Re: zombied ypherpunks (Re: Email Certification?)
--- Anonymous [EMAIL PROTECTED] wrote: And then, of course, in the off chance they can't actually break the message under that flag, they can merely send a guy out with binoculars or whatever. Don't forget about rubber-hose cryptanlysis. Rumour has it that method is preferred in many cases since it makes the code-breakers feel good by way of testosterone release. Guns. You may not be able to kill them, but you may be able to force them to kill you. If they're using rubber hoses, they're probably going to kill you anyways. Hoses leave marks, of course, and if there's one thing a spook hates, it is leaving evidence of his or her passage. Unless his or her mission is about leaving visible traces, of course. Regards, Steve __ Post your free ad now! http://personals.yahoo.ca
Re: zombied ypherpunks (Re: Email Certification?)
--- Anonymous [EMAIL PROTECTED] wrote: And then, of course, in the off chance they can't actually break the message under that flag, they can merely send a guy out with binoculars or whatever. Don't forget about rubber-hose cryptanlysis. Rumour has it that method is preferred in many cases since it makes the code-breakers feel good by way of testosterone release. Guns. You may not be able to kill them, but you may be able to force them to kill you. If they're using rubber hoses, they're probably going to kill you anyways. Hoses leave marks, of course, and if there's one thing a spook hates, it is leaving evidence of his or her passage. Unless his or her mission is about leaving visible traces, of course. Regards, Steve __ Post your free ad now! http://personals.yahoo.ca
RE: zombied ypherpunks (Re: Email Certification?)
--- Tyler Durden [EMAIL PROTECTED] wrote: Well, they could just tune in on Echelon, which really seems to be reality. There is no need for infinite resources to do such a thing. Echelon ain't a radio, and not all members of TLAs have access. Indeed, you can be damn sure that they are very careful to NOT share a lot of the Echelon-culled information. And unless you're involved in some very interesting operations, as a mere agitant you aren't going to merit release of Echelon info. How do you know? HOWEVER, even if they haven't focused the big microscope on you, this A very good friend of mine once described what you call the big microphone as the panopticon. Clearly this is not a new idea, and consequently we may assume that the TLAs are well in advance of whatever is known about global surveillance by the general public. Technical sophisticates have, however, a distinct advantage here. Furthermore, as I have stated previously, the use of information gleaned from a surveillance effort leaks 'bits' about the surveillance action itself -- this is a mathematical certainty. But, seeing as how the public is expected to live in a rather small fantasy world of conceptual and information poverty, at least as such relates to the activities of TLAs, we can assume that mathematical realities will have zero correlation with politically motivated policies in the public `sphere'. doesn't mean you don't merit phishing by someone (perhaps) who's in a local office and has decided he doesn't like you personally. Thus, lower-level not infinitely secure efforts might be of some use. Obviously. Here is the fundamental misunderstanding. Your email is no account. There are no place where your account is stored. The only thing that exists is an endpoint, where you receive your mail. Before the mail reaches that point, its's just TCP-packets on the wire. OK, what the heck are you talking about? You're telling me that hotmail/gmail is stored on my personal COMPUTER? Not even a TLA-originated campaign of disinformation would attempt to get that across. Are you like a 14-year-old boy or something? It's likely that he is practising his stupidity in order to establish the background of his mailing-list persona. Perhaps his messages also carry coded `freight' of some kind intended for a certain class of reader. If so, and if he uses perfect encryption for his coding scheme, we cannot have any hope of decyphering what he is saying beyond the superficial face-value of his text. The problem with Cypherpunks is that we're way too pre-occupied with infinite security scenarios. Of course, such a subject is of vital importance, but there are lower levels of threat (and appropriate response) that need to be examined. This well they can break almost anything so don't even bother unless you're the Okie City B-*-m-b-*-r or somebody, and then you'll need a faraday cage and colliding pulse mode-locked dye laser for quantum encryption bullshit actually detracts from Cypherpunkly notionsit makes the use of encryption a red flag sticking out of a sea of unencrypted grey. And then, of course, in the off chance they can't actually break the message under that flag, they can merely send a guy out with binoculars or whatever. Don't forget about rubber-hose cryptanlysis. Rumour has it that method is preferred in many cases since it makes the code-breakers feel good by way of testosterone release. Regards, Steve __ Post your free ad now! http://personals.yahoo.ca
Re: zombied ypherpunks (Re: Email Certification?)
