Supposed NSA turncoat reveals monitoring of anon remailers? >pshah!<
I believe this to be a forgery of course, but it might be of interest anyway. Forwarded message:
From: an109803@anon.penet.fi
I am a pro-privacy political sabatour within the NSA. [ . . . ] We are able to trace 70% of all messages.
A saboteur within the NSA is going to send a message that he just said has a 70% chance of being traced? Yeah, righto. I'm sure they do monitor overseas data comm (that's their job), but this looks more like a friend pulling a prank on the guy. Eli ebrandt@hmc.edu
From: an109803@anon.penet.fi I am a pro-privacy political sabatour within the NSA. [ . . . ] We are able to trace 70% of all messages.
A saboteur within the NSA is going to send a message that he just said has a 70% chance of being traced? Yeah, righto. I'm sure they do monitor overseas data comm (that's their job), but this looks more like a friend pulling a prank on the guy.
Of course, there is an amusing side to this. As a matter of course, they'd probably have the originator investigated (just to make sure he had no contacts or association with the NSA outside of his imagination), which might be rather unpleasant for him now or if he ever needs a security clearance. In reality, tracking the use of anonymous remailers should be fairly trivial for the NSA if the traffic passes through an US/International gateway (and can thus be legally observed under the NSA's charter). The majority of remailers do not encipher the output in any way, and even those which do would leave enough traces (eg. comparable sized messages being seen shortly afterwards, simple patterns emerging using traffic analysis) that would reveal the mapping fairly quickly. On the subject of network monitoring, Bruce posted a copy of an NSA technology transfer which described a database searching algorithm that looked fairly sophisticated (I don't have the actual posting handy.) Did anyone (Bruce?) obtain a copy of the algorithm, and if so, were there any distribution limitations on it? It looked like just the thing that the NSA would use as their "watchword" scanner, and even if not, it looked like a very useful design all the same. Ian.
On Tue, 12 Jul 1994, Ian Farquhar wrote:
On the subject of network monitoring, Bruce posted a copy of an NSA technology transfer which described a database searching algorithm that looked fairly sophisticated (I don't have the actual posting handy.) Did anyone (Bruce?) obtain a copy of the algorithm, and if so, were there any distribution limitations on it? It looked like just the thing that the NSA would use as their "watchword" scanner, and even if not, it looked like a very useful design all the same.
The NSA algorithm involved didn't use keywords. It was way more powerfull than that, able to sort text samples into arbitrary catagories based on examples of text that you give it. It doesn't use any keywords or grammer recognition, it doesn't even matter what language you feed it. They refused to give me a copy, they are trying to make a buck by licensing it commercialy. I tried to ask about what it costs to get a license, and they asked what company I was representing, and I told them I was representing myself, and they stonewalled me. Looks like they don't think I have the money they want. (they're probably right about that btw...) Happy Hunting, -Chris. ____________________Please note the change of address.________________________ Christian Douglas Odhner | "The NSA can have my secret key when they pry cdodhner@primenet.com | it from my cold, dead, hands... But they shall pgp 2.3 public key by finger | NEVER have the password it's encrypted with!" cypherpunks WOw dCD Traskcom Team Stupid Key fingerprint = 58 62 A2 84 FD 4F 56 38 82 69 6F 08 E4 F1 79 11 --------------------Please note the change of address.------------------------
-----BEGIN PGP SIGNED MESSAGE-----
On the subject of network monitoring, Bruce posted a copy of an NSA technology transfer which described a database searching algorithm that looked fairly sophisticated (I don't have the actual posting handy.) Did anyone (Bruce?) obtain a copy of the algorithm, and if so, were there any distribution limitations on it? It looked like just the thing that the NSA would use as their "watchword" scanner, and even if not, it looked like a very useful design all the same.
I took the time to contact the "office symbol" listed in the NSA announcement. The NSAoid's name was Dennis Sysko. He was a little nonplussed that Bruce had posted the announcement. I was required to write a letter to them, on Intergraph letterhead, requesting further information; after receiving it, Sysko promised to send me an NDA that I could sign and return to get further information. Someone else posted in t.p.c that they'd sent in a letter and been told that NSA would not license this technology to individuals. That sort of echoes the argument that there are some munitions appropriate for government but not for individuals. - -Paul - -- Paul Robichaux, KD4JZG | "Information is the currency of democracy." perobich@ingr.com | - some old guy named Thomas Jefferson Of course I don't speak for Intergraph. -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBLiKphqfb4pLe9tolAQG8lgP8CjSOkoIppXrMie5kLJqH4HiMIFS/jPbH woj8Lb0yPVAaf2qMDuVx/wKpgYjXToaeeEBk7rzQshqeL4SrqQKgXEl2tyn0B2Nk fuM0dI3onmyEldDk3zQnCLNGZiDMRKS7REwAgpN5fqzEuvc1HIV/kwE4FEddP9W9 5d5GXBC8OxA= =/syA -----END PGP SIGNATURE-----
On the subject of network monitoring, Bruce posted a copy of an NSA technology transfer which described a database searching algorithm that looked fairly sophisticated (I don't have the actual posting handy.) Did anyone (Bruce?) obtain a copy of the algorithm, and if so, were there any distribution limitations on it? It looked like just the thing that the NSA would use as their "watchword" scanner, and even if not, it looked like a very useful design all the same.
I took the time to contact the "office symbol" listed in the NSA announcement. The NSAoid's name was Dennis Sysko. He was a little nonplussed that Bruce had posted the announcement.
I was required to write a letter to them, on Intergraph letterhead, requesting further information; after receiving it, Sysko promised to send me an NDA that I could sign and return to get further information.
Someone else posted in t.p.c that they'd sent in a letter and been told that NSA would not license this technology to individuals. That sort of echoes the argument that there are some munitions appropriate for government but not for individuals.
Did anyone ever get this, or could someone forward the original post to me? Thanks!! -- Ed Carp, N7EKG/VE3 ecarp@netcom.com, Ed.Carp@linux.org "What's the sense of trying hard to find your dreams without someone to share it with, tell me, what does it mean?" -- Whitney Houston, "Run To You"
So, what about FOIA requests? Is the algorithm classified SECRET or some such nonsense? If you can get hold of it (as a company) without a clearance, couldn't someone just file a Freedom of Information Act request for the document? *** Patrick G. Bridges patrick@CS.MsState.Edu *** *** PGP 2.6 public key available via finger or server *** *** PGP 2.6 Public Key Fingerprint: *** *** D6 09 C7 1F 4C 18 D5 18 7E 02 50 E6 B1 AB A5 2C *** *** #include <std/disclaimer.h> ***
Stanton McCandlish <mech@eff.org> writes:
I believe this to be a forgery of course, but it might be of interest anyway.
I am a pro-privacy political sabatour within the NSA. I am warning all new users of anonymous mailers about NSA traffic watching. We listen to all messages passing through certain intermediate nodes and compare them with messsages leaving anonymous services. We are able to trace 70% of all messages.
This doesn't seem too unreasonable even if the writer only imagines he is working for the NSA. The Anonymous Posting Service at Penet is vulnerable to a number of tricks which might be used to disclose the identity of posters. I have always regarded it as a handy tool for people wishing to maintain a small degree of privacy while posting on sensitive or embarrassing topics. I certainly wouldn't use it to threaten the President or trade plutonium futures. -- Mike Duvos $ PGP 2.6 Public Key available $ mpd@netcom.com $ via Finger. $
participants (8)
-
Christian Odhner -
Eli Brandt -
Ian Farquhar -
khijol!erc@apple.com -
mpd@netcom.com -
Patrick G. Bridges -
paul@poboy.b17c.ingr.com -
Stanton McCandlish