Re: OpenBSD and the FBI
Entertaining video, it's a long watch but worth while: http://www.youtube.com/watch?v=U4oB28ksiIo --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OpenBSD and the FBI
Well Fonomo is kinda fun with Pidgin. I wish I could come Lisa but the 2000 miles of space can be cost prohibitive for a person like me. :) Okay I see where you are talking about the LivePerson, Kayseya and LogMeIn I must be one of the weird ones at least on my home computers. I do have to say there may be some laxity on my smartphone. At least as a general rule I don't automate too much of anything. I'm more hands on and I type my user names, passphrases, etc in every time. I've had Windows people get mad at me for rebooting their boxes after clearing everything in a browser and what not when I'm done. As a side note, I know of a phone someone was rooting and after the root was done port 23 telnet was opened. It wasn't before the root, and even with superuser powers they couldn't shut it off. I don't know if they tried IPTables since it was running Android. I would have to say those pop up chats and such that really first started in the Porn industry, and I have just recently noticed that major companies are picking it up for customer service, and shopping sites, etc. I don't get pop up boxes too often because browsers can handle those but the auto chat with me things bug me as an intrusion. I don't see many ads bc I use my /host.allow /hosts /hosts.deny like I should... :) Here again for the average joe most people are not going to get to my routers as I don't use a lot of defaults and do a little bit of my own engineering. I NEVER turn on remote access. In fact I found out a password for an old modem I had and changed its settings so that could be the first "gate" for me to stop the ISP from messing with router settings among others things, and looking behind the router to see what else was attached... NO no no The two routers I have are different classes one is a general consumer level router, and the other is small business/commercial grade router that has a few more toys in it... hehehe. I like that one router but dummy me forgot to order it with wifi... That could be a good thing though anyway. Money allowing the next router I need is going to in the at least $400 commercial range because I don't have a bizillion ports that I need. Switches work great. I for the most part 99.999% NEVER send html and ALL html, pictures etc are shut off for EVERYONE -- I trust no one when it comes to email.. Period! Working in office environments I have seen a few major viruses breakout in Fortune 10 companies. Even those people in your own company could have opened something and be infected, etc.. this was on Windows boxen, I much more take care of my own. I've been known to call family members to stop sending me the trash. Even so far as trim their fwd: fwd: fwd stuff because I don't want spammers harvesting my email off of their letters 99% off my browsing is https:// In fact my ssh & sshd_configs are set up for a minimum 256bit enc both ways. All the other weaker ciphers and what not I removed. You have to be at 256 bits to connect to me. With TrueCrypt is mainly the labourious time involved that I see as excessive. The big thing is if your container as a whole which contains your hidden portion and non hidden portion. If you don't watch when you open your non-hidden portion and that portion overflows onto the hidden portion.. ie you put too much junk in there. It gives no warning and takes the whole container -- hidden and non making no differences between the two. If Sam has a 80GB container and in that container makes a 30GB non hidden and 50GB hidden, and Jane comes along and reverses those numbers for example. The non-hidden or hidden don't throw up a warning it will overwrite to 50 GB destroying forever anything else that was originally there. It's almost like having a flash device and stuffing it cram full instead of leaving some breathing room consistently and then the flash just dies. -- gk --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OpenBSD and the FBI
Maybe the Amish really have it right. Keith Smith --- On Mon, 12/20/10, Lisa Kachold wrote: From: Lisa Kachold Subject: Re: OpenBSD and the FBI To: "Main PLUG discussion list" Date: Monday, December 20, 2010, 7:25 PM Hi! Please come to any of our PLUG Hackfests and we can demonstrate? I believe in that specific example, I was using the UTF8 inclusion into a jpeg/gif or png. And you trust me, so you go ahead a open it. But there are a great number of other ways, since we allow HTML mail and attachments of all kinds. Over an above that, I can direct you to a page of my own that includes BEef type triangulated exploits, or installs a LivePerson or Kayseya plugin into your browser (which the feds do trivially without a spike in your RAM). The only browser that was not accessible as of 2010 was Chrome, but sadly that is no longer true. The DHS can watch, as if they had a LogMeIn application installed, EVERYTHING you do. We all take all kinds of risks, ssh is the most glaring, but there are many of us who allow remote management of our "routers" and use a trivial password as well. Almost every Netgear, LinkSys and others can not only be DNS exploited but brute forced, buffer overflowed and trivially pwnd. See you at the Hackfest first and third Wednesday of January! On Mon, Dec 20, 2010 at 6:39 PM, gm5729 wrote: Okay I have been pondering on most of this thread the past few days. Then going back and reading the news reports and other URLS that were provided. On the encryption side, let's make enemies now. Truecrypt is a PITA and very, very, very easily can damage encrypted data with the design of their open and plausible denialbility containers. The best mathematics teachers I had didn't obfuscate what the principles, concepts and abstractions of mathematics were. The presented it in a very simple manner of fact which actually lit a fire to want to learn more. I believe through my own personal tests/use that obfuscates encryption to the point that one wrong move and you lose the kitty. Now, for the second topic. Yes, I see a gross misunderstanding about pass phrases -- and entropy they need to create. Some of this is caused by developers themselves not allowing enough freedom of characters to be used in their programs. I had a key for example that was close to 300bits of entropy for a website. Firefox and Chromium were just about brought to their knees, much less my DSL connection having a cow or shutting down. Multiple that in your cache times just a measly 5-10 tabs and down comes your box. LOL. The "iron key" type usb keys that have buttons on them and AES encryption with salts plus add a time lock of some sort are sufficient for light weight travel. For a full on server or desktop experience it just doesn't work. I found a few applications that help increase entropy at a daemon level but are random enough to provide /dev/random the entropy it needs. One app is actually user and peripheral level exempt which would be great for headless servers it is called haveged. The other application which I did not try because I was looking for the type I first mentioned actually works on the noise of your sound card -- this idea was from whoever mentioned about tv cards. This application is called randomsound and is also a daemon. For example my: sudo cat /proc/sys/kernel/random/entropy_avail levels were < 60 when I did a pre-install check. Now my entropy_avail levels jump from 133 to 4000 every poll I make with the command above. You can see how if you are using encryption this will make for faster and stronger key enc/dec., and maybe someone can clarify but it would enable stronger and more secure connections of all sorts with any encryption. I was intrigued though by Ms. Lisa's "challenge" so to say that no matter what OS anyone is using pwn'g someones box is possible and or getting contents remotely from someones hard drives thorough their browsers is quite easily established. I would like some clarification if you not mind please. I know about Java and Java Script issues from TOR use. Flash and Active X don't do any better at leaking "private" data. I use the word private laughing all the way to the bank. This country has never had privacy. If you have ever done any sort of family trees or genealogy you understand what I am saying. Perception is reality. What has changed is technology, how fast it can spread and amount of data in the smallest state possible that is available. -- gk --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss -- (503) 754-4452 (623)