And then, of course, in the off chance they can't actually break the message under that flag, they can merely send a guy out with binoculars or whatever. Don't forget about rubber-hose cryptanlysis. Rumour has it that method is preferred in many cases since it makes the code-breakers feel good by way of testosterone release. Guns. You may not be able to kill them, but you may be able to force them to kill you.
RE: zombied ypherpunks (Re: Email Certification?)
At 17:43 2005-04-29, you wrote: Eh...for email you may have a point, but I'm not 100% convinced. In other words, say they want to monitor your email account. Do you really believe they are going to tap all major nodes and then filter all the traffic just to get your email? ... Well, they could just tune in on Echelon, which really seems to be reality. There is no need for infinite resources to do such a thing. This is that whole, The TLAs are infinitely powerful so you might as well do nothing philosophy. And even though I might be willing to concede that they get all that traffic, one hand doesn't always talk to the other. there may be smaller branches on fishing trips accessing your email if they want. if one were able to monitor the email account for access, you'll at least force your TLA phisher into going through proper internal channels. He might actually get a no, depending on the cost vs risk. Here is the fundamental misunderstanding. Your email is no account. There are no place where your account is stored. The only thing that exists is an endpoint, where you receive your mail. Before the mail reaches that point, its's just TCP-packets on the wire. If the listener is on a mail router, you could possibly see a trace of it in the message header, but it's possible to rewrite that stuff to, so the only way to KNOW if someone reads your mail is to analyze the potential readers behaviour based on the information in your mail. /O
RE: zombied ypherpunks (Re: Email Certification?)
Well, they could just tune in on Echelon, which really seems to be reality. There is no need for infinite resources to do such a thing. Echelon ain't a radio, and not all members of TLAs have access. Indeed, you can be damn sure that they are very careful to NOT share a lot of the Echelon-culled information. And unless you're involved in some very interesting operations, as a mere agitant you aren't going to merit release of Echelon info. HOWEVER, even if they haven't focused the big microscope on you, this doesn't mean you don't merit phishing by someone (perhaps) who's in a local office and has decided he doesn't like you personally. Thus, lower-level not infinitely secure efforts might be of some use. Here is the fundamental misunderstanding. Your email is no account. There are no place where your account is stored. The only thing that exists is an endpoint, where you receive your mail. Before the mail reaches that point, its's just TCP-packets on the wire. OK, what the heck are you talking about? You're telling me that hotmail/gmail is stored on my personal COMPUTER? Not even a TLA-originated campaign of disinformation would attempt to get that across. Are you like a 14-year-old boy or something? The problem with Cypherpunks is that we're way too pre-occupied with infinite security scenarios. Of course, such a subject is of vital importance, but there are lower levels of threat (and appropriate response) that need to be examined. This well they can break almost anything so don't even bother unless you're the Okie City B-*-m-b-*-r or somebody, and then you'll need a faraday cage and colliding pulse mode-locked dye laser for quantum encryption bullshit actually detracts from Cypherpunkly notionsit makes the use of encryption a red flag sticking out of a sea of unencrypted grey. And then, of course, in the off chance they can't actually break the message under that flag, they can merely send a guy out with binoculars or whatever. -TD
RE: zombied ypherpunks (Re: Email Certification?)
At 16:10 2005-05-02, you wrote: Here is the fundamental misunderstanding. Your email is no account. There are no place where your account is stored. The only thing that exists is an endpoint, where you receive your mail. Before the mail reaches that point, its's just TCP-packets on the wire. OK, what the heck are you talking about? You're telling me that hotmail/gmail is stored on my personal COMPUTER? Not even a TLA-originated campaign of disinformation would attempt to get that across. Are you like a 14-year-old boy or something? That's completely unwarranted for. The end point for hotmail is Microsoft's hotmail-servers, and for gmail the endpoint is Google's servers. Stop being so damned rabid. /O
RE: zombied ypherpunks (Re: Email Certification?)
At 17:43 2005-04-29, you wrote: Eh...for email you may have a point, but I'm not 100% convinced. In other words, say they want to monitor your email account. Do you really believe they are going to tap all major nodes and then filter all the traffic just to get your email? ... Well, they could just tune in on Echelon, which really seems to be reality. There is no need for infinite resources to do such a thing. This is that whole, The TLAs are infinitely powerful so you might as well do nothing philosophy. And even though I might be willing to concede that they get all that traffic, one hand doesn't always talk to the other. there may be smaller branches on fishing trips accessing your email if they want. if one were able to monitor the email account for access, you'll at least force your TLA phisher into going through proper internal channels. He might actually get a no, depending on the cost vs risk. Here is the fundamental misunderstanding. Your email is no account. There are no place where your account is stored. The only thing that exists is an endpoint, where you receive your mail. Before the mail reaches that point, its's just TCP-packets on the wire. If the listener is on a mail router, you could possibly see a trace of it in the message header, but it's possible to rewrite that stuff to, so the only way to KNOW if someone reads your mail is to analyze the potential readers behaviour based on the information in your mail. /O
RE: zombied ypherpunks (Re: Email Certification?)
Eh...for email you may have a point, but I'm not 100% convinced. In other words, say they want to monitor your email account. Do you really believe they are going to tap all major nodes and then filter all the traffic just to get your email? This is that whole, The TLAs are infinitely powerful so you might as well do nothing philosophy. And even though I might be willing to concede that they get all that traffic, one hand doesn't always talk to the other. there may be smaller branches on fishing trips accessing your email if they want. if one were able to monitor the email account for access, you'll at least force your TLA phisher into going through proper internal channels. He might actually get a no, depending on the cost vs risk. Look...they aren't some super-Orwellian hyperorganized hive-mind. They're a big, fat bureaucracy full of big, fat bureaucrats. That's why they don't get real jobs! Look...a little tiny yap yap dog can often scare off a bigger dog or animal by making it clear that any interaction's going to suck. This isn't because the big dog couldn't ultimately kill the little dog, but because the big dog will realize it's just not worth it. -TD From: Morlock Elloi [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: zombied ypherpunks (Re: Email Certification?) Date: Thu, 28 Apr 2005 12:17:53 -0700 (PDT) I'm still having trouble understanding your threat model. Just assume braindeath and it becomes obvious. No tla with any dignity left would bother e-mail providers or try to get your password. All it need to do is fill gforms and get access to tapped traffic at major nodes (say, 20 in US is sufficient?). Think packet reassembly - filter down - store everything forever - google on demand. Concerned about e-mail privacy? There is this obscure software called 'PGP', check it out. Too complicated? That's the good thing about evolution, not everyone makes it. end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
RE: zombied ypherpunks (Re: Email Certification?)
On Fri, 2005-04-29 at 11:43 -0400, Tyler Durden wrote: Look...a little tiny yap yap dog can often scare off a bigger dog or animal by making it clear that any interaction's going to suck. For some reason I'm reminded of the old tagline: YIP! YIP! YAP! YIP! YAP! *BANG* [EMAIL PROTECTED] NO TERRIER -- Shawn K. Quinn [EMAIL PROTECTED]
RE: zombied ypherpunks (Re: Email Certification?)
Eh...for email you may have a point, but I'm not 100% convinced. In other words, say they want to monitor your email account. Do you really believe they are going to tap all major nodes and then filter all the traffic just to get your email? This is that whole, The TLAs are infinitely powerful so you might as well do nothing philosophy. And even though I might be willing to concede that they get all that traffic, one hand doesn't always talk to the other. there may be smaller branches on fishing trips accessing your email if they want. if one were able to monitor the email account for access, you'll at least force your TLA phisher into going through proper internal channels. He might actually get a no, depending on the cost vs risk. Look...they aren't some super-Orwellian hyperorganized hive-mind. They're a big, fat bureaucracy full of big, fat bureaucrats. That's why they don't get real jobs! Look...a little tiny yap yap dog can often scare off a bigger dog or animal by making it clear that any interaction's going to suck. This isn't because the big dog couldn't ultimately kill the little dog, but because the big dog will realize it's just not worth it. -TD From: Morlock Elloi [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: zombied ypherpunks (Re: Email Certification?) Date: Thu, 28 Apr 2005 12:17:53 -0700 (PDT) I'm still having trouble understanding your threat model. Just assume braindeath and it becomes obvious. No tla with any dignity left would bother e-mail providers or try to get your password. All it need to do is fill gforms and get access to tapped traffic at major nodes (say, 20 in US is sufficient?). Think packet reassembly - filter down - store everything forever - google on demand. Concerned about e-mail privacy? There is this obscure software called 'PGP', check it out. Too complicated? That's the good thing about evolution, not everyone makes it. end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
RE: zombied ypherpunks (Re: Email Certification?)
On Fri, 2005-04-29 at 11:43 -0400, Tyler Durden wrote: Look...a little tiny yap yap dog can often scare off a bigger dog or animal by making it clear that any interaction's going to suck. For some reason I'm reminded of the old tagline: YIP! YIP! YAP! YIP! YAP! *BANG* [EMAIL PROTECTED] NO TERRIER -- Shawn K. Quinn [EMAIL PROTECTED]