Re: Extradition, Snatching, and the Danger of Traveling to Other Countries
society, what can the regular person do to strike a blow in opposition to the direct attack on the Constitution and civil liberties and civil rights? Stop watching TV ? = end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com
Re: [IP] The TIA and fighting terrorism
-- Forwarded Message From: Marc Hedlund [EMAIL PROTECTED] Date: Tue, 10 Dec 2002 14:13:11 -0800 (PST) To: Dave Farber [EMAIL PROTECTED] Subject: The TIA and fighting terrorism We could be taking this approach, but we're not. We could be improving the ability of local law enforcement to detect terrorism -- but instead we're degrading that ability, since we're shifting the FBI's traditional crime-fighting work onto local resources. The one method that has actually prevented a terrorist attack on US soil is not being used, and is instead being inhibited. We are focusing on centralizing intelligence and resources when instead -- or at least in addition -- we should be decomposing, distributing, decentralizing. We could be seriously examining the contributions of U.S. behavior around the world to catalyzing asymmetrical warfare but we're not. We could be considering that the reason U.S. military are prime targets the world over for disgruntled foreigners is that we have armed forces in over 100 countries (mostly invited by friendly regimes on the dole who rarely find their own citizens supporting a U.S. presence). How many has Britain, France or Germany? When was the last time we heard of their troops being attacked outside of a war zone or former war zone? When was the last time you saw a British, French or German soldier walking down a U.S. street? If we want world peace we must work for world justice. I suggest we cannot simultaneously have empire, security and liberty. It is time to choose. steve
RE: Libel lunacy -all laws apply fnord everywhere
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 At 6:11 PM -0800 on 12/12/02, Lucky Green wrote: Agreed. A few years ago, some would advocate that on the Internet, no national laws apply. This was, of course, nonsense. Instead, every single national, regional, and local law in effect today anywhere in the world applies to anything you do to the extent that said law can be enforced. Everything illegal everywhere all the time. A legislative singularity akin to early modern discoveries in physics (the end of the geocentric universe) and engineering (peasant-fired projectile weapons making noble armor obsolete) once and forever violating the laws of god. The next trick will be to drive a stake into the heart of modern society's present mystification of identity and is-a-person credentials by moving money and financial assets, significantly cheaper than we do now, using systems that don't require identity at all to clear and settle transactions. Systems which are, paradoxically, cheaper *because* they're anonymous, or at least, identity agnostic, just like physics is religiously agnostic. If that works, sooner or later we'll have the technical equivalent of the thirty years' war, which only the ubiquitous and instantaneous application or threat of private, local, force will solve. The result will be a software/protocol Treaty of Westphalia, giving us actual markets for force instead of confiscatory monopolies for same. In the end, if necessary we'll know, absolutely, where *every*body is, and what they're doing, all the time, because we'll all be watching our *own* stuff, supervising our *own* property with our *own* equipment, like, um, god, meant us to do :-). But, paradoxically, because it'll be cheaper and more secure to do instantaneously-settled functionally anonymous transactions, we won't know, we won't *care* where anybody gets, spends, or invests their money, and we won't give damn about it because it works better than the Friedmanian mummenschantz(1) we currently call law and order. Markets will create better order than laws ever could. Cheers, RAH (1) See David Friedman's The Machinery of Freedom where he describes the finance of the modern nation state as this ceremonial game in which 50 people sit in a circle with a hundred pennies stacked in front of each person. The politician comes along, and with great pomp and circumstance (and two guys with guns on either side of him), takes everyone's pennies and dumps them into a fancy bowl. Then, at random, he stands in front of someone, and slowly, with great fanfare, counts off 50 pennies and gives them to the lucky recipient. After repeating this 49 more times without repeating anyone, the politician and his associates go off to the local pub and buy themselves a beer. The victims are left marvelling at all the free money they just got. -BEGIN PGP SIGNATURE- Version: PGP 8.0 - not licensed for commercial use: www.pgp.com iQA/AwUBPfldFsPxH8jf3ohaEQIdqwCg3KMwGcxZP+JiAFcq3/+GgPVMGbAAoJvX rMD2BLN0WvuZC8i7ZhBVu5Sc =YJy7 -END PGP SIGNATURE- -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA Every election is a sort of advance auction of stolen goods. -- H.L. Mencken
Re: Anonymous blogging
My Fellow Cypherpunks, My defense against getting overwhelmed with Cypherpunks list mail is to use Guan Sin Ong 's excellent archieve: http://www.inet-one.com/cypherpunks . I find this easy and I don't have to delete tons of mail. Yours Truly, Gary Jeffers
Re: Extradition, Snatching, and the Danger of Traveling to Other Countries
Anonymous wrote: On Thu, 12 Dec 2002 10:47:25 -0800, Tim May wrote: America used to disdain the secret trials, the Star Chamber proceedings so endemic in other parts of the world. Now we have them. We will reap what we sow. --Tim May Spot on. But what, if anything, do you think can be done to reverse this slide to Red White and Blue Stalinism with good PR? I trust you are not one of those who will prattle something like exercise your right to vote, or write your congressperson/MP, etc. In practical terms, in a surveillance society, what can the regular person do to strike a blow in opposition to the direct attack on the Constitution and civil liberties and civil rights? Do we need a program to oppose the progrom? Dear America, Yes, It's hard, but here's how. First, you can make comms unreadable. There are well-known ways to do this. Second, you can make comms untraceable. Ways to do this exist, and better ones are being developed*. Third, you can make comms available to everyone - the 'net might help here. If you don't choose to use these methods, the consequences are up to you. But secure comms alone will only provide you with useful information, by themselves they aren't enough; you need to vote. Lots of you. Nothing else really matters. To them, and you. -- Peter Fairbrother
Re: [MPUNKS] Cypherpunks December Mtg: HIGHFIRE Design Session
At 05:21 AM 12/13/2002 +, Peter Fairbrother wrote: Dave Del Torto wrote: Resumes should be in plain ASCII text format with a PGP signature (detached sigs are OK) and on floppy disk or CD-R also containing a copy of the applicant's PGP public key. Fuck off. If you think that a PGP key is good enough, you don't know the threats you are facing with GAK and the like. If you think a resume should be required... -- Peter Fairbrother He didn't say you needed a resume to get into the meeting; he said you needed it if you wanted to apply for a job so they can show the people they're asking for grant money that they've got a bunch of highly qualified people that are interested in working on the project. If it's like most projects, the resume is largely separate from whether everybody knows whether you write great code quickly, but it can be a hook to remind them who's interested. Personally, I like resumes to be in hand-written well-styled HTML :-)
XSS flaw found at https://www.e-gold.com (fwd)
-- Forwarded message -- Date: 10 Dec 2002 12:50:03 - From: Liu Die Yu [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: XSS flaw found at https://www.e-gold.com; i know bugtraq doesn't accept vulnerability on one site, but the following info is important; please suggest a forum for me to post. ===-- XSSatEGOLD-Content-Tech XSS flaw found at https://www.e-gold.com; technically, it's nothing new. XSS at E-gold is very dangerous. E-gold is one of the most popular way to do international business. and unlike credit card system, e-gold sent, it never comes back. there is no refund policy. so stealing passphrase means stealing real gold. it's important, so i take it seriously. [tested] browser:MSIEv6 time:2002/12/10 UTC+800 [demo] at http://www16.brinkster.com/liudieyu/XSSatEGOLD/XSSatEGOLD-MyPage.htm or http://clik.to/liudieyu ==XSSatEGOLD or [CODE.URL START] https://www.e-gold.com/acct/historycsv.asp? initial=1lt;SCRIPTgt;s=You_can_NOT_trust_this_page_if_you_got_if_from_a_ link.by_LiuDieYu_http://clik.to/liudieyu;w=window.open(https://www.e- gold.com/acct/login.html);setTimeout(w.document.write (s),150);lt;/SCRIPTgt;startmonth=12startday=4startyear=1996endmonth=12end day=4endyear=2003paymentsreceived=1oldsort=tstamppage=1 [CODE.URL END] [exp] technically, there is only one thing important for XSS attackers: some CGI can only be found when you are logged in, but they can be reached even if you are not logged in. of course, the module dealing with logged-in users is different from the one dealing with un-logged-in users. so, you have to test in both situations to ensure it's not XSS vulnerable. [contact] http://clik.to/liudieyu == how to contact liu die yu section [BTW] this flaw can be found easily with FASX at http://clik.to/fasx
[p2p-hackers] REMINDER: (SF Bay Area) South Bay PeerPunks meeting next Tuesday (fwd)
-- Forwarded message -- Date: Fri, 13 Dec 2002 09:11:30 -0800 (PST) From: James D. Levine [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [p2p-hackers] REMINDER: (SF Bay Area) South Bay PeerPunks meeting next Tuesday Just a friendly reminder -- next Tuesday 7pm onward in Mountain View. James -- The second monthly...er, semi-annual South Bay PeerPunks meeting will convene Tuesday December 17 - that's a week from next Tuesday at the time/place below. PeerPunks is just my clever name for the Silicon Valley contingent of p2p enthusiasts, hackers, well-wishers, etc. who can't make it up to Bram's monthly meeting in SF on a regular basis. Any and all are welcome, so please come and join in... If you don't know what I look like, just look for the guy in the red EFF Fair Use Has A Possee t-shirt. See you there and then. James Where: Dana Street Roasting Company 744 W Dana St, Mountain View,CA 94041 Phone: (650) 390-9638 This is just 1/2 block off Castro St. When: 7:00 pm onward, Tuesday December 17 -- ___ p2p-hackers mailing list [EMAIL PROTECTED] http://zgp.org/mailman/listinfo/p2p-hackers
