RE: engineering infowar disasters (was Re: How the FBI/NSA forces can further twist SAFE)
On Saturday, September 27, 1997 7:57 PM, Adam Back [SMTP:aba@dcs.ex.ac.uk] wrote:
Reckon cypherpunks can knock up a few of those.
So lets here some ideas for good photogenic infowar attacks which show that the lack of crypto is dangerous.
I suggest unless people want to hand the FBI an excuse to harass everyone that they don't enter into this discussion. There are plenty of conspiracy laws on the book. Infrastructure attacks are illegal and exactly the kind of thing that gets long jail sentences. More to the point it is completely counterproductive. Even now there is probably some FBI junior waving Back's message in the air as if he has won the pools, probable cause for wiretaps I would say. I suspect I'm not the only person on the list who is responsible for a service that is a regular hacker target. If I catch someone I really don't care what the motive for the attack was. I'm going to look to make that person serve jail time. Phill
Phillip Hallam-Baker <hallam@ai.mit.edu> writes:
On Saturday, September 27, 1997 7:57 PM, Adam Back [SMTP:aba@dcs.ex.ac.uk] wrote:
Reckon cypherpunks can knock up a few of those.
So lets here some ideas for good photogenic infowar attacks which show that the lack of crypto is dangerous.
I suggest unless people want to hand the FBI an excuse to harass everyone that they don't enter into this discussion.
There are plenty of conspiracy laws on the book. Infrastructure attacks are illegal and exactly the kind of thing that gets long jail sentences.
Uh, I think you are over-reacting. It really depends how the engineered "infowar disaster" is presented in the press, ranging from say: Dr Adam Back, a computer security researcher at Exeter University highlighted a fundamental weakness in DNS security which he demonstrates can be easily exploited. "This is entirely avoidable", said Back, "the only reason that global infrastructure is left vulnerable, is that the wire-tapping extremists and intelligence special groups are being allowed to jeopardise national security to protect their jobs in their now redundant function in a post-cold war era." or An anonymous cypherpunk took down half of the internet yesterday, with an estimated loss to business of $50 million. The cypherpunk hacker terrorist issued a manifesto claiming that his motives were to highlight insecurities in the DNS. Whether his motives were pure or not, the incident does highlight the vulnerabilities in our infrastructure, something infowar researchers have been arguing. either one I can't see getting me or anyone else in trouble. I didn't do it, no one saw me do it, you can't prove a thing, etc. ie actually I don't really know much about DNS mechanics, and am not personally planning to perpetrate the attack, nor develop the software, but why should I disclaim all that each time I write something? The other infowarers aren't in their academic papers... They guy who wrote the SYN flood attack is none the worse for wear, it was released in a phrack article, and I don't think there was any secret as to who authored the software.
More to the point it is completely counterproductive. Even now there is probably some FBI junior waving Back's message in the air as if he has won the pools, probable cause for wiretaps I would say.
Ah, fuck that. The FBI and spooks wiretap any one they want to anyway, probably cause, feh. Mealy mouthed disclaimers at the bottom of each point in a discussion is a prior restraing on academic research. Cypherpunks have just as much right to discuss and develop attacks demonstrating infowar vulnerabilities as Mr Winn "hype hype hype" Schwartau (sp), or anyone else. I'd suggest a good target for DNS jamming would be to take out .mil TLD servers. Not as if they're doing anything useful, and won't adversely affect anyone else, whilst it will be a wake up call to the SIGINT side of the GAK argument that they are jeopardising the national infrastructure security side. Perhaps we could even draw the otherside into the argument.
I suspect I'm not the only person on the list who is responsible for a service that is a regular hacker target. If I catch someone I really don't care what the motive for the attack was. I'm going to look to make that person serve jail time.
Your argument seems to be that if you legislate against OS bugs, that they will go away. Well, go ahead if your idea of computer security is to legislate against security flaws. Reminiscent of the politician who offered to repeal a few laws of physics to help out the physicists. I would point out that the hackers who change your web page, or exploit OS bugs you haven't applied patches, and send you taunting messages telling what's wrong with your setup, are probably doing you a service. If you have something of real value to secure, you'd rather know about it from a few harmless hackers, than an industrial spy who takes the farm, and covers up his tracks so well that you don't even notice. Adam -- Now officially an EAR violation... Have *you* violated EAR today? --> http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
Phillip Hallam-Baker <hallam@ai.mit.edu> writes:
On Saturday, September 27, 1997 7:57 PM, Adam Back [SMTP:aba@dcs.ex.ac.uk] wr
Reckon cypherpunks can knock up a few of those.
So lets here some ideas for good photogenic infowar attacks which show that the lack of crypto is dangerous.
I suggest unless people want to hand the FBI an excuse to harass everyone that they don't enter into this discussion.
There are plenty of conspiracy laws on the book. Infrastructure attacks are illegal and exactly the kind of thing that gets long jail sentences.
More to the point it is completely counterproductive. Even now there is probably some FBI junior waving Back's message in the air as if he has won the pools, probable cause for wiretaps I would say.
I suspect I'm not the only person on the list who is responsible for a service that is a regular hacker target. If I catch someone I really don't care what the motive for the attack was. I'm going to look to make that person serve jail time.
I suggest that every time Phil posts to this mailing list, we all send $1 each to Sean Fein. I suggest we discuss the detailed plans how to blow up the queen bitch, prime Minister Blair, and the Harrods department store and hope that someone implements these plans. I suggest that Phil is an idiot. --- Dr.Dimitri Vulis KOTM Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps
-----BEGIN PGP SIGNED MESSAGE----- X-Mailer: MR/2 Internet Cruiser Edition for OS/2 v1.30a on or about 970927:2154 Phillip Hallam-Baker <hallam@ai.mit.edu> left his excrement: +I suspect I'm not the only person on the list who is responsible for a +service that is a regular hacker target. If I catch someone I really +don't care what the motive for the attack was. I'm going to look to +make that person serve jail time. I do not advocate infowar disasters or any such, but: there is _nothing_ lower than a snitch; you just qualified. a snitch is without honour, lower than the thief; lower than the law. may you enjoy your visit... when do you go home to England or whatever sewer you crawled from? attila --and check the key ______________________________________________________________________ "attila" 1024/C20B6905/23 D0 FA 7F 6A 8F 60 66 BC AF AE 56 98 C0 D7 B0 -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: latin1 Comment: No safety this side of the grave. Never was; never will be iQCVAwUBNDBNdb04kQrCC2kFAQEtsAP+OQZYYXX8OsBLpodOlaOF3xlIfIs5Gc9N 5Lxozan8aPXFDn8MBHpLVBtUHHEmYSW6BM5y0oS7WbwMS7NqDX1JpGCuaU9iv45n hw6XXrTMS2Q0/USLSbiUvi9iE0Ra6GvCTrlKIfeAdOtpYSpHfWrhZRqhIR+Owrpr UxTJiL9C6XE= =rg63 -----END PGP SIGNATURE-----
Phillip Hallam-Baker wrote exactly what his handler told him to:
On Saturday, September 27, 1997 7:57 PM, Adam Back [SMTP:aba@dcs.ex.ac.uk] wrote:
Reckon cypherpunks can knock up a few of those.
So lets here some ideas for good photogenic infowar attacks which show that the lack of crypto is dangerous.
I suggest unless people want to hand the FBI an excuse to harass everyone that they don't enter into this discussion.
The FBI already has a reason to harass everyone on the CypherPunks list. As cryptographers, we all fit the 'profile' of drug dealing, terrorist pedophiles, and a Horseman to be named later.
There are plenty of conspiracy laws on the book. Infrastructure attacks are illegal and exactly the kind of thing that gets long jail sentences.
Breathing is illegal, for shit's sake! Name the people who have gotten long jail sentences for infastructure attacks. Uuhhh...
More to the point it is completely counterproductive. Even now there is probably some FBI junior waving Back's message in the air as if he has won the pools, probable cause for wiretaps I would say.
I am sure you would know. Let me give you a little bit of free advice, Phil, which will be worth every penny you pay for it, I guarantee. Although the ignorant call me a government shill (except for Toto, who calls me a 'schill'), I am actually merely a 'pawn' of the government. They pay my salary, and I try to stick up for them when I can, but I am not going to cut my own nuts off supporting what are obviously criminal insanities that they choose to perpetrate on the citizens. If you are going to be a government shill, beating their fascist drum, no matter what the 'cause' of the moment, then at least try to pretend that you actually have some interest in the CypherPunks list which goes beyond advising list members to mind their p's and q's, wear a suit and tie, and call people in authority 'Sir.' Also, it would help if your 'cease and desist' posts did not convey quite so much a tone of desperation, as it will only encourage those shit-disturbers who are suspecting that they now have the government on the run, and it is time to go for the throat.
I suspect I'm not the only person on the list who is responsible for a service that is a regular hacker target. If I catch someone I really don't care what the motive for the attack was. I'm going to look to make that person serve jail time.
And you are going to fail... Nothing personal, Phil, but my system has been the target of hackers since 1989, and I have learned to live with it, like a bad case of the crabs. I do not wish to do harm to either the 'quick little devils' who live within my pubic hairs, nor the nefarious entities who roam my system at will. As long as they clean up their own mistakes, do not subject me to undue harassment through their use of my system, or forget to pay their union dues for hacking my system (there are so many of them that they had to organize), then I leave them the fuck alone. As a matter of fact, if one of the hackers roaming my system steps out of line, the others take care of the problem for me. I can take a system that has been hit by lightning and make it stand up and dance, but there are children roaming my system who fix my mistakes for me, and leave documentation about their system fixes in my private email. To be rather blunt...if the government wants to have any hope at all in maintaining their grip on the citizens within their grasp, then they must, like the Pharoh, kill all of the firstborn children of the God of Computers chosen people. I violate a multitude of laws each and every single day. I shit on the shiny shoes of the LEA's each and every day. I am a doddering, half- senile old fart who has probably lived long beyond my destined time, and could well be imprisoned and persecuted for my imaginery crimes at any moment. The mere fact that I am currently free to write this email without a prison employee editing it before I hit the 'Send' button, is probably a fairly good indication that the government is totally fucked if they expect they are going to screw the younger generation through use of a technology that the children understand, but the government does not. Governments fall for two main reasons: 1. They become two spread out to control their 'subjects'. 2. They start believing their own press. (i.e.-begin believing that their own position of authoritarian infallability means that they no longer have to tell 'good' lies.) A Player To Be Named Later, in a previous incarnation, pointed out during the 'moderation experiment'/'censorship crisis' that the issue being addressed was not merely one of censorship versus free speech, but was a probing foray into the heart of InfoWar on the InterNet. Those truly behind the censorship crisis won the battle, but they may well lose the war. They won the battle because they lost the censorship fight without revealing that the true purpose of the attack was to test their ability to engage the enemy without them discovering the real goals they were striving for. They may well lose the war because they have trampled so much of the Constitution with such ease that they believe that nobody will notice when they track it into the bush and try to finish it off. Lying Fuck Freeh made the mistake of declaring his intentions, in the belief that the past successes of fascism indicate that he will meet no serious resistance in completing his Blitzkreig on the Constitution. The Nazis thought likewise, but their narrow world-view caused them to fail to see that beyond the shores of Europe there existed a land where people had tasted freedom and would fight to the death to defend it for themselves and their children. The government currently holds all the cards, I freely admit. The government has laws in place that make every citizen a criminal for one reason or another, and they have armed their coconspirators to the teeth while disarming the citizens. The government controls the media which rules the perceptions and opinions of the society that they govern. The government has a million ways to 'get' the citizen who steps out of line, and a million weapons to back themselves up. Although the government holds all the cards, they haven't noticed that they don't have any 'hearts' in the deck. Perhaps the CypherPunks are the "elitist and nondemocratic" entities that Alan McDonald (FBI) speaks of as presuming that "the views of a knowing privacy cognoscenti should pre-empt the views of the nation's elected officials." Yep, and we laugh at all the 'sheeple.' However, there comes a point where even the elitest CypherPunks begin to realize that they have let down their guard and sat idly by as the forces of fascism have stripped the citizens of their basic human rights and liberties. And what the CypherPunks instinctively realize, which the fascists don't, is that even the 'sheeple' will come to this same conclusion, at a time that corresponds to their own understanding of the issues of privacy and freedom. The CypherPunks are idiots! They are idiots because they still get suckered into believing that basic human goodness and intellect will win out over the governmental machine that has usurped the power of "we the people." However, there is an expression, "Fool me once, shame on you. Fool me twice, shame on me." The CypherPunks are not 'total' idiots, and neither are the 'sheeple'. Those who castigate Tim C. May for his 'broken eggs and all that' stance that decrees that perhaps it is time that we "Nuke DC" do not realize that if he was indeed the cold-hearted assassin that they perceive him to be, he would have taken that stance a decade or so ago. I, on the other hand, believe that it is a credit to his integrity and his humanity that Tim has waited so long to say, "This is a line that I cannot cross--no prisoners!" It took the attack on Pearl Harbor for Americans to realize that the Dark Forces were truly striving to conquer the world--that it was not simply a matter of 'other' people engaged in infighting against one another. When Lying Fuck Louis Freeh finally announced his true intentions, Tim C. May was the first one to speak up and say that the time had come when there was no turning back. The reason he was so quick to speak up was that he already knew that the time had come, but he had the human decency not to declare war until giving the 'enemy' every chance to come to their senses. The mistake that the government is making with the sheeple is the same mistake that those behind the censorship of the CypherPunks list made. They assume that because you can fool someone once, you can fool them twice. Unless the government has Terry Nichol's attorney in their back pocket, like they did with with Tim McVeigh, they may have been much better off just leaving him be. Fool me once... Kent (or so I would have you believe...)
participants (6)
-
Adam Back -
Attila T. Hun -
dlv@bwalk.dm.com -
Kent Crispin -
Not Me! -
Phillip Hallam-Baker