On 12/31/05, Tyler Durden wrote:

... BUT, true to my "Local Authorities" rant these days, it MIGHT snag a local MwG in your area, if not NSA. (My assumption continues to be that NSA and that echelon of extra spooky spooks doesnt share info with local authorities.)

i could see some county sheriff's office doing something stupid like that with seized evidence perhaps. ("ooh! here's a bookmark labeled 'sekrit stuff', let's check it out!") but the NSA and any other intelligence agency worth half a shit is going to have clue.

And frankly, unless youre actually WOMD-type dangerous, the state police or whatever are going to be what you have to worry about, if you are the identifiable Cordian type.

early this year i was collecting information on telecommunications and electrical power distribution infrastructure to see how detailed a map publicly available sources could provide to such facilities and the trends/assessments possible when combining data sets for pattern analysis. i had a number of custom search tools, bots, and databases built up internally that pulled large amounts of GIS data, LERG, industry investments/research, maps, press releases, product catalogues, web searches, cached documents, etc. (court documents pertaining to telecom and power industries are full of informative details, especially when the redaction performed in PDF for confidentiality is only visibly obscuring text [white on white] while keeping content in place :) after about 6 weeks and many 100*GBytes of traffic i noticed a peculiar echo on my line begin abruptly one day. i'm off an old analog switch ESS style in rural oregon and this echo/line noise was associated with my number only (not others off same CO). i suspected this was a one way conference / tap, which is completely undetectable for digital systems but alters the line characteristics of an analog switched circuit. this was the only hint ever given that i might be under scrutiny. given the nature of my internet usage and the *.gov sites used (among others) it would have been clear to anyone watching what i was up to. the data mining programs 'rumored' to be in use by the various government agencies would be able to detect this type of activity easily, so i suspect this was visible to somebody. even still, the only clue, if it is one, was the analog conference on my line, and this was noticeable only because i'm still hanging off antiquated analog equipment that is rarely in use today. while i think honey tokens are an interesting approach to independent evaluation of intelligence / surveillance process and capability, it would be incredibly difficult to get any information out of such a project. NSA and others are very skilled at the one way function of information: a lot goes in, very very little ever comes back out, and even then it is tightly constrained. (i would guess no other agency the world over has "least privilege" mastered so thoroughly) an interesting subject for discussion perhaps, but not really useful in the real world (tm)...

At 3:12 AM +1300 1/2/06, Peter Gutmann wrote:

"Tyler Durden" writes:

...

Any incremements not caused by you were caused by someone else.

And remember that if you don't succeed at this, you run the risk of failure.

No matter what it is, it's always something. Cheers, RAH -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'