Re: OpenBSD and the FBI
Hi! Please come to any of our PLUG Hackfests and we can demonstrate? I believe in that specific example, I was using the UTF8 inclusion into a jpeg/gif or png. And you trust me, so you go ahead a open it. But there are a great number of other ways, since we allow HTML mail and attachments of all kinds. Over an above that, I can direct you to a page of my own that includes BEef type triangulated exploits, or installs a LivePerson or Kayseya plugin into your browser (which the feds do trivially without a spike in your RAM). The only browser that was not accessible as of 2010 was Chrome, but sadly that is no longer true. The DHS can watch, as if they had a LogMeIn application installed, EVERYTHING you do. We all take all kinds of risks, ssh is the most glaring, but there are many of us who allow remote management of our "routers" and use a trivial password as well. Almost every Netgear, LinkSys and others can not only be DNS exploited but brute forced, buffer overflowed and trivially pwnd. See you at the Hackfest first and third Wednesday of January! On Mon, Dec 20, 2010 at 6:39 PM, gm5729 wrote: > Okay I have been pondering on most of this thread the past few days. > > Then going back and reading the news reports and other URLS that were > provided. > > On the encryption side, let's make enemies now. Truecrypt is a PITA > and very, very, very easily can damage encrypted data with the design > of their open and plausible denialbility containers. The best > mathematics teachers I had didn't obfuscate what the principles, > concepts and abstractions of mathematics were. The presented it in a > very simple manner of fact which actually lit a fire to want to learn > more. I believe through my own personal tests/use that obfuscates > encryption to the point that one wrong move and you lose the kitty. > > Now, for the second topic. Yes, I see a gross misunderstanding about > pass phrases -- and entropy they need to create. Some of this is > caused by developers themselves not allowing enough freedom of > characters to be used in their programs. I had a key for example that > was close to 300bits of entropy for a website. Firefox and Chromium > were just about brought to their knees, much less my DSL connection > having a cow or shutting down. Multiple that in your cache times just > a measly 5-10 tabs and down comes your box. LOL. The "iron key" type > usb keys that have buttons on them and AES encryption with salts plus > add a time lock of some sort are sufficient for light weight travel. > For a full on server or desktop experience it just doesn't work. I > found a few applications that help increase entropy at a daemon level > but are random enough to provide /dev/random the entropy it needs. One > app is actually user and peripheral level exempt which would be great > for headless servers it is called haveged. The other application which > I did not try because I was looking for the type I first mentioned > actually works on the noise of your sound card -- this idea was from > whoever mentioned about tv cards. This application is called > randomsound and is also a daemon. For example my: > > sudo cat /proc/sys/kernel/random/entropy_avail levels were < 60 when I > did a pre-install check. Now my entropy_avail levels jump from 133 to > 4000 every poll I make with the command above. You can see how if you > are using encryption this will make for faster and stronger key > enc/dec., and maybe someone can clarify but it would enable stronger > and more secure connections of all sorts with any encryption. > > I was intrigued though by Ms. Lisa's "challenge" so to say that no > matter what OS anyone is using pwn'g someones box is possible and or > getting contents remotely from someones hard drives thorough their > browsers is quite easily established. I would like some clarification > if you not mind please. I know about Java and Java Script issues from > TOR use. Flash and Active X don't do any better at leaking "private" > data. I use the word private laughing all the way to the bank. This > country has never had privacy. If you have ever done any sort of > family trees or genealogy you understand what I am saying. Perception > is reality. What has changed is technology, how fast it can spread and > amount of data in the smallest state possible that is available. > > -- > gk > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > -- (503) 754-4452 (623) 688-3392 http://www.obnosis.com --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OpenBSD and the FBI
A few words about Truecrypt. Overall I really like truecrypt, of course there are risks when using any kind of encryption. If the volume gets corrupt the chances of recovering data are slim to none. An obvious easy solution is: Backup. :) The chances of a truecrypt volume failing as well as a truecrypt backup volume failing at the same time are very low. --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OpenBSD and the FBI
It's good to have topics like these that invoke thought. My 2cents: I try to apply moderation in every way in my life, too much of something isn't a good thing. I think this idea applies to security as well. I'm not saying just moderate security, I think we all know here encryption, in the end can be cracked. If you invoke a high amount of encryption (mixing encryption algorithms) the system will take a significant performance hit. This of course can be counterproductive. I've ran a mixture of unix and linux boxes that host shell accounts for irc and the like. These types of boxes tend to attract the script kiddie types. I have found the best approach is having multiple different forms of security set at a moderate level, if one type of security fails there are fallbacks. By having multiple security mechanisms an attacker has to make sure he takes care of all the different variables instead of just one rock solid variable. This takes considerably more time and a chance an attacker will miss something. In fact, I have caught a few people by purposely leaving something obviously vulnerable. They are able to get to a certain point but not able to gain enough power to modify monitoring tools or log files. This is a good way to get the bad eggs off of the box. Jordan On Mon, Dec 20, 2010 at 6:39 PM, gm5729 wrote: > Okay I have been pondering on most of this thread the past few days. > > Then going back and reading the news reports and other URLS that were > provided. > > On the encryption side, let's make enemies now. Truecrypt is a PITA > and very, very, very easily can damage encrypted data with the design > of their open and plausible denialbility containers. The best > mathematics teachers I had didn't obfuscate what the principles, > concepts and abstractions of mathematics were. The presented it in a > very simple manner of fact which actually lit a fire to want to learn > more. I believe through my own personal tests/use that obfuscates > encryption to the point that one wrong move and you lose the kitty. > > Now, for the second topic. Yes, I see a gross misunderstanding about > pass phrases -- and entropy they need to create. Some of this is > caused by developers themselves not allowing enough freedom of > characters to be used in their programs. I had a key for example that > was close to 300bits of entropy for a website. Firefox and Chromium > were just about brought to their knees, much less my DSL connection > having a cow or shutting down. Multiple that in your cache times just > a measly 5-10 tabs and down comes your box. LOL. The "iron key" type > usb keys that have buttons on them and AES encryption with salts plus > add a time lock of some sort are sufficient for light weight travel. > For a full on server or desktop experience it just doesn't work. I > found a few applications that help increase entropy at a daemon level > but are random enough to provide /dev/random the entropy it needs. One > app is actually user and peripheral level exempt which would be great > for headless servers it is called haveged. The other application which > I did not try because I was looking for the type I first mentioned > actually works on the noise of your sound card -- this idea was from > whoever mentioned about tv cards. This application is called > randomsound and is also a daemon. For example my: > > sudo cat /proc/sys/kernel/random/entropy_avail levels were < 60 when I > did a pre-install check. Now my entropy_avail levels jump from 133 to > 4000 every poll I make with the command above. You can see how if you > are using encryption this will make for faster and stronger key > enc/dec., and maybe someone can clarify but it would enable stronger > and more secure connections of all sorts with any encryption. > > I was intrigued though by Ms. Lisa's "challenge" so to say that no > matter what OS anyone is using pwn'g someones box is possible and or > getting contents remotely from someones hard drives thorough their > browsers is quite easily established. I would like some clarification > if you not mind please. I know about Java and Java Script issues from > TOR use. Flash and Active X don't do any better at leaking "private" > data. I use the word private laughing all the way to the bank. This > country has never had privacy. If you have ever done any sort of > family trees or genealogy you understand what I am saying. Perception > is reality. What has changed is technology, how fast it can spread and > amount of data in the smallest state possible that is available. > > -- > gk > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your
Re: OpenBSD and the FBI
Okay I have been pondering on most of this thread the past few days. Then going back and reading the news reports and other URLS that were provided. On the encryption side, let's make enemies now. Truecrypt is a PITA and very, very, very easily can damage encrypted data with the design of their open and plausible denialbility containers. The best mathematics teachers I had didn't obfuscate what the principles, concepts and abstractions of mathematics were. The presented it in a very simple manner of fact which actually lit a fire to want to learn more. I believe through my own personal tests/use that obfuscates encryption to the point that one wrong move and you lose the kitty. Now, for the second topic. Yes, I see a gross misunderstanding about pass phrases -- and entropy they need to create. Some of this is caused by developers themselves not allowing enough freedom of characters to be used in their programs. I had a key for example that was close to 300bits of entropy for a website. Firefox and Chromium were just about brought to their knees, much less my DSL connection having a cow or shutting down. Multiple that in your cache times just a measly 5-10 tabs and down comes your box. LOL. The "iron key" type usb keys that have buttons on them and AES encryption with salts plus add a time lock of some sort are sufficient for light weight travel. For a full on server or desktop experience it just doesn't work. I found a few applications that help increase entropy at a daemon level but are random enough to provide /dev/random the entropy it needs. One app is actually user and peripheral level exempt which would be great for headless servers it is called haveged. The other application which I did not try because I was looking for the type I first mentioned actually works on the noise of your sound card -- this idea was from whoever mentioned about tv cards. This application is called randomsound and is also a daemon. For example my: sudo cat /proc/sys/kernel/random/entropy_avail levels were < 60 when I did a pre-install check. Now my entropy_avail levels jump from 133 to 4000 every poll I make with the command above. You can see how if you are using encryption this will make for faster and stronger key enc/dec., and maybe someone can clarify but it would enable stronger and more secure connections of all sorts with any encryption. I was intrigued though by Ms. Lisa's "challenge" so to say that no matter what OS anyone is using pwn'g someones box is possible and or getting contents remotely from someones hard drives thorough their browsers is quite easily established. I would like some clarification if you not mind please. I know about Java and Java Script issues from TOR use. Flash and Active X don't do any better at leaking "private" data. I use the word private laughing all the way to the bank. This country has never had privacy. If you have ever done any sort of family trees or genealogy you understand what I am saying. Perception is reality. What has changed is technology, how fast it can spread and amount of data in the smallest state possible that is available. -- gk --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OpenBSD and the FBI
http://online.wsj.com/article/SB10001424052748704368004576027751867039730.html <3 my DroidX On Sat, Dec 18, 2010 at 7:52 PM, Lisa Kachold wrote: > > > On Sat, Dec 18, 2010 at 6:53 PM, Jordan Aberle > wrote: >> >> On another note: >> >> >> http://www.computerworld.com/s/article/9201281/The_clock_is_ticking_on_encryption >> --- > > Good article! > -- > > (503) 754-4452 > (623) 688-3392 > > http://www.obnosis.com > > > > > > > > > > > > > > > > > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OpenBSD and the FBI
On Sat, Dec 18, 2010 at 6:53 PM, Jordan Aberle wrote: > On another note: > > > http://www.computerworld.com/s/article/9201281/The_clock_is_ticking_on_encryption > --- > Good article! -- (503) 754-4452 (623) 688-3392 http://www.obnosis.com --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OpenBSD and the FBI
On another note: http://www.computerworld.com/s/article/9201281/The_clock_is_ticking_on_encryption --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OpenBSD and the FBI
Somewhere glenn beck is crying We assume no security is worth anything so you must secure through obscurity. Assume yoor info will be found so surround it by more info. Wikileaks and most legislation shows practical implimentation of this. It is difficult to find a sentence in 10,000 pages. On 12/18/10, Lisa Kachold wrote: > I like this one; it separates the chaf from the stones: > > http://extendedsubset.com/ > > On Sat, Dec 18, 2010 at 12:40 PM, Ed wrote: > >> from a development perspective: >> >> http://news.ycombinator.com/item?id=2014004 >> >> lesson - document those commits >> >> On Fri, Dec 17, 2010 at 2:37 PM, Jordan Aberle >> wrote: >> > Interesting information: >> > >> > http://marc.info/?l=openbsd-tech&m=129236621626462&w=2 >> > >> > >> > Jordan >> > --- >> > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> > To subscribe, unsubscribe, or to change your mail settings: >> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> > >> --- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> > > > > -- > > (503) 754-4452 > (623) 688-3392 > > http://www.obnosis.com > -- Sent from my mobile device James Finstrom Rhino Equipment Corp. http://rhinoequipment.com ~ http://postug.com Phone: 1-877-RHINO-T1 ~ FAX: +1 (480) 961-1826 Twitter: http://twitter.com/rhinoequipment IP: gu...@asterisk.rhinoequipment.com --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OpenBSD and the FBI
I like this one; it separates the chaf from the stones: http://extendedsubset.com/ On Sat, Dec 18, 2010 at 12:40 PM, Ed wrote: > from a development perspective: > > http://news.ycombinator.com/item?id=2014004 > > lesson - document those commits > > On Fri, Dec 17, 2010 at 2:37 PM, Jordan Aberle > wrote: > > Interesting information: > > > > http://marc.info/?l=openbsd-tech&m=129236621626462&w=2 > > > > > > Jordan > > --- > > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > > To subscribe, unsubscribe, or to change your mail settings: > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > -- (503) 754-4452 (623) 688-3392 http://www.obnosis.com --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OpenBSD and the FBI
from a development perspective: http://news.ycombinator.com/item?id=2014004 lesson - document those commits On Fri, Dec 17, 2010 at 2:37 PM, Jordan Aberle wrote: > Interesting information: > > http://marc.info/?l=openbsd-tech&m=129236621626462&w=2 > > > Jordan > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OpenBSD and the FBI
On Fri, Dec 17, 2010 at 9:09 PM, keith smith wrote: > > We do what we did on Nov 2nd. We vote and we speak out. We push for the > reduction of our Government and we become aware of what the judges are doing > and get the right judges in place by recalling or impeaching the wrong > ones. And keep pushing the Constitution in their face. > http://www.bbvforums.org/cgi-bin/forums/board-auth.cgi?file=/1954/15595.html > > The nation, or at least a remnant of the people need to become informed and > continually challenge our government. > http://www.prisonplanet.com/concerns-about-deployment-of-military-on-us-soil-growing-while-mainstream-media-buries-its-head-in-the-sand-naomi-wolf.html > > To me the solution is very simple. Implementation will take a lot of > effort. It took us 45 years to get here, it might take as long to get back > to a more reasonable Government. > > There are lots of things one can do. Become informed. Call your 2 > senators weekly and your congress person weekly as well. Get to know your > state legislators also. > > Most people have a cellular phone and a commute to and from work. A 5 > minute call several times a week lets your reps know how you feel about > certain things. If they are not inline with your values then challenge them > to re-think their position. > Yes, by all means; use your phones! http://alligatorfarm.wordpress.com/2010/12/16/patriot-alert-dhs/ Be sure to discuss this openly using your phone: http://en.wikipedia.org/wiki/NSA_warrantless_surveillance_controversy This country belongs to us not the bureaucrats. We need to get that across > to them so things will change. We sent an message on Nov 2nd and some > heard. Some apparently did not and will have to hear from us some more > before they get it. > http://www.csmonitor.com/Science/2010/0520/Homeland-Security-wants-to-turn-your-cell-phone-into-a-smell-phone > > Are you aware of state's sovereign rights under the 10th Amendment and what > is going on in Montana, Utah, Texas, and here in AZ? There are other state > that are embracing the 10th Amendment also. We should see more activity in > this area over the next 6 moths. > Right Amendment X - Good luck with that? Feds now pay our Unemployment, bail out our banks for bad real estate loans and practices (exposed for 30 years as flowcharting to ruin), build our roads, and enforce and protect from terror. http://en.wikipedia.org/wiki/Tenth_Amendment_to_the_United_States_Constitution Health Care reform will decriminalize drug and alcoholic offenders, now languishing in federal prisons, while bailing out the failing Social Security, Medicaid systems. While I love your ideology, CHANGE is a simple matter of dollars and cents in a seriously ailing economy. The so-called deficit is also a matter of something CONTROLLED by the US Government, or not (Value of Money): Fiat money .vs American dollar Value http://en.wikipedia.org/wiki/Fiat_money http://en.wikipedia.org/wiki/United_States_dollar We no longer have Silver Certificates - laugh. If the deficit is not a concern for Obama and Bush (or other's in Von Mises and other thinktanks), perhaps we need to realize the true nature of the game? http://www.econlib.org/library/Mises/msT1.html Let's talk again in 5 years; you can show me how you were right? > > There is a > http://mail.google.com/a/obnosis.com/#inbox/12cf644a046f5056movement going > on. The more people that get aboard the sooner we will see change - *real* > change. > > > Right - every action is shadowed by a greater and more effective government reaction: Wikileaks will be an interesting example of American "rights", information, stolen or "secret" government information, and consequences? http://www.youtube.com/watch?v=LF9P5vIzYyE > > > -- (503) 754-4452 (623) 688-3392 http://www.obnosis.com --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OpenBSD and the FBI
oxy via a server I have setup at a >>>>> datacenter in Dallas. If the government ever wants to monitor me I'm sure >>>>> they can figure out a way but it's going to be a pain in the ass for them >>>>> to >>>>> do so. Truecrypt is a very nice thing to have as well, it doesn't do it's >>>>> job if you don't have your system to be configured to lock after a certain >>>>> amount of idle time though. The point of truecrypt is to make a person >>>>> reboot the machine, at that point they are pretty screwed unless they are >>>>> very quick about freezing the ram to extract the keys. Even then, it's >>>>> unlikely to be successful. >>>>> >>>>> Jordan >>>>> >>>>> >>>>> On Fri, Dec 17, 2010 at 6:07 PM, keith smith wrote: >>>>> >>>>>> I wonder where we would be today id someone had told our founding >>>>>> fathers "get over it!" and they had said "Yeah your right." and had given >>>>>> in. The government is here for us not the other way around. >>>>>> >>>>>> >>>>>> >>>>>> Keith Smith >>>>>> >>>>>> --- On *Fri, 12/17/10, Lisa Kachold * wrote: >>>>>> >>>>>> >>>>>> From: Lisa Kachold >>>>>> Subject: Re: OpenBSD and the FBI >>>>>> >>>>>> To: "Main PLUG discussion list" < >>>>>> plug-discuss@lists.plug.phoenix.az.us> >>>>>> Date: Friday, December 17, 2010, 5:13 PM >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> On Fri, Dec 17, 2010 at 4:12 PM, keith smith >>>>>> http://mc/compose?to=klsmith2...@yahoo.com> >>>>>> > wrote: >>>>>> >>>>>> >>>>>> I would not doubt something like this could happen. Our rights are >>>>>> being eroded moment by moment. If this were to happen, this would >>>>>> clearly >>>>>> be a violation of our Fourth Amendment rights. >>>>>> >>>>>> I just read an article that for the first time since the government >>>>>> has been wiretapping everyone's calls a judge said a warrant was required >>>>>> for every wire tape. 3 judges prior sided with the government and rules >>>>>> no >>>>>> warrant required for a wiretap. >>>>>> >>>>>> Now back to OpenBSD. Why OpenBSD? Why not Linux? Or maybe Linux has >>>>>> been compromised too? At least there is the hope that some wiz kid will >>>>>> determine if this is true. >>>>>> >>>>>> I know this list runs the gamut when it comes to political beliefs. >>>>>> And I respect that. I think one thing we can agree on is we need to be >>>>>> free >>>>>> from unreasonable search and seizure. >>>>>> >>>>>> >>>>>> >>>>>> Keith Smith >>>>>> >>>>>> --- On *Fri, 12/17/10, Jordan Aberle >>>>>> http://mc/compose?to=jordan.abe...@gmail.com> >>>>>> >* wrote: >>>>>> >>>>>> >>>>>> From: Jordan Aberle >>>>>> http://mc/compose?to=jordan.abe...@gmail.com> >>>>>> > >>>>>> Subject: OpenBSD and the FBI >>>>>> To: "Main PLUG discussion list" < >>>>>> plug-discuss@lists.plug.phoenix.az.us<http://mc/compose?to=plug-disc...@lists.plug.phoenix.az.us> >>>>>> > >>>>>> Date: Friday, December 17, 2010, 2:37 PM >>>>>> >>>>>> >>>>>> Interesting information: >>>>>> >>>>>> http://marc.info/?l=openbsd-tech&m=129236621626462&w=2 >>>>>> >>>>>> >>>>>> Jordan >>>>>> >>>>>> >>>>>> It's actually a great deal worse than you might think. I am sorry I >>>>>> am not at liberty to divulge the technical details but be advised that >>>>>> NSA >>>>>>
Re: OpenBSD and the FBI
We do what we did on Nov 2nd. We vote and we speak out. We push for the reduction of our Government and we become aware of what the judges are doing and get the right judges in place by recalling or impeaching the wrong ones. And keep pushing the Constitution in their face. The nation, or at least a remnant of the people need to become informed and continually challenge our government. To me the solution is very simple. Implementation will take a lot of effort. It took us 45 years to get here, it might take as long to get back to a more reasonable Government. There are lots of things one can do. Become informed. Call your 2 senators weekly and your congress person weekly as well. Get to know your state legislators also. Most people have a cellular phone and a commute to and from work. A 5 minute call several times a week lets your reps know how you feel about certain things. If they are not inline with your values then challenge them to re-think their position. This country belongs to us not the bureaucrats. We need to get that across to them so things will change. We sent an message on Nov 2nd and some heard. Some apparently did not and will have to hear from us some more before they get it. Are you aware of state's sovereign rights under the 10th Amendment and what is going on in Montana, Utah, Texas, and here in AZ? There are other state that are embracing the 10th Amendment also. We should see more activity in this area over the next 6 moths. There is a movement going on. The more people that get aboard the sooner we will see change - *real* change. Keith Smith --- On Fri, 12/17/10, Lisa Kachold wrote: From: Lisa Kachold Subject: Re: OpenBSD and the FBI To: "Main PLUG discussion list" Date: Friday, December 17, 2010, 7:27 PM What are your choices? Microsoft got into bed with the NSA in the late 1990's. IPSEC was developed by the NSA. Currently even Random entropy is broken? Entropy is the basis of all cryptography which we layer over all of our currently broken Darpa developed internet protocols? Since 2001, we cannot even gain information about our own intelligence files from the federal government due to the post 911 Presidential or Executive Order. Be assured that even if you use a "Anonymous browser" that a great deal of information about you is available to the DHS through cross reference databases, Akamai caching, and internet taps. Cisco, Google and other companies interact with the NSA also. The Army is developing a private cloud APC2 for information gathering; India and USA-NSA are collaborating on data collection and mass databases. References: Entropy: http://artofinfosec.com/53/got-entropy/ http://blog.nelhage.com/2010/03/security-doesnt-respect-abstraction/ http://www.infosecurity-us.com/view/6915/eff-launches-web-browser-entropy-tool/ http://www.windowsecurity.com/uplarticle/4/keylength.txt Bruce Schneider on Key-Length and Entropy http://services.netscreen.com/documentation/signatures/SSL%3AOVERFLOW%3AKEY-ARG-NO-ENTROPY.html http://tools.cisco.com/security/center/viewAlert.x?alertId=16183 http://www.iss.net/security_center/reference/vuln/DNS_Cache_Poison_Subdomain_Attack.htm FOFA: http://en.wikipedia.org/wiki/Freedom_of_Information_Act_%28United_States%29 NSA: http://bgol.us/board/archive/index.php/t-76887.html http://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml http://en.wikipedia.org/wiki/NSA_encryption_systems http://www.cryptomuseum.com/crypto/usa/nsa.htm http://www.godlikeproductions.com/forum1/message21863/pg1 http://www.jareds-blog.com/?p=224 http://www.informationweek.com/news/government/cloud-saas/showArticle.jhtml?articleID=226300299&cid=RSSfeed_IWK_Government http://internetandwebsecurity.blogspot.com/2010/08/usibc-to-launch-inaugural-homeland.html http://www.fedspending.org/fpds/fpds.php?database=fpds&reptype=r&detail=-1&datype=T&sortby=f&maj_fund_agency_cat=70&fiscal_year=2008&sum_expand=C and for fun: http://akamaicomputersandgadgets.com/cray-nsa-supercomputer-thinkink-mashine/ And in case you have not been pulled out of your comfortable idealistic sedation by any of this, check out these simple, publicly available tools: SSLSTRIP GST Hole #196 Vulnerability If I can see your information, imagine what the big NSA/DHS computers have? ALL of your online actions (porn, viagra, sedition or gun trading, financial banking, insurance, mortgages, public records) are all instantly available to government staff neatly organized in areas of probability for accurateness and given tags for various cross referenced and tracked things (chomo, drugs, politics, guns). Of course up until the 1990's/2001, a great deal of misinformation went into the mix; people pled to charges rather than fight them because there was no consequences really [No employment background check or pub
Re: OpenBSD and the FBI
On Fri, Dec 17, 2010 at 8:26 PM, Jordan Aberle wrote: > Passwords being the same? No, passwords being a word of some kind? No. All > the passwords I use are a mix of upper / lower mixed letters, numbers and > special characters. Brute forcing doesn't work worth a shit unless the > admin of the server is an idiot and doesn't enforce complicated passwords. > Even WPA2 can be cracked with simple keys, some of the best rainbow tables > I have seen come from here: http://www.renderlab.net/projects/WPA-tables/ > > <http://www.renderlab.net/projects/WPA-tables/>Also take a look at > Gr-Security. I use hardened kernels, normal users can't list /home or > directories like /etc, the root user can't modify log files without > recompiling the kernel and rebooting the server. > http://grsecurity.net/ > Yes, I like that also, let's not check your squid version or other binary patch levels? Did you all gcc or cc? Do you install your distro (SLES?) with all the bells and whistles? Glad you are using good password management with truely random passwords. Is your DNS open? It's completely pwnable. Admit it; you are just another American caught in the NSA/DHS security matrix! And we are sure you aren't packet filtering BOTH directions? > <http://grsecurity.net/> > On Fri, Dec 17, 2010 at 7:59 PM, Lisa Kachold wrote: > >> Oh, WAIT, let's be complete? >> >> >> http://theinvisiblethings.blogspot.com/2009/10/evil-maid-goes-after-truecrypt.html >> >> and: >> >> If you are found accessing anything interesting (via various MAE-West, >> Cable Company, Telco TAPS) from your so-called secure Squid Proxy in Dallas, >> (or if your email origination address is tracked for anything related to >> security and privacy [like this POST :( ], the government can trivially >> gain access [I can, 2% if all security professionals in the field could >> also, so why would the NSA/DHS not also be able to?]: >> >> >> http://www.saintcorporation.com/cgi-bin/demo_tut.pl?tutorial_name=Squid_vulnerabilities.html&fact_color=&tag= >> >> Of course you also have SSH on in Dallas (on a "secret" port, right?) >> http://www.madirish.net/?article=183 >> >> And you ARE using a password you use on ALL the OTHER logins, right? And >> it's a WORD right? >> >> And you did just open and read this email didn't you? >> http://unicode.org/reports/tr36/tr36-1.html >> >> [?] >> >> >> >> On Fri, Dec 17, 2010 at 7:35 PM, Lisa Kachold wrote: >> >>> You obviously have port 80/443 open? >>> And probably 53? >>> >>> I didn't evaluate your email header for your source IP and nmap you but >>> you might want to look at this: >>> >>> >>> http://www.backtrack-linux.org/forums/backtrack-howtos/34939-my-metasploit-tutorial-thread-2.html >>> >>> >>> >>> On Fri, Dec 17, 2010 at 6:56 PM, Jordan Aberle >>> wrote: >>> >>>> I prefer security at the router level, I drop packets from everywhere >>>> except for a specific whitelist I created, if I need to go somewhere >>>> (incoming/outgoing) I modify my protocol rules for specific addresses. It >>>> is time consuming when you are starting from scratch but it's worth it in >>>> the wrong run. I have windows boxes and linux boxes, my windows boxes have >>>> never been infected since naturally all ad generated sites are blocked at >>>> the router level. If I do online banking etc, I go one step further by >>>> connecting through a secure squid proxy via a server I have setup at a >>>> datacenter in Dallas. If the government ever wants to monitor me I'm sure >>>> they can figure out a way but it's going to be a pain in the ass for them >>>> to >>>> do so. Truecrypt is a very nice thing to have as well, it doesn't do it's >>>> job if you don't have your system to be configured to lock after a certain >>>> amount of idle time though. The point of truecrypt is to make a person >>>> reboot the machine, at that point they are pretty screwed unless they are >>>> very quick about freezing the ram to extract the keys. Even then, it's >>>> unlikely to be successful. >>>> >>>> Jordan >>>> >>>> >>>> On Fri, Dec 17, 2010 at 6:07 PM, keith smith wrote: >>>> >>>>> I wonder where we would be today id someone had told our founding >>>>> fathers "g
Re: OpenBSD and the FBI
Passwords being the same? No, passwords being a word of some kind? No. All the passwords I use are a mix of upper / lower mixed letters, numbers and special characters. Brute forcing doesn't work worth a shit unless the admin of the server is an idiot and doesn't enforce complicated passwords. Even WPA2 can be cracked with simple keys, some of the best rainbow tables I have seen come from here: http://www.renderlab.net/projects/WPA-tables/ <http://www.renderlab.net/projects/WPA-tables/>Also take a look at Gr-Security. I use hardened kernels, normal users can't list /home or directories like /etc, the root user can't modify log files without recompiling the kernel and rebooting the server. http://grsecurity.net/ <http://grsecurity.net/> On Fri, Dec 17, 2010 at 7:59 PM, Lisa Kachold wrote: > Oh, WAIT, let's be complete? > > > http://theinvisiblethings.blogspot.com/2009/10/evil-maid-goes-after-truecrypt.html > > and: > > If you are found accessing anything interesting (via various MAE-West, > Cable Company, Telco TAPS) from your so-called secure Squid Proxy in Dallas, > (or if your email origination address is tracked for anything related to > security and privacy [like this POST :( ], the government can trivially > gain access [I can, 2% if all security professionals in the field could > also, so why would the NSA/DHS not also be able to?]: > > > http://www.saintcorporation.com/cgi-bin/demo_tut.pl?tutorial_name=Squid_vulnerabilities.html&fact_color=&tag= > > Of course you also have SSH on in Dallas (on a "secret" port, right?) > http://www.madirish.net/?article=183 > > And you ARE using a password you use on ALL the OTHER logins, right? And > it's a WORD right? > > And you did just open and read this email didn't you? > http://unicode.org/reports/tr36/tr36-1.html > > [?] > > > > On Fri, Dec 17, 2010 at 7:35 PM, Lisa Kachold wrote: > >> You obviously have port 80/443 open? >> And probably 53? >> >> I didn't evaluate your email header for your source IP and nmap you but >> you might want to look at this: >> >> >> http://www.backtrack-linux.org/forums/backtrack-howtos/34939-my-metasploit-tutorial-thread-2.html >> >> >> >> On Fri, Dec 17, 2010 at 6:56 PM, Jordan Aberle >> wrote: >> >>> I prefer security at the router level, I drop packets from everywhere >>> except for a specific whitelist I created, if I need to go somewhere >>> (incoming/outgoing) I modify my protocol rules for specific addresses. It >>> is time consuming when you are starting from scratch but it's worth it in >>> the wrong run. I have windows boxes and linux boxes, my windows boxes have >>> never been infected since naturally all ad generated sites are blocked at >>> the router level. If I do online banking etc, I go one step further by >>> connecting through a secure squid proxy via a server I have setup at a >>> datacenter in Dallas. If the government ever wants to monitor me I'm sure >>> they can figure out a way but it's going to be a pain in the ass for them to >>> do so. Truecrypt is a very nice thing to have as well, it doesn't do it's >>> job if you don't have your system to be configured to lock after a certain >>> amount of idle time though. The point of truecrypt is to make a person >>> reboot the machine, at that point they are pretty screwed unless they are >>> very quick about freezing the ram to extract the keys. Even then, it's >>> unlikely to be successful. >>> >>> Jordan >>> >>> >>> On Fri, Dec 17, 2010 at 6:07 PM, keith smith wrote: >>> >>>> I wonder where we would be today id someone had told our founding >>>> fathers "get over it!" and they had said "Yeah your right." and had given >>>> in. The government is here for us not the other way around. >>>> >>>> >>>> >>>> Keith Smith >>>> >>>> --- On *Fri, 12/17/10, Lisa Kachold * wrote: >>>> >>>> >>>> From: Lisa Kachold >>>> Subject: Re: OpenBSD and the FBI >>>> >>>> To: "Main PLUG discussion list" >>>> Date: Friday, December 17, 2010, 5:13 PM >>>> >>>> >>>> >>>> >>>> On Fri, Dec 17, 2010 at 4:12 PM, keith smith >>>> http://mc/compose?to=klsmith2...@yahoo.com> >>>> > wrote: >>>> >>>> >>>> I would not doubt somethi
Re: OpenBSD and the FBI
Oh, WAIT, let's be complete? http://theinvisiblethings.blogspot.com/2009/10/evil-maid-goes-after-truecrypt.html and: If you are found accessing anything interesting (via various MAE-West, Cable Company, Telco TAPS) from your so-called secure Squid Proxy in Dallas, (or if your email origination address is tracked for anything related to security and privacy [like this POST :( ], the government can trivially gain access [I can, 2% if all security professionals in the field could also, so why would the NSA/DHS not also be able to?]: http://www.saintcorporation.com/cgi-bin/demo_tut.pl?tutorial_name=Squid_vulnerabilities.html&fact_color=&tag= Of course you also have SSH on in Dallas (on a "secret" port, right?) http://www.madirish.net/?article=183 And you ARE using a password you use on ALL the OTHER logins, right? And it's a WORD right? And you did just open and read this email didn't you? http://unicode.org/reports/tr36/tr36-1.html [?] On Fri, Dec 17, 2010 at 7:35 PM, Lisa Kachold wrote: > You obviously have port 80/443 open? > And probably 53? > > I didn't evaluate your email header for your source IP and nmap you but you > might want to look at this: > > > http://www.backtrack-linux.org/forums/backtrack-howtos/34939-my-metasploit-tutorial-thread-2.html > > > > On Fri, Dec 17, 2010 at 6:56 PM, Jordan Aberle wrote: > >> I prefer security at the router level, I drop packets from everywhere >> except for a specific whitelist I created, if I need to go somewhere >> (incoming/outgoing) I modify my protocol rules for specific addresses. It >> is time consuming when you are starting from scratch but it's worth it in >> the wrong run. I have windows boxes and linux boxes, my windows boxes have >> never been infected since naturally all ad generated sites are blocked at >> the router level. If I do online banking etc, I go one step further by >> connecting through a secure squid proxy via a server I have setup at a >> datacenter in Dallas. If the government ever wants to monitor me I'm sure >> they can figure out a way but it's going to be a pain in the ass for them to >> do so. Truecrypt is a very nice thing to have as well, it doesn't do it's >> job if you don't have your system to be configured to lock after a certain >> amount of idle time though. The point of truecrypt is to make a person >> reboot the machine, at that point they are pretty screwed unless they are >> very quick about freezing the ram to extract the keys. Even then, it's >> unlikely to be successful. >> >> Jordan >> >> >> On Fri, Dec 17, 2010 at 6:07 PM, keith smith wrote: >> >>> I wonder where we would be today id someone had told our founding fathers >>> "get over it!" and they had said "Yeah your right." and had given in. The >>> government is here for us not the other way around. >>> >>> >>> >>> Keith Smith >>> >>> --- On *Fri, 12/17/10, Lisa Kachold * wrote: >>> >>> >>> From: Lisa Kachold >>> Subject: Re: OpenBSD and the FBI >>> >>> To: "Main PLUG discussion list" >>> Date: Friday, December 17, 2010, 5:13 PM >>> >>> >>> >>> >>> On Fri, Dec 17, 2010 at 4:12 PM, keith smith >>> http://mc/compose?to=klsmith2...@yahoo.com> >>> > wrote: >>> >>> >>> I would not doubt something like this could happen. Our rights are being >>> eroded moment by moment. If this were to happen, this would clearly be a >>> violation of our Fourth Amendment rights. >>> >>> I just read an article that for the first time since the government has >>> been wiretapping everyone's calls a judge said a warrant was required for >>> every wire tape. 3 judges prior sided with the government and rules no >>> warrant required for a wiretap. >>> >>> Now back to OpenBSD. Why OpenBSD? Why not Linux? Or maybe Linux has >>> been compromised too? At least there is the hope that some wiz kid will >>> determine if this is true. >>> >>> I know this list runs the gamut when it comes to political beliefs. And >>> I respect that. I think one thing we can agree on is we need to be free >>> from unreasonable search and seizure. >>> >>> >>> >>> Keith Smith >>> >>> --- On *Fri, 12/17/10, Jordan Aberle >>> http://mc/compose?to=jordan.abe...@gmail.com> >>> >* wrote: >>> >>>
Re: OpenBSD and the FBI
You obviously have port 80/443 open? And probably 53? I didn't evaluate your email header for your source IP and nmap you but you might want to look at this: http://www.backtrack-linux.org/forums/backtrack-howtos/34939-my-metasploit-tutorial-thread-2.html On Fri, Dec 17, 2010 at 6:56 PM, Jordan Aberle wrote: > I prefer security at the router level, I drop packets from everywhere > except for a specific whitelist I created, if I need to go somewhere > (incoming/outgoing) I modify my protocol rules for specific addresses. It > is time consuming when you are starting from scratch but it's worth it in > the wrong run. I have windows boxes and linux boxes, my windows boxes have > never been infected since naturally all ad generated sites are blocked at > the router level. If I do online banking etc, I go one step further by > connecting through a secure squid proxy via a server I have setup at a > datacenter in Dallas. If the government ever wants to monitor me I'm sure > they can figure out a way but it's going to be a pain in the ass for them to > do so. Truecrypt is a very nice thing to have as well, it doesn't do it's > job if you don't have your system to be configured to lock after a certain > amount of idle time though. The point of truecrypt is to make a person > reboot the machine, at that point they are pretty screwed unless they are > very quick about freezing the ram to extract the keys. Even then, it's > unlikely to be successful. > > Jordan > > > On Fri, Dec 17, 2010 at 6:07 PM, keith smith wrote: > >> I wonder where we would be today id someone had told our founding fathers >> "get over it!" and they had said "Yeah your right." and had given in. The >> government is here for us not the other way around. >> >> >> >> Keith Smith >> >> --- On *Fri, 12/17/10, Lisa Kachold * wrote: >> >> >> From: Lisa Kachold >> Subject: Re: OpenBSD and the FBI >> >> To: "Main PLUG discussion list" >> Date: Friday, December 17, 2010, 5:13 PM >> >> >> >> >> On Fri, Dec 17, 2010 at 4:12 PM, keith smith >> http://mc/compose?to=klsmith2...@yahoo.com> >> > wrote: >> >> >> I would not doubt something like this could happen. Our rights are being >> eroded moment by moment. If this were to happen, this would clearly be a >> violation of our Fourth Amendment rights. >> >> I just read an article that for the first time since the government has >> been wiretapping everyone's calls a judge said a warrant was required for >> every wire tape. 3 judges prior sided with the government and rules no >> warrant required for a wiretap. >> >> Now back to OpenBSD. Why OpenBSD? Why not Linux? Or maybe Linux has >> been compromised too? At least there is the hope that some wiz kid will >> determine if this is true. >> >> I know this list runs the gamut when it comes to political beliefs. And I >> respect that. I think one thing we can agree on is we need to be free from >> unreasonable search and seizure. >> >> >> >> Keith Smith >> >> --- On *Fri, 12/17/10, Jordan Aberle >> http://mc/compose?to=jordan.abe...@gmail.com> >> >* wrote: >> >> >> From: Jordan Aberle >> http://mc/compose?to=jordan.abe...@gmail.com> >> > >> Subject: OpenBSD and the FBI >> To: "Main PLUG discussion list" >> http://mc/compose?to=plug-disc...@lists.plug.phoenix.az.us> >> > >> Date: Friday, December 17, 2010, 2:37 PM >> >> >> Interesting information: >> >> http://marc.info/?l=openbsd-tech&m=129236621626462&w=2 >> >> >> Jordan >> >> >> It's actually a great deal worse than you might think. I am sorry I am >> not at liberty to divulge the technical details but be advised that NSA and >> DHS "backdoor" access is available from IPSEC, JAVA, Microsoft Explorer and >> M$ Systems, and all of the various means for which a standard BACKTRACK user >> could gain access [i.e. everything] without consequences. >> >> Be advised that EVERYTHING you type or do on your systems regardless of >> your OS, when logged into ANY browser, is completely available to any >> government staff. >> >> There is no privacy or security; get over it! >> -- >> >> (503) 754-4452 >> (623) 688-3392 >> >> http://www.obnosis.com >> >> >> >> >> >> >> >> >> >> >>
Re: OpenBSD and the FBI
What are your choices? Microsoft got into bed with the NSA in the late 1990's. IPSEC was developed by the NSA. Currently even Random entropy is broken? Entropy is the basis of all cryptography which we layer over all of our currently broken Darpa developed internet protocols? Since 2001, we cannot even gain information about our own intelligence files from the federal government due to the post 911 Presidential or Executive Order. Be assured that even if you use a "Anonymous browser" that a great deal of information about you is available to the DHS through cross reference databases, Akamai caching, and internet taps. Cisco, Google and other companies interact with the NSA also. The Army is developing a private cloud APC2 for information gathering; India and USA-NSA are collaborating on data collection and mass databases. References: Entropy: http://artofinfosec.com/53/got-entropy/ http://blog.nelhage.com/2010/03/security-doesnt-respect-abstraction/ http://www.infosecurity-us.com/view/6915/eff-launches-web-browser-entropy-tool/ http://www.windowsecurity.com/uplarticle/4/keylength.txt Bruce Schneider on Key-Length and Entropy http://services.netscreen.com/documentation/signatures/SSL%3AOVERFLOW%3AKEY-ARG-NO-ENTROPY.html http://tools.cisco.com/security/center/viewAlert.x?alertId=16183 http://www.iss.net/security_center/reference/vuln/DNS_Cache_Poison_Subdomain_Attack.htm FOFA: http://en.wikipedia.org/wiki/Freedom_of_Information_Act_%28United_States%29 NSA: http://bgol.us/board/archive/index.php/t-76887.html http://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml http://en.wikipedia.org/wiki/NSA_encryption_systems http://www.cryptomuseum.com/crypto/usa/nsa.htm http://www.godlikeproductions.com/forum1/message21863/pg1 http://www.jareds-blog.com/?p=224 http://www.informationweek.com/news/government/cloud-saas/showArticle.jhtml?articleID=226300299&cid=RSSfeed_IWK_Government http://internetandwebsecurity.blogspot.com/2010/08/usibc-to-launch-inaugural-homeland.html http://www.fedspending.org/fpds/fpds.php?database=fpds&reptype=r&detail=-1&datype=T&sortby=f&maj_fund_agency_cat=70&fiscal_year=2008&sum_expand=C and for fun: http://akamaicomputersandgadgets.com/cray-nsa-supercomputer-thinkink-mashine/ *And in case you have not been pulled out of your comfortable idealistic sedation by any of this, check out these simple, publicly available tools:* SSLSTRIP<http://www.securitytube.net/Defeating-SSL-using-SSLStrip-%28Marlinspike-Blackhat%29-video.aspx> GST Hole #196 Vulnerability <http://www.linuxplanet.org/blogs/?cat=2673> If I can see your information, imagine what the big NSA/DHS computers have? ALL of your online actions (porn, viagra, sedition or gun trading, financial banking, insurance, mortgages, public records) are all instantly available to government staff neatly organized in areas of probability for accurateness and given tags for various cross referenced and tracked things (chomo, drugs, politics, guns). Of course up until the 1990's/2001, a great deal of misinformation went into the mix; people pled to charges rather than fight them because there was no consequences really [No employment background check or public records anyone could get with $39.99], and innocent people have gotten six degrees of involvement with Alcohol, Tobacco, Firearms; or kiddy porn (sharing a house with someone surfing shared computers); but the data does for the most part allow the Feds, State and local investigators to enforce the peace (or did you think they didn't actually watch people before arresting them)! ALL of your movements via your auto license plate are tracked via PLATE readers. ALL of your movements via your Passport are tracked via RFID readers (they contain a chip/strip). Good luck with your idealism. A good deal of money has gone into developing all this, BECAUSE IT WAS NEEDED. A good deal of money is expanding it now internationally, BECAUSE IT IS NEEDED. On Fri, Dec 17, 2010 at 6:07 PM, keith smith wrote: > I wonder where we would be today id someone had told our founding fathers > "get over it!" and they had said "Yeah your right." and had given in. The > government is here for us not the other way around. > > > -------- > Keith Smith > > --- On *Fri, 12/17/10, Lisa Kachold * wrote: > > > From: Lisa Kachold > Subject: Re: OpenBSD and the FBI > > To: "Main PLUG discussion list" > Date: Friday, December 17, 2010, 5:13 PM > > > > > On Fri, Dec 17, 2010 at 4:12 PM, keith smith > http://mc/compose?to=klsmith2...@yahoo.com> > > wrote: > > > I would not doubt something like this could happen. Our rights are being > eroded moment by moment. If this were to happen, this would clearly be a > violation of our Fourth Amendment rights. > > I just read an article that for the
Re: OpenBSD and the FBI
I prefer security at the router level, I drop packets from everywhere except for a specific whitelist I created, if I need to go somewhere (incoming/outgoing) I modify my protocol rules for specific addresses. It is time consuming when you are starting from scratch but it's worth it in the wrong run. I have windows boxes and linux boxes, my windows boxes have never been infected since naturally all ad generated sites are blocked at the router level. If I do online banking etc, I go one step further by connecting through a secure squid proxy via a server I have setup at a datacenter in Dallas. If the government ever wants to monitor me I'm sure they can figure out a way but it's going to be a pain in the ass for them to do so. Truecrypt is a very nice thing to have as well, it doesn't do it's job if you don't have your system to be configured to lock after a certain amount of idle time though. The point of truecrypt is to make a person reboot the machine, at that point they are pretty screwed unless they are very quick about freezing the ram to extract the keys. Even then, it's unlikely to be successful. Jordan On Fri, Dec 17, 2010 at 6:07 PM, keith smith wrote: > I wonder where we would be today id someone had told our founding fathers > "get over it!" and they had said "Yeah your right." and had given in. The > government is here for us not the other way around. > > > > Keith Smith > > --- On *Fri, 12/17/10, Lisa Kachold * wrote: > > > From: Lisa Kachold > Subject: Re: OpenBSD and the FBI > > To: "Main PLUG discussion list" > Date: Friday, December 17, 2010, 5:13 PM > > > > > On Fri, Dec 17, 2010 at 4:12 PM, keith smith > http://mc/compose?to=klsmith2...@yahoo.com> > > wrote: > > > I would not doubt something like this could happen. Our rights are being > eroded moment by moment. If this were to happen, this would clearly be a > violation of our Fourth Amendment rights. > > I just read an article that for the first time since the government has > been wiretapping everyone's calls a judge said a warrant was required for > every wire tape. 3 judges prior sided with the government and rules no > warrant required for a wiretap. > > Now back to OpenBSD. Why OpenBSD? Why not Linux? Or maybe Linux has been > compromised too? At least there is the hope that some wiz kid will > determine if this is true. > > I know this list runs the gamut when it comes to political beliefs. And I > respect that. I think one thing we can agree on is we need to be free from > unreasonable search and seizure. > > > > Keith Smith > > --- On *Fri, 12/17/10, Jordan Aberle > http://mc/compose?to=jordan.abe...@gmail.com> > >* wrote: > > > From: Jordan Aberle > http://mc/compose?to=jordan.abe...@gmail.com> > > > Subject: OpenBSD and the FBI > To: "Main PLUG discussion list" > http://mc/compose?to=plug-disc...@lists.plug.phoenix.az.us> > > > Date: Friday, December 17, 2010, 2:37 PM > > > Interesting information: > > http://marc.info/?l=openbsd-tech&m=129236621626462&w=2 > > > Jordan > > > It's actually a great deal worse than you might think. I am sorry I am not > at liberty to divulge the technical details but be advised that NSA and DHS > "backdoor" access is available from IPSEC, JAVA, Microsoft Explorer and M$ > Systems, and all of the various means for which a standard BACKTRACK user > could gain access [i.e. everything] without consequences. > > Be advised that EVERYTHING you type or do on your systems regardless of > your OS, when logged into ANY browser, is completely available to any > government staff. > > There is no privacy or security; get over it! > -- > > (503) 754-4452 > (623) 688-3392 > > http://www.obnosis.com > > > > > > > > > > > > > > > > > -Inline Attachment Follows- > > > --- > PLUG-discuss mailing list - > PLUG-discuss@lists.plug.phoenix.az.us<http://mc/compose?to=plug-disc...@lists.plug.phoenix.az.us> > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > > > --- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OpenBSD and the FBI
I wonder where we would be today id someone had told our founding fathers "get over it!" and they had said "Yeah your right." and had given in. The government is here for us not the other way around. Keith Smith --- On Fri, 12/17/10, Lisa Kachold wrote: From: Lisa Kachold Subject: Re: OpenBSD and the FBI To: "Main PLUG discussion list" Date: Friday, December 17, 2010, 5:13 PM On Fri, Dec 17, 2010 at 4:12 PM, keith smith wrote: I would not doubt something like this could happen. Our rights are being eroded moment by moment. If this were to happen, this would clearly be a violation of our Fourth Amendment rights. I just read an article that for the first time since the government has been wiretapping everyone's calls a judge said a warrant was required for every wire tape. 3 judges prior sided with the government and rules no warrant required for a wiretap. Now back to OpenBSD. Why OpenBSD? Why not Linux? Or maybe Linux has been compromised too? At least there is the hope that some wiz kid will determine if this is true. I know this list runs the gamut when it comes to political beliefs. And I respect that. I think one thing we can agree on is we need to be free from unreasonable search and seizure. Keith Smith --- On Fri, 12/17/10, Jordan Aberle wrote: From: Jordan Aberle Subject: OpenBSD and the FBI To: "Main PLUG discussion list" Date: Friday, December 17, 2010, 2:37 PM Interesting information: http://marc.info/?l=openbsd-tech&m=129236621626462&w=2 Jordan It's actually a great deal worse than you might think. I am sorry I am not at liberty to divulge the technical details but be advised that NSA and DHS "backdoor" access is available from IPSEC, JAVA, Microsoft Explorer and M$ Systems, and all of the various means for which a standard BACKTRACK user could gain access [i.e. everything] without consequences. Be advised that EVERYTHING you type or do on your systems regardless of your OS, when logged into ANY browser, is completely available to any government staff. There is no privacy or security; get over it! -- (503) 754-4452 (623) 688-3392 http://www.obnosis.com -Inline Attachment Follows- --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OpenBSD and the FBI
On Fri, Dec 17, 2010 at 4:12 PM, keith smith wrote: > > I would not doubt something like this could happen. Our rights are being > eroded moment by moment. If this were to happen, this would clearly be a > violation of our Fourth Amendment rights. > > I just read an article that for the first time since the government has > been wiretapping everyone's calls a judge said a warrant was required for > every wire tape. 3 judges prior sided with the government and rules no > warrant required for a wiretap. > > Now back to OpenBSD. Why OpenBSD? Why not Linux? Or maybe Linux has been > compromised too? At least there is the hope that some wiz kid will > determine if this is true. > > I know this list runs the gamut when it comes to political beliefs. And I > respect that. I think one thing we can agree on is we need to be free from > unreasonable search and seizure. > > > > Keith Smith > > --- On *Fri, 12/17/10, Jordan Aberle * wrote: > > > From: Jordan Aberle > Subject: OpenBSD and the FBI > To: "Main PLUG discussion list" > Date: Friday, December 17, 2010, 2:37 PM > > > Interesting information: > > http://marc.info/?l=openbsd-tech&m=129236621626462&w=2 > > > Jordan > > It's actually a great deal worse than you might think. I am sorry I am not at liberty to divulge the technical details but be advised that NSA and DHS "backdoor" access is available from IPSEC, JAVA, Microsoft Explorer and M$ Systems, and all of the various means for which a standard BACKTRACK user could gain access [i.e. everything] without consequences. Be advised that EVERYTHING you type or do on your systems regardless of your OS, when logged into ANY browser, is completely available to any government staff. There is no privacy or security; get over it! -- (503) 754-4452 (623) 688-3392 http://www.obnosis.com --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: OpenBSD and the FBI
I would not doubt something like this could happen. Our rights are being eroded moment by moment. If this were to happen, this would clearly be a violation of our Fourth Amendment rights. I just read an article that for the first time since the government has been wiretapping everyone's calls a judge said a warrant was required for every wire tape. 3 judges prior sided with the government and rules no warrant required for a wiretap. Now back to OpenBSD. Why OpenBSD? Why not Linux? Or maybe Linux has been compromised too? At least there is the hope that some wiz kid will determine if this is true. I know this list runs the gamut when it comes to political beliefs. And I respect that. I think one thing we can agree on is we need to be free from unreasonable search and seizure. Keith Smith --- On Fri, 12/17/10, Jordan Aberle wrote: From: Jordan Aberle Subject: OpenBSD and the FBI To: "Main PLUG discussion list" Date: Friday, December 17, 2010, 2:37 PM Interesting information: http://marc.info/?l=openbsd-tech&m=129236621626462&w=2 Jordan --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss