[from the cryptography list..] Hi -- I just returned from the Post Office. And I don't mean SMTP, I mean ink on paper, with little self-adhesive micropayment certificates on the corner. The reason is that the US Secret Service asked me to mail them some info about an identity-theft scam. I offered to email the info, but the Special Agent said he didn't have email at work, and it was "not convenient" for him to check his email account at Yahoo. At that point I broke off the conversation, figuring that if they couldn't invest the effort of checking their email they wouldn't invest the effort of actually investigating the incident in question, so I wouldn't waste any more of their time or mine. To my surprise, the Special Agent called back and pleaded with me. He changed his story and said they had means of sending and receiving email, but they _weren't allowed_ to give out their email addresses. I know this is supposed to be the Secret Service, but keeping their email addresses secret is going a bit far IMHO. I would think most computer-security professionals would know how to set up a temporary and/or anonymous email address. I hope he enjoys transcribing the scammers' 350-character-long URLs from the paper I sent. I put the info on a secure web site and suggested he pull it down from there, but he declined that, too. The Special Agent was surprised to hear that I controlled multiple web sites. He didn't understand how that was possible. The Special Agent was surprised to hear that given an IP address, I could figure out what country it's in. He argued with me about this. The term "whois" meant nothing to him. Heretofore I didn't understand how identity- theft rings could operate so openly. One might have thought they would be afraid of stings, but evidently they're not. There's a lot of darkness here. I've set out a few candles, but I'm not sure it's going to be enough.
On Sat, 26 Apr 2003, Major Variola (ret) wrote:
To my surprise, the Special Agent called back and pleaded with me. He changed his story and said they had means of sending and receiving email, but they _weren't allowed_ to give out their email addresses.
I know this is supposed to be the Secret Service, but keeping their email addresses secret is going a bit far IMHO. I would think most computer-security professionals would know how to set up a temporary and/or anonymous email address.
I hope he enjoys transcribing the scammers' 350-character-long URLs from the paper I sent.
Shouldn't be too hard, seems they are used to pencil and paper :-)
I put the info on a secure web site and suggested he pull it down from there, but he declined that, too.
Because you could pick off his login and trace him back :-)
The Special Agent was surprised to hear that I controlled multiple web sites. He didn't understand how that was possible.
The Special Agent was surprised to hear that given an IP address, I could figure out what country it's in. He argued with me about this. The term "whois" meant nothing to him.
Heretofore I didn't understand how identity- theft rings could operate so openly. One might have thought they would be afraid of stings, but evidently they're not.
There's a lot of darkness here. I've set out a few candles, but I'm not sure it's going to be enough.
More proof all our fears of the government actually being dangerous are totally false. They are incompetent beyond comprehension. I think I better go check out that movie "Brazil" again. Patience, persistence, truth, Dr. mike
At 07:55 PM 4/26/03 -0700, Mike Rosing wrote: ...
More proof all our fears of the government actually being dangerous are totally false. They are incompetent beyond comprehension. I think I better go check out that movie "Brazil" again.
Unfortunately, dangerous and incompetent are not mutually exclusive. Just ask the people involved in the Steve Jackson Games case. Or that security guard that almost got framed by the FBI for the bombing at the Atlanta Olympics. The fact is, the US government is an enormous organization. Within it are good guys and bad guys, geniuses and morons, and everything in-between. The fact that the FBI and Secret Service are short on clued-in computer people tells you little about whether NSA or NASA are, say. This is no different from any other large organization--Microsoft has some first-rate security people, for example, even though you might never guess that from looking at Internet Explorer. Agencies like EPA and FDA have very sharp scientists working for them, but that may not lead to scientifically sound policy coming out of even those agencies, and certainly doesn't have much connection to scientifically sound policy coming out of Congress, say.
Patience, persistence, truth, Dr. mike
--John Kelsey, kelsey.j@ix.netcom.com PGP: FA48 3237 9AD5 30AC EEDD BBC8 2A80 6948 4CAA F259
On Tue, 29 Apr 2003, John Kelsey wrote:
Unfortunately, dangerous and incompetent are not mutually exclusive. Just ask the people involved in the Steve Jackson Games case. Or that security guard that almost got framed by the FBI for the bombing at the Atlanta Olympics.
Yes, dangerous to some individuals, but too incompetent to be dangerous to everyone. Once they cross the line and do become dangerous to everyone maybe things will change. And maybe not. History says people have to suffer a long time before they decide to fight back. Patience, persistence, truth, Dr. mike
participants (3)
-
John Kelsey -
Major Variola (ret) -
Mike Rosing