Re: Final stage
On Thu, 8 Jul 2004, Howie Goodell wrote: A few years ago it was requests on how to make bombs, now it's this shit. The UBL is GW message sounded provocateurish, too. Yeah, I can see a humor impaired feeb going there. But you gotta admit, it was on-target! Whoever that one was, they were dead-on :-) Howie Goodell -- Yours, J.A. Terranson [EMAIL PROTECTED] ...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them. Osama Bin Laden
Re: Final stage
On Wed, 7 Jul 2004 15:26:59 -0400 (edt), Sunder [EMAIL PROTECTED] wrote: On Wed, 7 Jul 2004, J.A. Terranson wrote: On Wed, 7 Jul 2004, Anonymous via the Cypherpunks Tonga Remailer wrote: Praise Allah! The spires of the West will soon come crashing down! SCREED Deleted Laying it on just a little thick, no? Here we go again. Get ready for more FUD from the LEO's, I can see Fox news now. Cypherpunks a hotbed of crypto-anarchist scum is now being used by Al Qaeda to setup new terrorist attacks... Expect to see a sidebar about rogue or evil anonymous remailers and how they're un-patriotic, etc. Bah, some feeb had too one too many Crappachino's with lunch today and pulled a Cornholio :( A few years ago it was requests on how to make bombs, now it's this shit. The UBL is GW message sounded provocateurish, too. Howie Goodell -- Howie Goodell [EMAIL PROTECTED] http://goodL.org Hardware control Info Visualization User interface UMass Lowell Computer Science Doctoral Candidate
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
I can't imagine any intelligence professional wasting her time reading the crap at times coming over this list. As of mid 2000 most of traffic is recorded. By this time 'most' is very close to 'all'. But if you e-mail someone with account on the same local ISP, using dial-in at the recipient is also using dial-in, and ISP didn't farm-out dial-in access, then your message may not be backed up forever.
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
At 01:09 PM 7/7/2004, Adam Back wrote: Then we implemented a replacement version 2 mail system that I designed. The design is much simpler. With freedom anonymous networking you had anyway a anonymous interactive TCP feature. So we just ran a standard pop box for your nym. Mail would be delivered to it directly (no reply block) for internet senders. Freedom senders would send via anonymous IP again to get sender anonymity. Used qmail as the mail system. Unfortunately they closed down the freedom network pretty soon after psuedonymous mail 2.0 [3] was implemented. I wonder if the mail 2.0 code could be publicly released so it could be used with the forthcoming i2p IP overlay http://www.i2p.net/ ? steve
All your data belongs to Redmond
I am currently working as a security consultant at a major kiretsu that makes printers/fax/copiers/scanners. Important eg in a hospital where HIPAA requires that info not be leaked. Eg the xerox-tech swaps a drive and gets to look at the data on it. Or your accountant is using a wireless laptop to print your bank numbers. A program I was working on crashed, and M$'s XP asked me if it could tell M$ about the bug. I looked at the info the anonymous message would contain. It included the data I was testing with. Nice. I sent a note to my boss. Anyone know if this can be shut off? [Apologies if this is an old issue. As an aside, the 3Ghz work machine with half a Gig of RAM runs no faster than the 333 Mhz 128Meg Win95 PC this is composed on. When quantum computing chips come out, if they run M$ OS, they won't run any faster, but the assistants will be more annoying.] --- This is by-design behavior, not a security vulnerability. -- Scott Culp, Microsoft Security Response Center, discussing the hole allowing ILOVEU to propogate, 5/5/00.
Re: Final stage
On Thu, 8 Jul 2004, Howie Goodell wrote: Return-Path: [EMAIL PROTECTED] X-Original-To: [EMAIL PROTECTED] Delivered-To: [EMAIL PROTECTED] Received: from mproxy.gmail.com (rproxy.gmail.com [64.233.170.196]) by mx1.mfn.org (Postfix) with SMTP id 5F0C154876 for [EMAIL PROTECTED]; Thu, 8 Jul 2004 07:17:55 -0500 (CDT) Received: by mproxy.gmail.com with SMTP id d19so134991rnf for [EMAIL PROTECTED]; Thu, 08 Jul 2004 05:17:39 -0700 (PDT) Received: by 10.38.71.16 with SMTP id t16mr209763rna; Thu, 08 Jul 2004 05:17:39 -0700 (PDT) Message-ID: [EMAIL PROTECTED] No tls for gmail? Booo!!! -- Yours, J.A. Terranson [EMAIL PROTECTED] ...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them. Osama Bin Laden
Re: Final stage
At 03:26 PM 7/7/04 -0400, Sunder wrote: Here we go again. Get ready for more FUD from the LEO's, I can see Fox news now. Perhaps, but some will tune in and learn a thing or two. (Albeit we'll suffer the September effect...) ... This one is for Eunice Stone, who turned in 3 medical students last year for looking muslim: I suggest learning to graffiti arabic in public places. Perhaps one of those hotel bibles containing the lord's prayer in all the cool fonts will suffice. (I use the Job chapter for rolling cigs.). Or copy something from an arabic web site. Hell, even hebrew would work with most yokels piggies or paranoid citizen-slaves. Or use ammonium fluoride pens on glass for a frosty effect. Bah, some feeb had too one too many Crappachino's with lunch today and pulled a Cornholio :( LOL I need the Bill of Rights for Ashcrufts bunghole..
Faster than Moore's law
At 02:55 PM 7/7/04 -0500, J.A. Terranson wrote: A few years ago. Lets call it two years ago. That would make the average hi-cap drive around 30gb. Just want to remind y'all that drive capacity has increased *faster* than semiconductor throughput, which has an 18 month doubling time. They keep talking about drafting a Constitution for Iraq. Why don't we just give them ours? It was written by a lot of really smart guys, it's worked for over 200 years, and Hell, we're not using it anymore. -Jay Leno
Re: Final stage
On Thu, 8 Jul 2004 07:27:17 -0500 (CDT), J.A. Terranson [EMAIL PROTECTED] wrote: On Thu, 8 Jul 2004, Howie Goodell wrote: Return-Path: [EMAIL PROTECTED] .. No tls for gmail? Booo!!! I asked a friend what he thought Google would market to someone with an Inbox crammed with cpunks messages. He suggested, Legal services? Howie Goodell -- Howie Goodell [EMAIL PROTECTED] http://goodL.org Hardware control Info Visualization User interface UMass Lowell Computer Science Doctoral Candidate
Re: Faster than Moore's law
On Wed, Jul 07, 2004 at 09:31:45PM -0700, Major Variola (ret) wrote: Just want to remind y'all that drive capacity has increased *faster* than semiconductor throughput, which has an 18 month doubling time. Yes. Also, human-generated traffic (the relevant part: which email you write, which sites you browse) has an upper bound for each meat person. Even if one doesn't have access to your ISP's logs this should be enough to identify (not necessarily link to a specific fed-issued ID, though) almost every person within a session. I think it is safe to assume that every relevant traffic which is in clear is being recorded, some or all of it forever. -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpNFOqpEcyrI.pgp Description: PGP signature
Querying SSL/TLS capabilities of SMTP servers
I cobbled up together a small bash shell script that does this. It lists
the MX records for a domain, and then tries to connect to each of them,
issue an EHLO command, disconnect, then list the output of the server,
alerting if the server supports STARTTLS. It should be easy to further
query the server for the certificate, using some external utility called
from the script.
It requires netcat and a pair of djbdns utilities. It's a bit crude, but
could be helpful.
Script follows:
- cut here --
#!/bin/bash
## Query the capabilities of mailservers for a domain.
##
## Requirements: nc (netcat), dnsmx and dnsip (from djbdns package)
TMP=`mktemp /tmp/queryehlo.XX`
EHLOSTRING=capquery
TIMEOUT=15
function help()
{
cat EOF
queryehlo - query the capabilities of mailservers for a domain
Usage: queryehlo domain
EOF
exit 0
}
function checkresources()
{
ERR=;
if [ ! `which nc 2/dev/null` ]; then
echo ERROR: nc (netcat) not available in \$PATH.
echo netcat should be part of standard distro, or can be acquired from eg.
echohttp://www.atstake.com/research/tools/network_utilities/;.
echo
ERR=1
fi
if [ ! `which dnsmx 2/dev/null` ]; then
echo ERROR: dnsmx (from djbdns) not available in \$PATH.
echo djbdns can be downloaded from eg. http://cr.yp.to/djbdns.html;
echo
ERR=1
fi
if [ $ERR == 1 ]; then exit; fi
}
function queryrelay()
{
if [ ! $x ]; then return; fi
echo Querying mail relay $1, `dnsip $x`
cat EOF | nc -w $TIMEOUT $1 25 $TMP
EHLO $EHLOSTRING
QUIT
EOF
if [ `cat $TMP|grep STARTTLS` ]; then
echo *** RELAY ADVERTISES SMTP/TLS SUPPORT
# insert eventual further interrogations here
fi
echo
cat $TMP
echo
echo
rm $TMP
}
checkresources
if [ $1 == ]; then help; fi
if [ $1 == -h ]; then help; fi
if [ $1 == --help ]; then help; fi
dnsmx $1 | sort -n |
while true; do
read x1 x; if [ $? == 1 ]; then break; fi
queryrelay $x;
done
RE: Final stage
Hum. Does this mean Tim May has resuscribed? -TD From: Anonymous via the Cypherpunks Tonga Remailer [EMAIL PROTECTED] To: [EMAIL PROTECTED] [EMAIL PROTECTED] Subject: Final stage Date: Wed, 7 Jul 2004 20:52:34 +0200 (CEST) Praise Allah! The spires of the West will soon come crashing down! Our Brother wishes for us to meet at the previously discussed southeastern roadhouse on August 1st, in preparation for the operations scheduled for August 6th and 9th. Alternative targets have been chosen. Contact Jibril if you have not heard of the changes since the last meeting. The infidels have machines that detect the biologicals, so make sure the containers are sealed and scrubbed as discussed. Leave excess semtex behind. The more we transport, the more likely the infidels are to detect us. We have received more funding and supplies from our brothers in Saudi Arabia and Syria. Be prepared for another operation before January. Praise Allah! May the blood of the infidels turn the oceans red! _ Express yourself instantly with MSN Messenger! Download today - it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
Re: All your data belongs to Redmond
See http://www.windows-help.net/WindowsXP/tune-08.html and http://www.ciac.org/ciac/bulletins/m-005.shtml Major Variola wrote: I am currently working as a security consultant at a major kiretsu that makes printers/fax/copiers/scanners. Important eg in a hospital where HIPAA requires that info not be leaked. Eg the xerox-tech swaps a drive and gets to look at the data on it. Or your accountant is using a wireless laptop to print your bank numbers. A program I was working on crashed, and M$'s XP asked me if it could tell M$ about the bug. I looked at the info the anonymous message would contain. It included the data I was testing with. Nice. I sent a note to my boss. Anyone know if this can be shut off? [Apologies if this is an old issue. As an aside, the 3Ghz work machine with half a Gig of RAM runs no faster than the 333 Mhz 128Meg Win95 PC this is composed on. When quantum computing chips come out, if they run M$ OS, they won't run any faster, but the assistants will be more annoying.] --- This is by-design behavior, not a security vulnerability. -- Scott Culp, Microsoft Security Response Center, discussing the hole allowing ILOVEU to propogate, 5/5/00.
Re: Final stage
On Thu, 8 Jul 2004, Howie Goodell wrote: On Wed, 7 Jul 2004 15:26:59 -0400 (edt), Sunder [EMAIL PROTECTED] wrote: On Wed, 7 Jul 2004, J.A. Terranson wrote: On Wed, 7 Jul 2004, Anonymous via the Cypherpunks Tonga Remailer wrote: Praise Allah! The spires of the West will soon come crashing down! SCREED Deleted Laying it on just a little thick, no? Here we go again. Get ready for more FUD from the LEO's, I can see Fox news now. Cypherpunks a hotbed of crypto-anarchist scum is now being used by Al Qaeda to setup new terrorist attacks... Expect to see a sidebar about rogue or evil anonymous remailers and how they're un-patriotic, etc. Bah, some feeb had too one too many Crappachino's with lunch today and pulled a Cornholio :( A few years ago it was requests on how to make bombs, now it's this shit. The UBL is GW message sounded provocateurish, too. Yup... but that's kind of standard around here. Pull up a reasonable quote from some super hated person and make people think. Nothing new. I think there was something about gun control and making people safe attributed to Hitler, etc. a while back. But as I said, here we go: http://www.theinquirer.net/?article=17087 Right on que too, though it doesn't mention Cypherpunks... The Internet is the home of Terror Servers of Mass destruction By Nick Farrell: Thursday 08 July 2004, 07:50 THE INTERNET has become the place for terrorist training, recruitment, and fundraising, according to a leading Israeli academic. Speaking to the Medill News Service, Gabriel Weimann, chair of the University of Haifa communications department claims that Terrorist groups are exploiting the accessibility, vast audience, and anonymity of the Internet to raise money and recruit new members. SNIP
BOUNTY BEAR is Faster than Moore's law
Um. Interesting point. Come to think of it, it might actually make a lot more sense to be able to run those risk models offline. That way, you can always refine them later. Better safe than sorry. Given Variola's little factoid, even if they aren't grabbing everything now, they probably will soon. I'd also point out that imaging technology (eg, CCDs) are moving like a bat out of hell, though I'm not sure of the relevance vz Cypherpunks. Riffing a bit...with effectively inifinte storage capacity and high-density imaging arrays, it might be possible for a database search to include parameters such as brown eyes...1mm zit pockmark on left cheek, and then a search is run on all Metrocard terminals through all city subway's security cameras in the world. Anyone see Wim Wender's The End of the World? BOUNTY BEAR! -TD From: Eugen Leitl [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Faster than Moore's law Date: Thu, 8 Jul 2004 08:55:11 +0200 On Wed, Jul 07, 2004 at 09:31:45PM -0700, Major Variola (ret) wrote: Just want to remind y'all that drive capacity has increased *faster* than semiconductor throughput, which has an 18 month doubling time. Yes. Also, human-generated traffic (the relevant part: which email you write, which sites you browse) has an upper bound for each meat person. Even if one doesn't have access to your ISP's logs this should be enough to identify (not necessarily link to a specific fed-issued ID, though) almost every person within a session. I think it is safe to assume that every relevant traffic which is in clear is being recorded, some or all of it forever. -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net attach3 _ Check out the latest news, polls and tools in the MSN 2004 Election Guide! http://special.msn.com/msn/election2004.armx
Re: [IP] Hi-tech rays to aid terror fight (fwd from dave@farber.net)
I recently visited the Canadian side of Niagra falls. On the return entry to the US customs, etc. meant driving through penns that look like toll booths. But I noticed little sensors in pairs and large square sensors as well. The entry gate was fairly large - I'd say about 2' deep by 2' wide by I'd guess 10/12' high. Black on the outside car facing side, white on the inner side. On the side there were pairs of large rectangular boxes at an angle pointing down toward the car. Deeper into the stall there were several pairs of sensors on vertical poles. The first pair on the left side - small rectangular ones which pointed at similar poles across the way. Something like this: | | | ]| mid - about 3-4' off the ground | | |[ | low about 1ft off the ground From the top: Booth|---arm---| | | |[| |[| |]| |]| | | ### ### | | %%% %%% | | ^ direction of driving [ = small sensor ##= large sensor %%= entry gate 3'x3' thick And there were two sets of these as I drove through. Were these the (in)famous TZ sensors? There were two guys in the booth, one obviously examining in LCD monitor, the other guy going papers please and state the nature of your visit etc. He seemed only concerned with where we were born, lived, and whether we had purchased any alcohol or tabacco products in Canada. On Thu, 8 Jul 2004, Eugen Leitl wrote: - Forwarded message from David Farber [EMAIL PROTECTED] - From: David Farber [EMAIL PROTECTED] Date: Thu, 8 Jul 2004 10:09:31 -0400 Begin forwarded message: From: Dewayne Hendricks [EMAIL PROTECTED] Date: July 8, 2004 4:53:34 AM EDT To: Dewayne-Net Technology List [EMAIL PROTECTED] Subject: [Dewayne-Net] Hi-tech rays to aid terror fight Hi-tech rays to aid terror fight A new way of identifying metal and explosives could provide a valuable tool in the fight against terrorism. Airport security has become big business following the terrorist attacks in the US. A system that detects both metal and non-metallic weapons using terahertz light has been developed by technology firm TeraView.
Re: Querying SSL/TLS capabilities of SMTP servers
On 2004-07-08T17:50:57+0200, Thomas Shaddack wrote:
I cobbled up together a small bash shell script that does this. It lists
the MX records for a domain, and then tries to connect to each of them,
issue an EHLO command, disconnect, then list the output of the server,
..
Or, in perl... though I wonder if there's a way to get capabilities with
Net::SMTP. Might make this cleaner.
#!/usr/bin/perl
use IO::Socket;
use Net::DNS;
for ($i = 0; $i = $#ARGV; $i++) {
my @mx = mx($ARGV[$i]);
foreach $record (@mx) {
my $hastls = 0;
my $mhost = IO::Socket::INET-new (
Proto = tcp,
PeerAddr = $record-exchange,
PeerPort = 25,
Timeout = 10
);
print $mhost EHLO I-love-my-country.whitehouse.gov\n;
print $mhost QUIT\n;
while ($mhost) {
if (/STARTTLS/) {
$hastls = 1;
last;
}
}
print $ARGV[$i] . $record-preference . . $record-exchange;
print $hastls ? adv-tls\n : no-tls\n;
close $mhost;
}
}
photodisc search (was Re: BOUNTY BEAR is Faster ...)
Tyler Durden wrote: arrays, it might be possible for a database search to include parameters such as brown eyes...1mm zit pockmark on left cheek, and then a search You probably already know of this, but something like Photodisc? Getty Images - stock photos and images: http://www.photodisc.com/ http://www.fotosearch.com/photodisc/ Has a search feature, eg content young woman sitting looking at camera (direct quote used to find the pic MicroSoft used for their switch campaign).
Re: Faster than Moore's law
At 09:31 PM 7/7/2004, Major Variola (ret) wrote: At 02:55 PM 7/7/04 -0500, J.A. Terranson wrote: A few years ago. Lets call it two years ago. That would make the average hi-cap drive around 30gb. Just want to remind y'all that drive capacity has increased *faster* than semiconductor throughput, which has an 18 month doubling time. But access time has not nearly kept pace. Which is why all manner of database architectures have been created to make up for this shortcoming. steve
RE: photodisc search (was Re: BOUNTY BEAR is Faster ...)
A big database of images with metadata can be used to train a neural network (or other suitable AI approach) to recognize unknown images. On Thu, 8 Jul 2004, Tyler Durden wrote: Yeah, but this is a metadata search, correct? Seems to me Our Protectors(TM) are probably able to search a vast database of images themselves. In other words, go look for details they hadn't previously thought of as being important (and hence were not available in metadata). Given high-density CCDs and real cheap storage, these details may be very minute, or perhaps small+far away.
