Re: was: Echelon-like resources..
Tyler Durden wrote: [...] Granted, Chonskty can be a little tiring on the ears His voice seems to have mellowed over the years. I heard him on the radio last week and he sounded just like Garrison Keillor :-) Ken Brown
Re: was: Echelon-like resources..
Tyler Durden wrote: [...] Granted, Chonskty can be a little tiring on the ears His voice seems to have mellowed over the years. I heard him on the radio last week and he sounded just like Garrison Keillor :-) Ken Brown
Re: Echelon-like resources...
On Fri, 11 Oct 2002, Tyler Durden wrote: And indeed, in a world where most messages are fairly weakly encrypted, bursts of strongly-encrypted messages will stand out all the more and possibly flag the need for other methods of investigation. Doesn't figure: while it's easy to screen for high information entropy (archives have a signature), telling weak encryption from strong is nontrivial, unless it's conveniently labeled, and you're limiting the attack to a tiny fraction of the entire traffic, not realtime. And of course you can package 'strong' encryption into a 'weak' encryption envelope, so you will only know that 'strong' encryption has been used after you've broken the 'weak' envelope.
Re: was: Echelon-like resources..
Yes: The factory was bombed, but actual deaths were one night watchman, not tens of thousands, and he asserted that the Sudanese government are the good guys in the civil war, and their opponents terrorists. And how many of their citizens have or will die due to lack of those very same pharamceuticals that the bombed factory can no longer produce? Or suffer from disease due to the same? Perhaps not tens of thousands, but more than just the single night watchman, I'd say. The point isn't how many deaths, but what collateral damage was done. Not just in the sense of civilian casualties, but also the damage inflicted on those by the effect of not having said facility around. Of course, for all you and I really know that could have been an Anthrax factory cleverly disguised as as a pharmaceuticals factory, but we can put up rethorical questions and answers such as these for the next millenia and not get anywhere either.
Re: Echelon-like resources...
At 10:52 AM -0700 on 10/13/02, Bill Stewart wrote: (You may not remember, but there was a program from fortify.net that fixed 40-bit implementations of Netscape, and there was even a one-liner Javascript signature-line program that let you set Netscape to use 128 bits... Not to mention the plaintext settings imbedded in the Netscape *executable*. ...it took you long enough, said a Netscape cypherpunk at the time of its discovery... Cheers, RAH Who saw them making the t-shirts, with pasted text from the file itself at FC97, complete with cypherpunks policy on it... -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: was: Echelon-like resources..
Yes: The factory was bombed, but actual deaths were one night watchman, not tens of thousands, Well, you haven't given me a very convincing argument here. In most of his writings, Chomsky makes it clear that the deaths were not due to the bomb, but the loss of medicine (such as penecillin) in Sudan's only pharmecuetical factory. Or the fact that Nicaruaga brought the US before the world court and won? Perhaps that was true, Uh...perhaps? That should be a very easy thing to find out, and as the accusation and conviction were quite damming, and as you claim Chomsky regularly lies on many of his citations, I would have thought that this at least would be one citation you'd check. Got to say...I'm a busy man, and you haven't even said anything meriting even the investigaion of your dis-chomsky web page. From: James Donald [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: was: Echelon-like resources.. Date: Sat, 12 Oct 2002 11:57:24 -0700 (PDT) Tyler Durden As for Chomsky lying, can you give us some specific citations? Did he lie about our support for Sadam Hussein? No Our support for Indonesia? Yes Our bombing of the sudanese pharmacuetical factory? Yes: The factory was bombed, but actual deaths were one night watchman, not tens of thousands, and he asserted that the Sudanese government are the good guys in the civil war, and their opponents terrorists. Or the fact that Nicaruaga brought the US before the world court and won? Perhaps that was true, but pretty much everything else he reported on Nicaragua was a lie, for example that the Sandinistas won free elections, and that the contras were a creation of the US, and that the Sandinistas were more popular than the contras. Granted, Chonskty can be a little tiring on the ears, but my knee-jerk reaction towards your calling him a liar is that you misunderstood the citation. But then again, I could be wrong, so do give us some examples, eh? See my web page Chomsky lies http://www.jim.com/chomsdis.htm Faith Hill - Exclusive Performances, Videos More http://faith.yahoo.com _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com
Re: Echelon-like resources...
On Fri, 11 Oct 2002, Tyler Durden wrote: And indeed, in a world where most messages are fairly weakly encrypted, bursts of strongly-encrypted messages will stand out all the more and possibly flag the need for other methods of investigation. Doesn't figure: while it's easy to screen for high information entropy (archives have a signature), telling weak encryption from strong is nontrivial, unless it's conveniently labeled, and you're limiting the attack to a tiny fraction of the entire traffic, not realtime. And of course you can package 'strong' encryption into a 'weak' encryption envelope, so you will only know that 'strong' encryption has been used after you've broken the 'weak' envelope.
Re: was: Echelon-like resources..
On Sun, 13 Oct 2002, Sunder wrote: Of course, for all you and I really know that could have been an Anthrax factory cleverly disguised as as a pharmaceuticals factory, but we can put up rethorical questions and answers such as these for the next millenia and not get anywhere either. Exactly. So let's stop burning synapses on trivialities of daily politics. Being too out of touch is never advisable, but taking a deliberate vacation every now and then from the mass media sometimes pays.
Re: Echelon-like resources...
And of course you can package 'strong' encryption into a 'weak' encryption envelope, so you will only know that 'strong' encryption has been used after you've broken the 'weak' envelope. Oh yeah. Interesting. Of course, this would be done only if the sender knew or supected how mass-scanning might be done. And so the existence of another level of heavier encryption (see next paragraph) might be a tip off that this is not simply a financial transaction. But, it occurs to me that in some cases what might be done to determine the presence of hard encryption is for hardward to attempt to decrypt it for a certain fixed time, and if there's no success with X minutes/hours/milliseconds or whatever, then one assigns a certain probability that said message has been encrypted using something stronger than the International version of Bogus Notes (for instance). But of course, I'm willing to concede that at his point I'm talking completely out of my arse. (That will change when I get time to do some real homework in this area, however.) From: Eugen Leitl [EMAIL PROTECTED] To: Tyler Durden [EMAIL PROTECTED] CC: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: Echelon-like resources... Date: Sun, 13 Oct 2002 13:32:45 +0200 (CEST) On Fri, 11 Oct 2002, Tyler Durden wrote: And indeed, in a world where most messages are fairly weakly encrypted, bursts of strongly-encrypted messages will stand out all the more and possibly flag the need for other methods of investigation. Doesn't figure: while it's easy to screen for high information entropy (archives have a signature), telling weak encryption from strong is nontrivial, unless it's conveniently labeled, and you're limiting the attack to a tiny fraction of the entire traffic, not realtime. And of course you can package 'strong' encryption into a 'weak' encryption envelope, so you will only know that 'strong' encryption has been used after you've broken the 'weak' envelope. _ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx
Re: Echelon-like resources...
On Sun, 13 Oct 2002, Tyler Durden wrote: And of course you can package 'strong' encryption into a 'weak' encryption envelope, so you will only know that 'strong' encryption has been used after you've broken the 'weak' envelope. Oh yeah. Interesting. Of course, this would be done only if the sender knew or supected how mass-scanning might be done. And so the existence of another Come on, do the math. There's a lot of traffic travelling all over the world right now. The volume still grows, albeit not at the projected hyperexponential rate. Assuming you don't tap decentrally (because that amount of hardware is a bit hard to hide, and thus hampered by such silly things like warrants (even rubberstamped), and feds installing boxes in ISPs racks and issuing gagging orders to abovementioned), you use the fact that the network topology is mostly a tree (so make it a mesh, then), and tap high speed lines (fiber). While I assume that there you can screen and filter if it's cleartext with lots of dedicated hardware, you're absolutely screwed if it's even 'weak' encryption. At these data rates you'll have trouble even computing the entropy of the data stream as it streams through your FIFO. Storing all of it is impractical, so you have to restrict yourself to extremely targeted (by source/origin, or the tag, assuming there is one). level of heavier encryption (see next paragraph) might be a tip off that this is not simply a financial transaction. 1) while I haven't done the numbers I would say there's maybe 10-20% of all traffic that is 'weak' encryption vs. 90-80% 'strong' encryption. Even if it's as bad as 50%/50% it is still completely irrelevant. 2) to tell whether there's something inside you have to break it. That's why I consistenly say 'weak' instead of weak. But, it occurs to me that in some cases what might be done to determine the presence of hard encryption is for hardward to attempt to decrypt it for a certain fixed time, and if there's no success with X minutes/hours/milliseconds or whatever, then one assigns a certain Or days, months, years, centuries, or whatever. On several megabucks worth of hardware. probability that said message has been encrypted using something stronger than the International version of Bogus Notes (for instance). But of course, Why should we concern ourselves with users of broken crypto? It's their problem, not ours. Since they're but a fraction, the use of strong crypto all by itself (assuming, you can tell, which is a high threhold) is not incriminating. I'm willing to concede that at his point I'm talking completely out of my arse. (That will change when I get time to do some real homework in this area, however.)
Re: was: Echelon-like resources..
--- Tyler Durden [EMAIL PROTECTED] wrote: Well, you haven't given me a very convincing argument here. In most of his writings, Chomsky makes it clear that the deaths were not due to the bomb, but the loss of medicine (such as penecillin) in Sudan's only pharmecuetical factory. As those who investigated the matter know, and Chomsky did not know, the factory produced chloroquine, which is inexpensive and widely available from many sources. There is no indication that chloroquine is any more expensive or less available than it was. Chomsy and his supposed sources did not know or care what the factory produced, let alone how much it produced, so where does the figure of ten thousand come from? the accusation and conviction were quite damming The list of countries convicted by the world court is for the most part a list of the worlds most free countries and most law abiding governments, and the accusers are, for the most part, a list of the worlds most murderous regimes. you claim Chomsky regularly lies on many of his citations, I would have thought that this at least would be one citation you'd check. If the world court had condemned Pol Pot's Cambodia, then I might have bothered to check. It did not. The world court is run by much the same folk who run the UN human rights commission. Got to say...I'm a busy man, and you haven't even said anything meriting even the investigaion of your dis-chomsky web page. For another example of Chomsky lying in his citations Those who love tyranny and slavery, love the lies and liars that protect it. For another expose of some other lies of Chomsky, see Nathan Folkert's check of various citations given by Chomsky during the Faurisson issue http://groups.google.com/groups?[EMAIL PROTECTED] ogle.com Faith Hill - Exclusive Performances, Videos More http://faith.yahoo.com
Re: was: Echelon-like resources..
Sunder: Yes: The factory was bombed, but actual deaths were one night watchman, not tens of thousands, and he asserted that the Sudanese government are the good guys in the civil war, and their opponents terrorists. James A. Donald: And how many of their citizens have or will die due to lack of those very same pharamceuticals that the bombed factory can no longer produce? Or suffer from disease due to the same? Possibly, but neither you nor Chomsky knew or cared what pharmaceutical the factory produced, whereas I do. Thus my estimates of likely casualties are likely to be better than Chomsky's My point was not that the bombing was OK, but that Chomsky was pulling his facts out of his ass. His initial claim was that tens of thousands were killed directly by the bombing, and he came up with this stuff about shortages of pharmaceuticals only after being challenged on that claim. Faith Hill - Exclusive Performances, Videos More http://faith.yahoo.com
Re: was: Echelon-like resources..
Our bombing of the sudanese pharmacuetical factory? Yes: The factory was bombed, but actual deaths were one night watchman, not tens of thousands, If so, that's gross incompetence on the part of the US military, since the official rationale for why we were cruise-missiling it was that we were trying to kill Osama bin Laden after the bombing of the US embassies that he allegedly masterminded. and he asserted that the Sudanese government are the good guys in the civil war, and their opponents terrorists. Chomsky said that? That's appalling...
Re: Echelon-like resources...
packaging strong crypto inside weak crypto At 01:06 PM 10/13/2002 -0400, Tyler Durden wrote: Oh yeah. Interesting. Of course, this would be done only. if the sender knew or supected how mass-scanning might be done. And so the existence of another level of heavier encryption ... might be a tip off that this is not simply a financial transaction. Back when the Feds were trying to tell us that we should be patriotic loyal Americans and use weak crypto because it helps in the fight against Communism and other spies, they were making it clear that they *wanted* mass-scanning, and were busy lobbying Congress to give them money for it and also trying to get laws forcing phone companies to make things easy for them to do much higher volumes of scanning than the relatively limited amount they do now. Also, financial transactions are the ones that most need strong crypto, and have been most successful in getting permission to use it, because everybody understands that bank robbery is Bad, and credit card theft is Bad, and if banks and internet credit card transactions were forced to use weak crypto, Bad Guys could afford to build cracker machines on spec and pay for them with what they steal. This was especially the case after the EFF's DES cracker demonstrated that $250,000 was enough for a couple-day crack. But the Feds have been letting banks use DES for decades, and triple-DES for a while, and Netscape's inclusion of SSL in their browser was really the beginning of the end for the crypto bans, and a brave move on their part, especially since the difference between 40-bit and 128-bit RC4 is just how many of the bits you use in the key setup. (You may not remember, but there was a program from fortify.net that fixed 40-bit implementations of Netscape, and there was even a one-liner Javascript signature-line program that let you set Netscape to use 128 bits...
Re: Echelon-like resources...
At 10:52 AM -0700 on 10/13/02, Bill Stewart wrote: (You may not remember, but there was a program from fortify.net that fixed 40-bit implementations of Netscape, and there was even a one-liner Javascript signature-line program that let you set Netscape to use 128 bits... Not to mention the plaintext settings imbedded in the Netscape *executable*. ...it took you long enough, said a Netscape cypherpunk at the time of its discovery... Cheers, RAH Who saw them making the t-shirts, with pasted text from the file itself at FC97, complete with cypherpunks policy on it... -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: was: Echelon-like resources..
Tyler Durden As for Chomsky lying, can you give us some specific citations? Did he lie about our support for Sadam Hussein? No Our support for Indonesia? Yes Our bombing of the sudanese pharmacuetical factory? Yes: The factory was bombed, but actual deaths were one night watchman, not tens of thousands, and he asserted that the Sudanese government are the good guys in the civil war, and their opponents terrorists. Or the fact that Nicaruaga brought the US before the world court and won? Perhaps that was true, but pretty much everything else he reported on Nicaragua was a lie, for example that the Sandinistas won free elections, and that the contras were a creation of the US, and that the Sandinistas were more popular than the contras. Granted, Chonskty can be a little tiring on the ears, but my knee-jerk reaction towards your calling him a liar is that you misunderstood the citation. But then again, I could be wrong, so do give us some examples, eh? See my web page Chomsky lies http://www.jim.com/chomsdis.htm Faith Hill - Exclusive Performances, Videos More http://faith.yahoo.com
Re: was: Echelon-like resources..
Yes: The factory was bombed, but actual deaths were one night watchman, not tens of thousands, Well, you haven't given me a very convincing argument here. In most of his writings, Chomsky makes it clear that the deaths were not due to the bomb, but the loss of medicine (such as penecillin) in Sudan's only pharmecuetical factory. Or the fact that Nicaruaga brought the US before the world court and won? Perhaps that was true, Uh...perhaps? That should be a very easy thing to find out, and as the accusation and conviction were quite damming, and as you claim Chomsky regularly lies on many of his citations, I would have thought that this at least would be one citation you'd check. Got to say...I'm a busy man, and you haven't even said anything meriting even the investigaion of your dis-chomsky web page. From: James Donald [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: was: Echelon-like resources.. Date: Sat, 12 Oct 2002 11:57:24 -0700 (PDT) Tyler Durden As for Chomsky lying, can you give us some specific citations? Did he lie about our support for Sadam Hussein? No Our support for Indonesia? Yes Our bombing of the sudanese pharmacuetical factory? Yes: The factory was bombed, but actual deaths were one night watchman, not tens of thousands, and he asserted that the Sudanese government are the good guys in the civil war, and their opponents terrorists. Or the fact that Nicaruaga brought the US before the world court and won? Perhaps that was true, but pretty much everything else he reported on Nicaragua was a lie, for example that the Sandinistas won free elections, and that the contras were a creation of the US, and that the Sandinistas were more popular than the contras. Granted, Chonskty can be a little tiring on the ears, but my knee-jerk reaction towards your calling him a liar is that you misunderstood the citation. But then again, I could be wrong, so do give us some examples, eh? See my web page Chomsky lies http://www.jim.com/chomsdis.htm Faith Hill - Exclusive Performances, Videos More http://faith.yahoo.com _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com
Re: was: Echelon-like resources..
Tyler Durden As for Chomsky lying, can you give us some specific citations? Did he lie about our support for Sadam Hussein? No Our support for Indonesia? Yes Our bombing of the sudanese pharmacuetical factory? Yes: The factory was bombed, but actual deaths were one night watchman, not tens of thousands, and he asserted that the Sudanese government are the good guys in the civil war, and their opponents terrorists. Or the fact that Nicaruaga brought the US before the world court and won? Perhaps that was true, but pretty much everything else he reported on Nicaragua was a lie, for example that the Sandinistas won free elections, and that the contras were a creation of the US, and that the Sandinistas were more popular than the contras. Granted, Chonskty can be a little tiring on the ears, but my knee-jerk reaction towards your calling him a liar is that you misunderstood the citation. But then again, I could be wrong, so do give us some examples, eh? See my web page Chomsky lies http://www.jim.com/chomsdis.htm Faith Hill - Exclusive Performances, Videos More http://faith.yahoo.com
Re: was: Echelon-like resources..
Uh, first of all can we get rid of the part of the subject line that says Durden lies? (Particularly seeing how the quote attributed to me did not originate from me.) As for Chomsky lying, can you give us some specific citations? Did he lie about our support for Sadam Hussein? Our support for Indoesia? Our bombing of the sudanese pharmacuetical factory? Or the fact that Nicaruaga brought the US before the world court and won? Granted, Chonskty can be a little tiring on the ears, but my knee-jerk reaction towards your calling him a liar is that you misunderstood the citation. But then again, I could be wrong, so do give us some examples, eh? From: James Donald [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Durden lies, was: Echelon-like resources.. Date: Fri, 11 Oct 2002 14:11:12 -0700 (PDT) Our overriding purpose, from the beginning through to the present day, has been world domination - that is, to build and maintain the capacity to coerce everybody else on the planet: nonviolently, if possible, and violently, if necessary. But the purpose of US foreign policy of domination is not just to make the rest of the world jump through hoops; the purpose is to faciliate our exploitation of resources. - Ramsey Clark, former US Attorney General From: Trei, Peter [EMAIL PROTECTED] The Sun is an alternative news magazine which has been in print since 1974. It's mammothly unlikely that they would fabricate the interview out of whole cloth, since Clarke would sue for libel and/or defamation. On the contrary, this is standard routine communist behavior. They are always inventing fantastic citations, for example the much quoted Intoxicating Augmentation quote that Karl Marx attributed to Gladstone (then prime minister of England) which generation after generation learned scholars have learnedly cited as evidence that free market capitalism was bad for workers. Since Clarke is a public figure he cannot sue for libel, so he is a good peg to hang such a citation on. If Karl Marx could get away with attributing fantastic citations to the Prime Minister, the sun can certainly get away with attributing them to an attorney general. The enormous flood of such bogus citations make it unlikely that any one of them will be challenged. Look at Chomsky. Every few pages he has a similarly fraudulent citation, and no one ever sues him, even though in some cases one can check the materials he cites, and find that he is lying. Faith Hill - Exclusive Performances, Videos More http://faith.yahoo.com _ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx
Re: Echelon-like resources...
OK, let's assume for the same of argument that it takes about 1 minute for Echelon/NSA-like resources to break a weakly encypted lotus notes message. And then let's assume that there's a whole LOT of these machines sitting somewhere. And as the grumpy Tim May has suggested, perhaps only a small fraction of encrypted messages are (or can be) sent for decryption. Then the expenditure of such resources is going to be a big statistical optimization problem, akin to that faced in the credit card industry (eg, in approving or declining a POS transaction). The gub'mint or whatever doing such monitoring will therefore probably look for certain signs that will kick off decryption. For instance, the sporadic use of cryptography in cetain demogrpahic areas might cause a % of those to be sent over for routine check, particularly if there is no encryption used by that populace, and then all of a sudden there are bursts. Also, changing the strength of encryption might be a kickoff, but again I reveal I am a newbie with this question: Is it possible to determine (at least approximately) the strength of encryption of an intercepted message? Then, if someone from, say, the b'Arbes neighborhood of Paris moves suddenly from weak to strong encryption in his messaging, that would kick off a flag somewhere sending that message for cracking. So if a bin Laden were smart, he should routinely use encryption for all of his messages, even the most trivial, because the change in pattern would be a tipoff to send his encrypted messages for hacking. And the there are probably less obvious, large-scale statistical patterns indicating something's up, and causing a % of such messages to be hacked and then sent for routine check for key words. From: Adam Back [EMAIL PROTECTED] To: Tyler Durden [EMAIL PROTECTED] CC: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: Echelon-like... Date: Thu, 10 Oct 2002 20:41:21 +0100 Sounds about right. 64 bit crypto in the strong version (which is not that strong -- the distributed.net challenge recently broke a 64 bit key), and in the export version 24 of those 64 bits were encrypted with an NSA backdoor key, leaving only 40 bits of key space for the NSA to bruteforce to recover messages. The NSA's backdoor public key is at the URL below. http://www.cypherspace.org/~adam/hacks/lotus-nsa-key.html (The public key had an Organization name of MiniTruth, and a Common Name of Big Brother -- both Orwell 1984 references, presumably by a lotus programmer). Adam On Thu, Oct 10, 2002 at 02:34:38PM -0400, Tyler Durden wrote: I assume everyone knows the little arrangement that lotus reached with the NSA over its encrypted secure email? I'm new here, so do tell if I am wrong. Are you referring to the two levels of Encryption available in Bogus Notes? (ie, the North American and the International, the International being legal for export.) At one of my previous employers, we were told the (apocryphal?) story of some dude who got arrested on an airplane for having the more secure version of Notes on his laptop. From: David Howe [EMAIL PROTECTED] To: Email List: Cypherpunks [EMAIL PROTECTED] Subject: Re: Echelon-like... Date: Thu, 10 Oct 2002 18:38:36 +0100 On Wednesday, October 9, 2002, at 07:28 PM, anonimo arancio wrote: The basic argument is that, if good encryption is available overseas or easily downloadable, it doesn't make sense to make export of it illegal. Nope. The biggest name in software right now is Microsoft, who wasn't willing to face down the government on this. no export version of a Microsoft product had decent crypto while the export regulations were in force - and the situation is pretty poor even now. If microsoft were free to compete in this area (and lotus, of notes fame) then decent security *built into* the operating system, the desktop document suite or the email package - and life would get a lot, lot worse for the spooks. I assume everyone knows the little arrangement that lotus reached with the NSA over its encrypted secure email? _ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx
Re: Echelon-like resources...
Why the hell would anyone use lotus notes encryption for anything whatsoever? On Fri, Oct 11, 2002 at 09:37:52AM -0400, Tyler Durden wrote: OK, let's assume for the same of argument that it takes about 1 minute for Echelon/NSA-like resources to break a weakly encypted lotus notes message. And then let's assume that there's a whole LOT of these machines sitting somewhere. And as the grumpy Tim May has suggested, perhaps only a small fraction of encrypted messages are (or can be) sent for decryption. Then the expenditure of such resources is going to be a big statistical optimization problem, akin to that faced in the credit card industry (eg, in approving or declining a POS transaction). The gub'mint or whatever doing such monitoring will therefore probably look for certain signs that will kick off decryption. For instance, the sporadic use of cryptography in cetain demogrpahic areas might cause a % of those to be sent over for routine check, particularly if there is no encryption used by that populace, and then all of a sudden there are bursts. Also, changing the strength of encryption might be a kickoff, but again I reveal I am a newbie with this question: Is it possible to determine (at least approximately) the strength of encryption of an intercepted message? Then, if someone from, say, the b'Arbes neighborhood of Paris moves suddenly from weak to strong encryption in his messaging, that would kick off a flag somewhere sending that message for cracking. So if a bin Laden were smart, he should routinely use encryption for all of his messages, even the most trivial, because the change in pattern would be a tipoff to send his encrypted messages for hacking. And the there are probably less obvious, large-scale statistical patterns indicating something's up, and causing a % of such messages to be hacked and then sent for routine check for key words. From: Adam Back [EMAIL PROTECTED] To: Tyler Durden [EMAIL PROTECTED] CC: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: Echelon-like... Date: Thu, 10 Oct 2002 20:41:21 +0100 Sounds about right. 64 bit crypto in the strong version (which is not that strong -- the distributed.net challenge recently broke a 64 bit key), and in the export version 24 of those 64 bits were encrypted with an NSA backdoor key, leaving only 40 bits of key space for the NSA to bruteforce to recover messages. The NSA's backdoor public key is at the URL below. http://www.cypherspace.org/~adam/hacks/lotus-nsa-key.html (The public key had an Organization name of MiniTruth, and a Common Name of Big Brother -- both Orwell 1984 references, presumably by a lotus programmer). Adam On Thu, Oct 10, 2002 at 02:34:38PM -0400, Tyler Durden wrote: I assume everyone knows the little arrangement that lotus reached with the NSA over its encrypted secure email? I'm new here, so do tell if I am wrong. Are you referring to the two levels of Encryption available in Bogus Notes? (ie, the North American and the International, the International being legal for export.) At one of my previous employers, we were told the (apocryphal?) story of some dude who got arrested on an airplane for having the more secure version of Notes on his laptop. From: David Howe [EMAIL PROTECTED] To: Email List: Cypherpunks [EMAIL PROTECTED] Subject: Re: Echelon-like... Date: Thu, 10 Oct 2002 18:38:36 +0100 On Wednesday, October 9, 2002, at 07:28 PM, anonimo arancio wrote: The basic argument is that, if good encryption is available overseas or easily downloadable, it doesn't make sense to make export of it illegal. Nope. The biggest name in software right now is Microsoft, who wasn't willing to face down the government on this. no export version of a Microsoft product had decent crypto while the export regulations were in force - and the situation is pretty poor even now. If microsoft were free to compete in this area (and lotus, of notes fame) then decent security *built into* the operating system, the desktop document suite or the email package - and life would get a lot, lot worse for the spooks. I assume everyone knows the little arrangement that lotus reached with the NSA over its encrypted secure email? _ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx -- Harmon Seaver CyberShamanix http://www.cybershamanix.com War is just a racket ... something that is not what it seems to the majority of people. Only a small group knows what its about. It is conducted for the benefit of the very few at the expense of the masses. --- Major General Smedley Butler, 1933 Our overriding purpose, from the beginning through to the present day, has been world domination - that is, to build and maintain the capacity to coerce
Re: Echelon-like resources...
Harmon Seaver wrote... Why the hell would anyone use lotus notes encryption for anything whatsoever? Lotus Notes or whatever, of course. The point here is that larger organizations with decryption capabilities probably do not think on the message-by-message level very often, just like credit card companies and insurance agencies deal with their customers in statistical buckets. It's also conceivable that a large variety of individuals, of varying levels of sophistication and education, catch wind of information the government may be interested in. Some of them may not feel or know that their message is of enough importance to go outside ofLotus Notes or whatever if they have it. On Fri, Oct 11, 2002 at 09:37:52AM -0400, Tyler Durden wrote: OK, let's assume for the same of argument that it takes about 1 minute for Echelon/NSA-like resources to break a weakly encypted lotus notes message. And then let's assume that there's a whole LOT of these machines sitting somewhere. And as the grumpy Tim May has suggested, perhaps only a small fraction of encrypted messages are (or can be) sent for decryption. Then the expenditure of such resources is going to be a big statistical optimization problem, akin to that faced in the credit card industry (eg, in approving or declining a POS transaction). The gub'mint or whatever doing such monitoring will therefore probably look for certain signs that will kick off decryption. For instance, the sporadic use of cryptography in cetain demogrpahic areas might cause a % of those to be sent over for routine check, particularly if there is no encryption used by that populace, and then all of a sudden there are bursts. Also, changing the strength of encryption might be a kickoff, but again I reveal I am a newbie with this question: Is it possible to determine (at least approximately) the strength of encryption of an intercepted message? Then, if someone from, say, the b'Arbes neighborhood of Paris moves suddenly from weak to strong encryption in his messaging, that would kick off a flag somewhere sending that message for cracking. So if a bin Laden were smart, he should routinely use encryption for all of his messages, even the most trivial, because the change in pattern would be a tipoff to send his encrypted messages for hacking. And the there are probably less obvious, large-scale statistical patterns indicating something's up, and causing a % of such messages to be hacked and then sent for routine check for key words. From: Adam Back [EMAIL PROTECTED] To: Tyler Durden [EMAIL PROTECTED] CC: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: Echelon-like... Date: Thu, 10 Oct 2002 20:41:21 +0100 Sounds about right. 64 bit crypto in the strong version (which is not that strong -- the distributed.net challenge recently broke a 64 bit key), and in the export version 24 of those 64 bits were encrypted with an NSA backdoor key, leaving only 40 bits of key space for the NSA to bruteforce to recover messages. The NSA's backdoor public key is at the URL below. http://www.cypherspace.org/~adam/hacks/lotus-nsa-key.html (The public key had an Organization name of MiniTruth, and a Common Name of Big Brother -- both Orwell 1984 references, presumably by a lotus programmer). Adam On Thu, Oct 10, 2002 at 02:34:38PM -0400, Tyler Durden wrote: I assume everyone knows the little arrangement that lotus reached with the NSA over its encrypted secure email? I'm new here, so do tell if I am wrong. Are you referring to the two levels of Encryption available in Bogus Notes? (ie, the North American and the International, the International being legal for export.) At one of my previous employers, we were told the (apocryphal?) story of some dude who got arrested on an airplane for having the more secure version of Notes on his laptop. From: David Howe [EMAIL PROTECTED] To: Email List: Cypherpunks [EMAIL PROTECTED] Subject: Re: Echelon-like... Date: Thu, 10 Oct 2002 18:38:36 +0100 On Wednesday, October 9, 2002, at 07:28 PM, anonimo arancio wrote: The basic argument is that, if good encryption is available overseas or easily downloadable, it doesn't make sense to make export of it illegal. Nope. The biggest name in software right now is Microsoft, who wasn't willing to face down the government on this. no export version of a Microsoft product had decent crypto while the export regulations were in force - and the situation is pretty poor even now. If microsoft were free to compete in this area (and lotus, of notes fame) then decent security *built into* the operating system, the desktop document suite or the email package - and life would get a lot, lot worse for the spooks. I assume everyone knows the little arrangement that lotus
Re: Echelon-like resources...
On Fri, Oct 11, 2002 at 10:29:53AM -0400, Tyler Durden wrote: Harmon Seaver wrote... Why the hell would anyone use lotus notes encryption for anything whatsoever? Lotus Notes or whatever, of course. The point here is that larger Or whatever? What makes you think that anyone can crack any of the strong encryption? -- Harmon Seaver CyberShamanix http://www.cybershamanix.com War is just a racket ... something that is not what it seems to the majority of people. Only a small group knows what its about. It is conducted for the benefit of the very few at the expense of the masses. --- Major General Smedley Butler, 1933 Our overriding purpose, from the beginning through to the present day, has been world domination - that is, to build and maintain the capacity to coerce everybody else on the planet: nonviolently, if possible, and violently, if necessary. But the purpose of US foreign policy of domination is not just to make the rest of the world jump through hoops; the purpose is to faciliate our exploitation of resources. - Ramsey Clark, former US Attorney General
Re: Echelon-like resources...
Or whatever? What makes you think that anyone can crack any of the strong encryption? I don't think they can. But your point seems to miss my own point. There will certainly be a certain number of uncrackable mesages out there (as a trained physicist I am fairly certain that even military quantum computing efforts are nowhere near theability to crack strongly encrypted messages). But there will also be a large number of less-strongly and even weakly encrypted messages being sent out there. Various agencies with large amounts of hardware will be looking at this as a statisitcal/logistic issue...I strongly doubt they only attempt cracking on a message-by-message basis. And indeed, in a world where most messages are fairly weakly encrypted, bursts of strongly-encrypted messages will stand out all the more and possibly flag the need for other methods of investigation. Which returns to my original point: the easy availability of strong crypto products does not mean it is unprofitable for an agency to continue to push populations towards lighter forms of encryption. From: Harmon Seaver [EMAIL PROTECTED] To: Tyler Durden [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Echelon-like resources... Date: Fri, 11 Oct 2002 09:39:01 -0500 On Fri, Oct 11, 2002 at 10:29:53AM -0400, Tyler Durden wrote: Harmon Seaver wrote... Why the hell would anyone use lotus notes encryption for anything whatsoever? Lotus Notes or whatever, of course. The point here is that larger Or whatever? What makes you think that anyone can crack any of the strong encryption? -- Harmon Seaver CyberShamanix http://www.cybershamanix.com War is just a racket ... something that is not what it seems to the majority of people. Only a small group knows what its about. It is conducted for the benefit of the very few at the expense of the masses. --- Major General Smedley Butler, 1933 Our overriding purpose, from the beginning through to the present day, has been world domination - that is, to build and maintain the capacity to coerce everybody else on the planet: nonviolently, if possible, and violently, if necessary. But the purpose of US foreign policy of domination is not just to make the rest of the world jump through hoops; the purpose is to faciliate our exploitation of resources. - Ramsey Clark, former US Attorney General _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com
Re: Echelon-like resources...
At 10:54 AM 10/11/2002 -0400, Tyler Durden wrote: Which returns to my original point: the easy availability of strong crypto products does not mean it is unprofitable for an agency to continue to push populations towards lighter forms of encryption. Assuming that the agency's goal is to maximize surveillance returns and that they're unconcerned with security generally, yes, you're right. So? -- Greg Broiles -- [EMAIL PROTECTED] -- PGP 0x26E4488c or 0x94245961
Re: Durden lies, was: Echelon-like resources...
Yo! I didn't write anything of the kind. Actually, this post mystifies me...even had I posted those quotations, as scary as they may be, I don't understand Anonymous' reaction to them (waitaminute...maybe I do understand...it's interesting to consider that the sender seems to have gone to some trouble to remain anonymous for a relatively banal post). As for the point, as a newbie here (I was an optical network engineer from 95 to recently, now on $$$-street), I wanted to raise the issue that looking at the crytpography issue statistically may yield conclusions that contradict a more linear, message-by-message examination of certain issues. For instance, I would be interested to see a response from the powers that be, if a credible grass-roots push were made to encourage everyone, from children to senior citizens, to use a lite form of cryptography (yes, such as in Lotus Notes) on EVERY message they sent. Or perhaps you've all discussed this before, but the responses I've seen so far don't indicate that. From: Anonymous [EMAIL PROTECTED] To: Tyler Durden [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Durden lies, was: Echelon-like resources... Date: Fri, 11 Oct 2002 18:33:46 +0200 (CEST) On Fri, 11 Oct 2002 10:29:53 -0400, you wrote: War is just a racket ... something that is not what it seems to the majority of people. Only a small group knows what its about. It is conducted for the benefit of the very few at the expense of the masses. --- Major General Smedley Butler, 1933 Our overriding purpose, from the beginning through to the present day, has been world domination - that is, to build and maintain the capacity to coerce everybody else on the planet: nonviolently, if possible, and violently, if necessary. But the purpose of US foreign policy of domination is not just to make the rest of the world jump through hoops; the purpose is to faciliate our exploitation of resources. - Ramsey Clark, former US Attorney General Is there some reason you want to publish these bogus, uncitationed, false, propaganda quotations? Just adding to misinformation? Preferring to further downgrade the public discourse? Planting lies for subsequent citation as proof of something? What an asshole. _ Send and receive Hotmail on your mobile device: http://mobile.msn.com
Durden lies, was: Echelon-like resources...
On Fri, 11 Oct 2002 10:29:53 -0400, you wrote: War is just a racket ... something that is not what it seems to the majority of people. Only a small group knows what its about. It is conducted for the benefit of the very few at the expense of the masses. --- Major General Smedley Butler, 1933 Our overriding purpose, from the beginning through to the present day, has been world domination - that is, to build and maintain the capacity to coerce everybody else on the planet: nonviolently, if possible, and violently, if necessary. But the purpose of US foreign policy of domination is not just to make the rest of the world jump through hoops; the purpose is to faciliate our exploitation of resources. - Ramsey Clark, former US Attorney General Is there some reason you want to publish these bogus, uncitationed, false, propaganda quotations? Just adding to misinformation? Preferring to further downgrade the public discourse? Planting lies for subsequent citation as proof of something? What an asshole.
Re: Durden lies, was: Echelon-like resources...
Here's the cite for the Ramsey Clark quote. On Fri, Oct 11, 2002 at 06:33:46PM +0200, Anonymous wrote: On Fri, 11 Oct 2002 10:29:53 -0400, you wrote: War is just a racket ... something that is not what it seems to the majority of people. Only a small group knows what its about. It is conducted for the benefit of the very few at the expense of the masses. --- Major General Smedley Butler, 1933 Our overriding purpose, from the beginning through to the present day, has been world domination - that is, to build and maintain the capacity to coerce everybody else on the planet: nonviolently, if possible, and violently, if necessary. But the purpose of US foreign policy of domination is not just to make the rest of the world jump through hoops; the purpose is to faciliate our exploitation of resources. - Ramsey Clark, former US Attorney General Is there some reason you want to publish these bogus, uncitationed, false, propaganda quotations? Just adding to misinformation? Preferring to further downgrade the public discourse? Planting lies for subsequent citation as proof of something? What an asshole. -- Harmon Seaver CyberShamanix http://www.cybershamanix.com War is just a racket ... something that is not what it seems to the majority of people. Only a small group knows what its about. It is conducted for the benefit of the very few at the expense of the masses. --- Major General Smedley Butler, 1933 Our overriding purpose, from the beginning through to the present day, has been world domination - that is, to build and maintain the capacity to coerce everybody else on the planet: nonviolently, if possible, and violently, if necessary. But the purpose of US foreign policy of domination is not just to make the rest of the world jump through hoops; the purpose is to faciliate our exploitation of resources. - Ramsey Clark, former US Attorney General http://www.thesunmagazine.org/bully.html
RE: Durden lies, was: Echelon-like resources...
Anonymous wrote: From: Anonymous [EMAIL PROTECTED] To: Tyler Durden [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Durden lies, was: Echelon-like resources... Date: Fri, 11 Oct 2002 18:33:46 +0200 (CEST) On Fri, 11 Oct 2002 10:29:53 -0400, you wrote: War is just a racket ... something that is not what it seems to the majority of people. Only a small group knows what its about. It is conducted for the benefit of the very few at the expense of the masses. --- Major General Smedley Butler, 1933 Our overriding purpose, from the beginning through to the present day, has been world domination - that is, to build and maintain the capacity to coerce everybody else on the planet: nonviolently, if possible, and violently, if necessary. But the purpose of US foreign policy of domination is not just to make the rest of the world jump through hoops; the purpose is to faciliate our exploitation of resources. - Ramsey Clark, former US Attorney General Is there some reason you want to publish these bogus, uncitationed, false, propaganda quotations? Just adding to misinformation? Preferring to further downgrade the public discourse? Planting lies for subsequent citation as proof of something? What an asshole. Anonymous had better learn to read, or at least quote email correctly. The signature quotations were not posted by Durden, but by Harmon Seaver. I too found them astonishing, but unlike anonymous, I try to check things out before calling foul. Anon should learn to use Google. Ramsey: http://www.thesunmagazine.org/bully.html The Sun is an alternative news magazine which has been in print since 1974. It's mammothly unlikely that they would fabricate the interview out of whole cloth, since Clarke would sue for libel and/or defamation. Butler: Numerous sources. Butler certainly existed; Amazon has at least two biographies available, and one of them has a sample page image refering to his 1935 book 'War is a Racket', titled after the 1933 speech. Part of the speech can be found here: http://www.fas.org/man/smedley.htm 5 chapters of the book can be found here: http://www.lexrex.com/enlightened/articles/warisaracket.htm If anonymous were a person of character he/she/it would apologize, first to Tyler Durden, for misquoting, and second to Harmon Seaver, but accusing him of lying. Peter Trei
Re: Durden lies, was: Echelon-like resources...
You have to realize that there are any number of fedzis who subscribe to this list, it's a well authenticated fact, matter of court testimony. And fedzis aren't noted for brains, or even being able to read, which is why he attacked you instead of me. And of course most fedzis positively foam at the mouth when hearing the truth being spoken, thus the rabid nature of his spewing. -- Harmon Seaver CyberShamanix http://www.cybershamanix.com War is just a racket ... something that is not what it seems to the majority of people. Only a small group knows what its about. It is conducted for the benefit of the very few at the expense of the masses. --- Major General Smedley Butler, 1933 Our overriding purpose, from the beginning through to the present day, has been world domination - that is, to build and maintain the capacity to coerce everybody else on the planet: nonviolently, if possible, and violently, if necessary. But the purpose of US foreign policy of domination is not just to make the rest of the world jump through hoops; the purpose is to faciliate our exploitation of resources. - Ramsey Clark, former US Attorney General http://www.thesunmagazine.org/bully.html
Re: Durden lies, was: Echelon-like resources...
On Friday 11 October 2002 14:13, Trei, Peter wrote: If anonymous were a person of character... Oxymoron, eh? Pseudonymity has many socially acceptable features. Anonymity has all of the practical benefits of pseudonymity and no additional advantages in a conversational forum such as cpunks. Anonymous persons (or dumbassbots; it's hard to tell sometimes) who snipe from behind the veil may be assumed to be cowardly jackasses. -- Steve FurlongComputer Condottiere Have GNU, Will Travel Vote Idiotarian --- it's easier than thinking
Re: Durden lies, was: Echelon-like resources..
Our overriding purpose, from the beginning through to the present day, has been world domination - that is, to build and maintain the capacity to coerce everybody else on the planet: nonviolently, if possible, and violently, if necessary. But the purpose of US foreign policy of domination is not just to make the rest of the world jump through hoops; the purpose is to faciliate our exploitation of resources. - Ramsey Clark, former US Attorney General From: Trei, Peter [EMAIL PROTECTED] The Sun is an alternative news magazine which has been in print since 1974. It's mammothly unlikely that they would fabricate the interview out of whole cloth, since Clarke would sue for libel and/or defamation. On the contrary, this is standard routine communist behavior. They are always inventing fantastic citations, for example the much quoted Intoxicating Augmentation quote that Karl Marx attributed to Gladstone (then prime minister of England) which generation after generation learned scholars have learnedly cited as evidence that free market capitalism was bad for workers. Since Clarke is a public figure he cannot sue for libel, so he is a good peg to hang such a citation on. If Karl Marx could get away with attributing fantastic citations to the Prime Minister, the sun can certainly get away with attributing them to an attorney general. The enormous flood of such bogus citations make it unlikely that any one of them will be challenged. Look at Chomsky. Every few pages he has a similarly fraudulent citation, and no one ever sues him, even though in some cases one can check the materials he cites, and find that he is lying. Faith Hill - Exclusive Performances, Videos More http://faith.yahoo.com
Re: Durden lies, was: Echelon-like resources...
At 06:33 PM 10/11/2002 +0200, Anonymous [EMAIL PROTECTED] wrote: On Fri, 11 Oct 2002 10:29:53 -0400, you wrote: War is just a racket ... something that is not what it seems to the majority of people. Only a small group knows what its about. It is conducted for the benefit of the very few at the expense of the masses. --- Major General Smedley Butler, 1933 Our overriding purpose, from the beginning through to the present day, has been world domination - that is, to build and maintain the capacity to coerce everybody else on the planet: nonviolently, if possible, and violently, if necessary. But the purpose of US foreign policy of domination is not just to make the rest of the world jump through hoops; the purpose is to faciliate our exploitation of resources. - Ramsey Clark, former US Attorney General Is there some reason you want to publish these bogus, uncitationed, false, propaganda quotations? Just adding to misinformation? Preferring to further downgrade the public discourse? Planting lies for subsequent citation as proof of something? What an asshole. In War Is A Racket, Butler argued for a powerful navy, but one prohibited from traveling more than 200 miles from the U.S. coastline. Military aircraft could travel no more than 500 miles from the U.S. coast, and the army would be prohibited from leaving the United States. Butler also proposed that all workers in defense industries, from the lowest laborer to the highest executive, be limited to $30 a month, the same wage as the lads in the trenches get. He also proposed that a declaration of war should be passed by a plebiscite in which only those subject to conscription would be eligible to vote. There are many references to the Butler quote although I can't find a citation which gives the event(s) from which the speech occurred. I'll keep looking. BTW Butler was a very interesting , colorful and it seems key fellow in American history. But for his political and economic naivete a coup d'itat intended to remove President Franklin D. Roosevelt from office in 1934 might have succeeded. Bummer! War is just a racket ... something that is not what it seems to the majority of people. Only a small group knows what its about. It is conducted for the benefit of the very few at the expense of the masses. --- Major General Smedley Butler, 1933
Re: Durden lies, was: Echelon-like resources..
At 02:11 PM 10/11/2002 -0700, James Donald wrote: Our overriding purpose, from the beginning through to the present day, has been world domination - . Ramsey Clark, former US Attorney General From: Trei, Peter [EMAIL PROTECTED] The Sun is an alternative news magazine which has been in print since 1974. It's mammothly unlikely that they would fabricate the interview out of whole cloth, since Clarke would sue for libel and/or defamation. On the contrary, this is standard routine communist behavior. They are always inventing fantastic citations, [...] But that's just the kind of thing Ramsey Clark would say. Not Ramsey Clark in his position as spokescritter for the military-industrial complex explaining how great the US is, but Ramsey Clark the well-known leftist critic of US policy describing what he thinks US policy has been. As opposed to Linus Torvalds's followers talking about their objectives for World Domination :-)
Re: Echelon-like resources...
On Fri, Oct 11, 2002 at 10:29:53AM -0400, Tyler Durden wrote: Harmon Seaver wrote... Why the hell would anyone use lotus notes encryption for anything whatsoever? Lotus Notes or whatever, of course. The point here is that larger Or whatever? What makes you think that anyone can crack any of the strong encryption? -- Harmon Seaver CyberShamanix http://www.cybershamanix.com War is just a racket ... something that is not what it seems to the majority of people. Only a small group knows what its about. It is conducted for the benefit of the very few at the expense of the masses. --- Major General Smedley Butler, 1933 Our overriding purpose, from the beginning through to the present day, has been world domination - that is, to build and maintain the capacity to coerce everybody else on the planet: nonviolently, if possible, and violently, if necessary. But the purpose of US foreign policy of domination is not just to make the rest of the world jump through hoops; the purpose is to faciliate our exploitation of resources. - Ramsey Clark, former US Attorney General
Re: Echelon-like resources...
Harmon Seaver wrote... Why the hell would anyone use lotus notes encryption for anything whatsoever? Lotus Notes or whatever, of course. The point here is that larger organizations with decryption capabilities probably do not think on the message-by-message level very often, just like credit card companies and insurance agencies deal with their customers in statistical buckets. It's also conceivable that a large variety of individuals, of varying levels of sophistication and education, catch wind of information the government may be interested in. Some of them may not feel or know that their message is of enough importance to go outside ofLotus Notes or whatever if they have it. On Fri, Oct 11, 2002 at 09:37:52AM -0400, Tyler Durden wrote: OK, let's assume for the same of argument that it takes about 1 minute for Echelon/NSA-like resources to break a weakly encypted lotus notes message. And then let's assume that there's a whole LOT of these machines sitting somewhere. And as the grumpy Tim May has suggested, perhaps only a small fraction of encrypted messages are (or can be) sent for decryption. Then the expenditure of such resources is going to be a big statistical optimization problem, akin to that faced in the credit card industry (eg, in approving or declining a POS transaction). The gub'mint or whatever doing such monitoring will therefore probably look for certain signs that will kick off decryption. For instance, the sporadic use of cryptography in cetain demogrpahic areas might cause a % of those to be sent over for routine check, particularly if there is no encryption used by that populace, and then all of a sudden there are bursts. Also, changing the strength of encryption might be a kickoff, but again I reveal I am a newbie with this question: Is it possible to determine (at least approximately) the strength of encryption of an intercepted message? Then, if someone from, say, the b'Arbes neighborhood of Paris moves suddenly from weak to strong encryption in his messaging, that would kick off a flag somewhere sending that message for cracking. So if a bin Laden were smart, he should routinely use encryption for all of his messages, even the most trivial, because the change in pattern would be a tipoff to send his encrypted messages for hacking. And the there are probably less obvious, large-scale statistical patterns indicating something's up, and causing a % of such messages to be hacked and then sent for routine check for key words. From: Adam Back [EMAIL PROTECTED] To: Tyler Durden [EMAIL PROTECTED] CC: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: Echelon-like... Date: Thu, 10 Oct 2002 20:41:21 +0100 Sounds about right. 64 bit crypto in the strong version (which is not that strong -- the distributed.net challenge recently broke a 64 bit key), and in the export version 24 of those 64 bits were encrypted with an NSA backdoor key, leaving only 40 bits of key space for the NSA to bruteforce to recover messages. The NSA's backdoor public key is at the URL below. http://www.cypherspace.org/~adam/hacks/lotus-nsa-key.html (The public key had an Organization name of MiniTruth, and a Common Name of Big Brother -- both Orwell 1984 references, presumably by a lotus programmer). Adam On Thu, Oct 10, 2002 at 02:34:38PM -0400, Tyler Durden wrote: I assume everyone knows the little arrangement that lotus reached with the NSA over its encrypted secure email? I'm new here, so do tell if I am wrong. Are you referring to the two levels of Encryption available in Bogus Notes? (ie, the North American and the International, the International being legal for export.) At one of my previous employers, we were told the (apocryphal?) story of some dude who got arrested on an airplane for having the more secure version of Notes on his laptop. From: David Howe [EMAIL PROTECTED] To: Email List: Cypherpunks [EMAIL PROTECTED] Subject: Re: Echelon-like... Date: Thu, 10 Oct 2002 18:38:36 +0100 On Wednesday, October 9, 2002, at 07:28 PM, anonimo arancio wrote: The basic argument is that, if good encryption is available overseas or easily downloadable, it doesn't make sense to make export of it illegal. Nope. The biggest name in software right now is Microsoft, who wasn't willing to face down the government on this. no export version of a Microsoft product had decent crypto while the export regulations were in force - and the situation is pretty poor even now. If microsoft were free to compete in this area (and lotus, of notes fame) then decent security *built into* the operating system, the desktop document suite or the email package - and life would get a lot, lot worse for the spooks. I assume everyone knows the little arrangement that lotus
Re: Echelon-like...
Trei, Peter [EMAIL PROTECTED] wrote: It was Sweden. They didn't really have an excuse - over a year earlier, Lotus announced their International version with details of the Work Factor Reduction Field at the RSA Conference. I immediately invented the term 'espionage enabled' to describe this feature, a term which has entered the crypto lexicon. Indeed so, yes - If my memory isn't failing me though, their excuse was that the lotus salesdroid they had awarded the contract to hadn't disclosed it to them in his bid and in fact, the original tender had specified *secure* encryption, not *secure, except for the american spy industry*. I don't know enough sweedish to even attempt a google on it though :)
RE: Echelon-like...
David Howe[SMTP:[EMAIL PROTECTED]] I assume everyone knows the little arrangement that lotus reached with the NSA over its encrypted secure email? I'm new here, so do tell if I am wrong. Are you referring to the two levels of Encryption available in Bogus Notes? More or less, yes. Lotus knew nobody would buy a 40 bit version of their crypto, so there is a two-level encryption all right, but not along those lines - in the export version, some of the session key is encrypted using a PKI work reduction factor key in the message header; this section of header is important, as lotus gateways won't accept messages that have had it disturbed. by decoding this block, the NSA have the actual keysize they need to block reduced to the legal export level of 40 bits; one government found this out *after* rolling it out to all their billing and contract negotiation departments... belgum or sweden by memory . Lotus thought it would be ok if only the NSA (and other US government orgs) could break the key, rather than letting everyone have an equal chance (and indeed, letting their customers know their crypto was still only 40 bit vs USA intel agencies) Still, even the domestic version was only 64 bits, which is painfully small even by the standards of the day. certainly, even strong lotus could have been crackable by the NSA, who after all own their own fab plant to make custom VLSI cracking chips. It was Sweden. They didn't really have an excuse - over a year earlier, Lotus announced their International version with details of the Work Factor Reduction Field at the RSA Conference. I immediately invented the term 'espionage enabled' to describe this feature, a term which has entered the crypto lexicon. Peter Trei
Re: Echelon-like...
So as a follow on question...what kind of hardware does it take to break the weak and strong versions of Bogus Notes? Is it possible that NSA or Echelon have the ability to decode a large number of such messages? And if the amount of hardware needed to break the strong version is significantly greater than that required to break the weak version, then the government's attempts to restrict any proliferation or use of the stronger version could make sense, from their standpoint. But as was said before, this may have been discussed here previously. From: David Howe [EMAIL PROTECTED] To: Email List: Cypherpunks [EMAIL PROTECTED] Subject: Re: Echelon-like... Date: Thu, 10 Oct 2002 20:01:12 +0100 I assume everyone knows the little arrangement that lotus reached with the NSA over its encrypted secure email? I'm new here, so do tell if I am wrong. Are you referring to the two levels of Encryption available in Bogus Notes? More or less, yes. Lotus knew nobody would buy a 40 bit version of their crypto, so there is a two-level encryption all right, but not along those lines - in the export version, some of the session key is encrypted using a PKI work reduction factor key in the message header; this section of header is important, as lotus gateways won't accept messages that have had it disturbed. by decoding this block, the NSA have the actual keysize they need to block reduced to the legal export level of 40 bits; one government found this out *after* rolling it out to all their billing and contract negotiation departments... belgum or sweden by memory . Lotus thought it would be ok if only the NSA (and other US government orgs) could break the key, rather than letting everyone have an equal chance (and indeed, letting their customers know their crypto was still only 40 bit vs USA intel agencies) Still, even the domestic version was only 64 bits, which is painfully small even by the standards of the day. certainly, even strong lotus could have been crackable by the NSA, who after all own their own fab plant to make custom VLSI cracking chips. _ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx
Re: Echelon-like resources...
Or whatever? What makes you think that anyone can crack any of the strong encryption? I don't think they can. But your point seems to miss my own point. There will certainly be a certain number of uncrackable mesages out there (as a trained physicist I am fairly certain that even military quantum computing efforts are nowhere near theability to crack strongly encrypted messages). But there will also be a large number of less-strongly and even weakly encrypted messages being sent out there. Various agencies with large amounts of hardware will be looking at this as a statisitcal/logistic issue...I strongly doubt they only attempt cracking on a message-by-message basis. And indeed, in a world where most messages are fairly weakly encrypted, bursts of strongly-encrypted messages will stand out all the more and possibly flag the need for other methods of investigation. Which returns to my original point: the easy availability of strong crypto products does not mean it is unprofitable for an agency to continue to push populations towards lighter forms of encryption. From: Harmon Seaver [EMAIL PROTECTED] To: Tyler Durden [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Echelon-like resources... Date: Fri, 11 Oct 2002 09:39:01 -0500 On Fri, Oct 11, 2002 at 10:29:53AM -0400, Tyler Durden wrote: Harmon Seaver wrote... Why the hell would anyone use lotus notes encryption for anything whatsoever? Lotus Notes or whatever, of course. The point here is that larger Or whatever? What makes you think that anyone can crack any of the strong encryption? -- Harmon Seaver CyberShamanix http://www.cybershamanix.com War is just a racket ... something that is not what it seems to the majority of people. Only a small group knows what its about. It is conducted for the benefit of the very few at the expense of the masses. --- Major General Smedley Butler, 1933 Our overriding purpose, from the beginning through to the present day, has been world domination - that is, to build and maintain the capacity to coerce everybody else on the planet: nonviolently, if possible, and violently, if necessary. But the purpose of US foreign policy of domination is not just to make the rest of the world jump through hoops; the purpose is to faciliate our exploitation of resources. - Ramsey Clark, former US Attorney General _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com
Re: Echelon-like...
Sounds about right. 64 bit crypto in the strong version (which is not that strong -- the distributed.net challenge recently broke a 64 bit key), and in the export version 24 of those 64 bits were encrypted with an NSA backdoor key, leaving only 40 bits of key space for the NSA to bruteforce to recover messages. The NSA's backdoor public key is at the URL below. http://www.cypherspace.org/~adam/hacks/lotus-nsa-key.html (The public key had an Organization name of MiniTruth, and a Common Name of Big Brother -- both Orwell 1984 references, presumably by a lotus programmer). Adam On Thu, Oct 10, 2002 at 02:34:38PM -0400, Tyler Durden wrote: I assume everyone knows the little arrangement that lotus reached with the NSA over its encrypted secure email? I'm new here, so do tell if I am wrong. Are you referring to the two levels of Encryption available in Bogus Notes? (ie, the North American and the International, the International being legal for export.) At one of my previous employers, we were told the (apocryphal?) story of some dude who got arrested on an airplane for having the more secure version of Notes on his laptop. From: David Howe [EMAIL PROTECTED] To: Email List: Cypherpunks [EMAIL PROTECTED] Subject: Re: Echelon-like... Date: Thu, 10 Oct 2002 18:38:36 +0100 On Wednesday, October 9, 2002, at 07:28 PM, anonimo arancio wrote: The basic argument is that, if good encryption is available overseas or easily downloadable, it doesn't make sense to make export of it illegal. Nope. The biggest name in software right now is Microsoft, who wasn't willing to face down the government on this. no export version of a Microsoft product had decent crypto while the export regulations were in force - and the situation is pretty poor even now. If microsoft were free to compete in this area (and lotus, of notes fame) then decent security *built into* the operating system, the desktop document suite or the email package - and life would get a lot, lot worse for the spooks. I assume everyone knows the little arrangement that lotus reached with the NSA over its encrypted secure email?
Re: Echelon-like resources...
Why the hell would anyone use lotus notes encryption for anything whatsoever? On Fri, Oct 11, 2002 at 09:37:52AM -0400, Tyler Durden wrote: OK, let's assume for the same of argument that it takes about 1 minute for Echelon/NSA-like resources to break a weakly encypted lotus notes message. And then let's assume that there's a whole LOT of these machines sitting somewhere. And as the grumpy Tim May has suggested, perhaps only a small fraction of encrypted messages are (or can be) sent for decryption. Then the expenditure of such resources is going to be a big statistical optimization problem, akin to that faced in the credit card industry (eg, in approving or declining a POS transaction). The gub'mint or whatever doing such monitoring will therefore probably look for certain signs that will kick off decryption. For instance, the sporadic use of cryptography in cetain demogrpahic areas might cause a % of those to be sent over for routine check, particularly if there is no encryption used by that populace, and then all of a sudden there are bursts. Also, changing the strength of encryption might be a kickoff, but again I reveal I am a newbie with this question: Is it possible to determine (at least approximately) the strength of encryption of an intercepted message? Then, if someone from, say, the b'Arbes neighborhood of Paris moves suddenly from weak to strong encryption in his messaging, that would kick off a flag somewhere sending that message for cracking. So if a bin Laden were smart, he should routinely use encryption for all of his messages, even the most trivial, because the change in pattern would be a tipoff to send his encrypted messages for hacking. And the there are probably less obvious, large-scale statistical patterns indicating something's up, and causing a % of such messages to be hacked and then sent for routine check for key words. From: Adam Back [EMAIL PROTECTED] To: Tyler Durden [EMAIL PROTECTED] CC: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: Echelon-like... Date: Thu, 10 Oct 2002 20:41:21 +0100 Sounds about right. 64 bit crypto in the strong version (which is not that strong -- the distributed.net challenge recently broke a 64 bit key), and in the export version 24 of those 64 bits were encrypted with an NSA backdoor key, leaving only 40 bits of key space for the NSA to bruteforce to recover messages. The NSA's backdoor public key is at the URL below. http://www.cypherspace.org/~adam/hacks/lotus-nsa-key.html (The public key had an Organization name of MiniTruth, and a Common Name of Big Brother -- both Orwell 1984 references, presumably by a lotus programmer). Adam On Thu, Oct 10, 2002 at 02:34:38PM -0400, Tyler Durden wrote: I assume everyone knows the little arrangement that lotus reached with the NSA over its encrypted secure email? I'm new here, so do tell if I am wrong. Are you referring to the two levels of Encryption available in Bogus Notes? (ie, the North American and the International, the International being legal for export.) At one of my previous employers, we were told the (apocryphal?) story of some dude who got arrested on an airplane for having the more secure version of Notes on his laptop. From: David Howe [EMAIL PROTECTED] To: Email List: Cypherpunks [EMAIL PROTECTED] Subject: Re: Echelon-like... Date: Thu, 10 Oct 2002 18:38:36 +0100 On Wednesday, October 9, 2002, at 07:28 PM, anonimo arancio wrote: The basic argument is that, if good encryption is available overseas or easily downloadable, it doesn't make sense to make export of it illegal. Nope. The biggest name in software right now is Microsoft, who wasn't willing to face down the government on this. no export version of a Microsoft product had decent crypto while the export regulations were in force - and the situation is pretty poor even now. If microsoft were free to compete in this area (and lotus, of notes fame) then decent security *built into* the operating system, the desktop document suite or the email package - and life would get a lot, lot worse for the spooks. I assume everyone knows the little arrangement that lotus reached with the NSA over its encrypted secure email? _ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx -- Harmon Seaver CyberShamanix http://www.cybershamanix.com War is just a racket ... something that is not what it seems to the majority of people. Only a small group knows what its about. It is conducted for the benefit of the very few at the expense of the masses. --- Major General Smedley Butler, 1933 Our overriding purpose, from the beginning through to the present day, has been world domination - that is, to build and maintain the capacity to coerce
Re: Echelon-like resources...
OK, let's assume for the same of argument that it takes about 1 minute for Echelon/NSA-like resources to break a weakly encypted lotus notes message. And then let's assume that there's a whole LOT of these machines sitting somewhere. And as the grumpy Tim May has suggested, perhaps only a small fraction of encrypted messages are (or can be) sent for decryption. Then the expenditure of such resources is going to be a big statistical optimization problem, akin to that faced in the credit card industry (eg, in approving or declining a POS transaction). The gub'mint or whatever doing such monitoring will therefore probably look for certain signs that will kick off decryption. For instance, the sporadic use of cryptography in cetain demogrpahic areas might cause a % of those to be sent over for routine check, particularly if there is no encryption used by that populace, and then all of a sudden there are bursts. Also, changing the strength of encryption might be a kickoff, but again I reveal I am a newbie with this question: Is it possible to determine (at least approximately) the strength of encryption of an intercepted message? Then, if someone from, say, the b'Arbes neighborhood of Paris moves suddenly from weak to strong encryption in his messaging, that would kick off a flag somewhere sending that message for cracking. So if a bin Laden were smart, he should routinely use encryption for all of his messages, even the most trivial, because the change in pattern would be a tipoff to send his encrypted messages for hacking. And the there are probably less obvious, large-scale statistical patterns indicating something's up, and causing a % of such messages to be hacked and then sent for routine check for key words. From: Adam Back [EMAIL PROTECTED] To: Tyler Durden [EMAIL PROTECTED] CC: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: Echelon-like... Date: Thu, 10 Oct 2002 20:41:21 +0100 Sounds about right. 64 bit crypto in the strong version (which is not that strong -- the distributed.net challenge recently broke a 64 bit key), and in the export version 24 of those 64 bits were encrypted with an NSA backdoor key, leaving only 40 bits of key space for the NSA to bruteforce to recover messages. The NSA's backdoor public key is at the URL below. http://www.cypherspace.org/~adam/hacks/lotus-nsa-key.html (The public key had an Organization name of MiniTruth, and a Common Name of Big Brother -- both Orwell 1984 references, presumably by a lotus programmer). Adam On Thu, Oct 10, 2002 at 02:34:38PM -0400, Tyler Durden wrote: I assume everyone knows the little arrangement that lotus reached with the NSA over its encrypted secure email? I'm new here, so do tell if I am wrong. Are you referring to the two levels of Encryption available in Bogus Notes? (ie, the North American and the International, the International being legal for export.) At one of my previous employers, we were told the (apocryphal?) story of some dude who got arrested on an airplane for having the more secure version of Notes on his laptop. From: David Howe [EMAIL PROTECTED] To: Email List: Cypherpunks [EMAIL PROTECTED] Subject: Re: Echelon-like... Date: Thu, 10 Oct 2002 18:38:36 +0100 On Wednesday, October 9, 2002, at 07:28 PM, anonimo arancio wrote: The basic argument is that, if good encryption is available overseas or easily downloadable, it doesn't make sense to make export of it illegal. Nope. The biggest name in software right now is Microsoft, who wasn't willing to face down the government on this. no export version of a Microsoft product had decent crypto while the export regulations were in force - and the situation is pretty poor even now. If microsoft were free to compete in this area (and lotus, of notes fame) then decent security *built into* the operating system, the desktop document suite or the email package - and life would get a lot, lot worse for the spooks. I assume everyone knows the little arrangement that lotus reached with the NSA over its encrypted secure email? _ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx
Durden lies, was: Echelon-like resources...
On Fri, 11 Oct 2002 10:29:53 -0400, you wrote: War is just a racket ... something that is not what it seems to the majority of people. Only a small group knows what its about. It is conducted for the benefit of the very few at the expense of the masses. --- Major General Smedley Butler, 1933 Our overriding purpose, from the beginning through to the present day, has been world domination - that is, to build and maintain the capacity to coerce everybody else on the planet: nonviolently, if possible, and violently, if necessary. But the purpose of US foreign policy of domination is not just to make the rest of the world jump through hoops; the purpose is to faciliate our exploitation of resources. - Ramsey Clark, former US Attorney General Is there some reason you want to publish these bogus, uncitationed, false, propaganda quotations? Just adding to misinformation? Preferring to further downgrade the public discourse? Planting lies for subsequent citation as proof of something? What an asshole.
Re: Echelon-like resources...
At 10:54 AM 10/11/2002 -0400, Tyler Durden wrote: Which returns to my original point: the easy availability of strong crypto products does not mean it is unprofitable for an agency to continue to push populations towards lighter forms of encryption. Assuming that the agency's goal is to maximize surveillance returns and that they're unconcerned with security generally, yes, you're right. So? -- Greg Broiles -- [EMAIL PROTECTED] -- PGP 0x26E4488c or 0x94245961
RE: Durden lies, was: Echelon-like resources...
Anonymous wrote: From: Anonymous [EMAIL PROTECTED] To: Tyler Durden [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Durden lies, was: Echelon-like resources... Date: Fri, 11 Oct 2002 18:33:46 +0200 (CEST) On Fri, 11 Oct 2002 10:29:53 -0400, you wrote: War is just a racket ... something that is not what it seems to the majority of people. Only a small group knows what its about. It is conducted for the benefit of the very few at the expense of the masses. --- Major General Smedley Butler, 1933 Our overriding purpose, from the beginning through to the present day, has been world domination - that is, to build and maintain the capacity to coerce everybody else on the planet: nonviolently, if possible, and violently, if necessary. But the purpose of US foreign policy of domination is not just to make the rest of the world jump through hoops; the purpose is to faciliate our exploitation of resources. - Ramsey Clark, former US Attorney General Is there some reason you want to publish these bogus, uncitationed, false, propaganda quotations? Just adding to misinformation? Preferring to further downgrade the public discourse? Planting lies for subsequent citation as proof of something? What an asshole. Anonymous had better learn to read, or at least quote email correctly. The signature quotations were not posted by Durden, but by Harmon Seaver. I too found them astonishing, but unlike anonymous, I try to check things out before calling foul. Anon should learn to use Google. Ramsey: http://www.thesunmagazine.org/bully.html The Sun is an alternative news magazine which has been in print since 1974. It's mammothly unlikely that they would fabricate the interview out of whole cloth, since Clarke would sue for libel and/or defamation. Butler: Numerous sources. Butler certainly existed; Amazon has at least two biographies available, and one of them has a sample page image refering to his 1935 book 'War is a Racket', titled after the 1933 speech. Part of the speech can be found here: http://www.fas.org/man/smedley.htm 5 chapters of the book can be found here: http://www.lexrex.com/enlightened/articles/warisaracket.htm If anonymous were a person of character he/she/it would apologize, first to Tyler Durden, for misquoting, and second to Harmon Seaver, but accusing him of lying. Peter Trei
Re: Durden lies, was: Echelon-like resources..
Our overriding purpose, from the beginning through to the present day, has been world domination - that is, to build and maintain the capacity to coerce everybody else on the planet: nonviolently, if possible, and violently, if necessary. But the purpose of US foreign policy of domination is not just to make the rest of the world jump through hoops; the purpose is to faciliate our exploitation of resources. - Ramsey Clark, former US Attorney General From: Trei, Peter [EMAIL PROTECTED] The Sun is an alternative news magazine which has been in print since 1974. It's mammothly unlikely that they would fabricate the interview out of whole cloth, since Clarke would sue for libel and/or defamation. On the contrary, this is standard routine communist behavior. They are always inventing fantastic citations, for example the much quoted Intoxicating Augmentation quote that Karl Marx attributed to Gladstone (then prime minister of England) which generation after generation learned scholars have learnedly cited as evidence that free market capitalism was bad for workers. Since Clarke is a public figure he cannot sue for libel, so he is a good peg to hang such a citation on. If Karl Marx could get away with attributing fantastic citations to the Prime Minister, the sun can certainly get away with attributing them to an attorney general. The enormous flood of such bogus citations make it unlikely that any one of them will be challenged. Look at Chomsky. Every few pages he has a similarly fraudulent citation, and no one ever sues him, even though in some cases one can check the materials he cites, and find that he is lying. Faith Hill - Exclusive Performances, Videos More http://faith.yahoo.com
Re: Durden lies, was: Echelon-like resources...
You have to realize that there are any number of fedzis who subscribe to this list, it's a well authenticated fact, matter of court testimony. And fedzis aren't noted for brains, or even being able to read, which is why he attacked you instead of me. And of course most fedzis positively foam at the mouth when hearing the truth being spoken, thus the rabid nature of his spewing. -- Harmon Seaver CyberShamanix http://www.cybershamanix.com War is just a racket ... something that is not what it seems to the majority of people. Only a small group knows what its about. It is conducted for the benefit of the very few at the expense of the masses. --- Major General Smedley Butler, 1933 Our overriding purpose, from the beginning through to the present day, has been world domination - that is, to build and maintain the capacity to coerce everybody else on the planet: nonviolently, if possible, and violently, if necessary. But the purpose of US foreign policy of domination is not just to make the rest of the world jump through hoops; the purpose is to faciliate our exploitation of resources. - Ramsey Clark, former US Attorney General http://www.thesunmagazine.org/bully.html
Re: Durden lies, was: Echelon-like resources...
On Friday 11 October 2002 14:13, Trei, Peter wrote: If anonymous were a person of character... Oxymoron, eh? Pseudonymity has many socially acceptable features. Anonymity has all of the practical benefits of pseudonymity and no additional advantages in a conversational forum such as cpunks. Anonymous persons (or dumbassbots; it's hard to tell sometimes) who snipe from behind the veil may be assumed to be cowardly jackasses. -- Steve FurlongComputer Condottiere Have GNU, Will Travel Vote Idiotarian --- it's easier than thinking
Re: Durden lies, was: Echelon-like resources...
Yo! I didn't write anything of the kind. Actually, this post mystifies me...even had I posted those quotations, as scary as they may be, I don't understand Anonymous' reaction to them (waitaminute...maybe I do understand...it's interesting to consider that the sender seems to have gone to some trouble to remain anonymous for a relatively banal post). As for the point, as a newbie here (I was an optical network engineer from 95 to recently, now on $$$-street), I wanted to raise the issue that looking at the crytpography issue statistically may yield conclusions that contradict a more linear, message-by-message examination of certain issues. For instance, I would be interested to see a response from the powers that be, if a credible grass-roots push were made to encourage everyone, from children to senior citizens, to use a lite form of cryptography (yes, such as in Lotus Notes) on EVERY message they sent. Or perhaps you've all discussed this before, but the responses I've seen so far don't indicate that. From: Anonymous [EMAIL PROTECTED] To: Tyler Durden [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Durden lies, was: Echelon-like resources... Date: Fri, 11 Oct 2002 18:33:46 +0200 (CEST) On Fri, 11 Oct 2002 10:29:53 -0400, you wrote: War is just a racket ... something that is not what it seems to the majority of people. Only a small group knows what its about. It is conducted for the benefit of the very few at the expense of the masses. --- Major General Smedley Butler, 1933 Our overriding purpose, from the beginning through to the present day, has been world domination - that is, to build and maintain the capacity to coerce everybody else on the planet: nonviolently, if possible, and violently, if necessary. But the purpose of US foreign policy of domination is not just to make the rest of the world jump through hoops; the purpose is to faciliate our exploitation of resources. - Ramsey Clark, former US Attorney General Is there some reason you want to publish these bogus, uncitationed, false, propaganda quotations? Just adding to misinformation? Preferring to further downgrade the public discourse? Planting lies for subsequent citation as proof of something? What an asshole. _ Send and receive Hotmail on your mobile device: http://mobile.msn.com
Re: was: Echelon-like resources..
Uh, first of all can we get rid of the part of the subject line that says Durden lies? (Particularly seeing how the quote attributed to me did not originate from me.) As for Chomsky lying, can you give us some specific citations? Did he lie about our support for Sadam Hussein? Our support for Indoesia? Our bombing of the sudanese pharmacuetical factory? Or the fact that Nicaruaga brought the US before the world court and won? Granted, Chonskty can be a little tiring on the ears, but my knee-jerk reaction towards your calling him a liar is that you misunderstood the citation. But then again, I could be wrong, so do give us some examples, eh? From: James Donald [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Durden lies, was: Echelon-like resources.. Date: Fri, 11 Oct 2002 14:11:12 -0700 (PDT) Our overriding purpose, from the beginning through to the present day, has been world domination - that is, to build and maintain the capacity to coerce everybody else on the planet: nonviolently, if possible, and violently, if necessary. But the purpose of US foreign policy of domination is not just to make the rest of the world jump through hoops; the purpose is to faciliate our exploitation of resources. - Ramsey Clark, former US Attorney General From: Trei, Peter [EMAIL PROTECTED] The Sun is an alternative news magazine which has been in print since 1974. It's mammothly unlikely that they would fabricate the interview out of whole cloth, since Clarke would sue for libel and/or defamation. On the contrary, this is standard routine communist behavior. They are always inventing fantastic citations, for example the much quoted Intoxicating Augmentation quote that Karl Marx attributed to Gladstone (then prime minister of England) which generation after generation learned scholars have learnedly cited as evidence that free market capitalism was bad for workers. Since Clarke is a public figure he cannot sue for libel, so he is a good peg to hang such a citation on. If Karl Marx could get away with attributing fantastic citations to the Prime Minister, the sun can certainly get away with attributing them to an attorney general. The enormous flood of such bogus citations make it unlikely that any one of them will be challenged. Look at Chomsky. Every few pages he has a similarly fraudulent citation, and no one ever sues him, even though in some cases one can check the materials he cites, and find that he is lying. Faith Hill - Exclusive Performances, Videos More http://faith.yahoo.com _ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx
Re: Echelon-like...
B --Kaos-Keraunos-Kybernetos--- + ^ + :NSA got $20Bil/year |Passwords are like underwear. You don't /|\ \|/ :and didn't stop 9-11|share them, you don't hang them on your/\|/\ --*--:Instead of rewarding|monitor, or under your keyboard, you \/|\/ /|\ :their failures, we |don't email them, or put them on a web \|/ + v + :should get refunds! |site, and you must change them very often. [EMAIL PROTECTED] http://www.sunder.net On 10 Oct 2002, anonimo arancio wrote: This relates to an issue I've wanted to discuss with Cypherpunks for several years. Over the years, I've seen several commentators (including Timothy May) appear suprised when discussing the US's encryption export policies. The basic argument is that, if good encryption is available overseas or easily downloadable, it doesn't make sense to make export of it illegal. Is the above statement a) wrong, b) obvious c) mentioned previously on the cypherpunks boards, or d)hey! We never thought of that
Re: Echelon-like...
On Thu, Oct 10, 2002 at 02:28:26AM -, anonimo arancio wrote: [..] But I am wondering if Cypherpunks have mentioned the 'obvious'. The government knows exactly what it's doing. It wants to discourage the use of encryption by any means necessary, because of sheer numbers. Basically, the more messages that are encypted, the more hardware (and therefore $$$) will be needed to decrypt them. Therefore, the only way they can stay ahead of the game is to keep the numbers as low as possible, so they can continue to outspend the problem. This is, from their perspective, a perfectly reasonable approach to decrypting large numbers of messages, a small fraction of which may contain interesting information. Is the above statement a) wrong, b) obvious c) mentioned previously on the cypherpunks boards, or d)hey! We never thought of that B and C, extensively. The US Government has pretty much given up on restricting crypto exports. There is just enough of a vestigial restriction there to maintain the illusion that the government has a right to control crypto exports. If there was anything more, it would be challenged in court and most likely get thrown out. The government backed off on previous challenges (Bernstein, Zimmerman) to avoid that. Eric
Re: Echelon-like...
hi, The government knows exactly what it's doing. It wants to discourage the use of encryption by any means necessary, because of sheer numbers. Does n't govt intervension always increase the numbers? Basically, the more messages that are encypted, the more hardware (and therefore $$$) will be needed to decrypt them. Therefore, the only way they can stay ahead of the game is to keep the numbers as low as possible, so they can continue to outspend the problem. Why don't we have encrypted spams over the internet rather than plain text spam ?Thats one way we can all benefit frm spam. The US Government has pretty much given up on restricting crypto exports. Why did that happen? Regards Sarath. __ Do you Yahoo!? Faith Hill - Exclusive Performances, Videos More http://faith.yahoo.com
Re: Echelon-like...
Not only is EM correct, but: * many attacks are possible without worrying about keylength. Got Scarfo? * NIST/NSA picked the lamest AES. If I told you what lame meant, I'd have to kill you. * (Lack of) User motivation (related to man-machine issues) is still the spooks' best friend. As well as legacy systems, and inadequately designed total systems. Got Redmond? However, stego and decent opsec and cash and leo buffoonery still let you coordinate the occasional urban skyline reconstruction, poking holes in boats, etc. Got Dead Drops? Mr. Hanssen? Mr Ames? At 08:09 AM 10/10/02 -0700, Eric Murray wrote: On Thu, Oct 10, 2002 at 02:28:26AM -, anonimo arancio wrote: The government knows exactly what it's doing. It wants to discourage the use of encryption by any means necessary, because of sheer numbers. Basically, the more messages that are encypted, the more hardware (and therefore $$$) will be needed to decrypt them. Therefore, the only way they can stay ahead of the game is to keep the numbers as low as possible, so they can continue to outspend the problem. This is, from their perspective, a perfectly reasonable approach to decrypting large numbers of messages, a small fraction of which may contain interesting information. Is the above statement a) wrong, b) obvious c) mentioned previously on the cypherpunks boards, or d)hey! We never thought of that B and C, extensively. The US Government has pretty much given up on restricting crypto exports. There is just enough of a vestigial restriction there to maintain the illusion that the government has a right to control crypto exports. If there was anything more, it would be challenged in court and most likely get thrown out. The government backed off on previous challenges (Bernstein, Zimmerman) to avoid that. Eric
Re: Echelon-like...
On Wednesday, October 9, 2002, at 07:28 PM, anonimo arancio wrote: This relates to an issue I've wanted to discuss with Cypherpunks for several years. Over the years, I've seen several commentators (including Timothy May) appear suprised when discussing the US's encryption export policies. I wouldn't characterize my reaction as surprised. I've written many thousands of articles, including hundreds (at least) on crypto export, ITAR, etc. Mostly back around 1993-95. It's become a less important issue in recent years. (Why, I wonder, are you just now sharing your thoughts with us on this old subject?) The basic argument is that, if good encryption is available overseas or easily downloadable, it doesn't make sense to make export of it illegal. That's one of the basic arguments, yes. And it was borne out by the shift of development of many crypto products to non-U.S. sites. On the surface this would seem a sensible argument. ANd, it would seem a purely beaureaucratic (I'm sure I spelled that wrong) error. But I am wondering if Cypherpunks have mentioned the 'obvious'. The government knows exactly what it's doing. It wants to discourage the use of encryption by any means necessary, because of sheer numbers. Yes, throwing roadblocks and inconvenience factors up was discussed many times here. The ITARs (since renamed) were used by the Feds to intimidate potential developers of crypto products. Basically, the more messages that are encypted, the more hardware (and therefore $$$) will be needed to decrypt them. And how many $$$'s worth of hardware do you think is needed? Do you believe even one tenth of one percent of traffic is now having it's RSA modulus factored by brute force? Therefore, the only way they can stay ahead of the game is to keep the numbers as low as possible, so they can continue to outspend the problem. Public admissions by DIRNSA have stated the obvious: that they are unable to keep up with the technology of even a dozen years ago. This is, from their perspective, a perfectly reasonable approach to decrypting large numbers of messages, a small fraction of which may contain interesting information. If you actually believe they are decrypting large numbers of messages, you must know something about their quantum computers that we haven't heard about. Care to share? Is the above statement a) wrong, b) obvious c) mentioned previously on the cypherpunks boards, or d)hey! We never thought of that The archives are easily searchable. --Tim May
Re: Echelon-like...
