Re: JAP back doored
On Tue, Sep 02, 2003 at 12:47:34PM -0700, Steve Schear wrote: | http://www.heise.de/newsticker/data/jk-02.09.03-005/ | | German police have searched and seized the rooms (dorm?) of one of the JAP | developers. They were on the look for data that was logged throughout the | period when JAP had to log specific traffic. The JAP-people say that the | seizure was not conform with German law. They suggest that the police was | afraid that they wouldn't gain the right to use this data before a normal | court. So they stole it to make things clear. And since the JAP team did | cooperate with them the previous time they now have the logs to get seized. | | I'll bet the logs weren't encrypted. Fools. That's the cool bit about playing by the law; they can ignore it, ruin people's lives, and then get a month off with pay while their actions are investigated. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: Random musing about words and spam
Hello, On Wed, 3 Sep 2003, Thomas Shaddack wrote: Spammers recently adopted tactics of using randomly generated words, eg. wryqf, in both the subject and the body of the message. These pseudowords are random, which makes them different from real words that are made of syllables. Could the pseudowords be easily detected by their characteristics, eg. presence of syllables, wovel-consonant sequences/ratio, something like that? This could shift the balance of force in spam detection again, until the adversary will be forced to adopt the tactics of generating the random words from syllables instead of characters. Presence of pseudowords then could be added as one of spam characteristics. I have, for a year or so now, been wondering about all the odd character strings I am finding in the subjects and body of my spam, and I too thought about keying on these for detection. However, I immediately abandoned the idea, as a quick glance over the content of my legitimate email - to and from developers, technical mailing lists, etc., revealed that almost all of my legitimate email also contains seemingly random bits of gibberish and pseudowords. Try to write the logic that distinguishes this: if_gre in the tree passes the mbuf to netisr_dispatch(), which in turn calls if_handoff(), which does something similar. ([EMAIL PROTECTED]) from this: dyeiluykxoer dyeiluykcqkutknig dyeiluykkrpmhrku dyeiluykngeqx dyeiluykoybim dyeiluykbihlyrelg dyeiluyktwucinmdyeiluykwenmttwvm (actual spam) I must reiterate that, given the relentless efficiency of spam-spiders, merely publishing a shadow email address on all web documents that your real email address reside on, and deleting all email sent to both accounts is my current favorite anti-spam mechanism. Simple to DIY, and requires no centralization. - John Kozubik - [EMAIL PROTECTED] - http://www.kozubik.com
Re: Random musing about words and spam
On Wed, 3 Sep 2003, John Kozubik wrote: Try to write the logic that distinguishes this: if_gre in the tree passes the mbuf to netisr_dispatch(), which in turn calls if_handoff(), which does something similar. ([EMAIL PROTECTED]) from this: dyeiluykxoer dyeiluykcqkutknig dyeiluykkrpmhrku dyeiluykngeqx dyeiluykoybim dyeiluykbihlyrelg dyeiluyktwucinmdyeiluykwenmttwvm (actual spam) Quality vs quantity. The ratio of machine-generated words to real-looking ones. The first one has far more negative hits than positive ones, the second one has all positive. (However, this is easy to beat by using randomly selected dictionary words instead. The following step is using a syntactical parser on the level of sentences. The countermove is borrowing random paragraphs of otherwise meaningful text from random websites. Following move is employing of semantical parsers, and then we're waist-deep in artificial intelligence and natural language analysis. It will end there anyway.) Won't work too reliably on its own, at least in the simple version, but could help a Bayesian filter to make a decision. I must reiterate that, given the relentless efficiency of spam-spiders, merely publishing a shadow email address on all web documents that your real email address reside on, and deleting all email sent to both accounts is my current favorite anti-spam mechanism. Simple to DIY, and requires no centralization. This approach assumes you are able to detect duplicates (which may be difficult to do if each spam sent out would be different, eg. using different sets of pseudowords - which is already being done in some cases, from the day antispam systems based on hashes of known spams were introduced), and depends on the duplicates actually reaching your both addresses within reasonable timeframe.
Re: Searching for uncopyable key made of sparkles in plastic
Several months ago, I read about someone who was making a key that was difficult if not impossible to copy. They mixed sparkly things into a plastic resin and let them set. A camera would take a picture This boils down to difficulty of faking the analog interface. Anything that regular camera captures the attacker can also capture and reproduce it for the benefit of the camera. This means that camera has to be able to distinguish between the real thing and images of the real thing. This probably means going beyond optical image and somehow detecting 3D coordinates of particles, forcing the attacker to actually construct a new physical key carrier. At the current level of technology and economy, it's cheaper to hire an unemployed hardware engineer (no, s/w engs are not qualified,) to look at the key than to construct a 3D particle-sensing camera. = end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
Random musing about words and spam
Spammers recently adopted tactics of using randomly generated words, eg. wryqf, in both the subject and the body of the message. These pseudowords are random, which makes them different from real words that are made of syllables. Could the pseudowords be easily detected by their characteristics, eg. presence of syllables, wovel-consonant sequences/ratio, something like that? This could shift the balance of force in spam detection again, until the adversary will be forced to adopt the tactics of generating the random words from syllables instead of characters. Presence of pseudowords then could be added as one of spam characteristics.
Re: Getting certificates.
Outlook and outlook express support digital signing and encryption -- but one must first get a certificate. Now what I want is a certificate that merely asserts that the holder of the certificate can receive email at such and such an address, and that only one such certificate has been issued for that address. Such a certification system has very low costs for issuer and recipient, and because it is a nym certificate, no loss of privacy. then generate one. it won't be accepted as legitimate by the majority of clients though - you would have to get each one to approve you manually (like you would with a pgp key, but without the WoT to help you) keys can be generated using OpenSSL, or if you aren't a fan of command line tools, EBCrypt can generate them from VB; there is a mini-ca script here: http://groups.yahoo.com/group/WSH-CA/files/Current/ if you want to play with it :)
re: Getting certificates.
On Wed, 3 Sep 2003, James A. Donald wrote: -- SSH server public/private keys are widely deployed. PKI public keys are not. Reason is that each SSH server just whips up its own keys without asking anyone's permission, or getting any certificates. Outlook and outlook express support digital signing and encryption -- but one must first get a certificate. So I go to Thawte to get my free certificate, and find that Thawte is making an alarmingly great effort to link certificates with true name information, and with the beast number that your government has assigned to you, which imposes large costs both on Thawte, and on the person seeking the certificate, and also has the highly undesirable effect that using these certificates causes major loss of privacy, by enabling true name and beast number contact tracing of people using encryption. Now what I want is a certificate that merely asserts that the holder of the certificate can receive email at such and such an address, and that only one such certificate has been issued for that address. Such a certification system has very low costs for issuer and recipient, and because it is a nym certificate, no loss of privacy. Is there any web page set up to automatically issue such certificates? The certs that IE and outlook express accept oddly do not seem to have any provision for defining what the certificate certifies. This seems a curious and drastic omission from a certificate format. Since there is no provision to define what a certificate certifies, one could argue that any certification authority that certifies anything other than a true name connected to a state issued id number, the number of the beast, is guilty of fraud. This would seem to disturbingly limit the usefulness and application of such certificates. It also, as anyone who tries to get a free certificate from Thawte will discover, makes it difficult, expensive, and inconvenient to get certificates. --digsig James A. Donald Here is an interesting post regarding the CA issue: http://lists.spack.org/pipermail/wordup/2003/000684.html You may want to look at http://www.cacert.org. It may do what you want.
