Detect Spying on YOU
I read somewhere recently a nice little way to determine if someone is observing you. Haven't seen this mentioned here, but I might have missed it. Set up an overseas Email account. Send yourself Emails from hotmail/gmail, etc... In the email place, first of all, plenty of key words such as "Jihad", Bomb, meeting, Al Qaeda, etc... In the email have a link to a website you set up with a counter and that you have told no one about (I'll add that you should have a nice big GOATSE picture in there). Send yourself emails periodically and keep track of your counter. Any incremements not caused by you were caused by someone else. -TD
On 12/30/05, Tyler Durden <camera_lumina@hotmail.com> wrote:
... Set up an overseas Email account.
Send yourself Emails from hotmail/gmail, etc...
In the email place, first of all, plenty of key words such as "Jihad", Bomb, meeting, Al Qaeda, etc...
In the email have a link to a website you set up with a counter and that you have told no one about (I'll add that you should have a nice big GOATSE picture in there).
Send yourself emails periodically and keep track of your counter. Any incremements not caused by you were caused by someone else.
cmon, who seriously thinks they can honey token the NSA/$TLA? i bet they are laughing themselves silly over such amusing suggestions...
On Fri, Dec 30, 2005 at 01:32:59PM -0500, Tyler Durden wrote:
In the email have a link to a website you set up with a counter and that you have told no one about (I'll add that you should have a nice big GOATSE
Let me get you straight, you're proposing a modus operandi by which suspect rich content gets rendered outside of a sandbox by TLAs. Oooh, boy. To begin with, filters aggregate content without executing it. If it goes over threshold to require investigator eyeball time or gets pulled up retroactively each link will be individually scrutinized. Investigators will have SOPs to follow, and one of whose will be the equivalent "don't access hypertext links in suspect material until you've verified they're safe". In most cases, there's no way to tell the links are safe a priori, so they will never be accessed. Violations will be persecuted by beheading. I realize that Dave Farber's IP list and boingboing will regurgitate drivel mindlessly, but I do expect participants on this list to do a bit better. Please do not taunt the happy-fun ball. -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
OK OK I acknowledge this was cheesy. Thought it was worth a mention, if for no other reason then to kick the crap out of it. BUT, true to my "Local Authorities" rant these days, it MIGHT snag a local MwG in your area, if not NSA. (My assumption continues to be that NSA and that echelon of extra spooky spooks doesnt share info with local authorities.) And frankly, unless youre actually WOMD-type dangerous, the state police or whatever are going to be what you have to worry about, if you are the identifiable Cordian type. -TD
From: Eugen Leitl <eugen@leitl.org> To: cypherpunks@jfet.org Subject: Re: Detect Spying on YOU Date: Fri, 30 Dec 2005 23:18:02 +0100
On Fri, Dec 30, 2005 at 01:32:59PM -0500, Tyler Durden wrote:
In the email have a link to a website you set up with a counter and that you have told no one about (I'll add that you should have a nice big GOATSE
Let me get you straight, you're proposing a modus operandi by which suspect rich content gets rendered outside of a sandbox by TLAs. Oooh, boy.
To begin with, filters aggregate content without executing it. If it goes over threshold to require investigator eyeball time or gets pulled up retroactively each link will be individually scrutinized. Investigators will have SOPs to follow, and one of whose will be the equivalent "don't access hypertext links in suspect material until you've verified they're safe". In most cases, there's no way to tell the links are safe a priori, so they will never be accessed. Violations will be persecuted by beheading.
I realize that Dave Farber's IP list and boingboing will regurgitate drivel mindlessly, but I do expect participants on this list to do a bit better.
Please do not taunt the happy-fun ball.
-- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
On 12/31/05, Tyler Durden <camera_lumina@hotmail.com> wrote:
... BUT, true to my "Local Authorities" rant these days, it MIGHT snag a local MwG in your area, if not NSA. (My assumption continues to be that NSA and that echelon of extra spooky spooks doesnt share info with local authorities.)
i could see some county sheriff's office doing something stupid like that with seized evidence perhaps. ("ooh! here's a bookmark labeled 'sekrit stuff', let's check it out!") but the NSA and any other intelligence agency worth half a shit is going to have clue.
And frankly, unless youre actually WOMD-type dangerous, the state police or whatever are going to be what you have to worry about, if you are the identifiable Cordian type.
early this year i was collecting information on telecommunications and electrical power distribution infrastructure to see how detailed a map publicly available sources could provide to such facilities and the trends/assessments possible when combining data sets for pattern analysis. i had a number of custom search tools, bots, and databases built up internally that pulled large amounts of GIS data, LERG, industry investments/research, maps, press releases, product catalogues, web searches, cached documents, etc. (court documents pertaining to telecom and power industries are full of informative details, especially when the redaction performed in PDF for confidentiality is only visibly obscuring text [white on white] while keeping content in place :) after about 6 weeks and many 100*GBytes of traffic i noticed a peculiar echo on my line begin abruptly one day. i'm off an old analog switch ESS style in rural oregon and this echo/line noise was associated with my number only (not others off same CO). i suspected this was a one way conference / tap, which is completely undetectable for digital systems but alters the line characteristics of an analog switched circuit. this was the only hint ever given that i might be under scrutiny. given the nature of my internet usage and the *.gov sites used (among others) it would have been clear to anyone watching what i was up to. the data mining programs 'rumored' to be in use by the various government agencies would be able to detect this type of activity easily, so i suspect this was visible to somebody. even still, the only clue, if it is one, was the analog conference on my line, and this was noticeable only because i'm still hanging off antiquated analog equipment that is rarely in use today. while i think honey tokens are an interesting approach to independent evaluation of intelligence / surveillance process and capability, it would be incredibly difficult to get any information out of such a project. NSA and others are very skilled at the one way function of information: a lot goes in, very very little ever comes back out, and even then it is tightly constrained. (i would guess no other agency the world over has "least privilege" mastered so thoroughly) an interesting subject for discussion perhaps, but not really useful in the real world (tm)...
At 3:12 AM +1300 1/2/06, Peter Gutmann wrote:
"Tyler Durden" <camera_lumina@hotmail.com> writes:
Any incremements not caused by you were caused by someone else.
And remember that if you don't succeed at this, you run the risk of failure.
No matter what it is, it's always something. Cheers, RAH -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
participants (5)
-
coderman -
Eugen Leitl -
pgut001@cs.auckland.ac.nz -
R. A. Hettinga -
Tyler Durden