Sounds about right. 64 bit crypto in the strong version (which is not that strong -- the distributed.net challenge recently broke a 64 bit key), and in the export version 24 of those 64 bits were encrypted with an NSA backdoor key, leaving only 40 bits of key space for the NSA to bruteforce to recover messages. The NSA's backdoor public key is at the URL below. http://www.cypherspace.org/~adam/hacks/lotus-nsa-key.html (The public key had an Organization name of MiniTruth, and a Common Name of Big Brother -- both Orwell 1984 references, presumably by a lotus programmer). Adam On Thu, Oct 10, 2002 at 02:34:38PM -0400, Tyler Durden wrote: I assume everyone knows the little arrangement that lotus reached with the NSA over its encrypted secure email? I'm new here, so do tell if I am wrong. Are you referring to the two levels of Encryption available in Bogus Notes? (ie, the North American and the International, the International being legal for export.) At one of my previous employers, we were told the (apocryphal?) story of some dude who got arrested on an airplane for having the more secure version of Notes on his laptop. From: David Howe [EMAIL PROTECTED] To: Email List: Cypherpunks [EMAIL PROTECTED] Subject: Re: Echelon-like... Date: Thu, 10 Oct 2002 18:38:36 +0100 On Wednesday, October 9, 2002, at 07:28 PM, anonimo arancio wrote: The basic argument is that, if good encryption is available overseas or easily downloadable, it doesn't make sense to make export of it illegal. Nope. The biggest name in software right now is Microsoft, who wasn't willing to face down the government on this. no export version of a Microsoft product had decent crypto while the export regulations were in force - and the situation is pretty poor even now. If microsoft were free to compete in this area (and lotus, of notes fame) then decent security *built into* the operating system, the desktop document suite or the email package - and life would get a lot, lot worse for the spooks. I assume everyone knows the little arrangement that lotus reached with the NSA over its encrypted secure email?
Re: Echelon-like...
I assume everyone knows the little arrangement that lotus reached with the NSA over its encrypted secure email? I'm new here, so do tell if I am wrong. Are you referring to the two levels of Encryption available in Bogus Notes? More or less, yes. Lotus knew nobody would buy a 40 bit version of their crypto, so there is a two-level encryption all right, but not along those lines - in the export version, some of the session key is encrypted using a PKI work reduction factor key in the message header; this section of header is important, as lotus gateways won't accept messages that have had it disturbed. by decoding this block, the NSA have the actual keysize they need to block reduced to the legal export level of 40 bits; one government found this out *after* rolling it out to all their billing and contract negotiation departments... belgum or sweden by memory . Lotus thought it would be ok if only the NSA (and other US government orgs) could break the key, rather than letting everyone have an equal chance (and indeed, letting their customers know their crypto was still only 40 bit vs USA intel agencies) Still, even the domestic version was only 64 bits, which is painfully small even by the standards of the day. certainly, even strong lotus could have been crackable by the NSA, who after all own their own fab plant to make custom VLSI cracking chips.
Re: Echelon-like...
B --Kaos-Keraunos-Kybernetos--- + ^ + :NSA got $20Bil/year |Passwords are like underwear. You don't /|\ \|/ :and didn't stop 9-11|share them, you don't hang them on your/\|/\ --*--:Instead of rewarding|monitor, or under your keyboard, you \/|\/ /|\ :their failures, we |don't email them, or put them on a web \|/ + v + :should get refunds! |site, and you must change them very often. [EMAIL PROTECTED] http://www.sunder.net On 10 Oct 2002, anonimo arancio wrote: This relates to an issue I've wanted to discuss with Cypherpunks for several years. Over the years, I've seen several commentators (including Timothy May) appear suprised when discussing the US's encryption export policies. The basic argument is that, if good encryption is available overseas or easily downloadable, it doesn't make sense to make export of it illegal. Is the above statement a) wrong, b) obvious c) mentioned previously on the cypherpunks boards, or d)hey! We never thought of that
Re: Echelon-like...
I assume everyone knows the little arrangement that lotus reached with the NSA over its encrypted secure email? I'm new here, so do tell if I am wrong. Are you referring to the two levels of Encryption available in Bogus Notes? (ie, the North American and the International, the International being legal for export.) At one of my previous employers, we were told the (apocryphal?) story of some dude who got arrested on an airplane for having the more secure version of Notes on his laptop. From: David Howe [EMAIL PROTECTED] To: Email List: Cypherpunks [EMAIL PROTECTED] Subject: Re: Echelon-like... Date: Thu, 10 Oct 2002 18:38:36 +0100 On Wednesday, October 9, 2002, at 07:28 PM, anonimo arancio wrote: The basic argument is that, if good encryption is available overseas or easily downloadable, it doesn't make sense to make export of it illegal. Nope. The biggest name in software right now is Microsoft, who wasn't willing to face down the government on this. no export version of a Microsoft product had decent crypto while the export regulations were in force - and the situation is pretty poor even now. If microsoft were free to compete in this area (and lotus, of notes fame) then decent security *built into* the operating system, the desktop document suite or the email package - and life would get a lot, lot worse for the spooks. I assume everyone knows the little arrangement that lotus reached with the NSA over its encrypted secure email? _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com
Re: Echelon-like...
On Wednesday, October 9, 2002, at 07:28 PM, anonimo arancio wrote: The basic argument is that, if good encryption is available overseas or easily downloadable, it doesn't make sense to make export of it illegal. Nope. The biggest name in software right now is Microsoft, who wasn't willing to face down the government on this. no export version of a Microsoft product had decent crypto while the export regulations were in force - and the situation is pretty poor even now. If microsoft were free to compete in this area (and lotus, of notes fame) then decent security *built into* the operating system, the desktop document suite or the email package - and life would get a lot, lot worse for the spooks. I assume everyone knows the little arrangement that lotus reached with the NSA over its encrypted secure email?
Re: Echelon-like...
On Thu, Oct 10, 2002 at 02:28:26AM -, anonimo arancio wrote: [..] But I am wondering if Cypherpunks have mentioned the 'obvious'. The government knows exactly what it's doing. It wants to discourage the use of encryption by any means necessary, because of sheer numbers. Basically, the more messages that are encypted, the more hardware (and therefore $$$) will be needed to decrypt them. Therefore, the only way they can stay ahead of the game is to keep the numbers as low as possible, so they can continue to outspend the problem. This is, from their perspective, a perfectly reasonable approach to decrypting large numbers of messages, a small fraction of which may contain interesting information. Is the above statement a) wrong, b) obvious c) mentioned previously on the cypherpunks boards, or d)hey! We never thought of that B and C, extensively. The US Government has pretty much given up on restricting crypto exports. There is just enough of a vestigial restriction there to maintain the illusion that the government has a right to control crypto exports. If there was anything more, it would be challenged in court and most likely get thrown out. The government backed off on previous challenges (Bernstein, Zimmerman) to avoid that. Eric
Re: Echelon-like...
Not only is EM correct, but: * many attacks are possible without worrying about keylength. Got Scarfo? * NIST/NSA picked the lamest AES. If I told you what lame meant, I'd have to kill you. * (Lack of) User motivation (related to man-machine issues) is still the spooks' best friend. As well as legacy systems, and inadequately designed total systems. Got Redmond? However, stego and decent opsec and cash and leo buffoonery still let you coordinate the occasional urban skyline reconstruction, poking holes in boats, etc. Got Dead Drops? Mr. Hanssen? Mr Ames? At 08:09 AM 10/10/02 -0700, Eric Murray wrote: On Thu, Oct 10, 2002 at 02:28:26AM -, anonimo arancio wrote: The government knows exactly what it's doing. It wants to discourage the use of encryption by any means necessary, because of sheer numbers. Basically, the more messages that are encypted, the more hardware (and therefore $$$) will be needed to decrypt them. Therefore, the only way they can stay ahead of the game is to keep the numbers as low as possible, so they can continue to outspend the problem. This is, from their perspective, a perfectly reasonable approach to decrypting large numbers of messages, a small fraction of which may contain interesting information. Is the above statement a) wrong, b) obvious c) mentioned previously on the cypherpunks boards, or d)hey! We never thought of that B and C, extensively. The US Government has pretty much given up on restricting crypto exports. There is just enough of a vestigial restriction there to maintain the illusion that the government has a right to control crypto exports. If there was anything more, it would be challenged in court and most likely get thrown out. The government backed off on previous challenges (Bernstein, Zimmerman) to avoid that. Eric
Re: Echelon-like...
hi, The government knows exactly what it's doing. It wants to discourage the use of encryption by any means necessary, because of sheer numbers. Does n't govt intervension always increase the numbers? Basically, the more messages that are encypted, the more hardware (and therefore $$$) will be needed to decrypt them. Therefore, the only way they can stay ahead of the game is to keep the numbers as low as possible, so they can continue to outspend the problem. Why don't we have encrypted spams over the internet rather than plain text spam ?Thats one way we can all benefit frm spam. The US Government has pretty much given up on restricting crypto exports. Why did that happen? Regards Sarath. __ Do you Yahoo!? Faith Hill - Exclusive Performances, Videos More http://faith.yahoo.com
Echelon-like...
This relates to an issue I've wanted to discuss with Cypherpunks for several years. Over the years, I've seen several commentators (including Timothy May) appear suprised when discussing the US's encryption export policies. The basic argument is that, if good encryption is available overseas or easily downloadable, it doesn't make sense to make export of it illegal. On the surface this would seem a sensible argument. ANd, it would seem a purely beaureaucratic (I'm sure I spelled that wrong) error. But I am wondering if Cypherpunks have mentioned the 'obvious'. The government knows exactly what it's doing. It wants to discourage the use of encryption by any means necessary, because of sheer numbers. Basically, the more messages that are encypted, the more hardware (and therefore $$$) will be needed to decrypt them. Therefore, the only way they can stay ahead of the game is to keep the numbers as low as possible, so they can continue to outspend the problem. This is, from their perspective, a perfectly reasonable approach to decrypting large numbers of messages, a small fraction of which may contain interesting information. Is the above statement a) wrong, b) obvious c) mentioned previously on the cypherpunks boards, or d)hey! We never thought of that
AF developing DEA Wiretap Echelon-like Development Projects
The following web page is about recent projects at the Air Force Research Laboratory. Item 8 is about new wiretap technology, designed to monitor large numbers of conversations for drug activity. The accompanying artwork has a large and small version of a wiretapper logo, which should be possible to abuse for something :-) http://www.afrl.af.mil/accomprpt/may02/accompmay02.htm Google cache: http://216.239.53.100/search?q=cache:wHZ4vsieDNkC:www.afrl.af.mil/accomprpt/may02/accompmay02.htm+nanosat+2002hl=enlr=lang_da|lang_nl|lang_en|lang_fr|lang_de|lang_is|lang_esie=UTF-8 Wiretapper Logo: http://www.afrl.af.mil/accomprpt/may02/images/may_8.gif The Information Directorate's Multisensor Exploitation Branch and Research Associates for Defense Conversion (RADC) jointly developed, tested, and demonstrated an experimental model capability that automatically extracts information from telephone background sounds and conversational speech to identify drug networks and the participants. The work, sponsored by the Drug Enforcement Agency (DEA), addresses the problem of monitoring large numbers of telephone conversations for drug activity, while protecting the privacy of citizens in accordance with wiretap laws. The capability called Automated Title Three Audio Correlation (ATTAC) makes it possible to automatically segment and flag drug- related activity and identify its participants without understanding the message content of the conversation. A background sound recognizer technology identifies sounds, such as dial tone, number dialed, ringing, and other sounds, while a Vector Quantization speaker-recognition technology identifies the persons involved in the conversations. The DEA and RADC collected a database of conversations through 74 individuals who made over 1300 calls from cellular phones, and office phones, and who used message machines. The results in identifying the participants in conversational speech varied widely. DEA and RADC technicians obtained good results (90%) when individuals used the same phones; however, when the same individuals used different phones, the performance could drop to as low as 55%. The directorate is conducting research work to improve recognition across multiple phone types. Although the directorate developed ATTAC for DEA use, the technology developed advances the state-of-the-art in speaker segmentation and in information extraction for the Air Force intelligence, surveillance, and reconnaissance mission. (Mr. S. E. Smith, AFRL/IFEC, (315) 330-7894)