assistance.

  

 
  

  
  Here for more info

  


I will--some day! was the far-away answer
Having risen high enough to pass over the tallest tree or steeple, Rob put
the indicator to the east of the compass-dial and at once began moving
rapidly in that directionThe sensation was delightful
discontinue  Orange stad, and then mail stop 1.200 B,  followed by A rub
a
He rode as gently as a feather floats, without any exertion at all on his
own part; yet he moved so swiftly that he easily distanced a railway train
that was speeding in the same directionThis is great! reflected the youth
Here I am, traveling in fine style, without a penny to pay any one! And
I've enough food to last me a month in my coat pocketThis electricity is the
proper stuff, after all! And the Demon's a trump, and no mistake

Re: Lunar Colony

[Alan]

On Thu, 2004-01-15 at 16:11, Justin wrote:
> Trei, Peter (2004-01-15 21:39Z) wrote:

> > Interesting OpEd piece in the NYT today pointing out that
> > a manned Mars expedition becomes *much* more affordable if
> > no return trip is planned.
> 
> This is obvious.  More affordable, but more risk.  We might end up with
> a bunch of dead Mars colonist-hopefuls.

Actually I can think of a number of people we could send.

The current administration comes to mind.

"Mr. Cheney, we have a new undisclosed location for you."

"Mars needs NeoCons."

-- 
"Push that big, big granite sphere way up there from way down here!
Gasp and sweat and pant and wheeze! Uh-oh! Feel momentum cease!
Watch it tumble down and then roll the boulder up again!"
- The story of Sisyphus by Dr. Zeus in Frazz 12/18/2003

Re: [camram-spam] Re: Microsoft publicly announces Penny Black PoW postage project

[Alan Brown]

On Thu, 1 Jan 2004, Eric S. Johansson wrote:

> > the easynet.nl list (recently demised) listed nearly 700K machines that
> > had been detected (allegedly) sending spam... so since their detection
> > was not universal it would certainly be more than 700K :(
>
> that is a nasty bit of news.  I'll run some numbers based on that and
> see what the ratio of spam to stamp engines would be.  gut sense is that
> it's still not horrible, just not as advantageous.  but you never know
> until you run the numbers.

Intelligence from DSBL indicated that there were _at least_ 350k
compromised machines in the USA Roadrunner network alone at one stage.

They are currently tracking around 1.5 million compromised machines.

The Swen and blaster worms install various spamware and backdoors. These
have been estimated to have infected millions of machines worldwide and
later versions removed characteristics which removed tellltale
compromise signs when scanned - now they mostly "phone home", instead of
listening for commands.

The pool of infected machines is huge. I just hope you're right about
the CPUs burning up - it doesn't happen when machines are running OGR
calculations, so I suspect that you just ran into a particularly badly
built example.

AB

Re: [camram-spam] Re: Microsoft publicly announces Penny Black PoW postage project

[Alan Brown]

On Tue, 30 Dec 2003, Bill Stewart wrote:

> The reason it's partly a cryptographic problem is forgeries.
> Once everybody starts whitelisting, spammers are going to
> start forging headers to pretend to come from big mailing lists
> and popular machines and authors, so now you'll not only
> need to whitelist Dave Farber or Declan McCullough if you read their lists,
> or Bob Hettinga if you're Tim (:-), you'll need to verify the
> signature so that you can discard the forgeries that
> pretend to be from them.
>
> You'll also see spammers increasingly _joining_ large mailing lists,
> so that they can get around members-only features.

This has already happened:

Krazy Kevin pulled this stunt 5 years ago on at least one list I was on,
joining the list to harvest the most common posters, then spamming using
them as sender envelopes after he'd been kicked off.

> At least one large mailing list farm on which I've joined a list
> used a Turing-test GIF to make automated list joining difficult,

...discrimination against blind users - this is legally actionable in
several countries. There is a blind group in the UK taking action
against a number of companies for this and the Australian Olympic
committee ended up being fined several million AU$ for the same offence
in 1999.

> and Yahoo limits the number of Yahoogroups you can join in a day,
> but that's the kind of job which you hire groups of Indians
> or other English-speaking third-world-wagers to do for you.

To underscore that point, I've _watched_ cybercafes full of SE asians(*)
doing exactly this kind of thing for the princely sum of US$5/day -
twice the average wage of the area, even after the cafe fees were
deducted.

(*) Philippines and east Malaysia.

AB

Re: [camram-spam] Re: Microsoft publicly announces Penny Black PoW postage project

[Alan Brown]

On Tue, 30 Dec 2003, Eric S. Johansson wrote:

>  But using your spam size, , the slowdown factor becomes roughly
> 73 times.  So they would need 73 machines running full tilt all the time
> to regain their old throughput.

Believe me, the professionals have enough 0wned machines that this is
trivial.

On the flipside, it means the machines are "burned" faster.

> unfortunately, I think you making some assumptions that are not fully
> warranted.  I will try to do some research and figure out the number of
> machines compromised.  The best No. I had seen to date was about 350,000.

It's at least an order of magnitude higher than this, possibly 2 orders,
thanks to rampaging worms with spamware installation payloads
compromising cablemodem- and adsl- connected Windows machines worldwide.

AB

pyabmuc Download + CDS all OS and all under $15-$99 just

[Alan]

http://81.180.33.21/If
 you don't
 have enough money
 to buy needed software
 or think desired

softwareisn't worth
 the price,
 then this
 service is right
 for you.
 We make

software
 tobe near you.
 Order any
 software you need for
 a low price.Some
 popular products from
 our price
 list:All
 programs
 you can download

or order
 on cd-rom
 by airmail.20$
 Adobe Premiere
 Pro 7.0
 (1 cd)35$
 Alias Wavefront Maya
 5.0
Unlimited35$
 AutoCAD 200435$
 Autodesk Architectural
 Desktop 200416$
Cakewalk Sonar XL
 2.225$ Canopus
 ProCoder 1.01.3525$
 Corel
 Draw
 11
Graphic Suite25$ Dragon
 Naturally
 Speaking
 Preferred
 7.020$
 Macromedia
Dreamweaver
 MX 2004 v7.025$
 Macromedia Fireworks MX 2004
 v7.025$

Macromedia
 Flash
 MX 2004 v7.0
 Professional50$
 Macromedia
 Studio MX 2004
 (1
cd)20$ Microsoft
 Money 2004
 Deluxe (1
 cd)55$
 Microsoft Office
 2003
System Professional (5
 cds)35$ Microsoft Project
 2002 Pro20$
 Microsoft
Publisher
 XP 200225$
 Microsoft
 Visio for
 Enterprise
 Architects
 200345$

Microsoft
 Windows XP
 Corporate Edition
 with SP135$
 Microsoft Windows
 XP
Professional25$ Symantec
 Antivirus Corporate
 Edition 8.1
 April 200316$

Norton SystemWorks
 2003
 (1 cd)25$
 OmniPage
 Pro 1225$ Pinnacle
 Impression

DVD Pro 2.2
 (1 cd)45$
 PTC Pro Engineer
 Wildfire
 Datecode 2003291
 (3
cds)16$ PowerQuest
 Drive Image 7.01 Multilanguage
 (1 cd)20$ Ulead DVD
Workshop 1.299$
 Microsoft
 Visual
 Studio .NET
 2003 Enterprise
 Architect
 (8
cds)20$
 Winfax
 PRO 10.02and,
 more, more. more!!
 Total
 today
 is 1405 products.price
 list - http://81.180.33.21/p/search    

- http://81.180.33.21/e/Mac
 users. We have
 some software
 for you too!!! Check
 it:http://http://81.180.33.21/p/m/Adobe Acrobat
 6.0 Pro for MacAdobe
 Illustrator 10 for MacAdobe
InDesign 2
 for MacAdobe
 PhotoShop
 7 for MacMicrosoft
 Office v.X for
MacQuarkXpress
 6 Multilanguage for
 Macand more!!!To
 unsubscribe,
 please
 go tohttp://81.180.33.21/unsub.html

When you're overweight life stinks zagbj gpp

[Alan Atkins]

Click here to a new you!

MedDietPatch is the number one DIET PATCH out on the market

100%
GUARANTEED TO WORK!
MedDietPatch is a cutting-edge advanced appetite suppressant, metabolisms
booster, and energy enhancer

It is the only Doctor Recommended
Diet Patch on the market
No More Starvation Diet's and No more Difficult and Dangerous Exercises
Free one month Supply
only good for a limited time.


It's TRUE, it's ASTOUNDING,
and now
it's available to
you GUARANTEED!


Click here to
a new you!



Remove



utwhpt
zftm  vcfxlsvyjk
iocti  rv
n sztco cvo

Re: Idea: The ultimate CD/DVD auditing tool

[alan]

On Mon, 7 Jul 2003, Tyler Durden wrote:

> Do you have a reference? I don't remember reading that SACD was encrypted. 
> What I DO remember is that the reason there's no standard SACD or DVD-A 
> digital interface is because the Industry wants that digital interface to be 
> encrypted.

Furthermore, people have come to expect that they should be able to play 
whatever disc shaped media in their computer.  At some point there will 
need to be a software based player.

But the real issue is that all of these DRM methods rely on "security by 
obscurity".  Such methods eventually fail.  Either the actual method is 
discovered and published or the DRM method fails in the marketplace and is 
never heard from again.

Look younger feel great. elulqr zrhjniei

[Alan Rogers]

  Our product is doctor endorsed.
   100% Herbal, HGH is proven to...
  
 Reduces Wrinkles
 Reduces Hairloss
 Burns Fat
 Increases Energy
 Increases Memory
  Increases Stamina
 
 
  Click To Learn More 
 
 
 
ebezju

Hi there

[Alan Nelson]

Title: Untitled Document




Copy DVD Software for only $19.95 See here 
  for more information
It can also CONVERT VHS INTO DVD! 
See here for more information
 
 
 
 
 
 
If you don't want more emails from us please e-mail :
[EMAIL PROTECTED]
 
11314 Ventura Blvd Suite #141 
Studio City, CA 91604 
 Phone (213) 216 8305 

  

Re: Bush's Moment of Truth

[alan]

On Tue, 18 Mar 2003, Bill Stewart wrote:

> Bush said this was going to be the "Moment of Truth".
> 
> Well, we haven't had a moment of truth from his administration yet,
> so I guess that's a welcome change...

I wonder if it will be like a "moment of silence"?

Re: Brinwear at Benetton.

[alan]

On Wed, 12 Mar 2003, Tim May wrote:

> > Regarding TEMPEST shielding - there is another, complementary approach 
> > for
> > shielding: jamming. There are vendors selling devices that drown the RF
> > emissions of computer equipment in noise, so TEMPEST receivers get
> > nothing. Are there any publicly available specs of such generators, or
> > even building plans?
> 
> Jamming is grossly less efficient than detection. If you want an 
> explanation, let me know and I'll spend 10 minutes writing a small 
> piece on it. But first, think deeply about why this is so. Think 
> especially about recovering signals from noise.

It sounds like there is an opertunity here for the right person.  Open up 
a place to "clean your clothes" of all those little RFID tags and other 
buglets people are so interested in attaching to any object (nailed down 
or not).

Re: M Stands for Moron? You gotta be kidding...

[alan]

On Thu, 13 Feb 2003, Tyler Durden wrote:

> "The "M" in M-Theory stands for Moron."

I always thought it stood for "Mescaline". ]:>

Re: RIAA turns against Hollings bill

[alan]

It makes me wonder just what kind of backroom deal was cut in the 
"negotiations".

On Wed, 15 Jan 2003, Nomen Nescio wrote:

> The New York Times is reporting at
> http://www.nytimes.com/2003/01/14/technology/14CND-PIRACY.html that
> the Recording Industry Association of America, along with two computer
> and technology industry trade groups, has agreed not to seek new
> government regulations to mandate technological controls for copyright
> protection.  This appears to refer primarily to the Hollings bill,
> the CBDTPA, which had already been struck a blow when Hollings lost his
> committee chairmanship due to the Democrats losing Senate leadership.
> Most observers see this latest step as being the last nail in the coffin
> for the CBDTPA.
> 
> Some months ago there were those who were predicting that Trusted
> Computing technology, as embodied in the TCPA and Palladium proposals,
> would be mandated by the Hollings bill.  They said that all this talk of
> "voluntary" implementations was just a smoke screen while the players
> worked behind the scenes to pass laws that would mandate TCPA and
> Palladium in their most restrictive forms.  It was said that Linux would
> be banned, that computers would no longer be able to run software that
> we can use today.  We would cease to be the real owners of our computers,
> others would be "root" on them.  A whole host of calamaties were forecast.
> 
> How does this latest development change the picture?  If there is no
> Hollings bill, does this mean that Trusted Computing will be voluntary,
> as its proponents have always claimed?  And if we no longer have such
> a threat of a mandated Trusted Computing technology, how bad is it for
> the system to be offered in a free market?
> 
> Let technology companies decide whether to offer Palladium technology
> on their computers or not.  Let content producers decide whether to use
> Palladium to protect their content or not.  Let consumers decide whether
> to purchase and enable Palladium on their systems or not.
> 
> Why is it so bad for people to freely make their own decisions about
> how best to live their lives?  Cypherpunks of all people should be the
> last to advocate limiting the choices of others.  Thankfully, it looks
> like freedom may win this round, despite the efforts of cypherpunks and
> "online freedom" advocates to eliminate this new technology option.
> 
> -
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: A Few Words About Palladium

[alan]

On Fri, 13 Dec 2002, Nomen Nescio wrote:

> According to the message below, Palladium will not include a "serial
> number revocation list", "document revocation list", or similar
> mechanism to delete pirated music and other unauthorized content.
> These claims have been made most vocally by Ross Anderson in his TCPA
> FAQ, http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html, and by Lucky Green
> in his DefCon presentation, http://www.cypherpunks.to/.
> 
> Instead, the point of Palladium is to create "a decentralized, trusted
> computing base... whose integrity can be audited by anyone".  This is
> accomplished, as has been discussed at length here and elsewhere,
> by hardware which can compute a secure hash of software as it loads,
> and which can attest to this hash via cryptographic signatures sent to
> remote systems.  This functionality allows software to prove to third
> parties that it is running unmolested, which is the basic functionality
> provided by Palladium.
> 
> Unfortunately, the exaggerated and misleading claims in the links above
> are accepted as truth by most readers, and a false picture of Palladium
> is virtually universal on the net.  Isn't it time for security experts
> to take a responsible position on this technology, and to speak out
> against the spread of these falsehoods?

All of this is speculation until the system is actually implemented.

The questions are "Who do you trust?" and "Do their interests coincide 
with yours?". 

I do not trust Microsoft as far as I can throw them.  They have 
demonstrated in the past that "security" for them means "the check 
cleared".  There have been too many holes, backdoors, and outright 
sabotage of competitors that they have lost any credibility with me.  And 
since they are unwilling to publish source, the code is suspect from the 
start.  (I doubt if they will let a third party that i trust audit the 
software without 42 levels of NDAs and a lein on their immortal souls.)

There are other projects to insure that the software running at the kernel 
level is authorised via cryptographic checksums.  (Both in BSD and in 
Linux.) 

What users are (rightfully) afraid of is that this is yet another effort 
to remove control from the users over what software they can use and how 
they can use it.

Microsoft has already used this method to control just what types of 
protocols and video drivers could be used under Windows terminal server.  
(You had to have the app sighed by Microsoft in order to run and they 
wouldn't sign certain compeating protocols.)  This method was bypassed by 
some interesting hackery, BTW. (Thou shalt not split thy open calls.)

So far the only examples we have is that of Microsoft's past behaviour.  
It is not oriented for your security or mine, but of theirs.

The fear is justified. (And ancient.) 

> 
> 
> > A Few Words About Palladium 
> > By John Manferdelli, General Manager, Trusted Platform Technologies,
> > Microsoft Corporation
> >
> > As you may know, I spent some time on the road in the UK in
> > November. During my visit, I had the chance to meet some of you at
> > the "Meet the Technologists" breakfast at the Microsoft Campus in
> > Reading. Thanks to those of you who were able to attend. It was a great
> > chance to engage in frank discussions about some of the more controversial
> > topics surrounding Palladium.
> >
> > One of the issues we discussed was whether Palladium would include
> > mechanisms that would delete pirated music or other content under remote
> > control or otherwise disable or censor content, files, or programs running
> > on Windows. The truth is, Palladium will not disable any content or file
> > that currently runs. Palladium was designed so that no policy will be
> > imposed that is not approved by the user. Microsoft is firmly opposed to
> > putting "policing functions" into Palladium and we have no intention of
> > doing so. The machine owners - whether an individual or enterprise - have
> > sole discretion to determine what programs run under Palladium. Programs
> > that run under Palladium, just like programs that run under Windows,
> > will do whatever they are allowed to do, based on the security settings
> > on the user's machine. Palladium not only respects existing user controls,
> > it strengthens them.
> >
> > What Palladium does change is the ability for software to be protected
> > from other software. Palladium will enable and safeguard a decentralized
> > trusted computing base on open systems.  These security-oriented
> > capabilities in Windows will be enabled by a relatively small change in
> > hardware, and will help transform the PC into a platform that can perform
> > trusted operations that span multiple computers under a trust policy that
> > can be dynamically created and whose integrity can be authenticated by
> > anyone. In addition, it will preserve the flexibility and extensibility
> > that contributes so much to the entire PC ecosystem.
> >
> > I hope to have a

Re: Yodels, new anonymous e-currency

[Alan Barrett]

On Tue, 12 Nov 2002, Nomen Nescio wrote:
> According to this link,
> http://www.infoanarchy.org/?op=displaystory;sid=2002/11/11/4183/2039,
> a new form of digital cash called "yodels" is being offered anonymously:
>  [...]
> Supposedly, then, this is cash which can be transferred anonymously via
> IIP or Freenet.  Leaving aside the question of trusting an anonymous bank
> (trust takes time), the sticking point for ecash is how to transfer
> between yodels and other currencies.  Without transferability, what
> gives yodels their value?

I believe that the Yodel bank does not have its own currency, but
uses DMT Rands.  DMT Rands are alleged to be backed by a basket
of gold plus a few fiat currencies issued by nation states.  See
http://www.orlingrabbe.com/rand.htm for information about the currency,
and http://www.orlingrabbe.com/dmt_guide.htm for information about the
DMT system and its companions ALTA and LESE.

--apb (Alan Barrett)

Re: Jamming camcorders in movie theaters

[alan]

I read how they plan on doing this.  I predict it will give a percentage 
of the movie-going public screaming headaches.  (Or at least make them 
very uncomfortable.)  These are the same people who are sensitive to the 
flicker of cheap 60 hz office lighting.

Not that a bit of discomfort was any concern to the MPAA.  Look at the 
movies they put out!


On Fri, 11 Oct 2002, Major Variola (ret) wrote:

> [They want to exploit human persistance-of-vision vs. camcorder pixel
> differences.
> Seems to me that one could process the captured frames to eliminate
> artifacts, though that
> *is* another step required.  In any case, insiders will have access to
> the playback codes
> opening the bits to duping.]
> 
> 
> Jamming camcorders in movie theaters
> 
>By Evan Hansen
>Staff Writer, CNET News.com
>October 10, 2002, 4:00 AM PT
> 
>As one of the key architects of the discontinued Divx
> DVD system, Robert
>Schumann knows first hand how hard it can be to sell
> copyright protection to the
>masses.
> 
>Still, some three years after Circuit City pulled
> financial support for the
>limited-use DVD technology he helped build, Schumann
> and a group of
>former Divx engineers are hoping for a second act in
> Hollywood with the
>advent of digital cinema.
> 
>Herndon, Va.-based Cinea, the company Schumann
> co-founded after Divx
>folded in 1999, is close to unveiling a beta for its
> Cosmos digital cinema
>security system that will help movie distributors
> keep track of how their products are used
>while protecting them from piracy.
> 
>Meanwhile, Cinea this week
>scored a $2 million grant from the
>National Institute of Standards
>and Technology's (NIST)
>Advanced Technology Program
>to develop a system that it claims
>will stop audience members from
>videotaping digital movies off
>theater screens.
> 
>The company "will modify the
>timing and modulation of the light
>used to create the displayed
>image such that frame-based
>capture by recording devices is
>distorted," according to an
>abstract for the winning NIST grant application. "Any
> copies made from these devices will
>show the disruptive pattern."
> 
>In an interview, Schumann compared the process with
> distortions that appear in videotaped
>images of computer screens, which may show lines that
> are invisible to the naked eye.
>Rather than produce accidental disturbances, he said,
> Cinea plans to create specific
>disturbances that it can control.
> 
>"Machines see the world more closely to reality than
> humans do. In the case of computer
>screens, if you track the energy from a phosphor
> coating (a light-emitting chemical used in
>cathode-ray tubes), you find that it begins with a
> strong burst followed by a period of
>decay and then another burst, and so on. But people
> see it as a single intensity," Schumann
>said.
> 
>Cinea, a privately held company with backing from
> Tysons Corner, Va.-based venture
>capital firm Monumental Venture Partners, expects to
> have a working prototype within two
>years. It is partnering with Princeton, N.J.-based
> Sarnoff, which will conduct research on
>image manipulation and analyze distortion and
> possible countermeasures. The University of
>Southern California's Entertainment Technology Center
> in Los Angeles will evaluate the
>system in testing with human subjects.
> 
>"There's a difference in the way a camcorder and the
> human eye see the world," Schumann
>said. "We've figured out some ways to exploit that.
> The trick is to make sure there is no
>negative impact on the viewing experience for the
> audience."
> 
> http://news.com.com/2100-1023-961484.html?tag=fd_lede2_hed
> 
> -
> Dear Mr Congressman, I am God
> -Jack Valenti

Re: Cryptogram: Palladium Only for DRM

[Alan Braggins]

> Of course, those like Lucky who believe that trusted computing technology
> is evil incarnate are presumably rejoicing at this news.  Microsoft's
> patent will limit the application of this technology.

In what way is "in the desktop of almost every naive user" a usefully
limited application?

Re: Backround checks are more important than education...

[Alan Braggins]

[EMAIL PROTECTED] wrote:
> > > Thousands of teachers will not be able to take classes at the start
> > > of the new term because character checks on them will not have been
> > > completed, the government has admitted.
[...]
> This is in the context of a knee jerk reaction to an apparent murder
> case of two young girls where one of the two accused worked in the
> girl's school.

The requirement for background checks was in place long before the murder
(and the local paper said both the accused had passed them - the man
accused of the murder worked as a caretaker at the village college, and
the woman accused of perverting the course of justice as a classroom
assistant at the girls' school). (I live in a village next to Soham).

The case has presumably influenced how seriously the checks are taken,
though there are reports of some schools trying to skip them to get
teachers working in time.
http://www.guardian.co.uk/child/story/0,7369,780573,00.html

-- 
Alan Braggins  mailto:[EMAIL PROTECTED]  http://www.ncipher.com/
nCipher Corporation Ltd.  +44 1223 723600  Fax: +44 1223 723601

Make Huge Profits on eBay

[alan]

  

  Fortunes are literally being made in this new marketplace.
  
  Over $9 Billion in merchandise
was sold on eBay in 2001 by people just like you - right from
their homes! 
  Now you too can learn the secrets of successful selling
on eBay and make a staggering income from the comfort
of your own home. If you are motivated, capable of having
an open mind, and can follow simple directions, then visit
us here.
  You received this offer as a result of an affiliate relationship
with one of our marketing partners. If you are not interested in future
offers, just send a blank message to [EMAIL PROTECTED] 
  
  

 
 
 
  
 
  

Fathers Day - It's Not to Late!

[Alan Canas]

Title: BeyondGourmet.com






   
 
   
  
 
   

  
  
   

  AVOID 
LAST MINUTE EXPRESS SHIPPING FEES AND TAKE ADVANTAGE OF OUR FREE 

GROUND SHIPPING
  Prefer 
to  Order by Phone? 


Call Toll-Free (877) 999-4940

  
   
 
  

 
   

  Sports 

  Gift Box 
  
   

  Barbecue 

  Fun Gift Pack 
  
   

  Fish 

  Creel Gift Basket 
  

  
  Puzzled 
With Trying to Figure Out What to Give Dad For 
Father's Day?
The "Missing Piece" Can Be Found At Beyond Gourmet Using Their 

NEW Gift Finding Tool! 
   
 
  
 
   
Choose 
  From One of The Following:

  

  Gifts 
For Dad's Of All Ages
  Gifts 

For Dad's: Ages 29 & Under
  Gifts 

For Dad's: Ages 30 to 49
  Gifts 

For Dad's: Ages 50 & Up
  Gifts 
For Dad's From "The Little Ones"

  
  
OR  
 Give Beyond Gourmet's "NEW" Interactive 
Tool A Try!
  

 
   

  Ask 
ED Gourmet! 

(He 
will provide you with GREAT gift options)


   
 
   
For 

  The Graduate.
Munchies 

  & Music
  This 

  attractive, yet functional, antiquated wood case 

  holds up to 20 CD’s and is packed with delicious 

  pretzels, mustard, cookies, candies & nuts 
to 
  accompany your favorite music.
  

 
  

  

Prefer 
  to  Order by Phone? 

  Call Toll-Free (877) 999-4940
  Beyond Gourmet - Your Resource for Gourmet Gifts, Gourmet 

  Food, Recipes, Fun and More! 
  Enjoy Life!
  

  
    

  

  
   

  

Re: Bad guys vs. Good guys

[Alan Braggins]

Ken Brown wrote:
> Er, I hit "send" prematurely, and I meant to go on to say that I have
> often used 1 or 200 UKP in folding money - it is easy to do with
> universal availability of ATMs.
[...]
> Of course that doesn't apply to genuinely expensive items. I'm not sure
> I ever spend more than maybe 200 UKP (300 USD) in cash at one time.

I've bought cars for more than that with cash. (Not $25,000 ones though).
But that starts to need to be planned, rather than just withdrawn from
an ATM in one go.

Re: Two ideas for random number generation

[Alan Braggins]

> > Actually you left something out, the PRNG by definition must have a
> > modulus of repetition. At some point it starts the sequence over.
> >
> As usual, Jim is wrong. There are deterministic systems which never
> repeat. For example, there is an algorithm which will give you the
> nth digit of pi.

http://www.mathsoft.com/asolve/plouffe/plouffe.html


>If I use this as my PRNG (one way I could seed it would
> be to use key to pick a starting point)

Or just mix pi with a more conventional PRNG, which will avoid you having
to use huge seeds to stop your output stream matching anyone's pregenerated
lookup tables of lots of digits of pi.

-- 
Alan Braggins  mailto:[EMAIL PROTECTED]  http://www.ncipher.com/
nCipher Corporation Ltd.  +44 1223 723600  Fax: +44 1223 723601

Re: Dell Computer Corporation Doesn't Deserve Your Business

[Alan]

On Wednesday 27 February 2002 17:52, Seth Finkelstein wrote:
> >On Wed, Feb 27, 2002 at 03:50:20PM -0500, Matthew Gaylor wrote:
> > I'm carbon copying this message to Seth Finkelstein, who I consider
> > the pit bull of the anti-censorware opposition.  And I have a
> > question for Seth- Dell's use of the paraphrase comment "illegal
> > purposes" reminds me of the various categories that filtering
> > software uses to describe a site.  I wonder if Dell didn't run the
> > Weigand site into a filtering application to make the decision not
> > to sell one of their computers to him?]
>
>   I called Dell to try to verify the story myself before
> commenting. An official response I received seems to indicate that
> they did indeed flag "Weigand Combat Handguns Inc." as suspicious from
> the word "Combat":
>
> "We recently received an order from a customer whose company name
> included the word "combat." We cancelled the order to give us enough
> time to follow up with the customer and be assured that the sale
> would be in compliance with U.S. export law."

This excuse sounds incredibly bogus.

Since when do you *cancel* an order in order to check up on if it is legal 
for you to ship to them?

Sounds like someone putting their "Dell Dough" in the wrong place...
 

Re: Sheeple Land With Hands on Heads

[Alan]

On Monday 11 February 2002 12:30, Eric Cordian wrote:
> Some guy on a flight to SLC tries to go to the bathroom 5 minutes later
> than allowed, and then pauses before following orders to return to his
> seat.
>
> So of course, Armed Air Marshals immediately take over the cabin.
>
> The guy with the weak bladder faces 20 years in prison, for defying the
> state in the form of a flight crew.

What was he supposed to do? Pee in his seat?

The way the air marshal reacted reminded me of kindergarten.  "Since one of 
you disobeyed, all of you have to put your heads on your desks until told 
otherwise."

feh!

I live in a state where the economy is being helped into the sewer because of 
the absurd travel restrictions.

Oregon has a high percentage of high-tech companies that are owned by out of 
state entities.  (For some weird reason, they think that they have to have a 
Silicon Valley address or they will not be thought of as "special".)

Before this stupidity started, most business between such offices was done by 
hopping on a plane every couple of days. Now that is less than practical.

I know at least one person who has lost her job due to the office being shut 
down because it was just too much hassle having a satelite office in Oregon.

Intel got around the previous rules by having private jets. I have not heard 
if they have had to follow the same silly restrictions since the "Sept 11th 
excuse". (I have not been back to San Jose since last August, which is fine 
by me since it is one of the most BORING places I have ever been. It needs a 
large band that says "Sanitized for your protection" wrapped around the city.)

I doubt if anyone in Washington will get a clue and change things any time 
soon.  Not until businesses get a clue and beat on their various purchaced 
congress-critters.



>
> -
>
> SALT LAKE CITY -- An airline passenger who allegedly got up to go the
> bathroom less than 30 minutes before landing became the first person
> arrested under a new federal flight regulation adopted for the Olympics.
>
> Richard Bizarro, 59, could get up to 20 years in prison on charges of
> interfering with a flight crew.
>
> Bizarro was on a Delta flight from Los Angeles on Saturday when he
> allegedly left his seat 25 minutes before landing, despite two warnings
> from the captain to the 90 passengers to stay put as required under the
> 30-minute rule adopted for Salt Lake City by the Federal Aviation
> Administration.
>
> Because of the incident, air marshals aboard the plane ordered all
> passengers to put their hands on their heads for the rest of the flight.
>
> Bizarro was jailed overnight and released on his own recognizance
>
> Authorities said a flight attendant instructed Bizarro to return to his
> seat immediately after he left the bathroom. She said Bizarro, who is
> 6-foot-2 and 220 pounds, ignored her orders and stared at her for about a
> minute before returning to his seat, according to the FBI.
>
> The incident was seen by two of three undercover air marshals on board,
> the FBI said. One of the agents said he saw Bizarro give what appeared to
> be a "thumbs up" to another passenger as he returned to his seat,
> prompting the marshals to take control of the cabin.
>
> The Salt Lake City rule requiring no passenger movement during the last 30
> minutes went into effect Feb. 5. It already had been in effect for flights
> to Reagan International Airport in Washington.

Re: Rogue terror state violates Geneva Convention

[Alan Olsen]

On Sun, 13 Jan 2002, Declan McCullagh wrote:

> On Mon, Jan 14, 2002 at 01:13:41AM +0800, F. Marc de Piolenc wrote:
> > I'll say it again - these are not prisoners of war! 
> 
> This is the heart of the matter. If the detainees are determined
> to be POWs, that triggers a certain level of legal protection.
> So far, it seems as though the U.S. is saying they are not but
> we'll extend them some of the benefits because we're nice guys.

The current administration keeps waffling on if this is a war or not.

When it suits their purposes (getting money out of congress, censoring the 
press, and trampling on the constitution and bill of rights) it is a War.  
When it does not suit their purposes (like how they treat prisoners), it 
is not a War.

Speaking of "Missing In Action"...

Anyone know what Cheany is up to? 

If life imitates the movies, we are either seeing a remake of "Dave" or 
"Weekend At Bernies".

-- 
[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
 "All power is derived from the barrel of a gnu." - Mao Tse Stallman

Re: ACTION: SUCCESS! Anti-Terrorism Act of 2001

[Alan]

On Tuesday 25 September 2001 17:38, Black Unicorn wrote:
> Since the only goal in the first place was to delay I repeat:
>
> SUCCESS!

Until they wait until people look the other way and then sneak it past.  
(Like every other privacy-rapeing bill over the last ten years.)

>
> - Original Message -
> From: "Declan McCullagh" <[EMAIL PROTECTED]>
> To: "Black Unicorn" <[EMAIL PROTECTED]>
> Cc: <[EMAIL PROTECTED]>
> Sent: Tuesday, September 25, 2001 5:37 PM
> Subject: Re: ACTION: SUCCESS! Anti-Terrorism Act of 2001
>
> > On Tue, Sep 25, 2001 at 10:04:09AM -0700, Black Unicorn wrote:
> > > The hearing for markup of the Anti Terrorism Act of 2001 has been
>
> cancelled by
>
> > > direction of the Chairman and has not been rescheduled at this time.
> >
> > Try next week...
> >
> > -Declan

RE: Congress hard at work: Cereal box regulation

[Alan Olsen]

On Thu, 2 Aug 2001, Steve Schear wrote:

> At 01:40 AM 8/2/2001 -0700, Alan Olsen wrote:
> >On Wed, 1 Aug 2001, Declan McCullagh wrote:
> >
> >It would be worth it to go just for the purpose of asking what they were
> >going to do about cereal killers.
> 
> You mean those who put ketchup on their corn flakes ;-)

Actually I had this image of Microsoft getting involved in the hearings
and complaining about Open Source Cereal. 

Now I have this image of "what if O'Reilly made cereal".  ("These sendmail
flakes are REALLY tough!" "Well you don't want to think about the
"Mastering Regular Expression Pops!")

Remember: Coffee *before* posting!

[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
 "All power is derived from the barrel of a gnu." - Mao Tse Stallman

RE: Congress hard at work: Cereal box regulation

[Alan Olsen]

On Wed, 1 Aug 2001, Declan McCullagh wrote:

> At 02:52 PM 8/1/01 -0400, Trei, Peter wrote:
> >Politicians have too much trouble justifying their
> >existence to let a chance like this slip through.
> 
> Hahahaha. Actually, I'm starting to feel sorry for politicans, especially 
> the folks in Congress. Think of it: They have such crude tools available to 
> them. They can hold hearings or introduce legislation -- that's about it. 
> Not much in the way of options. Poor saps. We should provide more creative 
> outlets for them.
> 
> Thus we get wacky attempts like Sen. Torricelli's 
> don't-email-someone-unless-you-want-to-go-to-jail bill I wrote about for 
> Wired today.

It would be worth it to go just for the purpose of asking what they were
going to do about cereal killers.

(Of course, I don't think I could keep a straight face in the building,
let alone in front of those goons...)

[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
 "All power is derived from the barrel of a gnu." - Mao Tse Stallman

Re: Laws of mathematics, not of men

[Alan Olsen]

On 2 Aug 2001, Dr. Evil wrote:

> > The prosecutors who read this list must be chortling.
> 
> Chortling is a form of laughter.  Prosecutors, like Ukrainian customs
> agents, have had their sense of humor surgically removed, so I doubt
> they chortle very much.

unless it involves wounded kittens or battered small children.  (Deep
fried in a light tempura...)

[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
 "All power is derived from the barrel of a gnu." - Mao Tse Stallman

Re: Criminalizing crypto criticism

[Alan Olsen]

On Wed, 1 Aug 2001, Rick Smith at Secure Computing wrote:

> I had suggested that a large number of crypto researchers take the 
> proactive (or rather, prophylactic) step of informing *all* vendors of copy 
> protection that the researchers are interested in studying the encryption 
> used in their products. The notion of this would be that such an act by a 
> large group would reduce the risk of retribution against individuals who 
> participated.

Trying to get a large group of any profession to do one thing is next to
impossible.

I can see what this is going to do to third party due dilligance.

Say you have a company that wants to use product X.  But the lawyers set
in and say "prove it is reasonably secure" as a CYA measure.

There are many cases where you do not want to give the company advanced
warning that you are doing this, otherwise they may try and skew the
results.  (Making "special" versions that don't work the same as the
normal one. Taking out especially dangerous features.)

BTW, this is *not* a hypothetical example.

I worked on a project under contract to break a security method used by an
e-commerce system.

When the company found out what we discovered, they were very pissed off.
If we had not had one of the bigger computer companies backing us up on
the project, they would have probably sent lawyers after us.  (At some
point, the information will get out.  The details of snake-oilness are
pretty funny, in a sad sick way.)

The security industry is going to be seriously burned by this.

If I were to get a group of people together, it would be the security
profesionals. I would have them boycott the US Govenment and any of the
supporters of the DMCA.  Just refuse to do work for them and explain why.
(Something like "If I do my job, you might decide to put me in jail on a
whim".)

> At 05:43 PM 7/31/2001, Alan Olsen wrote:
> 
> >All they have to do is make a messy example out of one or two. (It also
> >helps if you can get a prosecutor that is working on a promotion to help out.)
> 
> I Am Not A Lawyer, so someone more knowledgeable may correct me if I'm 
> wrong, but...
> 
> There's nothing here for a prosecutor to do. There's nothing illegal about 
> a bona fide crypto researcher informing a vendor of an intent to study 
> their product, which is offered to sale to the public. In fact, the 
> researcher is complying with the legal requirements.
> 
> I don't see any way the vendor could file an injunction or take other legal 
> action simply because someone (especially one of a large number of people) 
> announced an intent to study their product, again, as a bona fide crypto 
> researcher, as stated in the law.
> 
> Rick.
> 
> 

[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
 "All power is derived from the barrel of a gnu." - Mao Tse Stallman

RE: Laws of mathematics, not of men

[Alan Olsen]

On Wed, 1 Aug 2001, Sandy Sandfort wrote:

> 1)  "Cypherpunks write code."  This metaphorical admonition tells us to make
> the laws irrelevant by outrunning them with technology.  I couldn't agree
> more.  I don't see much benefit in asking the nice lawmakers to do fuck us
> so badly, please.  Better to take steps that put us outside of their reach.

"The first rule of not being seen is ''Don't stand up''."

[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
 "All power is derived from the barrel of a gnu." - Mao Tse Stallman

Re: Congress hard at work: Cereal box regulation

[Alan Olsen]

On Wed, 1 Aug 2001, Declan McCullagh wrote:

> SENATE JUDICIARY COMMITTEE Packaging Antitrust, Business Rights, and 
> Competition Subcommittee hearing on "S.1233, the Product Package Protection 
> Act: Keeping Offensive Material Out of our Cereal Boxes." Location: 226 
> Dirksen Senate Office Building. 2 p.m. Contact: 202-224-7703 
> http://www.senate.gov/~judiciary

Looking for the "Crack" in "snap, crackle, and pop"?

I would be interested in attending this just to try and figure out what
the HELL they are worried about.

I don't think Safeway is going to start carrying "PornoPops" any time
soon.

[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
 "All power is derived from the barrel of a gnu." - Mao Tse Stallman

Re: Criminalizing crypto criticism

[Alan Olsen]

On Tue, 31 Jul 2001, Rick Smith at Secure Computing wrote:

> There are probably enough "cryptography researchers" out there that even a 
> large vendor won't feel tempted to harass them all proactively.

All they have to do is make a messy example out of one or two. (It also
helps if you can get a prosecutor that is working on a promotion to help
out.)

[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
 "All power is derived from the barrel of a gnu." - Mao Tse Stallman

Re: New Singapore surveillance software can detect abnormal behaviour(fwd)

[Alan]

Am I the only one reminded of the story "Agent of Chaos" by Norman Spinrad?

And Singapore would be just the type of place to make violation of the 
unusual action protocol a capital offense.

On Monday 30 July 2001 06:04, Eugene Leitl wrote:

> -- Forwarded message --
> Date: Sat, 28 Jul 2001 12:40:36 -0400
> From: Matthew Gaylor <[EMAIL PROTECTED]>
> Reply-To: [EMAIL PROTECTED]
> To: [EMAIL PROTECTED]
> Subject: New Singapore surveillance software can detect abnormal behaviour
>
> Surveillance software can detect abnormal behaviour
>
> Friday July 27 7:38 AM ET
>
> New Singapore Software Can Beef Up Surveillance
>
> http://dailynews.yahoo.com/h/nm/20010727/tc/tech_singapore_software_dc_1.ht
>ml
>
> SINGAPORE (Reuters) - Singapore scientists have created new software which
> may beef up surveillance efforts in the future by distinguishing between a
> person's normal activities and suspicious behavior.
>
> The software created by researchers at the Nanyang Technological University
> can tell the difference between people walking, talking and acting
> normally, and abnormal behavior such as a fight or someone collapsing.
>
> The Singapore team recorded and classified 73 features of human movement,
> such as speed, direction, shape and pattern.
>
> The features were then used with existing ``neural network'' software,
> which can learn and remember patterns, to create a new program.
>
> ``Each of the features is actually generated from a formula ...then the
> learning software will be able to classify certain motion as normal or
> abnormal,'' associate professor Maylor Leung told Reuters on Friday.
>
> ``It's something new. No one has tried (developing it) and so far we are
> successful,'' he said.
>
> Images fed to the software, such as from a surveillance camera, are
> analyzed almost instantly and with 96 percent accuracy, Leung said.
>
> The software can trigger an alarm when unusual movements are detected,
> making it well suited for surveillance.
>
> Creating the artificial intelligence needed to recognize complex human
> motion has been a challenge, Leung said.
>
> It is difficult for the human eye to accurately judge motion, such as
> speed, and even harder for a software program to do so, he said.
>
> Leung is looking for partners to commercialize the software. The research,
> which took two and a half years, is pending publication in several
> technical journals.
>
> __
> Distributed without profit to those who have expressed a prior interest in
> receiving the included information for research and educational purposes.
> ---
>
> **
> Subscribe to Freematt's Alerts: Pro-Individual Rights Issues
> Send a blank message to: [EMAIL PROTECTED] with the words subscribe FA
> on the subject line. List is private and moderated (7-30 messages per week)
> Matthew Gaylor, (614) 313-5722  ICQ: 106212065   Archived at
> http://groups.yahoo.com/group/fa/
> **

Re: Criminalizing crypto criticism

[Alan]

On Friday 27 July 2001 11:13, Steven M. Bellovin wrote:
> In message <[EMAIL PROTECTED]>, Declan McCullagh writes:
> >One of those -- and you can thank groups like ACM for this, if my
> >legislative memory is correct -- explicitly permits encryption
> >research. You can argue fairly persuasively that it's not broad
> >enough, and certainly 2600 found in the DeCSS case that the judge
> >wasn't convinced by their arguments, but at least it's a shield of
> >sorts. See below.
>
> It's certainly not broad enough -- it protects "encryption" research,
> and the definition of "encryption" in the law is meant to cover just
> that, not "cryptography".  And the good-faith effort to get permission
> is really an invitation to harrassment, since you don't have to
> actually get permission, merely seek it.

Even worse is if the "encryption" is in bad faith to begin with. (i.e. They 
know it is broken and/or worthless, but don't want the general public to find 
out.)

Imagine some of the usual snake-oil cryto-schemes applied to copyrighted 
material.  Then imagine that they use the same bunch of lawyers as the 
Scientologists. 

This could work out to be a great money-making scam!  Invent a bogus copy 
protection scheme.  Con a bunch of suckers to buy it for their products. Sue 
anyone who breaks it or tries to expose you as a fraud for damages.


I mean if they can go after people for breaking things that use ROT-13 
(eBooks) and 22 bit encryption (or whatever CSS actually uses), then you can 
go after just about anyone who threatens your business model.

I guess we *do* have the best government money can buy.  We just were not the 
ones writing the checks...

Re: turning off your computer turns away hackers

[Alan Olsen]

On Thu, 26 Jul 2001, Subcommander Bob wrote:

> "turning off your computer turns away hackers"

Not if I have an axe. ]:>

[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
 "All power is derived from the barrel of a gnu." - Mao Tse Stallman

Re: Airline passengers, revisited

[Alan Olsen]

On Thu, 26 Jul 2001, Aimee Farr wrote:

> Passenger Processing Using Biometrics To Be Unveiled
> 
> EyeTicket Corporation, the leader in high volume public processing and
> access control using biometric identification, will hold a news conference
> on Thursday, July 26, to announce a groundbreaking new program to expedite
> airline passenger processing. This announcement represents the first
> large-scale application of passenger processing relying solely on
> biometrics. Details of the evaluation program, being conducted in
> cooperation with BAA, British Airways, UK Immigration Service and Virgin
> Atlantic Airways, will be unveiled during the news conference.
> 
> Source: Biometric Digest

"To offset the ever rising price of fuel, in conformance with the
biometric registration act, the airline will be exchanging biometric
information with the proper authorities and favored trading partners.  To
opt out of this program, just poke your eyes out with the tool provided at
the desk."

[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
 "All power is derived from the barrel of a gnu." - Mao Tse Stallman

Re: Lasers and ICBMs

[Alan Olsen]

On Wed, 25 Jul 2001, Eugene Leitl wrote:

> On Wed, 25 Jul 2001, Tim May wrote:
> 
> > A lot of the calculations being sketched out here, of watts/cm^2,
> > dwell times, gold coatings, etc. are slightly off-base. We've known
> > for 20+ years that the kill method is to use a short pulse to "push"
> > (not from the photons' momentum) in the thin wall of an ICBM's fuel
> 
> Explosive ablation sounds like giant pulses, and chemicals lasers (the
> only ones known to provide lasing output in the ballpark) don't do these
> very well. So either you have to fire synchonously from many platforms, or
> have a veritable Death Star out there in LEO. Several of them, in fact, to
> maintain an umbrella at all times.

Why is this reminding me of some of the activities of local Law
enforcement?

All of this talk of multiple shots fired, but no mention of what happens
to those that miss or continue on past the target after hitting it.

I expect that if they ever do test this thing in low earth orbit or any
other space bound platform, we may see a few "accidents" that were not
counted on.  

"Oops! Accidently hit that communications satilite. Sorry!"

"Oops! Accidently hit that densely populated urban area!"

Oops! "Accidently" hit Tim May's house!"

[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
 "All power is derived from the barrel of a gnu." - Mao Tse Stallman

Re: Weird message from someone named "NIPC"

[Alan Olsen]

On Thu, 26 Jul 2001, Declan McCullagh wrote:

> Now that I've actually read through some of what Tim posted, I think
> it's clear what it is. Hint: Vatis wasn't in charge of NIPC by June
> 29, and I don't recall any such hearing, and his reported comments
> are a little, well, unusual. --Declan

"A mind-fuck is a terrible thing to waste."

[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
 "All power is derived from the barrel of a gnu." - Mao Tse Stallman

Re: Ohio man convicted for "obscene" stories in his private journal

[Alan]

On Monday 23 July 2001 15:43, Steve Schear wrote:

> "What's the difference between the Russian Constitution and the American
> Constitution?  They both guarantee freedom of speech, but the U.S.
> Constitution also guarantees freedom after the words are uttered."
>
> Dmitry Perevozhkin, "Anecdotes about Putin"

"The constitution may have its problems, but it is better than what we have 
now." - Unknown

Re: did cryptome.org lose it's name?

[Alan Olsen]

On Thu, 29 Mar 2001, Eric Murray wrote:

> It looks like cryptome.org's lost it's name:
> 
> % ericm(pts/1)# whois crytpome.org
> [whois.internic.net]
> 
> Whois Server Version 1.3
> 
> No match for "CRYTPOME.ORG".

"Dyslexia -- name for it by ask!"

It would help if you spelled it correctly...

"cryptome.org", not "crytpome.org".

[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
"In the future, everything will have its 15 minutes of blame."

Re: Can I reproduce out of print books?

[Alan Olsen]

On Sun, 11 Mar 2001, A. Melon wrote:

> Does anyone know the law regarding duplication of out of print
> books/other works?
> 
> E.g. Stephen King withdrew his book 'Rage' (support your neighborhood
> second-hand bookstore) about a schoolkid who holds his class hostage 
> at gunpoint, shortly after the Littleton shootings.  King _does not_ 
> want this book to be available to the public until the mess blows over.
> 
> If I distributed this book in electronic format for free, I would not
> be costing him a single penny.  Would I still be violating the DCMA
> and which other laws would I violate?  
> 
> Also, what if I claimed that books like King's were in some way
> responsible for the current spate of shootings?  Would I be able to
> reproduce the book (so my quotes can be judged in the context of a whole 
> work) in order to campaign against it?  Or can he legally suppress his 
> own works?

You would still be in violation of the law.

Censorship by copyight is not new.  It has been going on for quite a
while.  (Everything from the Scientologists trying to prevent leaks of
their pay-per-view religion to companies that produced films hyping
products that turned out to be a danger to the general public. (Like the
paint company that was pushing a paint mixed with DDT in incredibly high
doses.))

I expect to see alot more copyright censorship in the coming years.  In
fact, I expect that with the direction the feds are taking, all forms of
censorship will have copyright violations attached for extra jail time
added.

[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
"In the future, everything will have its 15 minutes of blame."

Re: "Information wants to be free"

[Alan Olsen]

On Tue, 27 Feb 2001, Tim May wrote:

> >Right.  All the "content-for-pay" artists now have to compete
> >against all the unpaid amateurs who are webpublishing because
> >webpublishing is easy and nearly free.
> 
> Or because "information wants to be free" (*) and _someone_ will make 
> the songs or images or whatever available for absolutely nothing. 
> Good examples of this are Napster, of course, and the 
> alt.binaries.erotica.* Usenet newsgroups.

"Information *actually* wants to be tied up and spanked."

[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
"In the future, everything will have its 15 minutes of blame."

Re: MS Product Activation for Windows (licensing)

[Alan Olsen]

On Wed, 10 Jan 2001, Bill Stewart wrote:

> The El Cheapo PCs each came with a licensed Win98;
> I've got the disks in a stack, and keeping track of which 
> CD goes with which PC would be a serious annoyance.
> It's actually worse, because the PCs are pieces of junk
> that need to be have major chunks of Windows reloaded
> every once in a while, though at least Win98 has less of the
> "you have moved your mouse, please put in the Windows CD and reboot"
> that Win95 had.  It's annoying enough to keep track of
> which Win98 serial numbers go with which CDROMs -
> writing the number on the CDROM helps, but you can't
> read it when it's in the drive :-)

Whenever I install a copy of Windows (rare these days), I always copy the
install files to the hard drive.  The reason for this is that half the
time when Windows decides it needs something else, it cannot find the
CD-ROM drive.

This new policy guarantees that I will never buy a Microsoft OS again.

I actually upgrade the motherboards on home machines.  I cannot afford to
repurchace, replace and reinstall every piece of software on those
machines just to upgrade the hardware.

Fuck them! Not for a game machine. (Which is about all that Windows gets
used for around here. That and Eudora.)

This is going to make life HELL for every sysadmin who has to deal with
this crap.  I expect that you will see alot of admins printing the serial
numbers and taping them to the machines.

Microsoft is just trying to squeeze every last dollar from their
customers. Many of them are going to get tired of it and tell them where
to go.

[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
"In the future, everything will have its 15 minutes of blame."

Re: Electric Kettles

[Alan Olsen]

On Thu, 4 Jan 2001 [EMAIL PROTECTED] wrote:

> Great Topic!
> 
> Steve Mynott wrote:
> 
> > Ken Brown <[EMAIL PROTECTED]> writes:
> >
> > On a tangent a friend claimed Americans didn't have electric kettles
> > for boiling water.
> >
> > Can anyone confirm whether this is true?
> >
> I have never seen an electric kettle for boiling water for tea.

It is false. I have an electric kettle for boiling water. It gets used for
tea fairly often. (Or it did, until I bought a new tea kettle.)

Why some people believe these urban myths...
 
[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
"In the future, everything will have its 15 minutes of blame."

Re: Jim Bell arrested, documents online

[Alan Olsen]

On Wed, 22 Nov 2000, David Honig wrote:

> At 08:31 PM 11/21/00 -0500, Ray Dillinger wrote:
> >
> >Even if they couldn't find a specific law to charge the 
> >operator of an AP server with, or couldn't get a conviction 
> >on the laws they'd charged him/her with, they would doubtless 
> >issue a court order commanding the operators of the server 
> >to cease and desist.
> 
> Correct, except that you haven't grasped that it will be impossible
> to trace anything to anyone.

*Except* the hosting server. Legal "whack-a-mole" games will commence soon
after discovery. (Or they will just yank the entries out of the root DNS
servers or screw with the routing tables on the backbone.)

> To see this, you need to imagine truly anonymous payment schemes
> and truly anonymous information publishing.  [The latter tech
> exists, the former has to deal with interfacing with the US dominated
> financial web, and exchanging ecredits for meatthings.  Meat being
> succeptible to guns & cruise missiles, of course.]

The host of the site is the only one with his ass left hanging out.

> Bell's observation is simply: if you have these two (cash & freedom of
> speech), look at what one could build.  And the social implications thereof.

I disagree.  I don't believe Jim really was willing to consider the social
implications of his scheme.

He seemed to think that the only target of this would be the government.

I think that there would be a much bigger field of targets than that.

Think about it.  If you had the chance to have people killed without any
posibility of capture, who would it be?

I think that there are more people out there who would go after Bill Gates
or John Tesh than there would for various little known public officials.
(This could be a case where fame could have an even bigger downside.
About six feet down.)

One of the reasons that this country is so fucked up is that few pay
attention to what their leaders actually do.  You tell them about laws
that are already on the books and they don't believe you. They still buy
into the myth that America is the "Freest Country in the World(tm)".

The people they do hate, however, are those that annoy them. In-laws, bad
TV celebs, evil software moguls, etc.

And what about those people who have lots of money and little or no
personal ethics?  Say that you have a company whos rival has a bunch of
engineers that you want.  They won't work for you, so you have them done
in.  (Or maybe the prosecutors in a big anti-trust trial.)

Free and open assassination markets are a messy thing. True, some good
would come out of them. A whole bunch of bad would come out of them as
well.

Just because you can do something, does not mean that you should.

[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
"In the future, everything will have its 15 minutes of blame."

Re: A strange election scenario.

[Alan Olsen]

At 11:28 AM 11/8/00 -0500, Trei, Peter wrote:
>It looks like Gore has won the popular vote, and
>that Florida is more likely to tip to Bush than to
>Gore. If this happens, the show is not
>necessarily over.
>
>If Bush wins Florida, and Gore wins Oregon,
>the electoral college will stand at Gore 267,
>Bush 271. You'd expect that King George
>the Second would rule. But
>
>In most states, electoral college
>electors are bound by law to cast their
>votes in favor of the candidate who won
>their state. But not all - in some states
>(which ones? I don't know) electors can
>legally vote their conscience. A Libertarian
>presidential candidate got an electoral vote
>a while back in this manner.
>
>If three of these 'unbound' electors are in states
>which went to Bush, and decide to 'follow
>the mandate of the national popular vote'
>they can flip the election.
>
>Interesting times.

I am just wondering what they do if it comes down to an actual *tie* in 
Florida.

Personally I would like to see the two candidates fight to the death in a 
tub of raw sewage with a couple of rusty sporks.  (Not that they will do 
something sensible like that...)

The coming gridlock could be the best thing to happen to the country though.

---
| Terrorists - The Boogiemen for a new Millennium.   |
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer: |
| mankind free in one-key-steganography-privacy!"  | Ignore the man  |
|  | behind the keyboard.|
| http://www.ctrl-alt-del.com/~alan/   |[EMAIL PROTECTED]|

Re: Courts interfering with election

[Alan Olsen]

At 10:10 PM 11/7/00 -0500, David Honig wrote:
>At 09:31 PM 11/7/00 -0500, Tim May wrote:
>If they work hours such
> >that they cannot be at the polling places during these hours, they
> >obtain absentee ballots. Or they take personal time off of work. Or
> >they go in an hour later. Etc.
>
>California is reported to have 20% absentee ballots, see the latimes.com

Oregon has vote by mail.  (Fun watching both of the major parties spending 
*LOTS* of time here when large numbers of people had already sent in their 
ballots.)

One of the more interesting ballot measures in Oregon would require the 
government to have a conviction before being able to seize property.  The 
arguments against are pretty interesting.  The first set in the voter's 
pamphlet is from the Humane Society claiming that the measure would "harm 
animals".  (When you can use the "Its for the chilldddreeennn" argument, 
hurting animals is the next best thing.  Reminds me of the National Lampoon 
cover with the dog with the gun to his head.  "Vote NO on measure 3 or the 
dog dies!")

---
| Terrorists - The Boogiemen for a new Millennium.   |
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer: |
| mankind free in one-key-steganography-privacy!"  | Ignore the man  |
|  | behind the keyboard.|
| http://www.ctrl-alt-del.com/~alan/   |[EMAIL PROTECTED]|

Re: US report urges Arafat to use torture for peace

[Alan Olsen]

On Sun, 5 Nov 2000, An Metet wrote:

> http://www.independent.co.uk/news/World/Middle_East/2000-11/ruthless061100.shtml
> 
> An influential think-tank advises Palestinian Authority to ruthlessly repress 
>militant elements without regard for basic human rights 
> 
> By Robert Fisk in Gaza 
> 

"If you can't beat em, beat em!"

[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
"In the future, everything will have its 15 minutes of blame."

Re: How the Feds will try to ban strong anonymity

[Alan Olsen]

At 04:30 PM 10/8/00 -0400, you wrote:
> --
>At 03:33 PM 10/8/2000 -0400, David Honig wrote:
> > Wasn't a "license to drive" on the "info superhighway" bandied about
> > when the latter term was sickeningly popular?
>
>Everything on the internet is a packet with a destination address and a 
>return address.  To create a police state on the internet, all that is 
>necessary is to ensure a one to one correspondence between an internet 
>address, and a human face that can be beaten to pulp.

Maybe that is why IPSec seems to have never considered DHCP or PPP IP pools 
in its design.

---
| Terrorists - The Boogiemen for a new Millennium.   |
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer: |
| mankind free in one-key-steganography-privacy!"  | Ignore the man  |
|  | behind the keyboard.|
| http://www.ctrl-alt-del.com/~alan/   |[EMAIL PROTECTED]|

Re: How the Feds will try to ban strong anonymity

[Alan Olsen]

At 03:33 PM 10/8/00 -0400, you wrote:
>At 02:39 AM 10/8/00 -0400, Steve Furlong wrote:
> >Require ISPs to get a license to operate. Terms can be set arbitrarily
> >high. (Bonus points if you make them pay for the monitoring hardware,
> >software, and governmental labor.)
>
>Wasn't a "license to drive" on the "info superhighway" bandied about
>when the latter term was sickeningly popular?

That used to be called "Unix".
---
| Terrorists - The Boogiemen for a new Millennium.   |
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer: |
| mankind free in one-key-steganography-privacy!"  | Ignore the man  |
|  | behind the keyboard.|
| http://www.ctrl-alt-del.com/~alan/   |[EMAIL PROTECTED]|

Re: RC4 - To license or not?

[Alan Olsen]

At 09:27 AM 10/8/00 -0700, Greg Broiles wrote:
>On Sun, Oct 08, 2000 at 03:12:20AM +0200, Stefan Arentz wrote:
> > Real-To:  Stefan Arentz <[EMAIL PROTECTED]>
> >
> > Applied Crypto says this about RC4.
> >
> >  So what's the deal with RC4? It's no longer a trade secret,
> >  so presumably anyone can use it. However, RSA DSI will almost
> >  certainly sue anyone who uses unlicensed RC4 in a commercial
> >  product. THey probably won't win, but they will certainly make it
> >  cheaper make it cheaper for a company to license than fight.
> >
> > This was in '96. I do not want to buy a complete BSAFE license.
> > It is too expensive and I only need RC4.
> >
> > Anyone experienced with this? Will they sue?
>
>No, they almost certainly won't. Over the past few years they've moved away
>from their former pugilistic stance and their marketing/sales strategy seems
>to focus more on code quality and diversity of platform support rather than
>fear.

Redhat 7 Deluxe contains an offer for a "free" BSafe SDK for 
Linux.  (Redhat 7 contains a number of crypto tools, including OpenSSL, 
Kerberos 5 (real, not the damaged version MS ships), OpenSSH, GnuPG, and a 
bunch of other stuff. A good sign, if they did not ship with a beta version 
of GCC.)

As for RSA marketing... i think they have some serious personal issues they 
need to seek counselling for.  (What is it with the psycho-chick in their 
ads anyways?  Ex-girlfriend? A stab at Dourthy Denning? Some latent BSDi 
fetish?)

---
| Terrorists - The Boogiemen for a new Millennium.   |
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer: |
| mankind free in one-key-steganography-privacy!"  | Ignore the man  |
|  | behind the keyboard.|
| http://www.ctrl-alt-del.com/~alan/   |[EMAIL PROTECTED]|

Re: More Columbine fall-out

[Alan Olsen]

On Fri, 29 Sep 2000, Steven Furlong wrote:

> Schools must give police blueprints
> 
> ALBANY - Schools will be required to submit copies of their building
> plans to local police and fire departments under legislation recently
> signed into law by Gov. George Pataki.
> 
> The legislation, proposed by Assemblyman Ronald Canestrari, D-Cohoes,
> was inspired by last year's shootings at Columbine High School.
> Canestrari said police at the scene in Colorado did not have floor plans
> for the school building, which slowed their response to the tragedy.

I wonder if they will practice their raids by converting the plans into
Quake III levels...

[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
"In the future, everything will have its 15 minutes of blame."

Re: domestic bioterrorism incident in FLA school

[Alan Olsen]

On Wed, 13 Sep 2000, William H. Geiger III wrote:

> In <[EMAIL PROTECTED]>, on 09/13/00 
>at 12:59 PM, "A. Melon" <[EMAIL PROTECTED]> said:
> 
> >Subject: domestic bioterrorism incident in FLA school
> 
> >Middle school student arrested in
> > poisoning
> 
> Exactly how do you get "domestic bioterrorism" from a rather simplistic poisoning?

"Domestic Bioterrorism(tm)" is scarier.  The media has learned a long
time ago that if you frighten people and appeal to the fear/threat portion
of their natures that they will buy more papers, watch your news programs,
and be led by the nose into giving up whatever rights and property
demanded by those in power.

Of course in Congress they think "Domestic Bioterrorism" is the day the
maid serves the chicken sushi with sun-ripened mayonaise for lunch.

[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
"In the future, everything will have its 15 minutes of blame."

Re: "ChronoCryption" algorithm - $50 reward for spotting a flaw

[Alan Olsen]

On Mon, 4 Sep 2000, David Honig wrote:

> At 05:34 PM 9/4/00 -0400, Ray Dillinger wrote:
> >
> >I'm with him, actually, about list content.  I had hoped to find 
> >tech discussions going on.  
> 
> There are tech discussions on this list regularly, mixed with
> the sociopolitical rants and spam.  You are not paying attention.

Actually the spam is an experiment is stegonography.  (But only some of
them.)  How to tell the difference is left as an exercise for the reader.

[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
"In the future, everything will have its 15 minutes of blame."

Re: More trolling from cops?n

[Alan Olsen]

On Wed, 28 Jun 2000, Igor Chudov @ home wrote:

> But it is not a crime to share a bomb recipe. Diane Feinstein tried to
> make it a crime, and could not.
> 
> I frankly do not understand why the cops/feds would be interested
> in soliciting something which is not a crime.
> 
> *If* it was a crime, *then* the cops/feds explanation would be most
> fitting.  But it is not.

Since when did cops need to know the law or follow it?

[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
"In the future, everything will have its 15 minutes of blame."

Re: Crypto Typing ID

[Alan Olsen]

On Thu, 29 Jun 2000, John Young wrote:

> The NY Times reports today on an encryption product
> which has a biometric password set by typing rhythm -- speed,
> key-hit impact, pattern, maybe a few more. Developed by Net
> Nanny, the producer claims no two people type exactly the 
> same way. Its called BioPassword. The product is to be used
> by Musicrypt.com to protect music files.

This product is major snake-oil.

It assumes that all people are trained typists.  I never type with the
same rhythm twice because I am busy correcting all the typos I make while
typing.

Just goes to show that reporters are getting lazy again.

[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
"In the future, everything will have its 15 minutes of blame."

Re: "Microsoft crap" considered disingenuous

[Alan Olsen]

At 07:11 PM 6/22/00 -0400, [EMAIL PROTECTED] wrote:
> > >(Not to say that Linux doesn't have some advantages, obviously.
> >
> > The main advantage the Linux has in this regard is that the "average user"
> > cannot modify system binaries.  This makes worms of this sort more
> > difficult to perpetuate. Unfortunatly, there are few usable e-mail clients
> > (as far as I am concerned) on Linux.  (If there was a port of Eudora under
> > Linux, I would not be using windows at home for anything other than games.)
>
>Have you tried Kmail from the KDE project or Balsa from the GNOME project
>??

I looked at KMail and it did not do all of what I needed.  (But that was a 
while ago. I have a current copy and will look into it again.) Mahogany 
looks *QUITE* interesting though.  If it can deal with the weirdnesses I 
need for mail (like complex filters, multiple accounts, and a good spell 
checker), I will be switching over to it.

>If it doesn't need to be graphical then you might want to look at mutt, i
>have a friend who uses that wont shut up about how wonderful it is.

I have tried to use Mutt, but I was not that impressed with it. Maybe I am 
missing something there, as I have had friends rave about it as well.

>I found them to be quite good mail clients in the Eudora mail client
>style.

At work,  use EXMH.  It is usable, but not something I would try and train 
my wife to use.

>I just use pine thought, it seems to be immune to most problems simply
>becasue it doesn't do anything fancy.

I like Pine as well.   use it quite a bit.  (One of the reasons I want to 
move away from EXMH at work is that slocal breaks the mailbox and Pine 
chokes on it.)


---
| Terrorists - The Boogiemen for a new Millennium.   |
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer: |
| mankind free in one-key-steganography-privacy!"  | Ignore the man  |
|  | behind the keyboard.|
| http://www.ctrl-alt-del.com/~alan/   |[EMAIL PROTECTED]|

Re: Help add strong crypto to AirPorts

[Alan Olsen]

On Wed, 14 Jun 2000, Lucky Green wrote:

> Apple is taking a customer survey which features to add to the next
> generation Apple AirPort (IEEE 802.11). The current version only does weak
> crypto. You can cast your vote for strong crypto here:
> 
> http://survey.apple.com/AirPort/

There was an article that showed up on Slashdot a while ago that showed
how to upgrade the AirPort to strong crypto.  (It uses a standard PCMCIA
crypto card.)  I will see if I can dig up the URL.

[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
"In the future, everything will have its 15 minutes of blame."

BIG MOUTH BILLY BASS

[Alan Porter]

I've found the OFFICIAL site for Big Mouth Billy Bass!

These guys have product IN STOCK and make a FAST 
DELIVERY...

http://www.absolutebigmouthbillybass.com/

Regards,

Alan.

Re: Slander & Defamation?

[Alan Olsen]

At 06:46 PM 3/28/00 -0500, Declan McCullagh wrote:
>Actually Mattel yesterday was talking about a class action suit against 
>the *cphack mirror site operators*.

Another example of "Law in the Corporate Interest".

And people wonder why I am an anarchist...
---
| Terrorists - The Boogiemen for a new Millennium.   |
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer: |
| mankind free in one-key-steganography-privacy!"  | Ignore the man  |
|  | behind the keyboard.|
| http://www.ctrl-alt-del.com/~alan/   |[EMAIL PROTECTED]|

Re: AMD to incorporate EMBASSY technology (maybe)

[Alan Olsen]

At 07:40 PM 3/28/00 -0500, Wei Dai wrote:

>I've already decided not to buy anything from Intel again (more because
>of their lack of driver support than anything else). If AMD really
>follows though on this deal I'm going to have a really hard time buying
>my next computer.

Linux runs on the alpha.  (Or if you have even more money, Solaris.)  Or 
PowerPC.
---
| Terrorists - The Boogiemen for a new Millennium.   |
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer: |
| mankind free in one-key-steganography-privacy!"  | Ignore the man  |
|  | behind the keyboard.|
|     http://www.ctrl-alt-del.com/~alan/   |[EMAIL PROTECTED]|