Re: vulnerability analysis
On Sat, 15 Mar 2003, Major Variola (ret) wrote: What happens when you fly a low-fuel high speed 727 into a biosafety level 4 containment facility? It will be reduced to rubble. Most of those inside will get killed. Sterile containments will be breached. Negligible amounts of pathogens will be released. There's a low probability it will result in those pathogens actually infecting people in the vicinity (I presume the firefighters will be instructed accordingly). The probability of an actual runaway infection is indistinguishable from zero -- it's a research facility, not munition depot. Probable answer: not in the threat model considered during design, so it can't happen.
Re: Orwell's Victory goods come home
On Sat, 15 Mar 2003 18:12:19 -0600, you wrote: On Saturday 15 March 2003 12:55 pm, Anonymous via the Cypherpunks Tonga Remailer wrote: On Sat, 15 Mar 2003 14:25:51 +, you wrote: So which American on the list is going to write to Congress to demand that the Statue of Liberty be sent back to France? Ken It really should go back to France, as the US seems to care less about liberty than when it received that gift, and France now has quite a profile of opposing foreign domination (from the US) over its policies and interests. So far as I can tell tell, the US approach to other nations is essentially shut up and do what we tell you to do if you love freedom. Americans tend to also forget that the French provided a lot of support for the colonies during the American Revolution. Without the fleet of Admiral Comte de Grasse at Yorktown, and the assistance of the Marquis de Lafayette, the revolution would have surely been lost and Washington, Jefferson, Franklin, Adams, Madison and the rest would have hanged at London Tower. Maybe we would be more accurate to consider our role for the French in WW1 and 2 to be in compensation for our freedom from the British.
Re: vulnerability analysis
At 06:17 PM 03/15/2003 -0800, Major Variola (ret) wrote: What happens when you fly a low-fuel high speed 727 into a biosafety level 4 containment facility? Probable answer: not in the threat model considered during design, so it can't happen. I thought Air Force 1 was a 747 these days?
Western Corporations That Supplied Iraq's Weapons Program
http://www.thememoryhole.org/corp/iraq-suppliers.htm War is just a racket ... something that is not what it seems to the majority of people. Only a small group knows what its about. It is conducted for the benefit of the very few at the expense of the masses. --- Major General Smedley Butler, 1933
It's _still_ So very 1992
Things have been quiet here for a few months (arguably for a few years...), and yet the need for our technologies has never been greater. Things are grimmer now than they were in 1992-3, those dark years when Clipper was to be deployed. And yet back then there was no Fatherland Security, no perpetual war, no roving wiretaps and no need for warrants, no secret trials (well, not many), no wholesale gutting of the Bill of Rights. Here on the list, we have always had subscribers rotating through. Gone are most of the daily posters from the mid-90s. In their place, a new batch. Through several cycles. I was reminded today of what things were like then, even when the Threat Level was a soothing blue compared to what it is today (and what it may be very soon, when the Rolling Thunder Review goes on tour in Iraq, Iran, North Korea, and France). Reminded today by rereading Julian Dibbell's nice essay on steganography and Osama.. Here it is: http://www.juliandibbell.com/texts/feed_stego.html Perhaps it was because things were new back then (*), but journalists then were interested in describing these ideas to their readers. Steven Levy, Kevin Kelley, Julian Dibbell, and a few others wrote some good pieces. (* Not so new to some of us. Most of what Dibbell wrote about was pretty clear to me in 1987-88, when a lot of these ideas got developed.) Today, there is much less such writing. I'm not sure why. I did buy the 10th Anniversary of Wired, partly because I recognized the picture on the cover (!). I haven't opened it yet (been several days), as I just haven't been finding exciting stuff in it for, oh, the past nine years. (What I count as exciting is the fiction of Greg Egan, the monthly column by John Baez, and some implications of category and topos theory...see my articles from last summer for more details.) I wish some of the dozen or so newcomers here would write something interesting. --Tim May The Constitution is a radical document...it is the job of the government to rein in people's rights. --President William J. Clinton
Re: Identification of users of payphones
At 08:03 PM 3/14/03 -0800, Tim May wrote: ... They could be round, for easy handling. And milled for evidence of having been shaved. They could even be made of precious metals for high-value coins, and of base and inexpensive metals for low-value coins. Have you filed for the patent, yet? --Tim May That government is best which governs not at all. --Henry David Thoreau --John Kelsey, [EMAIL PROTECTED]
Pneumonia versus face recognition
As things are never purely good and bad, the outbreak of new killer pneumonia offers some hope in countering the proliferating camera surveillance system. In Japan, it's common to wear a face-mask similar to the kind surgeons have during outbreaks of flu and during the cold season. The current airborne infection threat, if properly hyped and spinned (the sensationalist lust of the mainstream media could be helpful here) could cause it to be common in Western cultures as well. Once wearing a face mask becomes common, the efficiency of face-recognition based surveillance/identification systems will get qutie reduced. Opinions, comments?
Re: Brumley Boneh timing attack on OpenSSL
Bill Stewart [EMAIL PROTECTED] writes: Schmoo Group response on cryptonomicon.net http://www.cryptonomicon.net/modules.php?name=Newsfile=articlesid=263mode=order=0thold=0 Apparently OpenSSL has code to prevent the timing attack, but it's often not compiled in (I'm not sure how much that's for performance reasons as opposed to general ignorance?) I had blinding code included in my crypto code for about 3 years, when not a single person used it in all that time I removed it again (actually I think it's probably still there, but disconnected). I'm leaning strongly towards general ignorance here... Peter.
RE: Brinwear at Benetton.