RE: Extradition, Snatching, and the Danger of Traveling to Other Countries
Mike Rosing wrote: [...] When we can't vote, we can fight. So far the number of horror stories is small. But when everyone has a personal friend or relative that's been shot, abused, tortured or even just roughed up - then they'll know they might be next. And they might vote to change things. So from a purely machivellian perspective, the faster they become more repressive and the more people they harm, the faster things will change. We just have a few years of hell to go thru, that's all. Patience, persistence, truth, For the Russians, 'a few' was over 70. I hope for a non-violent restoration - this sort of thing could give the Libertarian Party legs, if they handled it right. Peter Trei
Re: [IP] The TIA and fighting terrorism
A couple of lessons from the 1990 news report below. First, the violation of law by high government officials illegally selling shoulder fired missiles and other arms to Iran, and using the illegal profits to fund the illegal state-supported terrorism against Nicaragua, is not punished, as usual (Poindexter won on appeal based on his claim that he wouldn't have been convicted except for testimony given to congress under a grant of immunity). Second, you need not face any public accountability and arms for hostages, and profits for terrorism in Nicaragua need not be a barrier, in fact it is a qualification, for building a big brother system to surveil US citizens (except of course those breaking the law at the behest of the government itself). WASHINGTON (UPI) -- John Poindexter, one of President Ronald Reagan's highest-ranking aides and the last of the original Iran- Contra defendants, was the first person sentenced to prison in the arms-for-hostages scandal. Poindexter, 53, who was Reagan's national security adviser, was sentenced to six months in jail Monday for masterminding the effort to cover up White House involvement in the Iran-Contra affair. U.S. District Judge Harold Greene said Poindexter should be imprisoned because he was ``the decision-making head of the Iran- Contra operation'' in the White House. Greene sentenced Poindexter to six months in prison on each of five felony counts, but allowed the sentences to run concurrently. Because of Poindexter's huge legal fees, the judge did not impose a fine. But the retired Navy rear admiral was required to pay a standard $50 court assessment for each of the five counts. Poindexter was convicted April 7 of conspiring to deceive Congress, making false statements to lawmakers and obstructing congressional inquiries into the Iran-Contra scandal. Although Poindexter is the last of the original Iran-Contra defendants, a special prosecutor is still investigating the case and new indictments are still possible. What Poindexter did when he lied to Congress was ``not a part of the normal political process,'' said Greene. The judge said Poindexter, Lt. Col. Oliver North and others in Reagan's White House tried to ``nullify'' a decision by Congress to cut off aid to the rebel Nicaraguan Contras. Congress is elected by the American people, Greene said, and its decisions cannot be ``nullified by appointed officials.'' Furthermore, he said, Poindexter and North ``engaged in the destruction of evidence on a large scale.'' Poindexter headed the White House effort to subvert Congress, Greene said, and a ``meaningful'' penalty was necessary to deter future activity by public officials. Poindexter stood stiffly as Greene imposed the sentence. But he smiled at his chief lawyer, Richard Beckler, who said he would appeal. Poindexter was accompanied by his wife, Linda, an Episcopal priest who wore her clerical collar, and his large legal team. He remained free, pending his appeal. Beckler had asked Greene not to send Poindexter to prison, saying ``he has served his country for 33 years'' and made no personal profit from his actions in the Iran-Contra scandal. ``The world is a somewhat different world today than it was when John Poindexter entered the White House,'' Beckler said. ``The world is safer,'' terrorism is on the decline and there are free elections in Eastern Europe, Beckler said. Before imposing the prison sentence, Greene asked Poindexter if he wanted to speak. Poindexter stood up and said softly, ``Your honor, I don't have any comment.'' Chief prosecutor Dan Webb asked Greene to put Poindexter behind bars, saying he and ``a very misguided and confused Marine lieutenant colonel'' -- North -- ``operated a private war in the nation of Nicaragua.'' They kept that war hidden from Congress, Webb said, through a deliberate campaign of lies, deception and obstruction. Webb also noted that Poindexter ``destroyed the single most important document in the case'' -- a document signed by Ronald Reagan authorizing a direct arms-for-hostages deal with Iran in an effort to free Americans held in Lebanon. Although Poindexter did not testify during his trial, he told Congress in nationally televised testimony during the summer of 1987 that he never told Reagan about the subsequent diversion of Iran arms sale profits to assist the Contras. Congress had banned such Contra aid. Poindexter said he destroyed the diversion document because it would cause grave political damage to Reagan. Webb later told reporters: ``We think the sentence imposed today by Judge Greene is a fair and proper sentence.'' Poindexter was the head of his class at the Naval Academy and had a brilliant Navy career until the Iran-Contra scandal erupted in November 1986. He faced a maximum possible sentence of 25 years in prison and $1.25 million in fines. Greene said he would have imposed a harsher sentence -- 21 to 27 months
RE: Extradition, Snatching, and the Danger of Traveling to Other Countries
On Fri, 13 Dec 2002, Trei, Peter wrote: For the Russians, 'a few' was over 70. I hope for a non-violent restoration - this sort of thing could give the Libertarian Party legs, if they handled it right. Agreed. And they may have not even need to handle it perfectly right, since the main theme of the Libertarians is to restore the Constitution. I certainly hope for a non-violent solution. Patience, persistence, truth, Dr. mike
Re: Extradition, Snatching, and the Danger of Traveling to Other Countries
On Fri, Dec 13, 2002 at 08:17:27AM -0800, Mike Rosing wrote: | All represive regiemes are short lived in a historical context. | Living thru them is hell. This one has already begun a rather | interesting hypocrisy - they say they support gun ownership, but | they have no problem with letting the courts say the opposite. | So far they are picking their targets small enough that the masses | aren't actually worried that they will be next. But to take total | control, they will have to scare the masses in a more effective way. | And it's unlikely that they will be able to scare them into | giving up weapons. And that's the point of an armed citizenry, | to overthrow represive regiems. | | When we can't vote, we can fight. So far the number of horror | stories is small. But when everyone has a personal friend or | relative that's been shot, abused, tortured or even just roughed | up - then they'll know they might be next. And they might vote to change | things. So from a purely machivellian perspective, the faster | they become more repressive and the more people they harm, | the faster things will change. | | We just have a few years of hell to go thru, that's all. Your comments remind me greatly of the Gulag Archipeligo, especially the bits about those crushed early after the revolution. -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Extradition, Snatching, and the Danger of Traveling to Other Countries
Spot on. But what, if anything, do you think can be done to reverse this slide to Red White and Blue Stalinism with good PR? I trust you are not one of those who will prattle something like exercise your right to vote, or write your congressperson/MP, etc. In practical terms, in a surveillance society, what can the regular person do to strike a blow in opposition to the direct attack on the Constitution and civil liberties and civil rights? Do we need a program to oppose the progrom? See Gilmore's proposal. Consider the meaning of reverse-panopticon. Find federal employees and let them know we're watching you but don't identify we. Publish public info. Do this for executives in firms that pander to the Evil. Not just e.g., Ellison ---there are more next-level-down underlings who might just live in your neighborhood. Anyone got ideas for a neighborhood watch type sticker which expresses the reverse-panopticon visually?
Re: Extradition, Snatching, and the Danger of Traveling to Other Countries
On Fri, 13 Dec 2002 06:43:53 +, you wrote: If you don't choose to use these methods, the consequences are up to you. But secure comms alone will only provide you with useful information, by themselves they aren't enough; you need to vote. Lots of you. Nothing else really matters. To them, and you. -- Peter Fairbrother Vote? Are you kidding? OK, here is your task. Since all but one member of congress voted FOR the USA PATRIOT ACT, exactly what party or what candidates do you suggest be elected in support of civil liberties in the US? You don't seem to get this. Or on Iraq, the democrat and republican leadership, and the republican and democrat majority in both houses of congress voted for the carte blanche Iraq war resolution. Exactly who is a voter to vote for if he prefers peace, or going after real threats like North Korea instead of just tyrants that pissed off W's daddy? We can always pretend we actually have a choice by voting for the democrat who wants to wiretap you, instead of the republican that wants to wiretap you. Our choice is not whether or not to get wiretapped, rather it is to select the administration that wiretaps us. Ah, DEMOCRACY!
Re: Extradition, Snatching, and the Danger of Traveling to Other Countries
On Fri, 13 Dec 2002, Anonymous wrote: Interesting approach. But exactly how does that hinder the FBI demanding a booksellers customer list, or a library's patron check out record, or a black bag job on a personal computer, or thousands of CALEA taps, or the Total Information Awareness project, or the process of designating a US citizen as an enemy combatant, or the suspension of habeas corpus, etc. I was not aware that simple management of my own eyeballs could have such dramatic, widespread, external effects on gangs of thugs with guns and high tech surveillance gear all carrying a do-whatever-you-like, get-out-of-jail-free card from the US Congress, and essentially no oversight. Is this kind of like mind control, or what? All represive regiemes are short lived in a historical context. Living thru them is hell. This one has already begun a rather interesting hypocrisy - they say they support gun ownership, but they have no problem with letting the courts say the opposite. So far they are picking their targets small enough that the masses aren't actually worried that they will be next. But to take total control, they will have to scare the masses in a more effective way. And it's unlikely that they will be able to scare them into giving up weapons. And that's the point of an armed citizenry, to overthrow represive regiems. When we can't vote, we can fight. So far the number of horror stories is small. But when everyone has a personal friend or relative that's been shot, abused, tortured or even just roughed up - then they'll know they might be next. And they might vote to change things. So from a purely machivellian perspective, the faster they become more repressive and the more people they harm, the faster things will change. We just have a few years of hell to go thru, that's all. Patience, persistence, truth, Dr. mike
Re: Extradition, Snatching, and the Danger of Traveling to Other Countries
On Fri, 13 Dec 2002, Anonymous wrote: Vote? Are you kidding? OK, here is your task. Since all but one member of congress voted FOR the USA PATRIOT ACT, exactly what party or what candidates do you suggest be elected in support of civil liberties in the US? You don't seem to get this. Or on Iraq, the democrat and republican leadership, and the republican and democrat majority in both houses of congress voted for the carte blanche Iraq war resolution. Exactly who is a voter to vote for if he prefers peace, or going after real threats like North Korea instead of just tyrants that pissed off W's daddy? We can always pretend we actually have a choice by voting for the democrat who wants to wiretap you, instead of the republican that wants to wiretap you. Our choice is not whether or not to get wiretapped, rather it is to select the administration that wiretaps us. Ah, DEMOCRACY! There are more choices than that. It just takes a while for the masses to figure that out. When there are no choices, then we can fight with weapons. For now, words are sufficient. Patience, persistence, truth, Dr. mike
Re: Extradition, Snatching, and the Danger of Traveling to Other Countries
On Thu, 12 Dec 2002 20:01:05 -0800 (PST), you wrote: society, what can the regular person do to strike a blow in opposition to the direct attack on the Constitution and civil liberties and civil rights? Stop watching TV ? Interesting approach. But exactly how does that hinder the FBI demanding a booksellers customer list, or a library's patron check out record, or a black bag job on a personal computer, or thousands of CALEA taps, or the Total Information Awareness project, or the process of designating a US citizen as an enemy combatant, or the suspension of habeas corpus, etc. I was not aware that simple management of my own eyeballs could have such dramatic, widespread, external effects on gangs of thugs with guns and high tech surveillance gear all carrying a do-whatever-you-like, get-out-of-jail-free card from the US Congress, and essentially no oversight. Is this kind of like mind control, or what?
[e-gold-list] Announcing Seagold.net: E-mail Privacy, Secure, Encrypted, accepts e-gold
...It had to happen sooner or later, I suppose... Cheers, RAH -- --- begin forwarded text Status: RO From: [EMAIL PROTECTED] To: e-gold Discussion [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: [e-gold-list] Announcing Seagold.net: E-mail Privacy, Secure, Encrypted, accepts e-gold Date: Fri, 13 Dec 2002 00:37:03 + (UTC) CONCERNED ABOUT EMAIL PRIVACY? In these increasingly troubled times where personal and financial privacy is at the forefront of our minds, we must search for viable solutions. Seagold.net offers that very solution: Private Email with the Power of 2 Introducing Seagold.net, a secure web-based email service located in the Principality of Sealand, outside the jurisdiction of any government on earth! * Read and compose emails securely from anywhere on the planet using any SSL-enabled web browser * Encrypt messages with pass phrases using PGP or GPG * Store messages securely on the Sealand platform in the North Sea, where there will never be a Carnivore * Chat securely using 128-bit SSL encryption * Secure Message Boards * User's actual ISP is masked from recipients, all outgoing messages originate from Sealand. * Reduce the threat of viruses with a system wholly based on OpenSource Linux, Java, and Apache technology * Protect your privacy with 100% anonymous accounts * Use and refer the service and receive monthly residual commissions. * Seagold accepts e-gold for payment and pays commissions in e-gold. * Try it for free for 30 days! (you will need a sponsor Id number in order to sign up for the free 30 day trial membership. Please use the system sponsor ID # 1 if you do not have a sponsor). https://sealand.seagold.net http://seagold.net What is Seagold.net? Seagold.net is a secure web-based email platform. It works with your browser to utilize high-quality 128-bit SSL encryption so that you can view, manage, and compose messages over a secure connection. All of your email messages are stored on our server based on Sealand, a premiere international secure data haven located in the territory of the Principality of Sealand near London, England, which is outside the boundaries of any other recognized nation. (See www.havenco.com for more information about Sealand.) Seagold.net is a members-only service, marketed through a network marketing referral program using a 2x10 matrix. Members recieve hassle-free secure web based email account for $25 per month, together with the opportunity to earn significant referral commission income from referring new members. Seagold is a friends-and-family business; absolutely no email spamming is tolerated to promote Seagold memberships. Seagold exclusively utilizes e-gold to receive payments from and pay referral commissions to its members. Seagold is run by an international business company, BRHS, Ltd., domiciled in St. Vincent and the Grenadines. Seagold runs exclusively on top of Linux, Java, Apache, and other Open Source technologies. It is 100% Microsoft-free. Seagold is a completely international operation, of the Internet, by the Internet, and for the Internet. Wishing you Peace, Prosperity and Privacy, The Seagold Group https://sealand.seagold.net --- You are currently subscribed to e-gold-list as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] Use e-gold's Secure Randomized Keyboard (SRK) when accessing your e-gold account(s) via the web and shopping cart interfaces to help thwart keystroke loggers and common viruses. --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: [IP] The TIA and fighting terrorism
And this from a 1987 post: Current online database vendors like Dialog and Mead Data Central are already foreshadowings (albeit extremely primitive) of a GHA. It is interesting to recall that under the reign of John Poindexter, of Irangate fame, the NSC was seeking to gain legal access to the records of these companies, which store sensitive information about the search targets and patterns of their users. As I recall, the NSC was denied legal access by Congress, but then there is always the problem of illegal access, which is relatively trivial to accomplish wholesale by intercepting telecommunications. see google...
Re: Gilmore's response
On Fri, Dec 13, 2002 at 10:15:22AM -0800, Steve Schear wrote: | At 12:43 PM 12/13/2002 -0500, you wrote: | Gilmore's legal response to secret laws, etc. | | http://cryptome.org/gilmore-v-usa-god.htm | | I have a possible trip coming up soon. I intend to have my tickets | purchased by a third party and fly under an assumed name (maybe Tyler | Durden ;-) I will carry no ID on my person. Perhaps there is now a need to | have large numbers of refusnik travelers assume the same nom de avion | identity. Sort of like the Killroy in WW II. Let us know how it goes. Duncan would doubtless argue that there are already large numbers of travellers using assumed names, including migrant mexican workers, US government employees, terrorists, actors and actresses, etc. The immigration laws have done a good job of making it easy to get quality secondary id. The response of the apparatchiks is to increase the penalties until we're all cowed, like they did in the old war on drugs. Adam PS: Current news in Canada includes the gun registry having undergone a 12x cost overrun, and its not clear what will happen to it. A large reason for the overruns have been people making mistakes in filling out the complex forms, and thus slowing down implementation. http://cbc.ca/stories/2002/12/12/guns011212 I think its time for me to go get a gun permit, and help the proces along. -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Gilmore's response
At 12:43 PM 12/13/2002 -0500, you wrote: Gilmore's legal response to secret laws, etc. http://cryptome.org/gilmore-v-usa-god.htm I have a possible trip coming up soon. I intend to have my tickets purchased by a third party and fly under an assumed name (maybe Tyler Durden ;-) I will carry no ID on my person. Perhaps there is now a need to have large numbers of refusnik travelers assume the same nom de avion identity. Sort of like the Killroy in WW II. steve
Re: Extradition, Snatching, and the Danger of Traveling to Other Countries
Interesting approach. But exactly how does that hinder the FBI demanding a booksellers customer list, or a library's patron check out record, or a black bag job on a personal computer, or thousands of CALEA taps, or the Total Information Awareness project, or the process of designating a US citizen as an enemy combatant, or the suspension of habeas corpus, etc. I was not aware that simple management of my own eyeballs could have such dramatic, widespread, external effects on gangs of thugs with guns and high tech surveillance gear all carrying a do-whatever-you-like, get-out-of-jail-free card from the US Congress, and essentially no oversight. Is this kind of like mind control, or what? Do not underestimate the power of detox. Guns et al are just symbols, 99.999% of proles are kept at bay with software. It is economically unfeasible to use hardware for that. Take a look at happenings in the last decade in europe - anti-comm uprisings had one and only one focal point - TV stations. They live. = end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com
A Few Words About Palladium
According to the message below, Palladium will not include a serial number revocation list, document revocation list, or similar mechanism to delete pirated music and other unauthorized content. These claims have been made most vocally by Ross Anderson in his TCPA FAQ, http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html, and by Lucky Green in his DefCon presentation, http://www.cypherpunks.to/. Instead, the point of Palladium is to create a decentralized, trusted computing base... whose integrity can be audited by anyone. This is accomplished, as has been discussed at length here and elsewhere, by hardware which can compute a secure hash of software as it loads, and which can attest to this hash via cryptographic signatures sent to remote systems. This functionality allows software to prove to third parties that it is running unmolested, which is the basic functionality provided by Palladium. Unfortunately, the exaggerated and misleading claims in the links above are accepted as truth by most readers, and a false picture of Palladium is virtually universal on the net. Isn't it time for security experts to take a responsible position on this technology, and to speak out against the spread of these falsehoods? A Few Words About Palladium By John Manferdelli, General Manager, Trusted Platform Technologies, Microsoft Corporation As you may know, I spent some time on the road in the UK in November. During my visit, I had the chance to meet some of you at the Meet the Technologists breakfast at the Microsoft Campus in Reading. Thanks to those of you who were able to attend. It was a great chance to engage in frank discussions about some of the more controversial topics surrounding Palladium. One of the issues we discussed was whether Palladium would include mechanisms that would delete pirated music or other content under remote control or otherwise disable or censor content, files, or programs running on Windows. The truth is, Palladium will not disable any content or file that currently runs. Palladium was designed so that no policy will be imposed that is not approved by the user. Microsoft is firmly opposed to putting policing functions into Palladium and we have no intention of doing so. The machine owners - whether an individual or enterprise - have sole discretion to determine what programs run under Palladium. Programs that run under Palladium, just like programs that run under Windows, will do whatever they are allowed to do, based on the security settings on the user's machine. Palladium not only respects existing user controls, it strengthens them. What Palladium does change is the ability for software to be protected from other software. Palladium will enable and safeguard a decentralized trusted computing base on open systems. These security-oriented capabilities in Windows will be enabled by a relatively small change in hardware, and will help transform the PC into a platform that can perform trusted operations that span multiple computers under a trust policy that can be dynamically created and whose integrity can be authenticated by anyone. In addition, it will preserve the flexibility and extensibility that contributes so much to the entire PC ecosystem. I hope to have an opportunity to meet more of you in the New Year. We'll keep you posted about Palladium-related industry events and other Meet the Technologist opportunities. Happy holidays! - John Manferdelli P.S. While I was in London, I also had the opportunity to speak about Trustworthy Computing and the Palladium initiative at the Trusted Computing Masterclass in London. The event included participants from Hewlett Packard Labs, Red Hat, and Cambridge University, among others. You can read more about the event at www.netproject.com.
Re: Gilmore's response
On Fri, Dec 13, 2002 at 10:54:06AM -0800, Marshall Clow wrote: | At 1:38 PM -0500 12/13/02, Adam Shostack wrote: | PS: Current news in Canada includes the gun registry having undergone | a 12x cost overrun, and its not clear what will happen to it. A large | reason for the overruns have been people making mistakes in filling | out the complex forms, and thus slowing down implementation. | http://cbc.ca/stories/2002/12/12/guns011212 | | I think its time for me to go get a gun permit, and help the proces | along. | | Adam - | | The article that you linked to claims that the projected cost of the | gun registry was $2 million, and the actual cost was (so far) $680 million. | | That's a bit more than 12x :-) Yeah, that was a marketing claim as they put the program forward, as I recall. The original budgeted number was 85 million, and current projections are that it will cost upwards of a billion to complete. Of course, I could be totally off. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: A Few Words About Palladium
On Fri, 13 Dec 2002, Nomen Nescio wrote: According to the message below, Palladium will not include a serial number revocation list, document revocation list, or similar mechanism to delete pirated music and other unauthorized content. These claims have been made most vocally by Ross Anderson in his TCPA FAQ, http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html, and by Lucky Green in his DefCon presentation, http://www.cypherpunks.to/. Instead, the point of Palladium is to create a decentralized, trusted computing base... whose integrity can be audited by anyone. This is accomplished, as has been discussed at length here and elsewhere, by hardware which can compute a secure hash of software as it loads, and which can attest to this hash via cryptographic signatures sent to remote systems. This functionality allows software to prove to third parties that it is running unmolested, which is the basic functionality provided by Palladium. Unfortunately, the exaggerated and misleading claims in the links above are accepted as truth by most readers, and a false picture of Palladium is virtually universal on the net. Isn't it time for security experts to take a responsible position on this technology, and to speak out against the spread of these falsehoods? All of this is speculation until the system is actually implemented. The questions are Who do you trust? and Do their interests coincide with yours?. I do not trust Microsoft as far as I can throw them. They have demonstrated in the past that security for them means the check cleared. There have been too many holes, backdoors, and outright sabotage of competitors that they have lost any credibility with me. And since they are unwilling to publish source, the code is suspect from the start. (I doubt if they will let a third party that i trust audit the software without 42 levels of NDAs and a lein on their immortal souls.) There are other projects to insure that the software running at the kernel level is authorised via cryptographic checksums. (Both in BSD and in Linux.) What users are (rightfully) afraid of is that this is yet another effort to remove control from the users over what software they can use and how they can use it. Microsoft has already used this method to control just what types of protocols and video drivers could be used under Windows terminal server. (You had to have the app sighed by Microsoft in order to run and they wouldn't sign certain compeating protocols.) This method was bypassed by some interesting hackery, BTW. (Thou shalt not split thy open calls.) So far the only examples we have is that of Microsoft's past behaviour. It is not oriented for your security or mine, but of theirs. The fear is justified. (And ancient.) A Few Words About Palladium By John Manferdelli, General Manager, Trusted Platform Technologies, Microsoft Corporation As you may know, I spent some time on the road in the UK in November. During my visit, I had the chance to meet some of you at the Meet the Technologists breakfast at the Microsoft Campus in Reading. Thanks to those of you who were able to attend. It was a great chance to engage in frank discussions about some of the more controversial topics surrounding Palladium. One of the issues we discussed was whether Palladium would include mechanisms that would delete pirated music or other content under remote control or otherwise disable or censor content, files, or programs running on Windows. The truth is, Palladium will not disable any content or file that currently runs. Palladium was designed so that no policy will be imposed that is not approved by the user. Microsoft is firmly opposed to putting policing functions into Palladium and we have no intention of doing so. The machine owners - whether an individual or enterprise - have sole discretion to determine what programs run under Palladium. Programs that run under Palladium, just like programs that run under Windows, will do whatever they are allowed to do, based on the security settings on the user's machine. Palladium not only respects existing user controls, it strengthens them. What Palladium does change is the ability for software to be protected from other software. Palladium will enable and safeguard a decentralized trusted computing base on open systems. These security-oriented capabilities in Windows will be enabled by a relatively small change in hardware, and will help transform the PC into a platform that can perform trusted operations that span multiple computers under a trust policy that can be dynamically created and whose integrity can be authenticated by anyone. In addition, it will preserve the flexibility and extensibility that contributes so much to the entire PC ecosystem. I hope to have an opportunity to meet more of you in the New Year. We'll keep you posted about Palladium-related industry
Re: [MPUNKS] Cypherpunks December Mtg: HIGHFIRE Design Session
On Fri, 13 Dec 2002, Peter Fairbrother wrote: Dave Del Torto wrote: Resumes should be in plain ASCII text format with a PGP signature (detached sigs are OK) and on floppy disk or CD-R also containing a copy of the applicant's PGP public key. Fuck off. You don't need to worry about this anyway, Peter. It is doubtful that an organization such as CryptoRights would hire cypherpunks, given its scope of political activities and its association with fascist single world governments. See: http://www.mail-archive.com/cypherpunks@lne.com/msg00052.html and: http://www.wired.com/news/culture/0,1284,46035,00.html
Re: Gilmore's response
At 1:38 PM -0500 12/13/02, Adam Shostack wrote: PS: Current news in Canada includes the gun registry having undergone a 12x cost overrun, and its not clear what will happen to it. A large reason for the overruns have been people making mistakes in filling out the complex forms, and thus slowing down implementation. http://cbc.ca/stories/2002/12/12/guns011212 I think its time for me to go get a gun permit, and help the proces along. Adam - The article that you linked to claims that the projected cost of the gun registry was $2 million, and the actual cost was (so far) $680 million. That's a bit more than 12x :-) -- -- Marshall Marshall Clow Idio Software mailto:[EMAIL PROTECTED] Hey! Who messed with my anti-paranoia shot?