-Original Message-
From: Florian Echtler [mailto:[EMAIL PROTECTED]
Sent: Tuesday, 13 November 2007 20:00
If I read the law correctly, it requires retention of what IP
connected to another IP and which phone number called where. It
doesn't bother retaining the URL called (my
On Tuesday 13 November 2007 15:29, Florian Echtler wrote:
[snip]
As a native German speaker, allow me to clarify: with respect to IP
communication, the law mandates saving the following information for
6 months:
- which customer was assigned which IP for what timespan
- sender mail address,
Hi Raju,
On Nov 14, 2007 3:20 AM, Raj Mathur [EMAIL PROTECTED] wrote:
The mail addresses can only be stored if the server through which the
mail is relayed (or on which it originates) falls under the law. I'd
presume that's not a significant percentage of all mails sent out from
any country.
Hello.
On Tue, Nov 13, 2007 at 04:38:39PM -0500, [EMAIL PROTECTED] wrote:
On Tue, 13 Nov 2007 13:07:02 PST, johan beisser said:
The logs don't contain context, just who/where/when. While
encryption will prevent (one hopes) the capability of recovering
context, who you talked to is not
Hi,
Am Samstag, 10. November 2007 19:53 schrieb Jan Newger:
NO! This is totally WRONG! The only thing which is logged, in the case
of internet connectivity, is your IP you got from the ISP. Not even
connections are logged! This is important to understand since many
people are misinformed
If I read the law correctly, it requires retention of what IP
connected to another IP and which phone number called where. It
doesn't bother retaining the URL called (my German is rusty, so I may
be a little off in my interpretation). Connecting to a random IP on a
random open port
I know this is obvious to everyone on bugtraq, but nobody seems to that told
P.S.Ziegler yet. (He might or might not be aware of these facts).
If the report is right and logs recoriding you connecting and obtaining an IP
address are a concern then you should be terrified already. I suspect
On Tue, 13 Nov 2007, Florian Echtler wrote:
As a native German speaker, allow me to clarify: with respect to IP
communication, the law mandates saving the following information for 6
months:
- which customer was assigned which IP for what timespan
- sender mail address, receiver mail address
On Nov 11, 2007, at 1:26 PM, Duncan Simpson wrote:
The signal-to-noise logic probably does work, but I am not sure the
legal
angle does. If you were *deliberately* ran the software that acidently
downloaded that kiddie porn the suggested angle might not work.
That's been an ongoing
On Nov 13, 2007, at 12:39 PM, Paul Wouters wrote:
Instead of creating noise, one should fix the problem of sending out
plaintext email, and encourage people to use email encryption such as
Enigma for Thunderbird. Encrypt IM conversations with OTR, and via
other ways pro-actively protect ones
On Tue, 13 Nov 2007 13:07:02 PST, johan beisser said:
Actually, that's not really part of the issue. The logs don't contain
context, just who/where/when. While encryption will prevent (one
hopes) the capability of recovering context, who you talked to is not
kept private or otherwise
Florian Echtler wrote:
As a native German speaker, allow me to clarify: with respect to IP
communication, the law mandates saving the following information for 6
months:
- which customer was assigned which IP for what timespan
- sender mail address, receiver mail address and sender IP for
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Dear Infosec community,
as most of you may have heard the German government passed a law today
that will lead to all connections being logged for 6 months. This
includes phone calls as well as all internet connections.
This is madness for various
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Paul Sebastian Ziegler wrote:
Dear Infosec community,
as most of you may have heard the German government passed a law today
that will lead to all connections being logged for 6 months. This
includes phone calls as well as all internet
On Nov 10, 2007, at 9:28 AM, Paul Sebastian Ziegler wrote:
The mechanism is quite easy: It searches Google for random words and
picks random pages among the results, then spiders from there (well it
is spidering except that it only follows one URL at a time within a
session thus simulating a
However some of these issues can be mitigated without too much trouble.
For example, one could have a dynamically growing dictionary of words
to search for based on random words in random results pages that it
grabs. At the very least, this would kill any attempts to filter it out
of the
On Nov 12, 2007, at 11:27 AM, Matt D. Harris wrote:
However some of these issues can be mitigated without too much
trouble. For example, one could have a dynamically growing
dictionary of words to search for based on random words in random
results pages that it grabs. At the very least,
17 matches
Mail list logo