On Fri, 14 Mar 2003, Trei, Peter wrote: You're not thinking this through. As the item goes through the door (in either direction) the check is made Is this individual tag on this store's 'unsold inventory' list?. If so, raise the alarm. The tags are not fungible; they each have a unique number. When you purchase an item, it's tag number is transfered from the 'unsold inventory' list to the 'Mike Rosing' list, or, if no link to a name can be found, 'John Doe #2345'. I hope you're right because the amount of engineering work that will be required to make this work is huge! That's a lot of job security for EE's. As you walk up to the counter, the tag in your jockey shorts is read, and you are greeted by name, even if you've never been in that store before. And who's going to pay for that info? The tag is made by TI, but the store you walk into buys from Phillips. That means the reader has to recognize all the standards (and there aren't any right now, so it has to recognize every individual frequency and data stream). Then there has to be some kind of _central_ database that *everyone* has access to. You can't determine who the customer is if they aren't in your database, so a centralized database would make sense. The bandwidth on that is going to be a nightmare. What's more, for stock control, they have 'smart shelves', so they can also say 'Mary, go get some more black hipster jeans in 34x34 and put them out - the shelf says it's empty. Yeah, that's easy. It's still within the store's control As for RFID tags vs bar codes - you missing out the labor cost differential - RFID tags can be read by a fixed reader at several feet, while bar codes must be indvidually scanned. Yeah, and it takes a second or 2 to find the bar code. That's got to cost a few pennies doesn't it :-) The tag cost is already down to under a dime. When it's under a nickle, these things will be in everything. Think about them in books. Our library already has a tagging system. You put your card down and the bar code on it gets read, then slide the book barcode over it and the book is checked out, assuming you don't have any fines. So it's already in place. But for those who have a clue, mylar is going to be very popular :-) Patience, persistence, truth, Dr. mike
Re: [1st amend] NYT: MTV refuses antiwar commercial
As deplorable and heinous as MTV's actions are, go back and read the 1st Ammendment. MTV is not a government run channel. The 1st doesn't apply to it. Now - if say Fox News - who claims to be Fair and Balanced refused it, while accepting - say US Army/Navy/Marines ads, etc. that might be an interesting development. But it still wouldn't fall under the 1st. --Kaos-Keraunos-Kybernetos--- + ^ + :NSA got $20Bil/year |Passwords are like underwear. You don't /|\ \|/ :and didn't stop 9-11|share them, you don't hang them on your/\|/\ --*--:Instead of rewarding|monitor, or under your keyboard, you \/|\/ /|\ :their failures, we |don't email them, or put them on a web \|/ + v + :should get refunds! |site, and you must change them very often. [EMAIL PROTECTED] http://www.sunder.net On Fri, 14 Mar 2003, Major Variola (ret) wrote: What are the issues when media doesn't take ads? Private media (e.g., a newspaper, a web site) can't be compelled to say, or not say, anything by the state, and so can freely exercise arbitrary editorial control over adverts. What about when the medium is a State-granted monopoly of a resource like RF spectrum? Or cable infrastructure?Should *these* media channels be *compelled* to accept any privately-funded ads, first come first served, *because* of this State-granted monopoly? MTV refuses antiwar commercial http://www.nytimes.com/2003/03/13/business/media/13ADCO.html?ex=1048573024ei=1en=292aa6fe6f1edbc8
Re: Fatherland Security measures more important than Bennetton tags!
Right, which is why I said the following: If you don't buy your Metrocard with cash... and Of course face-card links aren't card-identity links, but if you're wanted, they're more than good enough. Please DO read the entire message before needlessly replying. --Kaos-Keraunos-Kybernetos--- + ^ + :NSA got $20Bil/year |Passwords are like underwear. You don't /|\ \|/ :and didn't stop 9-11|share them, you don't hang them on your/\|/\ --*--:Instead of rewarding|monitor, or under your keyboard, you \/|\/ /|\ :their failures, we |don't email them, or put them on a web \|/ + v + :should get refunds! |site, and you must change them very often. [EMAIL PROTECTED] http://www.sunder.net On Mon, 17 Mar 2003, Tyler Durden wrote: This ain't Singapore, now...it's NYC. You can (and always will) be able to buy a Metrocard with cash at the remaining token booths. And while I'd bet many have cameras (for anti-token booth-type crime, including setting the booth on fire), I really doubt they'd be able to accurately track an individual that didn't want to be tracked. Unlike, say Hong Kong, you don't swipe your card to leave the system...you only swipe upon entry. And you can have as many cards as you want. And then, there are still many unattended exit points that have no cameras (and in many of those remote points, the installation of cameras would eventually be met with graffitti or vandalism). The NYC subway system is just too big to monitor. Which leads me to a mini-rant. NYC has been described as statist by some on this list, but despite the laws and whatnot, in many ways its fairly anarchic out here. Cops tend to leave you alone unless you're robbing or killing somebody. Other than that, for the most part its don't ask/don't tell. Prostitution is left alone unless the locals raise enough fuss over it. Drugs get the occsional bust, but the vast majority are left alone if its discrete. Now don't get me wrong...there are plenty of exceptions. And if you f with the cops, your going to get your ass kicked. But keep a low profile, don't screw with anybody that doesn't want to be screwed with, and you can do almost whatever you want. (Even taxes aren't a problem if you're willing to deal with the hassles of avoiding paying...) -TD From: Sunder [EMAIL PROTECTED] To: stuart [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Fatherland Security measures more important than Bennetton tags! Date: Mon, 17 Mar 2003 12:08:41 -0500 (est) Some of this is already in place. If you don't buy your Metrocard with cash, they have records of who you are. It's basically an ATM that takes ATM cards, credit cards (and some take cash also.) If you pay the machine by cash, you can be sure your face is linked to your Metrocard - since it's an ATM, they have to record who uses it. If you've signed up for the Mail Ride thing for the LIRR, they've got your metrocard linked already. Not sure about the booths, wouldn't surprise me though. You can still buy preset cards from newsstands - YMMV. Also, don't forget that each metrocard has it's own serial number. If you're not just a casual user, they can figure out around where you live because you use it twice. Once from home, once from work. Further, if you take them up on their offer to refresh the amount there - which they try to get you to do by making it so you always have a few extra cents left over on the card, there's another chance you might just use a credit card, etc... If there are cameras near the turnstyles, it's easy to spot who swiped which card and where they go based on timestamps. Of course face-card links aren't card-identity links, but if you're wanted, they're more than good enough. --Kaos-Keraunos-Kybernetos--- + ^ + :NSA got $20Bil/year |Passwords are like underwear. You don't /|\ \|/ :and didn't stop 9-11|share them, you don't hang them on your/\|/\ --*--:Instead of rewarding|monitor, or under your keyboard, you \/|\/ /|\ :their failures, we |don't email them, or put them on a web \|/ + v + :should get refunds! |site, and you must change them very often. [EMAIL PROTECTED] http://www.sunder.net On Sat, 15 Mar 2003, stuart wrote: What's to link? All that can be linked is that a metrocard was bought in one place, be it a subway station, deli or whatever, and then used somewhere else, the subway or bus. Hundreds of metrocards are bought at every station every day, used once, and tossed in the trash. (Actually, most of them get tossed on the train tracks.) All that can be linked is that one anonymous person, along with dozens of others, bought a metrocard and got on the subway a few minutes later, and then vanished into the crush.
Re: Fatherland Security measures more important than Bennetton tags!
Well, i thought that the general gist of your post was that in many cases it would be possible to determine the comings and goings of CitizenUnit A in the New York City subway system. My needless reply was to voice some scepticism on this in the general case, and to disagree in the case of someone who really doesn't want to be tracked taking the subways. -TD From: Sunder [EMAIL PROTECTED] To: Tyler Durden [EMAIL PROTECTED] CC: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: Fatherland Security measures more important than Bennetton tags! Date: Mon, 17 Mar 2003 14:27:43 -0500 (est) Right, which is why I said the following: If you don't buy your Metrocard with cash... and Of course face-card links aren't card-identity links, but if you're wanted, they're more than good enough. Please DO read the entire message before needlessly replying. --Kaos-Keraunos-Kybernetos--- + ^ + :NSA got $20Bil/year |Passwords are like underwear. You don't /|\ \|/ :and didn't stop 9-11|share them, you don't hang them on your/\|/\ --*--:Instead of rewarding|monitor, or under your keyboard, you \/|\/ /|\ :their failures, we |don't email them, or put them on a web \|/ + v + :should get refunds! |site, and you must change them very often. [EMAIL PROTECTED] http://www.sunder.net On Mon, 17 Mar 2003, Tyler Durden wrote: This ain't Singapore, now...it's NYC. You can (and always will) be able to buy a Metrocard with cash at the remaining token booths. And while I'd bet many have cameras (for anti-token booth-type crime, including setting the booth on fire), I really doubt they'd be able to accurately track an individual that didn't want to be tracked. Unlike, say Hong Kong, you don't swipe your card to leave the system...you only swipe upon entry. And you can have as many cards as you want. And then, there are still many unattended exit points that have no cameras (and in many of those remote points, the installation of cameras would eventually be met with graffitti or vandalism). The NYC subway system is just too big to monitor. Which leads me to a mini-rant. NYC has been described as statist by some on this list, but despite the laws and whatnot, in many ways its fairly anarchic out here. Cops tend to leave you alone unless you're robbing or killing somebody. Other than that, for the most part its don't ask/don't tell. Prostitution is left alone unless the locals raise enough fuss over it. Drugs get the occsional bust, but the vast majority are left alone if its discrete. Now don't get me wrong...there are plenty of exceptions. And if you f with the cops, your going to get your ass kicked. But keep a low profile, don't screw with anybody that doesn't want to be screwed with, and you can do almost whatever you want. (Even taxes aren't a problem if you're willing to deal with the hassles of avoiding paying...) -TD From: Sunder [EMAIL PROTECTED] To: stuart [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Fatherland Security measures more important than Bennetton tags! Date: Mon, 17 Mar 2003 12:08:41 -0500 (est) Some of this is already in place. If you don't buy your Metrocard with cash, they have records of who you are. It's basically an ATM that takes ATM cards, credit cards (and some take cash also.) If you pay the machine by cash, you can be sure your face is linked to your Metrocard - since it's an ATM, they have to record who uses it. If you've signed up for the Mail Ride thing for the LIRR, they've got your metrocard linked already. Not sure about the booths, wouldn't surprise me though. You can still buy preset cards from newsstands - YMMV. Also, don't forget that each metrocard has it's own serial number. If you're not just a casual user, they can figure out around where you live because you use it twice. Once from home, once from work. Further, if you take them up on their offer to refresh the amount there - which they try to get you to do by making it so you always have a few extra cents left over on the card, there's another chance you might just use a credit card, etc... If there are cameras near the turnstyles, it's easy to spot who swiped which card and where they go based on timestamps. Of course face-card links aren't card-identity links, but if you're wanted, they're more than good enough. --Kaos-Keraunos-Kybernetos--- + ^ + :NSA got $20Bil/year |Passwords are like underwear. You don't /|\ \|/ :and didn't stop 9-11|share them, you don't hang them on your/\|/\ --*--:Instead of rewarding|monitor, or under your keyboard, you \/|\/ /|\ :their failures, we |don't email them, or put them on a web \|/ + v + :should get refunds! |site, and you must change them very often. [EMAIL PROTECTED] http://www.sunder.net On Sat, 15 Mar 2003, stuart wrote:
Re: The Register Libels Declan
On Sat, Mar 15, 2003 at 10:42:33PM -0800, Eric Cordian wrote: McCullagh, like Weiner - decided that principles are for fools. If not having principles means rejecting the kind of statist claptrap that the Register writer advocates -- and that went out of style with Nikita Khrushchev's bad suits -- then I suppose I'm guilty as charged. -Declan
Game theory, psychobio, demographics: Genesis of Suicide Terrorism
Here's a bit of meat for Tim... Genesis of Suicide Terrorism Scott Atran Contemporary suicide terrorists from the Middle East are publicly deemed crazed cowards bent on senseless destruction who thrive in poverty and ignorance. Recent research indicates they have no appreciable psychopathology and are as educated and economically well-off as surrounding populations. A first line of defense is to get the communities from which suicide attackers stem to stop the attacks by learning how to minimize the receptivity of mostly ordinary people to recruiting organizations. CNRS-Institut Jean Nicod, 1 bis Avenue Lowendal, 75007 Paris, France, and Institute for Social Research, University of Michigan, Ann Arbor, MI 48106-1248, USA. E-mail: [EMAIL PROTECTED] ... Gotta love this excerpt: Such sentiments characterize institutional manipulation of emotionally driven commitments that may have emerged under natural selection's influence to refine or override short-term rational calculations that would otherwise preclude achieving goals against long odds. Most typically, such emotionally driven commitments serve as survival mechanisms to inspire action in otherwise paralyzing circumstances, as when a weaker person convincingly menaces a stronger person into thinking twice before attempting to take advantage. In religiously inspired suicide terrorism, however, these emotions are purposely manipulated by organizational leaders, recruiters, and trainers to benefit the organization rather than the individual (supporting online text on religion) (36). 36. In much the same way, the pornography, fast food, or soft drink industries manipulate innate desires for naturally scarce commodities like sexual mates, fatty foods, and sugar to ends that reduce personal fitness but benefit the manipulating institution. [S. Atran, In Gods We Trust (Oxford Univ. Press, New York, 2002)]. Whole article: According to the U.S. Department of State report Patterns of Global Terrorism 2001 (1), no single definition of terrorism is universally accepted; however, for purposes of statistical analysis and policy-making: The term `terrorism' means premeditated, politically motivated violence perpetrated against noncombatant targets by subnational groups or clandestine agents, usually intended to influence an audience. Of course, one side's terrorists may well be another side's freedom fighters (Fig. 1). For example, in this definition's sense, the Nazi occupiers of France rightly denounced the subnational and clandestine French Resistance fighters as terrorists. During the 1980s, the International Court of Justice used the U.S. Administration's own definition of terrorism to call for an end to U.S. support for terrorism on the part of Nicaraguan Contras opposing peace talks. Fig. 1. Chanting demonstrators in Pakistan-held Kashmir defending Osama bin Laden's actions and ambitions as freedom-fighting (November 2001). [AP Photo/Roshan Mugal] [View Larger Version of this Image (96K GIF file)] For the U.S. Congress, `act of terrorism' means an activity that--(A) involves a violent act or an act dangerous to human life that is a violation of the criminal laws of the United States or any State, or that would be a criminal violation if committed within the jurisdiction of the United States or of any State; and (B) appears to be intended (i) to intimidate or coerce a civilian population; (ii) to influence the policy of a government by intimidation or coercion; or (iii) to affect the conduct of a government by assassination or kidnapping. (2). When suitable, the definition can be broadened to include states hostile to U.S. policy. Apparently, two official definitions of terrorism have existed since the early 1980s: that used by the Department of State for statistical and analytical purposes and that used by Congress for criminal proceedings. Together, the definitions allow great flexibility in selective application of the concept of terrorism to fluctuating U.S. priorities. The special category of State-sponsored terrorism could be invoked to handle some issues (3), but the highly selective and politically tendentious use of the label terrorism would continue all the same. Indeed, there appears to be no principled distinction between terror as defined by the U.S. Congress and counterinsurgency as allowed in U.S. armed forces manuals (4). Rather than attempt to produce a stipulative and all-encompassing definition of terrorism, this article restricts its focus to suicide terrorism characterized as follows: the targeted use of self-destructing humans against noncombatant--typically civilian--populations to effect political change. Although a suicide attack aims to physically destroy an initial target, its primary use is typically as a weapon of psychological warfare intended to affect a larger public audience.
Re: Idea: Sidestepping low-power broadcast regulations with infrared
At 12:08 PM 3/17/2003 -0500, you wrote: Steve Schear wrote... A detector that is only sensitive to this spectral region has the capability to operate in the daylight, even while pointing at the sun, and pick up little background radiation How much are UV receivers (note, not the same thing as a mere UV detector)? Gotta be kinda expensive, I would think (ie, in the 4-digit range), but I could be wrong. I haven't checked but assume they should be relatively cheap. For example, I'm assuming this device isn't too expensive and the sensor itself should be available for a few $10s. http://www.ame-corp.com/UVB.htm And preferably, it would be nice if it could run up to 11Meg/sec or so. I don't think you will be able to get anywhere near multi-megabit data rates with inexpensive, omni-directional, optical systems. But that's needed for broadcast of entertainment .mp3 sterams. Seems to me if one wanted broadcast, operating in the 1550-nm range and then using good old EDFAs might work, if one had the right kind of omnidirectional IR 'antenna' (or whatever such a thing would be called). Then of course, the broadcast cost would be kind of expensive (say $5000), but the detectors could be cheap ($100 or less). The only drawback here is fog (1550nm doesn't go too good through fog, but rain and snow are apparently fine). Fabrication of efficient, high-power,isible wavelength emitters and sensors using nano-imprinting technologies should be feasible today. The advantage of this approach is that it need not employ materials using their bandgaps but simply resonant structures similar to RF circuits. steve
Re: Fatherland Security measures more important than Bennetton tags!
This ain't Singapore, now...it's NYC. You can (and always will) be able to buy a Metrocard with cash at the remaining token booths. And while I'd bet many have cameras (for anti-token booth-type crime, including setting the booth on fire), I really doubt they'd be able to accurately track an individual that didn't want to be tracked. Unlike, say Hong Kong, you don't swipe your card to leave the system...you only swipe upon entry. And you can have as many cards as you want. And then, there are still many unattended exit points that have no cameras (and in many of those remote points, the installation of cameras would eventually be met with graffitti or vandalism). The NYC subway system is just too big to monitor. Which leads me to a mini-rant. NYC has been described as statist by some on this list, but despite the laws and whatnot, in many ways its fairly anarchic out here. Cops tend to leave you alone unless you're robbing or killing somebody. Other than that, for the most part its don't ask/don't tell. Prostitution is left alone unless the locals raise enough fuss over it. Drugs get the occsional bust, but the vast majority are left alone if its discrete. Now don't get me wrong...there are plenty of exceptions. And if you f with the cops, your going to get your ass kicked. But keep a low profile, don't screw with anybody that doesn't want to be screwed with, and you can do almost whatever you want. (Even taxes aren't a problem if you're willing to deal with the hassles of avoiding paying...) -TD From: Sunder [EMAIL PROTECTED] To: stuart [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Fatherland Security measures more important than Bennetton tags! Date: Mon, 17 Mar 2003 12:08:41 -0500 (est) Some of this is already in place. If you don't buy your Metrocard with cash, they have records of who you are. It's basically an ATM that takes ATM cards, credit cards (and some take cash also.) If you pay the machine by cash, you can be sure your face is linked to your Metrocard - since it's an ATM, they have to record who uses it. If you've signed up for the Mail Ride thing for the LIRR, they've got your metrocard linked already. Not sure about the booths, wouldn't surprise me though. You can still buy preset cards from newsstands - YMMV. Also, don't forget that each metrocard has it's own serial number. If you're not just a casual user, they can figure out around where you live because you use it twice. Once from home, once from work. Further, if you take them up on their offer to refresh the amount there - which they try to get you to do by making it so you always have a few extra cents left over on the card, there's another chance you might just use a credit card, etc... If there are cameras near the turnstyles, it's easy to spot who swiped which card and where they go based on timestamps. Of course face-card links aren't card-identity links, but if you're wanted, they're more than good enough. --Kaos-Keraunos-Kybernetos--- + ^ + :NSA got $20Bil/year |Passwords are like underwear. You don't /|\ \|/ :and didn't stop 9-11|share them, you don't hang them on your/\|/\ --*--:Instead of rewarding|monitor, or under your keyboard, you \/|\/ /|\ :their failures, we |don't email them, or put them on a web \|/ + v + :should get refunds! |site, and you must change them very often. [EMAIL PROTECTED] http://www.sunder.net On Sat, 15 Mar 2003, stuart wrote: What's to link? All that can be linked is that a metrocard was bought in one place, be it a subway station, deli or whatever, and then used somewhere else, the subway or bus. Hundreds of metrocards are bought at every station every day, used once, and tossed in the trash. (Actually, most of them get tossed on the train tracks.) All that can be linked is that one anonymous person, along with dozens of others, bought a metrocard and got on the subway a few minutes later, and then vanished into the crush. _ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail
Re: Brinwear at Benetton.
On Mon, 17 Mar 2003, Declan McCullagh wrote: I can imagine some ways to deal with this. Have certain blocks of RFID address space assigned to specific companies, who publish what products they'll be used for. They won't specify what *individuals* will get what tags, just that it's a $2,500 Prada handbag -- which still raises the crime concern. Which is a good reason for them to turn it off at the counter. People that can afford those things can complain loudly. Or you could use a multi-tier system like our current DNS setup. The root RFID address-space servers will point queries to rfid.example.com... Job security anyone :-) pun intended! Patience, persistence, truth, Dr. mike
Re: Brinwear at Benetton.
In article [EMAIL PROTECTED], Mike Rosing [EMAIL PROTECTED] wrote: Yeah, and it takes a second or 2 to find the bar code. That's got to cost a few pennies doesn't it :-) It adds up, especially in low-margin businesses. Groceries are a good example; unpacking every cart, scanning, and bagging is an expensive bottleneck. The process could be streamlined a lot if an entire cart were scanned at once. There are serious engineering problems before we get there; but the demand from retailers is very real, and so a very real effort will be made to solve them. -- Shields.
Re: Fatherland Security measures more important than Bennetton tags!
It's obvious they know what you look like if you use those machines, and who you are too if you use a credit card. Same with mail ride, I suppose, but that I know nothing of because I don't go to LI and I don't pay attention to Metro North. They obviously need an address, do they insist on a name? Besides, if you use a money order it doesn't matter what name you give them. Bodegas are still the best bet though. For maximum obfuscation you'd probably want to buy several cards from various places over the five boroughs and use them in odd orders. Of course doing that you'd lose your transfers though. Many booths do have cameras, they started putting them in when they had all those lighter fluid attacks years ago. I bet the ones that don't have cameras are the ones they plan on closing first, like the ones in Bushwick and other tourist not-spots. Soon all stations are going to have CCTV and 'emergency call-back buttons' after they shut down all of the token booths. There are some hidden cameras on the platforms, but not many AFAIK. I've never even found any. There are some there, though, they were originally installed to counter turnstile jumping and metrocard fraud. (IOW, to get more money, not to reduce violent crimes, huge surprise.) Those new trains (R142, R142A, R143) on the #2,5,6 lines have cameras inside, and soon all of the Redbirds will be gone, replaced by these new ones, which although CCTV'd, are a really nice ride. I wonder if they'll retrofit those 80's cars. The whole system is due for an upgrade, probably with some fed 'anti-terror' funds, if NY ever gets any, and if Pataki even spends any of it on the MTA. NYPD chief Kelly must be so envious of that DC surveillance network, just itching for his own. Granted there are already cameras all over the city, NYC still doesn't have quite the 'nerve center' DC does. Nice NY surveillance camera site: http://www.mediaeater.com/cameras/networks.html The fun people have with those cameras: http://www.notbored.org/the-scp.html -- stuart There ought to be limits to freedom. George W. Bush On Monday, March 17, 2003, Sunder came up with this... S If you don't buy your Metrocard with cash, they have records of who you S are. It's basically an ATM that takes ATM cards, credit cards (and some S take cash also.) If you pay the machine by cash, you can be sure your S face is linked to your Metrocard - since it's an ATM, they have to record S who uses it. S If you've signed up for the Mail Ride thing for the LIRR, they've got S your metrocard linked already. S Not sure about the booths, wouldn't surprise me though. You can still buy S preset cards from newsstands - YMMV. S Also, don't forget that each metrocard has it's own serial number. If S you're not just a casual user, they can figure out around where you live S because you use it twice. Once from home, once from work. Further, if S you take them up on their offer to refresh the amount there - which they S try to get you to do by making it so you always have a few extra cents S left over on the card, there's another chance you might just use a credit S card, etc... S If there are cameras near the turnstyles, it's easy to spot who swiped S which card and where they go based on timestamps. Of course face-card links aren't card-identity links, but if you're S wanted, they're more than good enough.
Re: Brinwear at Benetton.
On Mon, 17 Mar 2003, Michael Shields wrote: It adds up, especially in low-margin businesses. Groceries are a good example; unpacking every cart, scanning, and bagging is an expensive bottleneck. The process could be streamlined a lot if an entire cart were scanned at once. There are serious engineering problems before we get there; but the demand from retailers is very real, and so a very real effort will be made to solve them. I can see a couple of solutions to the checkout problem. One is to remove checkout counters, just scan the item at the shelf with a card. With rfid this actually becomes a lot simpler, you can isolate items to specific regions of the store. If the item is removed, it had better already be purchased or you get busted. A whole cart load of items responding simultaneously won't work, at least not with 5 cent rfid's of the next few years. In a decade maybe cdma rfid will be 5 cents. Removing the bottleneck of checkout counters would be *very good thing* because most people hate standing in line. Of course, digital cash would be really nice to have for that too! Patience, persistence, truth, Dr. mike
Re: Fatherland Security measures more important than Bennetton tags!
On Monday, March 17, 2003, Tyler came up with this... TD Cops tend to leave you alone unless you're robbing or TD killing somebody. Or unless you're smoking a cigarette. TD Drugs get the occsional bust, but the vast majority are left alone if TD its discrete. In some places that may be, but in others it's entirely false. I've been harassed by cops just for shaking hands with someone on 49th st. in Sunset Park, BK. People have been followed there just for using a payphone. It depends on where you are, and who you are. Granted a wealthy white suit-type is less likely to buy their drugs in public, but they're also less likely to be pulled over, etc. There's more drugs on Wall st. than in all of Brooklyn or the Bronx but you'd never know from the police reports. It's less about discretion than circumstance. -- stuart There ought to be limits to freedom. George W. Bush
part II: Game theory, psychobio, demographics: Genesis of Suicide Terrorism
Dubious Public Perceptions Recent treatments of Homeland Security research concentrate on how to spend billions to protect sensitive installations from attack (14, 15). But this last line of defense is probably easiest to breach because of the multitude of vulnerable and likely targets (including discotheques, restaurants, and malls), the abundance of would-be attackers (needing little supervision once embarked on a mission), the relatively low costs of attack (hardware store ingredients, no escape needs), the difficulty of detection (little use of electronics), and the unlikelihood that attackers would divulge sensitive information (being unaware of connections beyond their operational cells). Exhortations to put duct tape on windows may assuage (or incite) fear, but will not prevent massive loss of life, and public realization of such paltry defense can undermine trust. Security agencies also attend to prior lines of defense, such as penetrating agent-handling networks of terrorist groups, with only intermittent success. A first line of defense is to prevent people from becoming terrorists. Here, success appears doubtful should current government and media opinions about why people become human bombs translate into policy (see also supporting online text on contrary academic explanations). Suicide terrorists often are labeled crazed cowards bent on senseless destruction who thrive in the midst of poverty and ignorance. The obvious course becomes to hunt down terrorists while simultaneously transforming their supporting cultural and economic environment from despair to hope. What research there is, however, indicates that suicide terrorists have no appreciable psychopathology and are at least as educated and economically well off as their surrounding populations. Psychopathology: A Fundamental Attribution Error U.S. President George W. Bush initially branded 9/11 hijackers evil cowards. For U.S. Senator John Warner, preemptive assaults on terrorists and those supporting terrorism are justified because: Those who would commit suicide in their assaults on the free world are not rational and are not deterred by rational concepts (16). In attempting to counter anti-Moslem sentiment, some groups advised their members to respond that terrorists are extremist maniacs who don't represent Islam at all (17). Social psychologists have investigated the fundamental attribution error, a tendency for people to explain behavior in terms of individual personality traits, even when significant situational factors in the larger society are at work. U.S. government and media characterizations of Middle East suicide bombers as craven homicidal lunatics may suffer from a fundamental attribution error: No instances of religious or political suicide terrorism stem from lone actions of cowering or unstable bombers. Psychologist Stanley Milgram found that ordinary Americans also readily obey destructive orders under the right circumstances (18). When told by a teacher to administer potentially life-threatening electric shocks to learners who fail to memorize word pairs, most comply. Even when subjects stressfully protest as victims plead and scream, use of extreme violence continues--not because of murderous tendencies but from a sense of obligation in situations of authority, no matter how trite. A legitimate hypothesis is that apparently extreme behaviors may be elicited and rendered commonplace by particular historical, political, social, and ideological contexts. With suicide terrorism, the attributional problem is to understand why nonpathological individuals respond to novel situational factors in numbers sufficient for recruiting organizations to implement policies. In the Middle East, perceived contexts in which suicide bombers and supporters express themselves include a collective sense of historical injustice, political subservience, and social humiliation vis-`-vis global powers and allies, as well as countervailing religious hope (supporting online text on radical Islam's historical novelty). Addressing such perceptions does not entail accepting them as simple reality; however, ignoring the causes of these perceptions risks misidentifying causes and solutions for suicide bombing. There is also evidence that people tend to believe that their behavior speaks for itself, that they see the world objectively, and that only other people are biased and misconstrue events (19). Moreover, individuals tend to misperceive differences between group norms as more extreme than they really are. Resulting misunderstandings--encouraged by religious and ideological propaganda--lead antagonistic groups to interpret each other's views of events, such as terrorism/freedom-fighting, as wrong, radical, and/or irrational. Mutual demonization and warfare readily ensue. The problem is to stop this spiral from escalating in opposing camps (Fig. 3). Fig. 3.
Re: Idea: Sidestepping low-power broadcast regulations with infrared
At 03:13 PM 3/17/2003 +0100, Thomas Shaddack wrote: Using a powerful high-frequency modulated infrared source (eg, a bank of LEDs) located on a highly visible place, it couldbe possible to facilitate local community broadcasts, effectively sidestepping all FCC regulations. Better to ignore low power regs and challenge the FCC to demonstrate for each and every such station that their signal measurably interferes at receivers in another state with another station. Interference at receivers within the same state as the low power transmitters is not a valid constitutional basis for FCC regulation. Regarding LED broadcasts, you should consider RF modulated mid-UV lamps. There is a wide swath of spectrum from 230 to 280 nanometers created by the ozone layer. Little sun light in this frequency range, the only significant natural illumination source, reaches most parts of the earth. A detector that is only sensitive to this spectral region has the capability to operate in the daylight, even while pointing at the sun, and pick up little background radiation. A detector operating in this wavelength region need not be directional and will have an increased performance by orders of magnitude because of the reduction of the background noise. Furthermore, precise alignment of the transmitter and receiver is dispensed with since a detector does not have to operate in the line-of-sight but can function in a wide field-of-view mode to sense radiation scattered by the modulated UV signal. Multi-watt transmitters can be constructed from inexpensive, commercially available, Ar-Hg discharge lamps. Data rates can easily exceed 100s kbps (megabit data rates have been reported). By selection of different Hg isotopes in the lamps multiple channel operation is possible. Reception using inexpensive, solid-state, sensors is assumed. See U.S. Patent 4,493,114. steve
part III: Game theory, psychobio, demographics: Genesis of Suicide Terrorism
Priorities for Homeland Security The last line of defense against suicide terrorism--preventing bombers from reaching targets--may be the most expensive and least likely to succeed. Random bag or body searches cannot be very effective against people willing to die, although this may provide some semblance of security and hence psychological defense against suicide terrorism's psychological warfare. A middle line of defense, penetrating and destroying recruiting organizations and isolating their leaders, may be successful in the near term, but even more resistant organizations could emerge instead. The first line of defense is to drastically reduce receptivity of potential recruits to recruiting organizations. But how? It is important to know what probably will not work. Raising literacy rates may have no effect and could be counterproductive should greater literacy translate into greater exposure to terrorist propaganda (in Pakistan, literacy and dislike for the United States increased as the number of religious madrasa schools increased from 3000 to 39,000 since 1978) (27, 38). Lessening poverty may have no effect, and could be counterproductive if poverty reduction for the entire population amounted to a downward redistribution of wealth that left those initially better off with fewer opportunities than before. Ending occupation or reducing perceived humiliation may help, but not if the population believes this to be a victory inspired by terror (e.g., Israel's apparently forced withdrawal from Lebanon). If suicide-bombing is crucially (though not exclusively) an institution-level phenomenon, it may require finding the right mix of pressure and inducements to get the communities themselves to abandon support for institutions that recruit suicide attackers. One way is to so damage the community's social and political fabric that any support by the local population or authorities for sponsors of suicide attacks collapses, as happened regarding the kamikaze as a by-product of the nuclear destruction of Hiroshima and Nagasaki. In the present world, however, such a strategy would neither be morally justifiable nor practical to implement, given the dispersed and distributed organization of terrorist institutions among distantly separated populations that collectively number in the hundreds of millions. Likewise, retaliation in kind (tit-for-tat) is not morally acceptable if allies are sought (41). Even in more localized settings, such as the Israeli-Palestinian conflict, coercive policies alone may not achieve lasting relief from attack and can exacerbate the problem over time. On the inducement side, social psychology research indicates that people who identify with antagonistic groups use conflicting information from the other group to reinforce antagonism (19). Thus, simply trying to persuade others from without by bombarding them with more self-serving information may only increase hostility. Other research suggests that most people have more moderate views than what they consider their group norm to be. Inciting and empowering moderates from within to confront inadequacies and inconsistencies in their own knowledge (of others as evil), values (respect for life), and behavior (support for killing), and other members of their group (42), can produce emotional dissatisfaction leading to lasting change and influence on the part of these individuals (43). Funding for civic education and debate may help, also interfaith confidence-building through intercommunity interaction initiatives (as Singapore's government proposes) (35). Ethnic profiling, isolation, and preemptive attack on potential (but not yet actual) supporters of terrorism probably will not help. Another strategy is for the United States and its allies to change behavior by directly addressing and lessening sentiments of grievance and humiliation, especially in Palestine (where images of daily violence have made it the global focus of Moslem attention) (44) (Fig. 4). For no evidence (historical or otherwise) indicates that support for suicide terrorism will evaporate without complicity in achieving at least some fundamental goals that suicide bombers and supporting communities share. Fig. 4. Moslem youth with Quran dressed as a Palestinian suicide bomber demonstrating outside the United Nations office in Jakarta, Indonesia (April 2002). (Indonesia is the most populous Moslem nation.) [Reuters/Darren Whiteside] [View Larger Version of this Image (95K GIF file)] Of course, this does not mean negotiating over all goals, such as Al-Qaida's quest to replace the Western-inspired system of nation-states with a global caliphate, first in Moslem lands and then everywhere (see supporting online text for history and agenda of suicide-sponsoring groups). Unlike other groups, Al-Qaida publicizes no specific demands after
Re: [1st amend] NYT: MTV refuses antiwar commercial
Yeah, despite the probable issues, I want to see big-breasted, bikini-clad springbreak chics on MTV while smokin' a doobie, not be all harshed-out by reality. I WANT MY MT-V! -TD From: Sunder [EMAIL PROTECTED] CC: [EMAIL PROTECTED] [EMAIL PROTECTED] Subject: Re: [1st amend] NYT: MTV refuses antiwar commercial Date: Mon, 17 Mar 2003 08:38:25 -0500 (est) As deplorable and heinous as MTV's actions are, go back and read the 1st Ammendment. MTV is not a government run channel. The 1st doesn't apply to it. Now - if say Fox News - who claims to be Fair and Balanced refused it, while accepting - say US Army/Navy/Marines ads, etc. that might be an interesting development. But it still wouldn't fall under the 1st. --Kaos-Keraunos-Kybernetos--- + ^ + :NSA got $20Bil/year |Passwords are like underwear. You don't /|\ \|/ :and didn't stop 9-11|share them, you don't hang them on your/\|/\ --*--:Instead of rewarding|monitor, or under your keyboard, you \/|\/ /|\ :their failures, we |don't email them, or put them on a web \|/ + v + :should get refunds! |site, and you must change them very often. [EMAIL PROTECTED] http://www.sunder.net On Fri, 14 Mar 2003, Major Variola (ret) wrote: What are the issues when media doesn't take ads? Private media (e.g., a newspaper, a web site) can't be compelled to say, or not say, anything by the state, and so can freely exercise arbitrary editorial control over adverts. What about when the medium is a State-granted monopoly of a resource like RF spectrum? Or cable infrastructure?Should *these* media channels be *compelled* to accept any privately-funded ads, first come first served, *because* of this State-granted monopoly? MTV refuses antiwar commercial http://www.nytimes.com/2003/03/13/business/media/13ADCO.html?ex=1048573024ei=1en=292aa6fe6f1edbc8 _ The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail
Re: Idea: Sidestepping low-power broadcast regulations with infrared
Steve Schear wrote... I haven't checked but assume they should be relatively cheap. For example, I'm assuming this device isn't too expensive and the sensor itself should be available for a few $10s. http://www.ame-corp.com/UVB.htm Perhaps I misunderstand what you would want to use this device for. Remember we need to detect bits, not just the presence of UV/IR or whatever. It's got to be able to react quickly, and hopefully quickly enough that the electronics behind it can be off-the shelf, and probably Ethernet or SONET-capable. (Think 10/11 Meg, or 155Meg and beyond...) And because I've never heard of UV-based communications, I would assume that such a receiver would be quite expensive, even at lower bitrates. However, if you go with the standard tele/datacom wavelength bands (850nm, 1310nm, 1550nm...), prices get VERY cheap, even at bandwidths up to OC-48 (2.5 gig). With both the 1550nm as well as 1310nm-band, you have the added possibility of optical amplifiers (Raman at 1310nm, Erbium-Doped fiber amplifiers at 1550nm), and pretty much unlimited power (cladding-pumped fiber amplifiers can output in the 2 to 5 watt range and beyond). Oh, and it should be mentioned that several companies have already commercialized free-space point-to-point line of sight optical communications at these bandwidths and these wavelegnths, so the only thing you really need is the wierd antenna, and I'd bet there's something out there already you could use. -TD And preferably, it would be nice if it could run up to 11Meg/sec or so. I don't think you will be able to get anywhere near multi-megabit data rates with inexpensive, omni-directional, optical systems. But that's needed for broadcast of entertainment .mp3 sterams. Seems to me if one wanted broadcast, operating in the 1550-nm range and then using good old EDFAs might work, if one had the right kind of omnidirectional IR 'antenna' (or whatever such a thing would be called). Then of course, the broadcast cost would be kind of expensive (say $5000), but the detectors could be cheap ($100 or less). The only drawback here is fog (1550nm doesn't go too good through fog, but rain and snow are apparently fine). Fabrication of efficient, high-power,isible wavelength emitters and sensors using nano-imprinting technologies should be feasible today. The advantage of this approach is that it need not employ materials using their bandgaps but simply resonant structures similar to RF circuits. steve _ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail
Re: Pneumonia versus face recognition
What wavelengths do face recognition systems use, and are face masks still opaque at those frequencies? As far as I know, the cameras used are standard ones, in normal visible range. (Backed with cost of the equipment, the fact that there is not enough UV light indoors, that IR cameras are way too expensive and detailed IR image AFAIK isn't sharp enough, and that terahertz technology isn't fielded yet.)
Re: Idea: Sidestepping low-power broadcast regulations with infrared
Steve Schear wrote... A detector that is only sensitive to this spectral region has the capability to operate in the daylight, even while pointing at the sun, and pick up little background radiation How much are UV receivers (note, not the same thing as a mere UV detector)? Gotta be kinda expensive, I would think (ie, in the 4-digit range), but I could be wrong. And preferably, it would be nice if it could run up to 11Meg/sec or so. Seems to me if one wanted broadcast, operating in the 1550-nm range and then using good old EDFAs might work, if one had the right kind of omnidirectional IR 'antenna' (or whatever such a thing would be called). Then of course, the broadcast cost would be kind of expensive (say $5000), but the detectors could be cheap ($100 or less). The only drawback here is fog (1550nm doesn't go too good through fog, but rain and snow are apparently fine). -TD From: Steve Schear [EMAIL PROTECTED] To: Thomas Shaddack [EMAIL PROTECTED], cypherpunks [EMAIL PROTECTED] Subject: Re: Idea: Sidestepping low-power broadcast regulations with infrared Date: Mon, 17 Mar 2003 08:40:05 -0800 At 03:13 PM 3/17/2003 +0100, Thomas Shaddack wrote: Using a powerful high-frequency modulated infrared source (eg, a bank of LEDs) located on a highly visible place, it couldbe possible to facilitate local community broadcasts, effectively sidestepping all FCC regulations. Better to ignore low power regs and challenge the FCC to demonstrate for each and every such station that their signal measurably interferes at receivers in another state with another station. Interference at receivers within the same state as the low power transmitters is not a valid constitutional basis for FCC regulation. Regarding LED broadcasts, you should consider RF modulated mid-UV lamps. There is a wide swath of spectrum from 230 to 280 nanometers created by the ozone layer. Little sun light in this frequency range, the only significant natural illumination source, reaches most parts of the earth. A detector that is only sensitive to this spectral region has the capability to operate in the daylight, even while pointing at the sun, and pick up little background radiation. A detector operating in this wavelength region need not be directional and will have an increased performance by orders of magnitude because of the reduction of the background noise. Furthermore, precise alignment of the transmitter and receiver is dispensed with since a detector does not have to operate in the line-of-sight but can function in a wide field-of-view mode to sense radiation scattered by the modulated UV signal. Multi-watt transmitters can be constructed from inexpensive, commercially available, Ar-Hg discharge lamps. Data rates can easily exceed 100s kbps (megabit data rates have been reported). By selection of different Hg isotopes in the lamps multiple channel operation is possible. Reception using inexpensive, solid-state, sensors is assumed. See U.S. Patent 4,493,114. steve _ Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail