Re: [swinog] BÜPF...again ; )
Salut, Viktor, On Sat, 21 Aug 2010 08:24:52 +0200, Viktor Steinmann wrote: > - Facebook bashing is hip among the IT community. However on Facebook > you only share what you want to share and you can even lie about all > of your personal details, even create a fake personality. If you have > privacy concerns, don't put it on the Internet - be it Facebook or > any other site. In any case it's in no way comparable with someone > spying on your private computer, where you keep your "real" private > data, not the crap you put on Facebook. That's a nice theory you have, and I totally agree when it comes to Facebook. (Not because of my employer though, just my personal opinion.) However, there are very legitimate reasons why people in our world may want anonymity, and this level of anonymity can only be reached on the Internet, as you cannot hide your body or your voice patterns in the real world. And some people have lived through some awful things in their lives and are in dire need for such anonymity. You may of course claim that these people have lived before the Internet — yes, they have, and they had it much worse. I'm glad that the Internet is helping to prevent people from committing suicide or hurting and crippling themselves every day. It helps people find other people to listen to them and to confirm to them that they are valuable and that they're right when they think they're treated unacceptably. And it does all of this. Destroying this anonymity by introducing more and more surveillance measures at large, monitoring any kind of traffic and forcing people to give away their identity with every Internet conversation is NOT helping, it is killing this amazing thing we have for, as we all know, no good reason. Anonymity is a protecting blanket. Just saying. Regards, Tonnerre signature.asc Description: PGP signature ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] BÜPF...again ; )
* on the Fri, Aug 20, 2010 at 06:14:18PM +0200, rai...@ultra-secure.de wrote: > What politicians don't seem (or simply don't want) to understand is that > the problem of these LI-technology lie in the huge potential for abuse and > misuse. > Politicians sometimes seem to live in an ideal world, where there is no > corruption and no abuse of power (or they are simply not negatively > affected by it...). It's very simple: Privacy is not opposed to security, but privacy is rather the first step to achieve security. The USA with its lax privacy protection has huge problems with fraud, much more so than Europe or Switzerland.. And _anything_ that undermines privacy, even if it comes from the. state/police side (like data retention -- fucking stupid idea to make ISPs amass data ready to be compromised by criminals) will lead to higher criminal-rates. You can't fight crime by giving the criminals more opportunities. But that's precisely what all these "lawful interception" laws do. Cheers Seegras -- "Those who give up essential liberties for temporary safety deserve neither liberty nor safety." -- Benjamin Franklin "It's also true that those who would give up privacy for security are likely to end up with neither." -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] BÜPF...again ; )
Totally agree. Facebook (among other web applications) is as discrete and secure as the information you feed in. Some use it as an electronic diary and then wonder that you can find out all sort of information about them... Back to the initial topic: Probably someone at BÜPF has realized that intercepting traffic is not always helpful (encryption) so went back to the source. Placing a Trojan is for me comparable with the Secret files practice (fichen affäre) of the cold-war period. It would simply be a way to collect all sort of information about you and me and will forcibly lead to abuse. So finally if you complain about Goggle-Streetview you will have to fight against this (future) abuse anyway. Daniele -Original Message- From: swinog-boun...@lists.swinog.ch [mailto:swinog-boun...@lists.swinog.ch] On Behalf Of Viktor Steinmann Sent: Samstag, 21. August 2010 08:25 To: swinog@lists.swinog.ch Subject: Re: [swinog] BÜPF...again ; ) It's a poor world some of the SwiNOG members live in. - Facebook bashing is hip among the IT community. However on Facebook you only share what you want to share and you can even lie about all of your personal details, even create a fake personality. If you have privacy concerns, don't put it on the Internet - be it Facebook or any other site. In any case it's in no way comparable with someone spying on your private computer, where you keep your "real" private data, not the crap you put on Facebook. - We live in a direct democracy and therefore are responsible for our own world and society. If you're unhappy with that - try to find a better place, or try to change it by joining the policital class. Just muttering is not going to help. - Last but not least some people have the constant feeling, that the government is trying to rip them off or f**k with them every second of their life. That's just paranoid. The government is trying to run a country. The people working for the government sometimes have ideas on how to improve processes - just like in any company. The good thing is, that we can judge their ideas and have the power to stop them if we're not happy with them (something you most probably don't have in your company). It's good to be alert and question decisions, but don't overdo it. You might end as an unhappy person. Kind regards, Viktor ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog "This e-mail, any associated files and the information contained in them are confidential and is intended for the addressee(s) only. If you have received this message in error please notify the originator and delete the email immediately. The unauthorised use, disclosure, copying or alteration of this message is strictly forbidden. E-mails to and from the company are monitored for operational reasons and in accordance with lawful business practices. Any opinions expressed are those of the individual and do not necessarily represent the views of the company. The company does not conclude contracts by email and all negotiations are subject to contract. We make every effort to maintain our network free from computer viruses but accept no responsibility for any viruses which might be transferred by this e-mail." ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] BÜPF...again ; )
> Privacy is something, only old people seem to care about. I hear that a lot, but it doesn't seem to hold up to scientific scrutiny: http://www.readwriteweb.com/archives/study_youth_not_only_care_about_facebook_privacy_t.php But just continue to claim this; it makes old people feel better. -- Simon. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] BÜPF...again ; )
Hi there! I totally agree. - I virtually click on the "iLike" button for this statement. :) Cheers, Alex -Original Message- From: swinog-boun...@lists.swinog.ch [mailto:swinog-boun...@lists.swinog.ch] On Behalf Of Viktor Steinmann Sent: Saturday, August 21, 2010 8:25 AM To: swinog@lists.swinog.ch Subject: Re: [swinog] BÜPF...again ; ) It's a poor world some of the SwiNOG members live in. - Facebook bashing is hip among the IT community. However on Facebook you only share what you want to share and you can even lie about all of your personal details, even create a fake personality. If you have privacy concerns, don't put it on the Internet - be it Facebook or any other site. In any case it's in no way comparable with someone spying on your private computer, where you keep your "real" private data, not the crap you put on Facebook. - We live in a direct democracy and therefore are responsible for our own world and society. If you're unhappy with that - try to find a better place, or try to change it by joining the policital class. Just muttering is not going to help. - Last but not least some people have the constant feeling, that the government is trying to rip them off or f**k with them every second of their life. That's just paranoid. The government is trying to run a country. The people working for the government sometimes have ideas on how to improve processes - just like in any company. The good thing is, that we can judge their ideas and have the power to stop them if we're not happy with them (something you most probably don't have in your company). It's good to be alert and question decisions, but don't overdo it. You might end as an unhappy person. Kind regards, Viktor ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] BÜPF...again ; )
It's a poor world some of the SwiNOG members live in. - Facebook bashing is hip among the IT community. However on Facebook you only share what you want to share and you can even lie about all of your personal details, even create a fake personality. If you have privacy concerns, don't put it on the Internet - be it Facebook or any other site. In any case it's in no way comparable with someone spying on your private computer, where you keep your "real" private data, not the crap you put on Facebook. - We live in a direct democracy and therefore are responsible for our own world and society. If you're unhappy with that - try to find a better place, or try to change it by joining the policital class. Just muttering is not going to help. - Last but not least some people have the constant feeling, that the government is trying to rip them off or f**k with them every second of their life. That's just paranoid. The government is trying to run a country. The people working for the government sometimes have ideas on how to improve processes - just like in any company. The good thing is, that we can judge their ideas and have the power to stop them if we're not happy with them (something you most probably don't have in your company). It's good to be alert and question decisions, but don't overdo it. You might end as an unhappy person. Kind regards, Viktor ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] BÜPF...again ; )
Le 20.08.2010 18:14, rai...@ultra-secure.de a écrit :
We probably all followed the discussion in Germany about the
"Bundestrojaner" and how it failed.
And of course, a trojan spying on citizens is a major impact in privacy,
which is not acceptable.
Try to argue about that with people who have a facebook-account.
Last count: 500 000 000+.
Privacy is something, only old people seem to care about.
nah, young people care about privacy, they only agree on privacy sharing
if this leads to mass spam, advertising and useless crap (also in some
cases "legal" personnal work stealing ;)
the government is dangerous, he dont make money with those dqatas, he
dont send spam, and alos he tries to keep a bit of education in
education .. quite dangerous no ?
so yes young people is also concerned about privacy...
do not forget also about comtouch, blackberry, email and data saas,
android and iphones, do i forgot some ? i assume yes ;)
However I don't think, that it's possible to create such a trojan and
use it, because of the following facts:
- It's not very easy to put a trojan in a system of a prudent user, who
updates regularly and doesn't open every mail or document received.
- Virusscanners will soon know the trojan
- The swiss government doesn't have enough power to force antivirus
software creators to ignore the trojan.
Maybe not the Swiss government.
tell me .. what about an account at an UBS concurrent eh ?
But I'd like to point out that we already have an infrastructure for
lawful inspection ("LI") of telephone calls (it's actually a thriving
industry...).
As such, there are even standardization-bodies for it.
Do you think that it's impossible an industry-standard for LI of
individual PCs might emerge?
AV-vendors are global companies, mostly. Just like telcos, they'd have to
implement what governments order them to do.
Even for "normal" malware, the detection-rate of AV-software is mediocre
to the point that it's barely above placebo-level.
How would you know that a certain AV-software does not detect a trojan?
With the exception of clamav, no AV-engine is open-source, neither are the
signatures.
And even clamav is now owned by a commercial company (Sourcefire,
incidentially the company behind the only open source Intrusion Detection
System).
- Not all criminals use Windows ;-)
Indeed, but most do. And rootkits exist for Linux + BSD, too.
What politicians don't seem (or simply don't want) to understand is that
the problem of these LI-technology lie in the huge potential for abuse and
misuse.
Politicians sometimes seem to live in an ideal world, where there is no
corruption and no abuse of power (or they are simply not negatively
affected by it...).
i have to disagree, politicians used to give people what people want ..
an illusion of peace and happyness.. act on a real problem, and your
politician life is over ...
Rainer
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
naz
(apologies for my poor english and for some kind of daark vision of the
actual society .. )
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] BÜPF...again ; )
> We probably all followed the discussion in Germany about the
> "Bundestrojaner" and how it failed.
>
> And of course, a trojan spying on citizens is a major impact in privacy,
> which is not acceptable.
Try to argue about that with people who have a facebook-account.
Last count: 500 000 000+.
Privacy is something, only old people seem to care about.
> However I don't think, that it's possible to create such a trojan and
> use it, because of the following facts:
>
> - It's not very easy to put a trojan in a system of a prudent user, who
> updates regularly and doesn't open every mail or document received.
> - Virusscanners will soon know the trojan
> - The swiss government doesn't have enough power to force antivirus
> software creators to ignore the trojan.
Maybe not the Swiss government.
But I'd like to point out that we already have an infrastructure for
lawful inspection ("LI") of telephone calls (it's actually a thriving
industry...).
As such, there are even standardization-bodies for it.
Do you think that it's impossible an industry-standard for LI of
individual PCs might emerge?
AV-vendors are global companies, mostly. Just like telcos, they'd have to
implement what governments order them to do.
Even for "normal" malware, the detection-rate of AV-software is mediocre
to the point that it's barely above placebo-level.
How would you know that a certain AV-software does not detect a trojan?
With the exception of clamav, no AV-engine is open-source, neither are the
signatures.
And even clamav is now owned by a commercial company (Sourcefire,
incidentially the company behind the only open source Intrusion Detection
System).
> - Not all criminals use Windows ;-)
Indeed, but most do. And rootkits exist for Linux + BSD, too.
What politicians don't seem (or simply don't want) to understand is that
the problem of these LI-technology lie in the huge potential for abuse and
misuse.
Politicians sometimes seem to live in an ideal world, where there is no
corruption and no abuse of power (or they are simply not negatively
affected by it...).
Rainer
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] BÜPF...again ;)
On Fri, Aug 20, 2010 at 10:48:10AM +0200, Steven Glogger wrote: > stony, > >We probably all followed the discussion in Germany about the > >"Bundestrojaner" and how it failed. > > > >And of course, a trojan spying on citizens is a major impact in > >privacy, which is not acceptable. > yes, sounds again like a aprils joke. ... but but in CSI they do that all the time. OK in CSI even the google street view is live and people belive it. > >However I don't think, that it's possible to create such a trojan > >and use it, because of the following facts: > > > >- It's not very easy to put a trojan in a system of a prudent > >user, who updates regularly and doesn't open every mail or > >document received. > hmm.. there are MANY customers, which are virus infected. I see in > our network (including ex-Bluewin) a large number of potential > customers which will gladly accept to install this trojan (even if > they don't notice). Yep, see below. > >- Virusscanners will soon know the trojan > >- The swiss government doesn't have enough power to force > >antivirus software creators to ignore the trojan. > hmm... if you can force them to ignore the trojan, will a real > trojan/malware writer be able to use this signature/architecture to > circumvent any protection? Most probably yes, since the bundestrojaner should be considered malware as well. > >- Not all criminals use Windows ;-) > fortunately. but windows rate is still high. > I guess organized crime will figure this out quickly and switch to secure alternatives. So in the end only the dumb will get monitored. So all this effort will be worthless in short time. It is similar to the live capture of traffic. Smart people will use encryption and so the captured data well end up being mostly unusable noise. > > > >Still I'm happy, that we SwiNOGers are not the only ones worrying > >and/or fighting this project. Even if this project doesn't work, > >it will burn lots of money while trying to do so. > yes, our money... ,-( > that leads me to the questions: now the trojan is installed, WHO the > hell analyzes everything? this is going to be a huge amount of data > which needs to be stored (where? will it be secure and protected?), > analyzed (who will do this?) and brought into court (which judge > will understand??). > CSI? DBA? Analyzing data, doesn't that happen automatically when you push a button? > i assume: this project will fail. > too risky, to bad for the politicians reputation, causes too much > troubled waters. > it will cost too much money, and resources are not available. > I'm not so sure. It seems that privacy is no longer en vogue and that many people think we need more security because the world is so evil. The only way to stop this is to make a big fuss about it so that no politican wants to touch this toppic anymore. > in my opition this is just kind of marketing blurp from the > politicians. dont forget: elections are close... > Yeah and thanks to SP and SVP we're now in constant election fights. So expect more stupid ideas to bubble up. -- :wq Claudio The two most common things in the universe are hydrogen and stupidity. -- Harlan Ellison ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] BÜPF...again ;)
stony, We probably all followed the discussion in Germany about the "Bundestrojaner" and how it failed. And of course, a trojan spying on citizens is a major impact in privacy, which is not acceptable. yes, sounds again like a aprils joke. However I don't think, that it's possible to create such a trojan and use it, because of the following facts: - It's not very easy to put a trojan in a system of a prudent user, who updates regularly and doesn't open every mail or document received. hmm.. there are MANY customers, which are virus infected. I see in our network (including ex-Bluewin) a large number of potential customers which will gladly accept to install this trojan (even if they don't notice). - Virusscanners will soon know the trojan - The swiss government doesn't have enough power to force antivirus software creators to ignore the trojan. hmm... if you can force them to ignore the trojan, will a real trojan/malware writer be able to use this signature/architecture to circumvent any protection? - Not all criminals use Windows ;-) fortunately. but windows rate is still high. Still I'm happy, that we SwiNOGers are not the only ones worrying and/or fighting this project. Even if this project doesn't work, it will burn lots of money while trying to do so. yes, our money... ,-( that leads me to the questions: now the trojan is installed, WHO the hell analyzes everything? this is going to be a huge amount of data which needs to be stored (where? will it be secure and protected?), analyzed (who will do this?) and brought into court (which judge will understand??). i assume: this project will fail. too risky, to bad for the politicians reputation, causes too much troubled waters. it will cost too much money, and resources are not available. in my opition this is just kind of marketing blurp from the politicians. dont forget: elections are close... -steven ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] BÜPF...again ;)
We probably all followed the discussion in Germany about the "Bundestrojaner" and how it failed. And of course, a trojan spying on citizens is a major impact in privacy, which is not acceptable. However I don't think, that it's possible to create such a trojan and use it, because of the following facts: - It's not very easy to put a trojan in a system of a prudent user, who updates regularly and doesn't open every mail or document received. - Virusscanners will soon know the trojan - The swiss government doesn't have enough power to force antivirus software creators to ignore the trojan. - Not all criminals use Windows ;-) Still I'm happy, that we SwiNOGers are not the only ones worrying and/or fighting this project. Even if this project doesn't work, it will burn lots of money while trying to do so. Kind regards, Viktor On 19.08.2010 22:27, Pascal Gloor wrote: Hi SwiNOGers ;-) I thought I'd say some words for all small and medium sized ISPs while I had the SDA/ATS journalist on the phone. in German: http://www.tagesanzeiger.ch/digital/internet/berwachungswahn-der-Beamten-in-Bern/story/12403271 in French: http://www.romandie.com/infos/news2/201008181800060AWPCH.asp in Italian: http://new.ticinonews.ch/articolo.aspx?id=200533&rubrica=14 See you, Pascal ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] BÜPF...again ;)
Am 19.08.2010 22:27, schrieb Pascal Gloor: I thought I'd say some words for all small and medium sized ISPs while I had the SDA/ATS journalist on the phone. in German: http://www.tagesanzeiger.ch/digital/internet/berwachungswahn-der-Beamten-in-Bern/story/12403271 in French: http://www.romandie.com/infos/news2/201008181800060AWPCH.asp in Italian: http://new.ticinonews.ch/articolo.aspx?id=200533&rubrica=14 Pascal, much appreciated. I already blogged about: http://www.blogg.ch/index.php?/archives/833-Tages-Anzeiger-SDA-UEberwachungswahn-der-Beamten-in-Bern.html All: Spread the word! We are going to face a referendum about this... F. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] BÜPF...again ;)
Hi SwiNOGers ;-) I thought I'd say some words for all small and medium sized ISPs while I had the SDA/ATS journalist on the phone. in German: http://www.tagesanzeiger.ch/digital/internet/berwachungswahn-der-Beamten-in-Bern/story/12403271 in French: http://www.romandie.com/infos/news2/201008181800060AWPCH.asp in Italian: http://new.ticinonews.ch/articolo.aspx?id=200533&rubrica=14 See you, Pascal ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
