Re: List Archive (Was: Re: p2p, anonymity and security)

[p . lussier]

In a message dated: Fri, 12 Mar 2004 15:01:11 EST
Travis Roy said:

>If I see a phone number for somebody posted in a town hall, public library,
>the corner store, and somebody asks me for that persons number I'm going to
>give it to them without even thinking about it. If I see it at work, I might
>give the number to other people at work, but not people outside of work.

Hmm, interesting.  If someone asks me for someone elses phone number, 
my reply is, "Give me yours and I'll have them give you a call."

Unless, I know absolutely for sure, without a doubt, the person in 
question wouldn't mind me giving the phone number to the person 
asking for it.

But that's me.  I hate phone calls, it's much easier to avoid 
answering an e-mail.  Also, people can't easily track down where you 
live by an e-mail address (sure, in most cases it's possible, but in 
others it's not).
-- 

Seeya,
Paul
--
Key fingerprint = 1660 FECC 5D21 D286 F853  E808 BB07 9239 53F1 28EE

It may look like I'm just sitting here doing nothing,
   but I'm really actively waiting for all my problems to go away.

 If you're not having fun, you're not doing it right!


___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: p2p, anonymity and security

[p . lussier]

In a message dated: Fri, 12 Mar 2004 01:04:41 +0900
Derek Martin said:

>It is not unreasonable for people to believe you mean to violate the
>law, based on what you've said.  It is very likely that the paranoid
>(i.e. the RIAA's watchdogs) will make such assumptions.  It won't
>matter much if you did or didn't, should they decide to try to
>convince some judge that it IS your intention, and if they convince
>the judge...  Either way, your home will be raided, and your system
>will be confiscated.  You may well not go to jail, but if it were me
>at the very least it would wreck my day...

They have to have a LOT more proof than Greg saying he wants to share 
music and stay annonymous to raid his house.  They'd at least need 
proof has shared or downloaded illegal content.  Saying you intend to 
do something is not illegal, it is the doing something that is 
illegal.  If all they have is what Greg said here, they have nothing 
to warrant a suppoena.
-- 

Seeya,
Paul
--
Key fingerprint = 1660 FECC 5D21 D286 F853  E808 BB07 9239 53F1 28EE

It may look like I'm just sitting here doing nothing,
   but I'm really actively waiting for all my problems to go away.

 If you're not having fun, you're not doing it right!


___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: p2p, anonymity and security

[p . lussier]

In a message dated: Fri, 12 Mar 2004 01:04:41 +0900
Derek Martin said:

>Note also that I said "basically" -- perhaps my choice of words was
>sub-optimal, but I included this word to suggest the possibility that
>this is not actually what you intend to do.  Nevertheless, what you
>actually said was this:
>
>> I also want to get a general purpose p2p tool similar to Napster,
>> for sharing ogg, mp3 or other multimedia files.  The number one
>> prerequisite here is which tool/protocol offers the best anonymity.
>
>Whether or not you actually plan to violate the law, you clearly want
>to share types of files which exist primarily, almost to the exclusion
>of anything else, to represent music digitally.  The usual case is for
>such files to be ripped from copyrighted CDs.  You mention Napster, a
>tool notoriously associated with copyright infringement.  

And how do you, and of these supposed lawyers know that he is not 
planning on re-distributing stuff he has legally downloaded from 
furthur.net, which exists solely to distribute LEGALLY 
redistributable music in the form of MP3, SHN, OGG, and other formats
(including videos) ?

What he stated was not something that reads of illegal intent, what 
he stated was an intent to share music.  It is the copyright of the 
music which makes it's sharing legal or illegal.

For all the RIAA lawyers out there, I have legally downloaded 
gigabytes worth of music from furthur.net just so I NO LONGER NEED TO 
BUY YOUR CRAP :)
-- 

Seeya,
Paul
--
Key fingerprint = 1660 FECC 5D21 D286 F853  E808 BB07 9239 53F1 28EE

It may look like I'm just sitting here doing nothing,
   but I'm really actively waiting for all my problems to go away.

 If you're not having fun, you're not doing it right!


___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: List Archive (Was: Re: p2p, anonymity and security)

[Derek Martin]

On Fri, Mar 12, 2004 at 03:29:20PM -0500, Travis Roy wrote:
> 
> >Derek's assertion is that there needs to be mechanism behind one's
> >ability to protect privacy. In Derek's mind Travis' actions prove this.

Now, as in the past...

> >In my mind, the mechanism doesn't exist yet - and probably won't because
> >our society has rendered the spam problem as a "policy fix". 
> 
> The only way for this to work is that in every email ever sent to 
> anybody EVER, it would scan the email. Say it sees Derek's email 
> address, it would then send a copy to him asking him if it was okay for 
> his email address to be posted. The problem with that is, how would 
> Derek know who it was going to, since that person would also want their 
> privacy.

I'm not really sure how we get here from my original interest in
spam-proof archives...  There's a world of difference.  I'm willing to
give up SOME privacy in order to take advantage of using the Internet.
But you'll never convince me that e-mail addresses by necessity must
be available to the whole world, in order to use public forums.

> I understand his concerns, I understand what he's saying. I have a few 
> points.
> 
> 1 - He's been "loose" with his email address before, you can see that 
> with some simple searches, it's already EVERYWHERE. Does this mean he 
> can't enforce strict guidelines now? Of course not, but if somebody 
> makes a reference to an existing instance of his email I don't see how 
> that is "wrong" or "bad"

You use "loose" and "EVERYWHERE" in interesting ways...  A normal
google search reveals exactly 7 instances of my e-mail address
on-line.  You can expand the search and get a cornucopia of results,
true...   But if you bother to look at them, you'll see they're all
the same.  You'll also notice that all but one of them were cases whre
someone decided to attribute my e-mail address, or re-post something I
wrote, without my permission.  The last was where I had made a mistake
composing a message, and the wrong .sig file was appended to the
message.  If one mistake in three years constitutes loose, then I guess
you got me.

And I don't get a lot of spam, despite the fact I don't run spam
assassin or any other sort of spam filtering package.  But even one
message is too many...

> 2 - He expects people that he does not know, never met, probably never 
> talked to, and don't even know are subscribed to this list to respect 
> his wishes. 

Basically, yes.  Silly me for believing in the decency of people on
this list...

> room with a bunch of strangers you're not going to go to every one and 
> had them a card with your SSN on it, and if you did how could you even 
> start to think that they would respect any terms that you think apply 
> but you never actually told anybody about.

I don't (any longer) give out my SSN to anyone who doesn't need it for
tax reporting purposes.

> 3 - Without signing a legal document he really can't do anything about 
> anybody doing anything with any information on this list. 

Short of complaining publicly, you're right.  You're still missing the
point.  It's a risk, but it's MY risk, and I accept it, UNLIKE the
risk of having my e-mail address posted in a public web archive.  At
some point in the future, my domains will expire, and I will allow
them to.  At that time I'll have a new e-mail address.  When that
happens, I will be extra dilligent to keep it from appearing anywhere
on the net.

As for your comment about not being upset about you posting my bogus
info:  You thought it was real.  It doesn't bother me that it was
posted.  It bothers me that you posted it, knowing full well I don't
want it posted.

For the record, in general I don't want to be contacted by anyone I
haven't given my e-mail address to, either directly or by way of being
subscribed to the same mailing list.  I find those risks acceptable.
I include my URL and GPG key in my .sig because under some
circumstances, I do want actual humans to be able to track me down, if
they need to.  These also, I consider acceptable risks.  Others I do
not, most notably non-obfuscated web archives.  

I believe that in order to protect members, all mailing list archives
should be completely sanitized of e-mail addresses.  Philisophically,
I believe this to be for the "greater good" -- whatever that means.
Those who do not want their e-mail address posted are irreparably
harmed if it is posted; the amount they are harmed is subjective.
Those who don't care can easily make their e-mail address available
somewhere else, so no harm is done to them if they are sanitized.
Travis demonstrated how easy it is to use google, or any other search
engine, to get someone's e-mail address if it's on the web
somewhere...  

Ben likened signing up to the list to a gate as an access control.
It's a poor analogy, because gates on public facilities are put in
place more to control WHEN people use the facility, than WHO.  The
list sign-up mechanism, on the other hand, does contro

Re: p2p, anonymity and security

[bscott]

On Fri, 12 Mar 2004, at 12:51pm, [EMAIL PROTECTED] wrote:
> I sounds like you've bought into the notion promulgated by the popular
> media that because copyrights are automatically granted, that doing
> anything without obtaining and paying for permission is a crime.

  Speaking for myself:

  I certainly hate the media cartel as much as the next guy.  They have such
a strangle-hold on the industry that anyone who doesn't play their game
almost cannot be heard.  The terms of many of their contracts verge on
signing away one's entire life and identity.  The media cartel routinely
engages in price gouging and market control schemes.  They often appear to
believe they can buy whatever laws they want, and enforce them on their own.  
It seems many in the industry will not be happy until they can control every
aspect of content production and distribution, from the time it leaves the
artist's fingers or mouth, to the point where it hits the consumer's
eardrums or eyeballs.  In short, they are the epitome of corporate greed.

  However, as the saying goes, two wrongs don't make a right.

  In my own, personal experience, the overwhelming majority of people
interested in P2P file sharing networks simply want to obtain free copies of
stuff they would otherwise have to pay for.  They generally don't care if
the copies are illegal or not.  Indeed, some (a minority, I suspect)  
consider that a plus.  Most just don't care.

  I'm sure there are plenty of people interested in the legitimate uses, but
by all appearances, they are also a minority.

  (This, incidentally, is part of the larger problem.  If you have a tool
that is used for illegal purposes 95% of the time, and legal purposes 5% of
the time, many conclude the problem is with the tool.  Alas.)

  So.  You ask for P2P sharing.  You say the most important feature for you
is anonymity.  That means you want to hide your identity.  That may be for
perfectly legitimate reasons.  As Derek points out, protecting one's privacy
*is* important (his failure to do so notwithstanding).  But, given my
experience, your statements would make me suspicious of your intent.  I
would not condemn you or anyone else on suspicion alone -- but there are
many (such as the aforementioned media cartel) who would.

  Food for thought...

-- 
Ben Scott <[EMAIL PROTECTED]>
| The opinions expressed in this message are those of the author and do  |
| not represent the views or policy of any other person or organization. |
| All information is provided without warranty of any kind.  |




___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: List Archive (Was: Re: p2p, anonymity and security)

[Travis Roy]

Tom Buskey wrote:

Bruce Dawson said recently:

Can we take this thread off-line? No one else appears to be
contributing.

Amen Brother!



It's hard because Derek's email was unknown or invalid
Now that was funny...

But besides that, Derek brings up the privacy of his email address in 
what seems to be a rather random fashion. Even if this thread goes away 
I'm sure in like 6 months we'll be talking about exchange replacements 
and Derek will say something else about his email address being private.
___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Owning facts (Re: List Archive (Was: Re: p2p, anonymity and security))

[Travis Roy]

Not that this has a lot to do with this innane thread, but this might
not be true in a relatively short while.  For more information, look
here:
http://wired.com/news/business/0,1367,62500,00.html
http://www.cbo.gov/showdoc.cfm?index=5021
I'm sure that there are plenty of *other* places (besides this list)
where this topic could be discussed.
Please.. most of the discussions I saw about this totally show that it's 
crap. They can own a copyright on their database and charge for their 
access to that database. They don't "own" the fact, like people can't 
own my phone number, but they will be able to "own" a database of phone 
numbers.
___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: Re: List Archive (Was: Re: p2p, anonymity and security)

[Tom Buskey]

> Bruce Dawson said recently:
>>>Can we take this thread off-line? No one else appears to be
> contributing.
>
> Amen Brother!
>

It's hard because Derek's email was unknown or invalid






___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: List Archive (Was: Re: p2p, anonymity and security)

[Kevin D. Clark]

Travis Roy writes:

> I have that information in my head and
> can give it out to anybody I please. I've never heard of anybody
> getting sued for giving out a phone number that's listed, or giving
> out a street address.

Not that this has a lot to do with this innane thread, but this might
not be true in a relatively short while.  For more information, look
here:

http://wired.com/news/business/0,1367,62500,00.html
http://www.cbo.gov/showdoc.cfm?index=5021

I'm sure that there are plenty of *other* places (besides this list)
where this topic could be discussed.


OBTW, I'd just like to say that you're all Nazis.

Kind regards,

--kevin
-- 
Kevin D. Clark ([EMAIL PROTECTED])
ADVERTISEMENT:  On Sunday May 2nd, I'm riding my bicycle 100 miles
in the American Diabetes Association's Tour de Cure ride.  If you're
interested in sponsoring me, please send me email.

___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: List Archive (Was: Re: p2p, anonymity and security)

[Brian]

On Fri, 2004-03-12 at 14:34, Derek Martin wrote:
> Actually it wasn't.  Or at least not all of it.  So what?  It should
> be up to ME, not YOU, when and where I decide to give up my privacy.

And it is/was up to YOU.  Until you put the data on the Internet.  That
is when you gave up your privacy as related to that data.  

> That's rude.  

Possibly, but are we talking about privacy, or manners, or both?  

> The DMV has my name and address (or my last known, at any rate).  I
> still don't want it posted on billboards in downtown Nashua.  Surely
> you can see that there's a difference.

Yes there is.  *BUT* if you post it anywhere on the Internet I would
warn you not to be surprised if it DID wind up on a billboard.

Nothing is private on the Internet.  Things get archived, archives get
publicized, stolen, hacked, etc.  To argue that a mailing list, blog,
guestbook, obscure webpage, whatever is private is really futile in this
day and age.  

> My point is, I and only I should be in charge of what of my private
> information is given to whom and when.  Seeing my address posted on an
> on-call list does not give you the right to give it to your neighbor,
> or anyone else.  Or at least it shouldn't.

While it would be nice to exist in the information utopia world, where
personal data only went exactly where we wanted it to, that is not where
we actually live.  

If the information is available over "There" on the 'net, it is only a
matter of time before it gets posted (or used in an argument or
whatever) over "Here".

As others have pointed out, if you don't like that, then don't play on
the 'net.  You're not going to change it at this stage. 
-- 
Brian <[EMAIL PROTECTED]>

___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: List Archive (Was: Re: p2p, anonymity and security)

[Scott C. Mellott]

I 2nd the notion!

[EMAIL PROTECTED] wrote:

Bruce Dawson said recently:

Can we take this thread off-line? No one else appears to be
contributing.

Amen Brother!

Anybody got a good Linux question?

paulc


From: Bruce Dawson <[EMAIL PROTECTED]>
Date: 2004/03/12 Fri PM 03:10:53 EST
To: GNHLUG Discussion <[EMAIL PROTECTED]>
Subject: Re: List Archive (Was: Re: p2p, anonymity and security)

--
_
Scott Mellott
[EMAIL PROTECTED]
http://scott.mellott.com
_
___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: Re: List Archive (Was: Re: p2p, anonymity and security)

[paul.cour1]

Bruce Dawson said recently:
>>Can we take this thread off-line? No one else appears to be
contributing.

Amen Brother!


Anybody got a good Linux question?

paulc

> 
> From: Bruce Dawson <[EMAIL PROTECTED]>
> Date: 2004/03/12 Fri PM 03:10:53 EST
> To: GNHLUG Discussion <[EMAIL PROTECTED]>
> Subject: Re: List Archive (Was: Re: p2p, anonymity and security)
> 
> 
On Fri, 2004-03-12 at 14:34, Derek Martin wrote:
> My point is, I and only I should be in charge of what of my private
> information is given to whom and when.  Seeing my address posted on an
> on-call list does not give you the right to give it to your neighbor,
> or anyone else.  Or at least it shouldn't.
> 
> Doesn't any of this ring true with you guys?

This conversation reminds me of one between a lawyer and an engineer.
They talk about the same thing, but one is talking in terms of policy
and the other in terms of mechanism.

The problem is that we've been using the word "should" entirely too
much. It *assumes* that parties in the conversation are not in
agreement, and that at least one party is trying to assert that
something/someone is right and something/someone is wrong.

Yet technology (the internet in this case) cuts both ways. It is a
mechanism, and as such can be used for good *and/or* evil. Only the
application of societial values can make it either good or evil.

Derek's assertion is that there needs to be mechanism behind one's
ability to protect privacy. In Derek's mind Travis' actions prove this.
In my mind, the mechanism doesn't exist yet - and probably won't because
our society has rendered the spam problem as a "policy fix". 

Therefore, in my forever cynical mind, a mechanism solution will never
happen. So this conversation is akin to the [in]famous emacs vs. vi
editor wars - there is no end in sight.

Can we take this thread off-line? No one else appears to be
contributing.

--Bruce



signature.asc
Description: This is a digitally signed message part

Re: List Archive (Was: Re: p2p, anonymity and security)

[Travis Roy]

Derek's assertion is that there needs to be mechanism behind one's
ability to protect privacy. In Derek's mind Travis' actions prove this.
In my mind, the mechanism doesn't exist yet - and probably won't because
our society has rendered the spam problem as a "policy fix". 
The only way for this to work is that in every email ever sent to 
anybody EVER, it would scan the email. Say it sees Derek's email 
address, it would then send a copy to him asking him if it was okay for 
his email address to be posted. The problem with that is, how would 
Derek know who it was going to, since that person would also want their 
privacy.

I understand his concerns, I understand what he's saying. I have a few 
points.

1 - He's been "loose" with his email address before, you can see that 
with some simple searches, it's already EVERYWHERE. Does this mean he 
can't enforce strict guidelines now? Of course not, but if somebody 
makes a reference to an existing instance of his email I don't see how 
that is "wrong" or "bad"

2 - He expects people that he does not know, never met, probably never 
talked to, and don't even know are subscribed to this list to respect 
his wishes. Derek really does not know who is subscribed to this list 
(unless he has a copy of the list, I really don't know). If you're in a 
room with a bunch of strangers you're not going to go to every one and 
had them a card with your SSN on it, and if you did how could you even 
start to think that they would respect any terms that you think apply 
but you never actually told anybody about.

3 - Without signing a legal document he really can't do anything about 
anybody doing anything with any information on this list. He used to 
post with his email address. I have that information in my head and can 
give it out to anybody I please. I've never heard of anybody getting 
sued for giving out a phone number that's listed, or giving out a street 
address.

This is not, in any way, shape, or form a private list.
___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: List Archive (Was: Re: p2p, anonymity and security)

[Bruce Dawson]

On Fri, 2004-03-12 at 14:34, Derek Martin wrote:
> My point is, I and only I should be in charge of what of my private
> information is given to whom and when.  Seeing my address posted on an
> on-call list does not give you the right to give it to your neighbor,
> or anyone else.  Or at least it shouldn't.
> 
> Doesn't any of this ring true with you guys?

This conversation reminds me of one between a lawyer and an engineer.
They talk about the same thing, but one is talking in terms of policy
and the other in terms of mechanism.

The problem is that we've been using the word "should" entirely too
much. It *assumes* that parties in the conversation are not in
agreement, and that at least one party is trying to assert that
something/someone is right and something/someone is wrong.

Yet technology (the internet in this case) cuts both ways. It is a
mechanism, and as such can be used for good *and/or* evil. Only the
application of societial values can make it either good or evil.

Derek's assertion is that there needs to be mechanism behind one's
ability to protect privacy. In Derek's mind Travis' actions prove this.
In my mind, the mechanism doesn't exist yet - and probably won't because
our society has rendered the spam problem as a "policy fix". 

Therefore, in my forever cynical mind, a mechanism solution will never
happen. So this conversation is akin to the [in]famous emacs vs. vi
editor wars - there is no end in sight.

Can we take this thread off-line? No one else appears to be
contributing.

--Bruce


signature.asc
Description: This is a digitally signed message part

Re: List Archive (Was: Re: p2p, anonymity and security)

[Travis Roy]

Actually it wasn't.  Or at least not all of it.  So what?  It should
be up to ME, not YOU, when and where I decide to give up my privacy.
It doesn't matter if the information was ever right or ever public;
the point is I asked you not to do it, with reason, which I've
explained before.  You did it anyway.  That's rude.  
So if somebody asks me for a phone number that I might not have, but I 
find it online via google, 411.com or whatever I shouldn't be allowed to 
give it because I don't have permission?

You better start sending google an email asking them to remove the 495 
results for your email address, then contact all those web sites and ask 
them to remove your email address.

I guess my question is, why is this list (that now takes care of hiding 
emails, well kinda) such a huge concern for you.. Why is it HERE of all 
the places that your email is that you feel you must fight this fight. 
If you are THAT worried about your email address perhaps you shouldn't 
even use email. From any kind of legal standpoint (not that there is 
any), say I put your email address in my sig saying you're a weenie for 
trying to hide it, what kind of recourse could you have since I can find 
instances of your email on the web long before I even knew who you were?


You can't argue that my domain record is no different than posting my
e-mail address in a public forum, because as we've established, that
information is quite intentionally wrong.  What of it wasn't at one
time was entered before this became an issue for me.  Which is
irrelevant, because it too is now wrong.
If that's the case the fact that I posted it shouldn't bother you in the 
slightest since it's not correct.

My point is, I and only I should be in charge of what of my private
information is given to whom and when.  Seeing my address posted on an
on-call list does not give you the right to give it to your neighbor,
or anyone else.  Or at least it shouldn't.
Depends on where that on-call list is. If I see a phone number for 
somebody posted in a town hall, public library, the corner store, and 
somebody asks me for that persons number I'm going to give it to them 
without even thinking about it. If I see it at work, I might give the 
number to other people at work, but not people outside of work.

As somebody said before, once you give your email address to even ONE 
other person then it's not private anymore.



___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: List Archive (Was: Re: p2p, anonymity and security)

[Derek Martin]

On Fri, Mar 12, 2004 at 02:16:32PM -0500, Travis Roy wrote:
> >And yet it failed miserably to do so.  I don't live at that address,
> >and mail to any of those e-mail addresses will not reach me (with
> >certain important exceptions, which I will not detail here).
> 
> At one point that data was correct, and from the time you input the
> data, until the time that data was changed then your privacy was not
> there.

Actually it wasn't.  Or at least not all of it.  So what?  It should
be up to ME, not YOU, when and where I decide to give up my privacy.
It doesn't matter if the information was ever right or ever public;
the point is I asked you not to do it, with reason, which I've
explained before.  You did it anyway.  That's rude.  

The DMV has my name and address (or my last known, at any rate).  I
still don't want it posted on billboards in downtown Nashua.  Surely
you can see that there's a difference.

You can't argue that my domain record is no different than posting my
e-mail address in a public forum, because as we've established, that
information is quite intentionally wrong.  What of it wasn't at one
time was entered before this became an issue for me.  Which is
irrelevant, because it too is now wrong.

My point is, I and only I should be in charge of what of my private
information is given to whom and when.  Seeing my address posted on an
on-call list does not give you the right to give it to your neighbor,
or anyone else.  Or at least it shouldn't.

Doesn't any of this ring true with you guys?

-- 
Derek D. Martinhttp://www.pizzashack.org/   GPG Key ID: 0xDFBEAD02
-=-=-=-=-
Despite the ever-increasing complexities of human society and the advancement
of science and technology, the most perplexing problems that face most people
remain what to eat for lunch today, and who to sleep with tonight.
-=-=-=-=-
This message is posted from an invalid address.  Replying to it will result in
undeliverable mail.  Sorry for the inconvenience.  Thank the spammers.



pgp0.pgp
Description: PGP signature

Re: List Archive (Was: Re: p2p, anonymity and security)

[Travis Roy]

This is a "check and balance" that the internet community (ISPs and
backbones, mostly) agreed to at the inception of the internet - back
when it was split from the Arpanet.


This "check and balance" is a violation of domain owners' privacy,
which should not be possible without just cause, i.e. a court order.
These days it may be possible to hide your information with some
registrars; it was not when I registered pizzashack.
You had several choices you could have made. You could have not 
registered the domain. You could have had a friend register it for you, 
you could have had a sub domain of a friends domain (Like 
pizzashack.scootz.net), you could have filled in bogus information for 
part of it (like 978.org does), you could have got an anonymous mail 
drop and registered it with that address.

So, how much privacy should we be required to
sacrifice?
This is true for ANYTHING you do. When you go to school you give up some 
privacy, when you walk down the street, when you get a bank account, 
when you get a job, when you get a credit card, a phone number. I gave 
up some when I got a ham radio license, anybody can go and look up my 
call sign and see my address from last time I renewed. For those interested:

N1UEV
TRAVIS J ROY
PO BOX 41
GOFFSTOWN NH 03045
USA
In my opinion, which should surprise no one, the answer is almost
none.  Only what is absolutely essential in order to make things work.
My ISP knows who I am...  No one else needs to, unless a) I want them
to, or b) they can get a court order because of something I did to
them.
Then you should take better care to protect your info. There are tons of 
instances online of your email address on google. You say you want 
privacy, you say you want your email address not getting out there but 
you already have posted it all over the internet yourself. This little 
mailing list should be the least of your concerns

___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: p2p, anonymity and security

[Derek Martin]

On Fri, Mar 12, 2004 at 12:51:38PM -0500, Greg Rundlett wrote:
> >explicit - adj.  Fully and clearly expressed; leaving nothing implied.
> >
> You're right, I was not explicit.  My statement was actually 'simple'.  
> That simple statement carries a lot of implied meanings for most people, 
> but I'm not like most people.  So that's why I said what I said without 
> wanting to see it from the 'popular' point of view.  

All I was trying to point out is that many people, including some
potentially dangerous people, will view your words from the
"'popular' point of view" which could end up being quite bad for you.
These days, it has become somewhat dangerous to say unpopular things
in the Good 'ol US of A.

> >I said precisely what I meant to say.  The sentences I wrote are
> >grammatically correct and grammatically convey exactly what I meant
> >them to convey.
> >
> But you attribute to me motives which I do not have.

I don't think I did...  I believe I left room for the possibility that
you did not intend anything illegal in every previous message.

> I sounds like you've bought into the notion promulgated by the popular 
> media that because copyrights are automatically granted, that doing 
> anything without obtaining and paying for permission is a crime.  

Hardly.

> Realize that most people making a public speech have a message that they 
> are intentionally delivering to a mass audience for mass consumption and 
> re-telling.  

I was going to bring this up specifically, but decided it wasn't worth
my time.  It doesn't really matter...  Copyrights are not like
trademarks; you don't have to enforce them religiously.  I'm pretty
sure that even if I make a speech publicly, and it's reprinted by 100
news organizations, who I elect not to sue, I can still sue YOU for
copyright infringement for including it in your new book without my
permission, if I decide it's worth my time and effort to do so...

But I may be mistaken, and it's way too late here to be perusing
copyright legislation...

Be safe; when in doubt, be explicit.

-- 
Derek D. Martinhttp://www.pizzashack.org/   GPG Key ID: 0xDFBEAD02
-=-=-=-=-
Despite the ever-increasing complexities of human society and the advancement
of science and technology, the most perplexing problems that face most people
remain what to eat for lunch today, and who to sleep with tonight.
-=-=-=-=-
This message is posted from an invalid address.  Replying to it will result in
undeliverable mail.  Sorry for the inconvenience.  Thank the spammers.



pgp0.pgp
Description: PGP signature

Re: List Archive (Was: Re: p2p, anonymity and security)

[Travis Roy]

However, I think that the posting of the whois information was not only
unnecessary, but completely inappropriate to the discussion.
 I believe the point was to demonstrate that the personal privacy Derek
keeps asserting is being violated is already non-existent, by his own
actions, and completely independently of this list.
 
And yet it failed miserably to do so.  I don't live at that address,
and mail to any of those e-mail addresses will not reach me (with
certain important exceptions, which I will not detail here).
At one point that data was correct, and from the time you input the 
data, until the time that data was changed then your privacy was not there.

All it demonstrated is that Travis Roy is inconsiderate.
That's not a nice thing to say about a guy in a wheelchair..

oh, wrong Travis Roy, you're talking about me, not the other one.

I didn't realize posting publicly available information to a publicly 
available mailing list was considered inconsiderate.

I suggest we not allow posting of any information such as addresses 
(email or otherwise), phone numbers, web site URLs and other information 
like that without the written permission of the person that "owns" that 
information. Violators will me smacked 30 times with a sting rays tail.



___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: List Archive (Was: Re: p2p, anonymity and security)

[Travis Roy]

However, since you had no way to know that, but you DO know quite well
that I do not want my e-mail address posted in a public forum and did
it anwyay, I conclude that you have no regard for your fellow man.
Spammers have been using whois data since forever to get email address. 
I'm POSITIVE that anybody that would get any of those email addresses 
from this list already had them from getting them from your whois 
record. That's why I had no problem posting the information.

> Your momma would be proud, I'm sure...

My momma is dead, thanks for bringing that memory up...

(Well, not really, just showing how inconsiderate that comment could be)

___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: List Archive (Was: Re: p2p, anonymity and security)

[Derek Martin]

On Fri, Mar 12, 2004 at 12:04:00PM -0500, Bruce Dawson wrote:
> On Fri, 2004-03-12 at 11:01, Kenneth E. Lussier wrote:
> > However, I think that the posting of the whois information was not only
> > unnecessary, but completely inappropriate to the discussion. 
> 
> And *I* think it was entirely appropriate given the context of the
> discussion. Whois information is publically available - just like your
> voting information, property tax info, EIN (if you're a corporation),

I guess my parents had a completely different idea of manners that
they taught me...  I learned that doing something which someone has
explicitly asked you not to do, without having a pretty good reason to
do so, is NEVER appropriate, and simply rude.  Trying to make someone
look foolish does not constitute such a reason...

> As a system administrator, I want to know the person responsible for any
> given IP address that connects to any of my systems. 

Well, you go on to point out that you don't.  So what difference does
it make?

> This is a "check and balance" that the internet community (ISPs and
> backbones, mostly) agreed to at the inception of the internet - back
> when it was split from the Arpanet.

This "check and balance" is a violation of domain owners' privacy,
which should not be possible without just cause, i.e. a court order.
These days it may be possible to hide your information with some
registrars; it was not when I registered pizzashack.

> > So, mailing lists aside, just how much privacy are we *FORCED* to give
> > up to participate in this whackey little thing that we called the
> > internet? And who decides what amount of lost privacy is ok? 
> 
> As soon as your start participating in society, you start giving up
> privacy. If you don't agree with that statement, then our definitions of
> privacy differ - and that's an altogether different topic and this is
> NOT the forum to discuss it.

This response completely fails to address the point, for which I think
there are few better forums than this one.  It is becoming
increasingly difficult to use the internet and maintain one's privacy.
At the same time, it is becoming increasingly difficult to live
without using the internet.  Most of us on this list depend upon it in
one way or another.  So, how much privacy should we be required to
sacrifice?

In my opinion, which should surprise no one, the answer is almost
none.  Only what is absolutely essential in order to make things work.
My ISP knows who I am...  No one else needs to, unless a) I want them
to, or b) they can get a court order because of something I did to
them.

People who fight spam are fighting the wrong battle.  The spammers
should never have gotten your information in the first place.  The
only way to prevent spam is to prevent spammers from finding you.
You can filter it all you like, but it's still going to get delivered
to you.

-- 
Derek D. Martinhttp://www.pizzashack.org/   GPG Key ID: 0xDFBEAD02
-=-=-=-=-
Despite the ever-increasing complexities of human society and the advancement
of science and technology, the most perplexing problems that face most people
remain what to eat for lunch today, and who to sleep with tonight.
-=-=-=-=-
This message is posted from an invalid address.  Replying to it will result in
undeliverable mail.  Sorry for the inconvenience.  Thank the spammers.



pgp0.pgp
Description: PGP signature

Re: List Archive (Was: Re: p2p, anonymity and security)

[Derek Martin]

On Fri, Mar 12, 2004 at 11:36:53AM -0500, [EMAIL PROTECTED] wrote:
> > However, I think that the posting of the whois information was not only
> > unnecessary, but completely inappropriate to the discussion.
> 
>   I believe the point was to demonstrate that the personal privacy Derek
> keeps asserting is being violated is already non-existent, by his own
> actions, and completely independently of this list.

And yet it failed miserably to do so.  I don't live at that address,
and mail to any of those e-mail addresses will not reach me (with
certain important exceptions, which I will not detail here).

All it demonstrated is that Travis Roy is inconsiderate.

-- 
Derek D. Martinhttp://www.pizzashack.org/   GPG Key ID: 0xDFBEAD02
-=-=-=-=-
Despite the ever-increasing complexities of human society and the advancement
of science and technology, the most perplexing problems that face most people
remain what to eat for lunch today, and who to sleep with tonight.
-=-=-=-=-
This message is posted from an invalid address.  Replying to it will result in
undeliverable mail.  Sorry for the inconvenience.  Thank the spammers.



pgp0.pgp
Description: PGP signature

Re: List Archive (Was: Re: p2p, anonymity and security)

[Derek Martin]

On Fri, Mar 12, 2004 at 07:19:24AM -0500, Travis Roy wrote:
> If that is true, perhaps you shouldn't have your webpage address in 
> your sig:

If you send me e-mail to any of the addresses listed in my domain
registration record, I assure you they will not reach me.

However, since you had no way to know that, but you DO know quite well
that I do not want my e-mail address posted in a public forum and did
it anwyay, I conclude that you have no regard for your fellow man.
Your momma would be proud, I'm sure...

-- 
Derek D. Martinhttp://www.pizzashack.org/   GPG Key ID: 0xDFBEAD02
-=-=-=-=-
Despite the ever-increasing complexities of human society and the advancement
of science and technology, the most perplexing problems that face most people
remain what to eat for lunch today, and who to sleep with tonight.
-=-=-=-=-
This message is posted from an invalid address.  Replying to it will result in
undeliverable mail.  Sorry for the inconvenience.  Thank the spammers.



pgp0.pgp
Description: PGP signature

Re: p2p, anonymity and security

[Greg Rundlett]

Travis Roy wrote:

How do you know that? Perhaps he wants to share legal content but 
doesn't want everybody and their brother knowing his IP address, name, 
and location. Bands like Guster allow sharing of their music if it's a 
live show that they taped. You can get tons of their shows on 
archive.org. I host guster.net for a friend and he has many many media 
files up that the band has no problem with.

This past spring, my wife and I were fortunate enough to 'discover' and 
see the Bruce Marshall Group play twice in two weekends.  (from the old 
Marshall Tucker band).  At the second show, he was hawking his latest 
CD's (one of which was obviously burned on a home computer), and I 
bought both.  I'm not about to violate his copyright by distributing his 
music, but I sure wish it were easy to find some like it on the 
Internet, so I could find out where to buy it.  You can freely download 
mp3 files from his website (brucemarshall.net).  I would hope that these 
are half songs--with an audio message indicating where to find him on 
the Internet so that you can buy them.  My point is that here is 
somebody who is sharing mp3 files on the Internet, and he is not a 
pirate.  In fact, I bet Bruce would like to know how to share his demos 
on p2p networks.  So would I.  And I'm interested in propagating that 
knowledge so that artists like Bruce can lead a new Internet 
distribution model that fits fans and artists, not the RIAA.  That's why 
I asked my original question.

In retrospect, I should have said something like "I want to use p2p 
tools with various enencumbered historical, cultural, art, software and 
music assets, encoded in royalty-free formats such as ogg" so that I 
could try to sidestep the issue of being labeled a copyright-infringing 
pirate.

___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

--
FREePHILE
We are 'Open' for Business
Free and Open Source Software
http://www.freephile.com
(978) 270-2425
Leave no stone unturned.
-- Euripides
___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: List Archive (Was: Re: p2p, anonymity and security)

[Jeff Kinz]

On Fri, Mar 12, 2004 at 11:01:23AM -0500, Kenneth E. Lussier wrote:
> I have stayed out of this until now, as I don't really care all that
> much about the public or private status of the GNHLUG list. I actually
> thought that it was a closed list to keep RMS from posting rants about
> how it should be called GNHG/LUG ;-)
> 
> However, I think that the posting of the whois information was not only
> unnecessary, but completely inappropriate to the discussion. It does,
> however, bring up a good point that is currently being debated: How
> public should the whois database be? Does anyone really need to know
> where Derek lives? Should it be common knowledge that Travis is in
> apartment 4T? And, more importantly, why was all of this information
> made to be public to begin with? Even the most simple minded can look up
> whois data and abuse it.  And anyone with malicious intent can take it
> further and use that information for harassment, or more nefarious
> things. 
> 
> So, mailing lists aside, just how much privacy are we *FORCED* to give
> up to participate in this whackey little thing that we called the
> internet? And who decides what amount of lost privacy is ok? 

Well, This is TOTALLY uncalled for!

Ken is obviously trying to raise the level of discussion here to
something meaningful and even strategically far ranging in scope.

I, for one, refuse to put up with this kind of enlightened approach.

Mailing lists are for flaming, irrational rants, and above all personal
attacks!

Ken must stop this courteous and polite behavior immediately!

(- kidding AFAIK.)


-- 
Jeff Kinz, Open-PC, Emergent Research,  Hudson, MA.  
"[EMAIL PROTECTED]" is copyright 2003.  
Use is restricted. Any use is an acceptance of the offer at
http://www.kinz.org/policy.html.
___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: p2p, anonymity and security

[Greg Rundlett]

Derek Martin wrote:

  
My intention is explicitly stated and legal 

  
  
I beg to differ on that.

 explicit - adj.  Fully and clearly expressed; leaving nothing implied.


  

You're right, I was not explicit.  My statement was actually 'simple'. 
That simple statement carries a lot of implied meanings for most
people, but I'm not like most people.  So that's why I said what I said
without wanting to see it from the 'popular' point of view.  To
clarify, I have very little interest in what is available on TV, Radio,
or through Hollywood.  I'm much more interested in history, arts,
science, folk music, world music and culture.  Most of this is very
hard to find, but I think there are volumes of it that I could collect
and share using p2p technologies without running afoul of any laws. 
I'm interested in sites like ibiblio.org and seeing their numbers grow
on the Internet.

  
  
You can discuss illegal things all you like, so long as you don't
announce intention to commit a crime, which is generally illegal.  For
example, if you plot to commit a crime with your friends, you need not
even actually attempt the act to be guilty of a crime.  This is called
conspiracy.  If you are dumb enough to announce your intentions to
kill the president, the Secret Service will make your life unpleasant.
If you tell airport security that you intend to bomb a plane, you will
almost certainly be arrested immediately.  You probably won't go to
jail, but you probably will miss your flight.  Though, if you happen
to be carrying anything that might be used to make a bomb...  Well, I
wouldn't want to be you.  
  

Well, I guess Carnivore picked up this thread by now.

  

  certainly possible to exchange materials which do not have copyrights
to which you are not the owner via these file sharing networks;
however I don't think anyone here is naive enough to believe that is
(exclusively) what you intend...
  

You confused me a bit with this wording.  I think you meant to say that 

  
  [SNIP]

I said precisely what I meant to say.  The sentences I wrote are
grammatically correct and grammatically convey exactly what I meant
them to convey.
  

But you attribute to me motives which I do not have.

  Public speeches have copyrights, regardless of the fact that they are
delivered publicly.  There may be some issue of how enforcable the
copyright is in that case; I'm not sure.  Are you?  

  

I sounds like you've bought into the notion promulgated by the popular
media that because copyrights are automatically granted, that doing
anything without obtaining and paying for permission is a crime. 
Realize that most people making a public speech have a message that
they are intentionally delivering to a mass audience for mass
consumption and re-telling.  If someone makes a speech on homosexual
equality, which is recorded by a friend in the audience in MP3 format. 
Do you think the speaker is more concerned with 'enforcing his/her
rights against pirates' or 'enforcing his/her rights to equality'?  I
don't think the homosexual will sue the friend.  I do think that you've
by now many people think I'm homosexual--but I'm just a regular guy.


-- 
FREePHILE
We are 'Open' for Business
Free and Open Source Software
http://www.freephile.com
(978) 270-2425
Stay the curse.

Re: content mgt for non-profits

[Bruce Dawson]

On Fri, 2004-03-12 at 10:38, Jonathan Linowes wrote:
> I would like suggestions for content managment software or online
services that meet the basic needs of your typical nonprofit
organization: calendar, events, announcements, feature articles, easy to
update by non technical people, etc Needs to be cheap if not free.

I've had pretty good success with PostNuke and TWiki. However, others
indicate "its too busy" (about both of them).

--Bruce


signature.asc
Description: This is a digitally signed message part

Re: List Archive (Was: Re: p2p, anonymity and security)

[Travis Roy]

However, I think that the posting of the whois information was not only
unnecessary, but completely inappropriate to the discussion. 


And *I* think it was entirely appropriate given the context of the
discussion. Whois information is publically available - just like your
voting information, property tax info, EIN (if you're a corporation),
...
Thanks for the backing Bruce. And those are some good points. It's 
amazing the ammount of "public" information there is about people if you 
just drive down to town hall, and with more and more towns and cities 
going on the internet some of them are putting this data online.

People get so up in arms about privacy, yet do things that just don't 
make sense when it comes to protecting their own. They use credit cards 
willy nilly, they give their SSN out to everybody they do business with 
because they require it for "security".
___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: p2p, anonymity and security

[Greg Rundlett]

[EMAIL PROTECTED] wrote:

  On Thu, 11 Mar 2004, at 12:04am, [EMAIL PROTECTED] wrote:
  
  
So, my first question...Is a Linksys Router doing 'firewall' duty and NAT
easy to get past?

  
  
  Absolutely.  But not through the vectors you think.

  Those SOHO routers are pretty simple.  They do stateful tracking of TCP
and UDP, and block anything incoming that you didn't originate.  For
example, someone trying to telnet into the root shell you have running on
TCP port 666 will be blocked.

  It's the stuff you allow that is the problem.  You say you have forward
some ports?  What ports?  What are you running on those ports?

  For example: If you forward a port in for that root shell I mentioned,
anyone who finds that can take over your computer.

  You mention you've installed some software.  How trustworthy is this
software?  If the software contains backdoors which grant remote access, it
won't matter how strong your firewall is -- because you've explicitly told
your firewall to allow the traffic.  Or maybe the software contains no
deliberate exposures, but is so buggy that exploits are a dime a dozen.  Or
maybe the design of the network protocol(s) it uses defeat your firewall.  
Or whatever.

  I have encountered many situations where a network with a very good
firewall is totally compromised by hostile software.  A firewall won't help
if you download and install the attack vectors willingly.

  

Thanks Ben,

You confirm that I actually do know a few things about security and how
my hardware works.    I heard a remark recently that the Linksys router
wasn't a firewall at all.  And the real meaning of that is that
security must be measured in a broader context than just asking if 'x'
will keep me safe.
-- 
FREePHILE
We are 'Open' for Business
Free and Open Source Software
http://www.freephile.com
(978) 270-2425
"Language shapes the way we think, and determines what we can think about."
-- B. L. Whorf

Re: p2p, anonymity and security

[Greg Rundlett]

Then why bother with the anonymity? If your sharing with your friends,
then simply set up a password protected area! If the RIAA somehow
charges you for that then I would think you could sue them for hacking
your systems.


Perhaps because he wants to share legal content with more then just 
the people he knows, and/or distribute the bandwidth over many 
connections.


That, plus 'set up a password-protected area' is pseudo-code for
 function  Build_a_black_hole ($user, $admin=me){
   while (count ($user != 0)) {
 $time--;
 $effort--;
   }
   if ($personal_life != 0) die("$admin not allowed to have 
$personal_life > 0");
   return 'so true';
 }

;-)

--
FREePHILE
We are 'Open' for Business
Free and Open Source Software
http://www.freephile.com
(978) 270-2425
I steal.
-- Sam Giancana, explaining his livelihood to his draft board
Easy.  I own Chicago.  I own Miami.  I own Las Vegas.
-- Sam Giancana, when asked what he did for a living
___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: List Archive (Was: Re: p2p, anonymity and security)

[Bruce Dawson]

On Fri, 2004-03-12 at 11:01, Kenneth E. Lussier wrote:
> However, I think that the posting of the whois information was not only
> unnecessary, but completely inappropriate to the discussion. 

And *I* think it was entirely appropriate given the context of the
discussion. Whois information is publically available - just like your
voting information, property tax info, EIN (if you're a corporation),
...

> It does,
> however, bring up a good point that is currently being debated: How
> public should the whois database be? Does anyone really need to know
> where Derek lives? Should it be common knowledge that Travis is in
> apartment 4T? And, more importantly, why was all of this information
> made to be public to begin with? 

As a system administrator, I want to know the person responsible for any
given IP address that connects to any of my systems. This is a "check
and balance" that the internet community (ISPs and backbones, mostly)
agreed to at the inception of the internet - back when it was split from
the Arpanet.

> Even the most simple minded can look up
> whois data and abuse it.  And anyone with malicious intent can take it
> further and use that information for harassment, or more nefarious
> things. 

If you don't want to be bothered, then there are lots of ways to make it
more difficult to get hold of you. For examples, try to find the "person
responsible" for yahoo.com, microsoft.com (actually, this one is rather
humorous), ...

> So, mailing lists aside, just how much privacy are we *FORCED* to give
> up to participate in this whackey little thing that we called the
> internet? And who decides what amount of lost privacy is ok? 

As soon as your start participating in society, you start giving up
privacy. If you don't agree with that statement, then our definitions of
privacy differ - and that's an altogether different topic and this is
NOT the forum to discuss it.

--Bruce



signature.asc
Description: This is a digitally signed message part

Re: content mgt for non-profits

[Dan Jenkins]

Jeffrey Creem wrote:
I am pretty happy with geeklog (www.geeklog.com ).
 
Once you get past the setup it can be used/maintained by fairly 
non-technical people.
I think you meant http://www.geeklog.net. There is no geeklog.com

--
Dan Jenkins ([EMAIL PROTECTED])
Rastech Inc., Bedford, NH, USA --- 1-603-624-7272
*** Technical Support for over a Quarter Century
___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: p2p, anonymity and security

[Greg Rundlett]

Bill Mullen wrote:

  I have no experience with other P2P apps than BitTorrent (and no interest 
in them, really), but I can tell you that to get the most out of BT, you 
need to tell your router to forward ports 6881 through 6889 inclusive to 
the internal machine running BT. You also need to limit the upload rate to 
no more than about 60-70% of your upstream bandwidth, or the inability to 
send packets in a timely fashion will choke your download speeds - and not 
just the BT d/l speed, but everything else on the box (browsing, etc.).

How the upload rate is limited will vary from client to client; with the 
ncurses client, it's a command-line option (--max_upload_rate). I have no 
idea how this is done with MLdonkey, nor do I know if it can support the 
range of open ports that BT requires for proper (IOW, fast) operation. 

Thanks


  You 
may have better luck with another client for the BitTorrent stuff - one 
that is more specifically tailored to BT, and not one that "tacks it on".
  

Actually, MLDonkey 'speaks' BitTorrent, so it handles it well, I just
haven't read through all that I need to yet.

  
  
  
So, my first question...Is a Linksys Router doing 'firewall' duty and 
NAT easy to get past?  If the answer is yes, then what should I do?  Use 
a firewall-specific distro to convert my old P133MHz box into a Linux 
firewall?  Maybe someone wants $100 to come over and show me how it's 
done? (location Newburyport, MA or E. Kingston, NH)

  
  
It should be acting as a reasonably effective firewall, and should only be 
permeable on those specific ports you have left open /and/ forwarded to an 
internal system. Should you opt to replace it with Linux, I've had great 
results with SmoothWall (http://www.smoothwall.org), which is very easy to 
install, works on low-spec systems, and has a browser-based interface. It 
also includes the Squid proxy, and Snort for intrusion detection/logging.
  

[snip]

  
HTH!

  

Yes, thanks again.
-- 
FREePHILE
We are 'Open' for Business
Free and Open Source Software
http://www.freephile.com
(978) 270-2425
Netscape has crashed

WHOIS privacy (was: List Archive)

[bscott]

On 12 Mar 2004, at 11:01am, [EMAIL PROTECTED] wrote:
> It does, however, bring up a good point that is currently being debated:
> How public should the whois database be?

  A good question.

> Does anyone really need to know where Derek lives?

  Absolutely.  Derek, for starters.  But I'm not so sure that information
needs to be in the public WHOIS database.

  FWIW, I know for a fact that the information in that WHOIS record is just
about completely obsolete.  Derek doesn't even live on that *continent* at
this time.

  There is also, I think, a distinction between a private individual and a
company or organization.  It might be reasonable to require a company to
expose their contact information in a domain name.  But then the issue
becomes, who decides (and checks) which is which?

> And, more importantly, why was all of this information made to be public
> to begin with?

  Because when DNS was invented (circa 1984, IIRC), everyone trusted
everyone on the Internet, and it was important to have contact information
available for technical reasons.  It was more then a decade latter before
abuse of WHOIS became a serious concern.  Today, many registrars and
registries give registrants control over what information they expose.

> So, mailing lists aside, just how much privacy are we *FORCED* to give up
> to participate in this whackey little thing that we called the internet?

  It depends on the type of "participation".

> And who decides what amount of lost privacy is ok?

  We all do.  If you, for example, feel that the exposure in registering a
domain name is and must be too great, you have choices.  Seek an alternative
registrar/registry/TLD.  Take steps to hide your identity.  Or simply do not
register a domain name.

-- 
Ben Scott <[EMAIL PROTECTED]>
| The opinions expressed in this message are those of the author and do  |
| not represent the views or policy of any other person or organization. |
| All information is provided without warranty of any kind.  |

___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: content mgt for non-profits

[Travis Roy]

Jeffrey Creem wrote:

I am pretty happy with geeklog (www.geeklog.com ).
Correction, it's www.geeklog.net

I wanted to check it out as well :)
___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: List Archive (Was: Re: p2p, anonymity and security)

[bscott]

On 12 Mar 2004, at 11:01am, [EMAIL PROTECTED] wrote:
> I have stayed out of this until now, as I don't really care all that much
> about the public or private status of the GNHLUG list.

  If the majority of our membership wanted to come up with some kind of
entrance requirement, I would facilitate that.  Personally, I would find it
very unfortunate, as I think the list should be as open as possible, but if
most people want restrictions, then okay, I will help.

  My major objection is Derek's repeated assertions that this list is
somehow private or restricted.  I honestly cannot see how he came to his
conclusion, as this list has *never* been that, by intent or in fact.  
Again, GNHLUG does not even *have* an official status, charter, or
membership criteria.  (Personally, I think we should, but that's another
topic.)  Given the total *lack* of such, calling GNHLUG a "private club" is
nothing short of ridiculous.

> I actually thought that it was a closed list to keep RMS from posting
> rants about how it should be called GNHG/LUG ;-)

  Hah!

> However, I think that the posting of the whois information was not only
> unnecessary, but completely inappropriate to the discussion.

  I believe the point was to demonstrate that the personal privacy Derek
keeps asserting is being violated is already non-existent, by his own
actions, and completely independently of this list.

-- 
Ben Scott <[EMAIL PROTECTED]>
| The opinions expressed in this message are those of the author and do  |
| not represent the views or policy of any other person or organization. |
| All information is provided without warranty of any kind.  |

___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: content mgt for non-profits

[Jeffrey Creem]

I am pretty happy with geeklog (www.geeklog.com).
 
Once you get past the setup it can be 
used/maintained by fairly non-technical people.

  - Original Message - 
  From: 
  Jonathan 
  Linowes 
  To: [EMAIL PROTECTED] 
  
  Sent: Friday, March 12, 2004 10:38 
  AM
  Subject: content mgt for 
non-profits
  
  I would like suggestions for content managment 
  software or online services that meet the basic needs of your typical 
  nonprofit organization: calendar, events, announcements, feature articles, 
  easy to update by non technical people, etc Needs to be cheap if not 
  free.
   
  thanks
   
  jonathan
   

Neat DNS check tool - ZoneCheck

[bscott]

Hello list,

  Travis Roy (a fellow list member) sent me a link to this tool:

http://www.zonecheck.fr/

  It's a DNS check tool.  GPL.  It will look at the DNS information for a
domain name, and report on errors and sub-optimal conditions.  I've seen
plenty of these before, but this one is especially slick, so I thought I'd
pass it on.

  Aside from the spiffy web UI, there are also a CLI and GUI modes, although
I haven't tried those yet.  There's a demo on the web page (click the "Try
it now" link) for the web UI.  You can also download and install a local
copy.

  It is implemented in the Ruby language, which I believe may also be of
interest to some list members.  It can also make use of GTK and XML.

  Hope this helps,

-- 
Ben Scott <[EMAIL PROTECTED]>
| The opinions expressed in this message are those of the author and do  |
| not represent the views or policy of any other person or organization. |
| All information is provided without warranty of any kind.  |

___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: List Archive (Was: Re: p2p, anonymity and security)

[Travis Roy]

Kenneth E. Lussier wrote:

On Fri, 2004-03-12 at 07:19, Travis Roy wrote:

Then I suggest you look at the archives of some mailing list software
mailing lists...  The idea is often brought up there, for the very
same reasons I brought them up here (originally).  Personally, I find
the notion that I should be required to provide personally identifying
information to the whole world in order to participate in a public
forum to be offensive, and contrary to the priciples by which the
United States of America was founded.  It does not need to be, and
should not be so.  That so few people value their 4th amendment right
to privacy is a travesty.
If that is true, perhaps you shouldn't have your webpage address in 
your sig:

[dslv-1-175:~] travis% whois pizzashack.org

However, I think that the posting of the whois information was not only
unnecessary, but completely inappropriate to the discussion. 
How so? Derek is worried about people getting his email address and 
various other information when he posts to this list. Yet, he includes 
his domain in his sig. With that information you can do a whois on him 
and not only get his email addres, but his phone number and address as 
well. If he was really that worried about his privacy he wouldn't 
include that information.

As for actually posting the whois information I figured it was more 
dramatic rather then just explaining this.

___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: List Archive (Was: Re: p2p, anonymity and security)

[Kenneth E. Lussier]

On Fri, 2004-03-12 at 07:19, Travis Roy wrote:
> > Then I suggest you look at the archives of some mailing list software
> > mailing lists...  The idea is often brought up there, for the very
> > same reasons I brought them up here (originally).  Personally, I find
> > the notion that I should be required to provide personally identifying
> > information to the whole world in order to participate in a public
> > forum to be offensive, and contrary to the priciples by which the
> > United States of America was founded.  It does not need to be, and
> > should not be so.  That so few people value their 4th amendment right
> > to privacy is a travesty.
> 
> If that is true, perhaps you shouldn't have your webpage address in 
> your sig:
> 
> [dslv-1-175:~] travis% whois pizzashack.org
> 

I have stayed out of this until now, as I don't really care all that
much about the public or private status of the GNHLUG list. I actually
thought that it was a closed list to keep RMS from posting rants about
how it should be called GNHG/LUG ;-)

However, I think that the posting of the whois information was not only
unnecessary, but completely inappropriate to the discussion. It does,
however, bring up a good point that is currently being debated: How
public should the whois database be? Does anyone really need to know
where Derek lives? Should it be common knowledge that Travis is in
apartment 4T? And, more importantly, why was all of this information
made to be public to begin with? Even the most simple minded can look up
whois data and abuse it.  And anyone with malicious intent can take it
further and use that information for harassment, or more nefarious
things. 

So, mailing lists aside, just how much privacy are we *FORCED* to give
up to participate in this whackey little thing that we called the
internet? And who decides what amount of lost privacy is ok? 

C-Ya,
Kenny





signature.asc
Description: This is a digitally signed message part

content mgt for non-profits

[Jonathan Linowes]

I would like suggestions for content managment 
software or online services that meet the basic needs of your typical nonprofit 
organization: calendar, events, announcements, feature articles, easy to update 
by non technical people, etc Needs to be cheap if not free.
 
thanks
 
jonathan
 

Re: List Archive (Was: Re: p2p, anonymity and security)

[bscott]

On Fri, 12 Mar 2004, at 2:01pm, [EMAIL PROTECTED] wrote:
> On Thu, Mar 11, 2004 at 10:40:15PM -0500, [EMAIL PROTECTED] wrote:
> >   You're the only person I have ever met who thinks a publicly archived,
> > publicly accessible, open-to-anyone-who-subscribes mailing list has any
> > expectation of privacy.  
> 
> Then I suggest you look at the archives of some mailing list software
> mailing lists...  The idea is often brought up there, for the very same
> reasons I brought them up here (originally)

  Care to provide some specific references?  Vague claims in the style of
"other people *do to* agree with me" don't really carry much weight with me.

> Personally, I find the notion that I should be required to provide
> personally identifying information to the whole world in order to
> participate in a public forum to be offensive ...

  Uhhh... now I think you're just being unreasonable.

  The word "public" is an antonym for "private".  The very use of the term
"public" implies that you are giving up some privacy.  Please consult your
dictionary if you are unclear on this.

  *How much* privacy you give up, of course, depends on the scope of the
forum, and the efforts to which you go to hide your identity.  The Internet,
being world-wide, is about as large a forum as you can get.  On the other
hand, all you need to offer to participate in *this* forum is an email
address.  Furthermore, as your own messages indicate, it doesn't even need
to be a *valid* address, after subscription.  If you used a throw-away
account on a free mail service, and took steps to hide your IP address, this
forum can be about as anonymous as one can get and still be on the Internet.

> ... and contrary to the priciples by which the United States of America
> was founded.  It does not need to be, and should not be so.  That so few
> people value their 4th amendment right to privacy is a travesty.

  Now you just sound like a conspiracy nut.  I value my 4th amendment
rights, thank-you-very-much.  However, I really don't see how on Earth you
can consider providing an email address to participate in a public email
forum a form of unreasonable search or seizure.  Get a grip.

-- 
Ben Scott <[EMAIL PROTECTED]>
| The opinions expressed in this message are those of the author and do  |
| not represent the views or policy of any other person or organization. |
| All information is provided without warranty of any kind.  |

___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss

Re: List Archive (Was: Re: p2p, anonymity and security)

[Travis Roy]

Then I suggest you look at the archives of some mailing list software
mailing lists...  The idea is often brought up there, for the very
same reasons I brought them up here (originally).  Personally, I find
the notion that I should be required to provide personally identifying
information to the whole world in order to participate in a public
forum to be offensive, and contrary to the priciples by which the
United States of America was founded.  It does not need to be, and
should not be so.  That so few people value their 4th amendment right
to privacy is a travesty.
If that is true, perhaps you shouldn't have your webpage address in 
your sig:

[dslv-1-175:~] travis% whois pizzashack.org

Domain ID:D34817032-LROR
Domain Name:PIZZASHACK.ORG
Created On:17-Sep-2000 16:55:17 UTC
Last Updated On:09-Jan-2004 08:23:26 UTC
Expiration Date:17-Sep-2004 16:55:17 UTC
Sponsoring Registrar:R86-LROR
Status:OK
Registrant ID:-592800
Registrant Name:Derek Martin
Registrant Organization:Pizza Shack
Registrant Street1:10 Lear Dr
Registrant City:Nashua
Registrant State/Province:NH
Registrant Postal Code:03063-2128
Registrant Country:US
Registrant Phone:+1.9786060257
Registrant Email:[EMAIL PROTECTED]
Admin ID:-938816
Admin Name:Derek Martin
Admin Organization:Sophic
Admin Street1:3 Elm St.  #21
Admin City:Andover
Admin State/Province:MA
Admin Postal Code:01810
Admin Country:US
Admin Phone:+1.9789965397
Admin Email:[EMAIL PROTECTED]
Tech ID:-592800
Tech Name:Derek Martin
Tech Organization:Pizza Shack
Tech Street1:10 Lear Dr
Tech City:Nashua
Tech State/Province:NH
Tech Postal Code:03063-2128
Tech Country:US
Tech Phone:+1.9786060257
Tech Email:[EMAIL PROTECTED]
Name Server:NS1.NEXTTIME.COM
Name Server:NS2.NEXTTIME.COM
Name Server:CERBERUS.PIZZASHACK.ORG


--
Derek D. Martin
http://www.pizzashack.org/
GPG Key ID: 0xDFBEAD02
-=-=-=-=-
This message is posted from an invalid address.
Replying to it will result in undeliverable mail.
Sorry for the inconvenience.  Thank the spammers.
___
gnhlug-discuss mailing list
[EMAIL PROTECTED]
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss