[swinog] datacomm/vtxnet and quicknet/kfsb are missing TLS on their mailservers
Hi I get these errors: | TLS is required, but was not offered by host mx1.datacomm.ch[212.40.2.32] and | TLS is required, but was not offered by host relay.kfsb.ch[213.202.32.8] Since I've made TLS for SMTP mandatory. The respective admins of these servers might want finally at least enable voluntary TLS; some of their customers apparently would like to receive mails from my server. And by the way, RFC 2487 that is referred to for instance in the postfix manpage and stated that one must not make TLS mandatory has been obsoleted by RFC 3207. Cheers Seegras -- "Those who give up essential liberties for temporary safety deserve neither liberty nor safety." -- Benjamin Franklin "It's also true that those who would give up privacy for security are likely to end up with neither." -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] GCSC critical infrastructure protection questions: your input needed.
Hi * on the Tue, Nov 14, 2017 at 09:41:29PM -0800, Bill Woodcock wrote: > The work has been divided into two working-groups: one is addressing > the question of what a norm should say (i.e. “Governments shouldn’t > cyber-attack X”). It's much simpler than that. The difference between black hats and white hats is only one: White hats publish. Because the victims of vulnerabilties exploited will be everyone, maybe with the exception your specific organization. If your spy-agency hoards vulnerabilites, the victims will be your own police, army, hospitals, power plants and citizens. Plus everyone else. And that's not how you spell "security". It's not even how you do "national security", it's actually "endangering national security" -- and your own outfits are doing it. Therefore, the only right thing to do is to compel everyone to publish security vulnerabilities, and ostracize everyone who hoards them. Cheers Seegras -- "Those who give up essential liberties for temporary safety deserve neither liberty nor safety." -- Benjamin Franklin "It's also true that those who would give up privacy for security are likely to end up with neither." -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Suche nach neuem Registrar
Hi I'm looking for one as well. DNSSEC and IPv6 glue records (and reachable via IPv6 of course) are a must. Is there a list somewhere where one can look up such things? Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Auskunft über Personendaten / deutsches Recht anwendbar?
Hi * on the Tue, Dec 23, 2014 at 12:06:36PM +, Q-X GmbH - Pascal Wagenhofer wrote: One of our customers is sharing links to uploaded.net, which contains music, which might be copyright protected. Well, _linking_ to it is not illegal in the first place. So you can tell this lawyers their case is totally meritless, and they can go fuck off. Write it a bit nicer than that, though ;) They could of course go to upladed.net and try to get to the person really doing the maybe copyright infringement. But there as well, they won't get anywhere without swiss court order (uploaded.net being swiss as well). The german law agency is now requesting the data of the owner We'll that agency is trying to get you to do something illegal ;). Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Swinog BE132 ZRH
* on the Mon, May 05, 2014 at 05:34:55PM +0200, Roger Buchwalder wrote: Since nobody will come to the Swinog BE, I will cancel the event. :( Usually, I would have come, but I was rather tired from the week-end ;) Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] AGUR12
* on the Sun, Dec 08, 2013 at 08:46:17PM +0100, Oliver Schad wrote: Hallo zusammen, habt ihr schon das Papier der AGUR12 gelesen? https://www.ige.ch/fileadmin/user_upload/Urheberrecht/d/Schlussbericht_der_AGUR12_vom_28_11_2013.pdf Die Bibel zur Hilfe (Sprüche 30): Worte Agurs, des Sohnes Jakes, der Ausspruch; das Manneswort an Itiel, an Itiel und Ukal: Ich bin unvernünftiger als irgend ein Mann und habe keinen Menschenverstand. Ich habe keine Weisheit gelernt, daß ich die Erkenntnis des Heiligen besäße. So, nun wisst ihr was AGUR ist ;) Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Zensur / Kobik / Sperrungen ?
Hi * on the Thu, May 23, 2013 at 07:28:56AM +0200, Xaver Aerni wrote: Laut gewissen Papieren, will auch die Schweiz, bzw gewisse Kreise, das Kopieren und Downloaden für den Privatgebrauch verbieten. They don't know what they are doing. Prohibiting Downloading will essentially criminalize everyone and inhibit just about every form of communication. Because every one of us is a content creator. I am, with this e-mail. So unless I would give you an explicit license to download this here mail, you'd already be violating the law. And think of all the kittens! Every lolcat-picture in the internet is actually subject to copyright. And with downloading prohibited, you'll be violating copyright every time you look at one of those. So either a) prohibit downloading but only pursue violations of the copyright of certain well-known entities (which of course flies in the face of legal equality) or b) prohibit downloading and pursue violations at will (which of course is illegal as hell, the practicioners are known as police states) or c) prohibit downloading try to pursue all violations, which in turn makes us a nation of criminals in which nobody practically may own anything, or communicate with anyone, in electronical form. Welcome to the pre-digital age). I can of course only presume the proponents of that scheme have a) in mind when they wrote their idiotic babble, and did not ever think about that under their proposition every member of their working group would be violating this new law hundreds of times per day. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] IP protection in Switzerland
* on the Fri, Sep 21, 2012 at 04:21:52PM +, Alexandre Egger wrote: Source: http://www.rts.ch/info/4289107.html/BINARY/Caucus.pdf A caucus happens to be a just an assembly of a party or political group, so these four senators/congressmen can bascially just meet for offee and decide they're the The Congressional International Anti-Piracy Caucus (if nobody objects and the rest thinks this could be useful). So this is a somewhat inofficial meeting of the criminally insane, trying to expand their mercantilist powergame to Switzerland. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Netdot
Hi * on the Wed, May 09, 2012 at 08:28:27AM +0200, Tobias Brunner wrote: Is anyone using Netdot and has experience with it? https://osl.uoregon.edu/redmine/projects/netdot I'm looking for a tool to automatically document our network topology, including CDP information, spanning-tree, vlans, mac addresses, IPv4 and IPv6 and so on. And Netdot looks very promising! We use it, for discovery, IP-range management and DNS. Main reason: In contrast to dozens of other systems, this one supports IPv6. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Facebook down
* on the Wed, Mar 07, 2012 at 05:37:06PM +0100, Marco Fretz wrote: Customer told me that there was a known bug in Plesk. Maybe there really was a botnet attack against Facebook today :) does anyone have any specific information? would be interesting. Ah, you mean THIS http://pastebin.com/AKF2qN4z That was deposited in the cgi-bin on various customer accounts of plesk-systems. Can't see any DNS-attack code in there, tough. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Bluewin dynamic IP-ranges
Hello * on the Wed, Mar 09, 2011 at 04:28:34PM +0100, Stefan Rothenbuehler wrote: If you're providing a service for all Bluewin customers, I assume that the project partner is Swisscom. So I'm your project partner within Swisscom can give you the desired IP range information. You might be shocked to hear that it's possible that an ISP wants to whitelist all Bluewin-Ranges *despite* having nothing to do with Swisscom or Bluewin itself. In fact, we also have the same issue; we need to firewall something, but our customer, which happens to use a dynamic IP in the Swisscom/Bluewin range, needs to have access. And its far better to allow all your dynamic IP-ranges than to allow the rest of the world as well. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Hostingprovider als Straftäter (german)
Der Titel: Bericht der Expertenkommission Netzwerkkriminalität Der Auftrag: 1. Der Bundesrat wird eingeladen, zum Schutz des Internet im Interesse von Bevölkerung und Wirtschaft in erster Priorität rasch eine rechtssichere, praktikable, international möglichst harmonisierte Regelung im Strafrecht, eventuell in einzelnen weiteren Bestimmungen zu beantragen. Was tatsächlich Untersucht wurde: Wie können und sollen illegale Inhalte auf dem Internet verhindert werden, und wer ist für diese auf welche Weise verantwortlich? In other words and in english: The comission had to look for solutions and laws against general criminal conduct in the internet; but what they did was just to look at violations of copyright and child pornography. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] SMS from analog modem
* on the Fri, Dec 10, 2010 at 02:56:31PM +0100, Pascal Gloor wrote: I remember something we used at PETREL (like 15 years ago). We had to dial a number and using an expect script we had to go through a text menu for sending messages to a pager. If I remember correctly, the settings were 1200 bauds, 7n1.. not totally sure here, it was a long time ago. I think that this service doesn't exist anymore (I mean, 1200 bauds!! lol). Expect? Pager? We did that too! ;)) Here's the script: http://seegras.discordia.ch/Programs/sendsms And yes, the service does not exist anymore. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Blocking Malware distribution sites
* on the Thu, Nov 11, 2010 at 11:17:43AM +0100, JIm Romaguera wrote: Seriously, cert authorities have often delayed outing security holes from buggy software/hardware manufacturers until they have time to patch the bug. This has taken sometimes a very long time. Indeed. This (and the NDA) is why I normally directly contact any other involved organization directly, without contacting cert. And, in case of security holes, go to bugtraq if nothing happens. How come then that a maybe malware infected site (read the previous poster's comments - one man's malware is another man's security protection service) has no real time to react and is effectively nuked. Honeypots? Anyway, as I see it, the whole thing adheres to the usual the opposite of good is well-meant approach. That, and it illustrates of course a very bad tendency of having the administration writing laws (well, technically not a law, but close enough). Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] BÜPF...again ; )
* on the Fri, Aug 20, 2010 at 06:14:18PM +0200, rai...@ultra-secure.de wrote: What politicians don't seem (or simply don't want) to understand is that the problem of these LI-technology lie in the huge potential for abuse and misuse. Politicians sometimes seem to live in an ideal world, where there is no corruption and no abuse of power (or they are simply not negatively affected by it...). It's very simple: Privacy is not opposed to security, but privacy is rather the first step to achieve security. The USA with its lax privacy protection has huge problems with fraud, much more so than Europe or Switzerland.. And _anything_ that undermines privacy, even if it comes from the. state/police side (like data retention -- fucking stupid idea to make ISPs amass data ready to be compromised by criminals) will lead to higher criminal-rates. You can't fight crime by giving the criminals more opportunities. But that's precisely what all these lawful interception laws do. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] IronPort E-Mail Reputation
* on the Wed, Jun 23, 2010 at 03:33:00PM +0200, Patrick Studer wrote: So, we tried to get some help from the cisco ironport support. There answer wasn't very helpful either. They told us, that senderbase.org is a complete other company and they don't have any contact and we should try their website www.senderbase.org. Otherwise, if we don't have a IronPort box, they will not help us. Sounds much alike to Microsofts Smartscreen (which, of course, is very stupid indeed, as everytime Microsoft calls something smart): http://seegras.discordia.ch/Blog/abused-by-microsoft/ Most solutions were already mentionned, I consider the rotating of IP-addresses (every time after you end up in blacklists AND you have fixed the problem) the most useful one. If this is too much a chore, you probably should ditch MDaemon for some other MTA which hasn't any problems with hat, like Exim or Postfix... Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Net neutrality
* on the Tue, Jun 22, 2010 at 11:46:12AM +0200, Xaver Aerni wrote: Verry intresting, in US http://www.sueddeutsche.de/digital/usa-umstrittenes-internetgesetz-obama-und-der-ausschalt-knopf-1.962900 This is not only despotist bullshit, but a fucking stupid idea altogether which will do (the USA) more harm than good. it is almost always a bad trade-off to deny society the benefits of a communications technology just because the bad guys might use it too. http://www.schneier.com/blog/archives/2009/01/helping_the_ter.html Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] www.eda.admin.ch down?
* on the Wed, Jun 16, 2010 at 02:11:30AM +0200, Linus Wegmann wrote: I understand now about the ICMP blocking... i guess it's because they wanna protect from DoS attacks (or other frauds) Actually, it's because they don't understand IP. http://www.phildev.net/mss/mss-talk.pdf Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Port 25 Blockade @ Swisscom (Bluewin)
* on the Mon, Mar 08, 2010 at 08:15:44PM +0100, Gregory Agerba wrote: However Switzerland is probably a good place to infect computers, since the infrastructures are probably of good standing. Actually, Switzerland has a high Microsoft-density (much higher than Germany, for instance), which makes it a good target. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] dirt cheap netbook at Mediamarkt
* on the Thu, Feb 04, 2010 at 12:25:11AM -0800, Stanislav Sinyagin wrote: yeah, and then the new users will write Linux experience in their CV's with zero knowledge what Bourne shell is :) Actually, most Linux-users do have zero knowledge about Bourne shell. And thus the world is full of bashisms, because people tend to use constructions which work on the Bourne Again shell, but not the Bourne shell. But the Bourne shell (As seen in FreeBSD ;)) IS of course a bloody nuisance. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Debian vs. Ubuntu
* on the Sat, Jan 30, 2010 at 01:36:52PM +0100, Per Jessen wrote: AFAICT from that list, you'd be fine on openSUSE too. Still, nothing wrong with untar+config+make :-) Yes, very wrong. Maintainability goes trough the floor. Or are you sure not to miss a security-relevant update in an insignificant program like tar? Or any other program or library which might be a dependancy of the software you're compiling? And if you're compiling yourself, because the package in the distribution is too outdated, make packages, and name them after the same scheme as the distribution. That way your package might be upgraded automatically if the distribution ships a newer one. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Debian vs. Ubuntu
* on the Thu, Jan 28, 2010 at 03:18:19PM +0100, Schlageter Benjamin wrote: I wonder if someone has any experiences with Ubuntu as server distribution? Not much. Till this day, we use only Debian - but to the end of Debian 4.0 we must upgrade every server to get still security patches. Yes, but that's absolutely painless. sed -i s/etch/lenny/g /etc/apt/sources.list apt-get update apt-get dist-upgrade Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] Selling Sparc Enterprise 250
Hello just FYI, I'm selling a Sparc Enterprise 250. It's on ricardo now: http://www.ricardo.ch/accdb/viewitem.asp?AuctionNr=594134692 Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Dreaming of anarchy (Was: killer app for IPv6)
* on the Tue, Nov 10, 2009 at 03:01:44PM +0100, Jeroen Massar wrote: How exactly would it do that? People using P2P (and don't forget NTTP and various other methods) for downloading illegal (aka stuff that is copyrighted) content do so because they don't want to pay for the content. Stop right there. Nobody is downloading illegal content. It's the UPloading aka sharing of copyright-protected content without a proper license which is illegal. Don't parrot propaganda. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Security appliance advice
Morning I just about agree with Jeroen. * on the Wed, Sep 16, 2009 at 10:38:21AM +0200, Jeroen Massar wrote: As you say 'webhosting' your biggest worry though won't be that, it will be all the great php/perl/whatever scripts written by people who haven't figured out what security means causing great things as SQL injections or just simple remote file inclusions. (aka, enable php error logging in full to a file, and see what junk you get, and you might want to consider running PHP with Suhosin. That's not enough, by far. You might consider to use mod_security. I use to see some dirty forged packets hiting the servers. Nothing you can do about it as upstream needs to take care of spoofed packets. You can do some rough ingress-filtering on your routers. And you definitely should do egress-filtering on them, so YOU can't become a source of spoofed packets. Nevertheless, iptables can take care of most of the junk. Yes, I'd recommed to do just that. Filter out any junk with iptables; block any ports you're not using for services from the outside (so any user on your machine running a daemon can't have connections to it from the outside), and limit outgoing connections. I personally also like to rate-limit ICMP. But don't be over-zealous, especially not where ICMP is concerned: http://portal.acm.org/citation.cfm?id=1050542 Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Vorratsdatenspeicherung
Spannende Stellenausschreibung beim Bund: http://www.epa.admin.ch/dienstleistungen/stellen/onlineabfrage/index.html?lang=deid=485_2009_10037324-11_extern_D#stellenResultDiv Im Geschäftsbereich Überwachung Post- und Fernmeldeverkehr sind Sie in einem kleinen Team mitverantwortlich, dass die technischen und organisatorischen Voraussetzungen zur Einleitung von Fernmeldeüberwachungsmassnahmen erarbeitet und umgesetzt werden. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Censurship in Germany Take 2
* on the Mon, Apr 20, 2009 at 10:28:14PM +0100, Andy Davidson wrote: In the UK we have -- we are told -- blocking without logging, because the intent of the blocking is to prevent the *accidental* discovery of child abuse images. Stupid pricks. If they legalized possession, all of those people accidently discovering such things would inform the police, thus mabye really doing something useful against ist. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Fwd: Re: Hackerparagraph
* on the Wed, Mar 18, 2009 at 08:36:35AM +0100, Thomas Dagonnier wrote: It may be an idea to have a look at the treaty they have to implement : http://conventions.coe.int/Treaty/EN/Treaties/Html/185.htm I concur, this treaty is shite. It criminalizes various tools instead of acts, tries to heavy-hand enforcement of monopolies, tries to invent new laws where old ones are quite clear (forgeries, fraud), tries to criminalize third parties (aiding, abettig) and so on. Shame on whoever came up with this, and on whoever signed this. You've just grossly violated democratic judical principles. In accordance to Henlons Razor (which assumes there is no malice if sufficiently explained by stupidity), you are morons. Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Fwd: Re: Hackerparagraph
* on the Wed, Mar 18, 2009 at 12:15:53PM +0100, Norbert Bollow wrote: * on the Wed, Mar 18, 2009 at 08:36:35AM +0100, Thomas Dagonnier wrote: It may be an idea to have a look at the treaty they have to implement : http://conventions.coe.int/Treaty/EN/Treaties/Html/185.htm Shame on whoever came up with this, and on whoever signed this. You've just grossly violated democratic judical principles. One important thing to keep in mind is that signatures under international treaties are *not* a commitment to do what the treaty says, they are only a declaration of intention to consider for ratification that particular version of the treaty. Yes, but they're a commitment to implement said articles, so if you sign this, you intent to: 10.1 Each Party shall adopt such legislative and other measures as may be necessary to establish as criminal offences under its domestic law the infringement of copyright, There are certain provisions which weaken this, further down but STILL this declares the intention to take out copyright infringement out of civil right into criminal right. Which is an outrageous step in the protection of artificial trade-monopolies. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] $MATCH (fwd)login banner
* on the Fri, Jan 30, 2009 at 04:43:53PM +0100, Michael Krygier wrote: ISO is a network of the national standards institutes of 158 countries, one member per country, with a Central Secretariat in Geneva, Switzerland, that coordinates the system. Yes, the good people who laid the base for SNA and NETBEUI and brought us ISO 9001 certifications and last but not least ISO 29500. Thou shalt not design protocols by commitee. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Netclean - news
* on the Wed, Dec 10, 2008 at 09:54:11AM +0100, Marc Hauswirth wrote: After the presentation of Netclean whitebox at last Swinog meeting from Pascal Seeger and Grégoire Galland, we are pleased to announce that now two ISP in Switzerland are using it to filter their Internet access to block pedophile content. The opposite of good is good intent. Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Netclean - news
* on the Wed, Dec 10, 2008 at 05:17:54AM -0800, Stanislav Sinyagin wrote: What if a whitebox is hacked, and the intruder can inject new IP addresses and get the hold of traffic content? There's a lot of things one could do with that... What a nice way to implement drive-by-injections. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Netclean - news
* on the Wed, Dec 10, 2008 at 08:00:20PM +0100, Chris Gravell wrote: a propensity for binge-drinking, And how come the UK has much a bigger problem with that than continental europe? Might the war-time closing times (which are still in effect since World War I) have something to do with that? The direct consequence of this has seen CCTV attempt to tackle the problem, rightly or wrongly. The Egg came before the Chicken in this case. But, of course, the camera¹s shall stay no matter what. And that doesn't really worry you? I don¹t have a problem with any technology that blocks objectionable material that is non-consensual to the overriding majority. It serves no useful purpose and does not infringe my right to be. Might well be. But that's completely beside the point. The question is, WHEN (and not even IF) they're going against something else (political criticism, for instance) now that the infrastructure is in place. You severly underestimate the ability for malice and stupidity on the part of any gouvernemental or bureaucratic entity. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] open source illusions (was: Hot Red Flames (Was: IRC Server dead ?))
* on the Tue, Oct 07, 2008 at 02:01:24PM +0200, Per Jessen wrote: fixing something yourself is also pretty much an illusion, except for those few people who are sufficiently involved. When have you last _had_ to fix anything yourself in a stable release of any open source project? We've found bugs in just about everything we use. FreeBSD kernel, libc, apache-modules, pdns, nfs, and so on. And we fix them if we have the source. We're not involved in any of those projects. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Hot Red Flames (Was: IRC Server dead ?)
* on the Mon, Oct 06, 2008 at 06:50:54PM +0200, Jeroen Massar wrote: I've done too much cmputer security, and now I've got a déformation professionelle. I won't use closed software for anything crucial like communication; You don't use Cisco's or Junipers? How do you use the Internet actually? It's a very different matter if a client is wired to use some specific server of some company to initiate communication, and uses a closed protocol too. For all I know this is like re-routing my communication trough skypes servers so they can wiretap it. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] IRC Server dead ?
* on the Mon, Oct 06, 2008 at 07:02:18AM -0700, Stanislav Sinyagin wrote: why doesn't someone create a public Skype chat for SwiNOG? I think more people on this list have skype than IRC client software (me, for example :-) I don't. And I WON'T. I've done too much cmputer security, and now I've got a déformation professionelle. I won't use closed software for anything crucial like communication; something where I can't even run the server myself (or decide whose server I want to use). On the other hand, I've got an IRC-Server running too ;) And I'm available with Jabber, of course. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] The truth about UCEPROTECT-Blocklists
Once again. It seems uceprotect has some feedback-mechanism, where an email to a nonexistant address can automatically get the sending server added to a blacklist. See http://www.uceprotect.net/en/index.php?m=3s=0 Pity that this also affects addresses which are not existant anymore, and double the pity that people of course keep mailing to those, or do not deinstall their mailforwards. But the best things is the following. The users and their respective domains have been anonymized, however, the IPs and ISPs NOT. Aug 21 08:40:09 10.0.2.1 exim-mxin[95536]: 2008-08-21 08:40:09 1KW3q5-000Oqu-6m = [EMAIL PROTECTED] H=(mailgate1.webhost4u.ch) [193.138.29.15] P=esmtp S=13147 [EMAIL PROTECTED] [EMAIL PROTECTED] sends a mail. His webhoster seemingly reports to uceprotect. Aug 21 08:40:11 10.0.2.15 exim-dist[48224]: 2008-08-21 08:40:11 1KW3q5-000CXo-Dy = [EMAIL PROTECTED] H=(mxin001.mail.hostpoint.ch) [10.0.2.1] P=esmtp S=13618 [EMAIL PROTECTED] Aug 21 08:40:11 10.0.2.15 exim-dist[48239]: 2008-08-21 08:40:11 1KW3q5-000CXo-Dy = [EMAIL PROTECTED] R=local_delivery_router T=local_delivery S=13708 QT=2s DT=0s Aug 21 08:40:12 10.0.2.15 exim-dist[48239]: 2008-08-21 08:40:12 1KW3q5-000CXo-Dy = otheruser [EMAIL PROTECTED] R=autoresponder T=autoresponder S=13684 QT=3s DT=1s Aug 21 08:40:12 10.0.2.15 exim-dist[48239]: 2008-08-21 08:40:12 1KW3q5-000CXo-Dy Completed The mail arrives at [EMAIL PROTECTED] This otheruser uses an autoresponder which sends a mail back to [EMAIL PROTECTED] Aug 21 08:40:12 10.0.2.16 exim-mxout[21209]: 2008-08-21 08:40:12 1KW3q8-0005W5-GD = H=(dist004.mail.hostpoint.ch) [10.0.2.15] P=esmtp S=1064 Aug 21 08:40:13 10.0.2.16 exim-mxout[21210]: 2008-08-21 08:40:13 1KW3q8-0005W5-GD ** [EMAIL PROTECTED] R=smtp_router T=remote_smtp: SMTP error from remote mail server after RCPT TO:[EMAIL PROTECTED]: host mailgate1.webhost4u.ch [193.138.29.15]: 571 Access denied and blocklisted: 990 (V4.07-RULE-0901) Sorry your IP is blacklisted at http://www.backscatterer.org/?ip=217.26.49.182 Sadly, [EMAIL PROTECTED] doesn't really exist, so the mailserver of [EMAIL PROTECTED] gets into the uceprotect blacklist. The point of this is of course, that EVERY ISP which has some customer which uses autoreply can be blacklisted. This is very bad. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Referendum against Swiss DMCA
Hello * on the Wed, Dec 05, 2007 at 08:49:43AM +0100, Tonnerre LOMBARD wrote: Now to the problems. We have already achieved something with regard to taming this law. The original proposal had far worse provisions, and we could have ended up far worse without some of the specifications. However, if the current law is abolished through a referendum, it will have to recurr immediately, because the law was not created out of hot air but as a response to an international treaty which Switzerland ratified. I concur with that. I wouldn't take up a referendum against a half-bad law. There should be done something, but in my opinion the whole law should be completely rewritten at a later date, and probably the WIPO-treaty itself should be repelled (or changed completely at WIPO-level). It's apalling how the so-called economical liberal are not in fact opening up markets for free trade but instead are plastering the whole world with laws for more gouvernement-granted monopolies. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Recommendations for root server providers
* on the Tue, Nov 27, 2007 at 10:47:24PM +0100, Thomas Bader wrote: I need to rent a unmanaged, dedicated root server. I found a lot of companies that offer only managed root servers - in my case I explicitly need a unmanaged one. I'd recommend http://european.ch.orsn.net/ And yes, these are managed. Unless you're looking for some dedicated server, which would be something completely different than a root server. http://nine.ch offers some. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] UCEProtect Blacklist
* on the Sat, Nov 03, 2007 at 02:00:15PM +0100, Per Jessen wrote: I would be interested to know why you find UCEprotect to be unreliable and unprofessional? Because of their delisting-procedure. How many networks will end up in there which have been sending spam at some time, but don't ever sent spam since then, because their admins fixed the problem, or the net got reassigned or whatever? And maybe their admins didn't even know they're on uceprotect, or the new admins don't know or whatever? Every blacklist who does not delete the listings automatically will end up eventually with a huge mass of false positives, which indicates a failure of the system. With UCEprotect, I estimate about 30% of their entries being listed are such false positives, and this will of course raise and raise.. Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Cablecom blockages out of control
* on the Thu, Dec 08, 2005 at 03:21:40PM +0100, Glogger Steven wrote: you mean blocked by e-mail? or on based on ip? Blocked for email, based on IP. ... Seems not generally though (as I first assumed), only the error returned by Cablecom looked very much so. Or maybe it really was listed by SORBS as dialup-range this morning and isn't anymore. you might contact cablecom via inoc db phone ,-) Fax? Actually, some nice person there gave me Christians phonenumber. And you should update the number in the pdf/doc. The person listed as fax definitly isn't, and definitly is not a technical contact ;) Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog