On Mon, Feb 02, 2004 at 05:23:02PM -0800, Bill Stewart wrote:
Five or ten years ago, when the Feds were still pretending to be in control of crypto, crypto enthusiasts were still a threat - these days you can pick up VPN boxes at the grocery store, and if they still care about us, they're more likely to be interested in content and the identities of active posters than in the identity of lurkers. They can observe a lot
I presume tracking down people who're actually concerned about security and take some troubles to conceal their identity would be a good bootcamp for beginner TLAings. Iterated tiger teams interactions will inbreed, so they need a source of novelty. But tracking down competent h4x0rs will be no doubt far more challenging.
just by looking, or they can announce a sale on tinfoil hats and see who responds, or ask a Stupid Newbie Question and see who flames them, or forge a message about Guns from a Usual Suspect and see who claims that theirs is bigger, or post about something tangential like how to stop spam (which has pretty much replaced libertarianism and censorship as the all-consuming discussion topic on the net.)
What's the point of busting a wannabee? Just to earn some tinfoil stars, to make your organizational unit look good? Doesn't compute. No one got bitchslapped but the AP fellow.
Viruses and Web Bugs are less likely to be useful for detecting Cypherpunks (or Mac users, or Linux users) than for detecting the general public - to some extent we may be smarter about that, or at least grumpier about HTML mail, plus some of the cpunks nodes filter out that sort of thing. But perhaps they're exploiting that stack overflow bug in PGP 2.6.2 instead.
If you have advanced remote-diagnostic and remote-exploit capabilities, you never let your hand show on an insignficant target. Even if you camouflage as a h4x0r, penetrating a well-secured box is bound to raise some eyebrows (you don't see a packet logger in passive mode). No doubt such capabilities are reserved for cyberwar and industrial espionage. P.S. Sorry about the MIME sig screwup. I forgot. -- Eugen* Leitl <a href="http://leitl.org">leitl</a> ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net