Re: [cryptome] Re: [cryptography] NSA Attacks on VPN, SSL, TLS, SSH, Tor
File size varies with programs. A screen shot of the RAR tally http://cryptome.org/nsa-spiegel-rar.jpg
CRC failed in 'media-35515.pdf' file is broken 7zip says this. I guess this is why John never promised anonymity to his sources, he can't get zip files right. On Sun, Dec 28, 2014 at 4:43 PM, John Young <jya@pipeline.com> wrote:
File size varies with programs. A screen shot of the RAR tally
http://cryptome.org/nsa-spiegel-rar.jpg
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
On Sun, 28 Dec 2014 20:07:42 -0800 Ryan Carboni <ryacko@gmail.com> wrote:
CRC failed in 'media-35515.pdf' file is broken
7zip says this.
I guess this is why John never promised anonymity to his sources, he can't get zip files right.
I got the .rar and and decompressed it no problem. So...
On Sun, Dec 28, 2014 at 4:43 PM, John Young <jya@pipeline.com> wrote:
File size varies with programs. A screen shot of the RAR tally
http://cryptome.org/nsa-spiegel-rar.jpg
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
On 12/28/14 10:07 PM, Ryan Carboni wrote:
CRC failed in 'media-35515.pdf' file is broken
http://www.spiegel.de/media/media-35515.pdf
I guess this is why John never promised anonymity to his sources, he can't get zip files right.
Zip worked for me. Thanks, John. gf -- Gregory Foster || gfoster@entersection.org @gregoryfoster <> http://entersection.com/
On 29/12/2014 3:50 pm, Gregory Foster wrote:
On 12/28/14 10:07 PM, Ryan Carboni wrote:
CRC failed in 'media-35515.pdf' file is broken http://www.spiegel.de/media/media-35515.pdf
I guess this is why John never promised anonymity to his sources, he can't get zip files right. Zip worked for me. Thanks, John.
Failed for me, using both UnArchiver and UnRarX :(
Suggestion: Anyone with a correct version, post sha512 hashes to list. Those with hashes matching John: Do *NOT* change filename, make a single-file torrent, and start seeding. Should have same info-hash, so should simultaneously seed from same DHT node. John can post a magnet link here (or the torrent file on cryptome?) and we can get a verifiable version through P2P. On 29/12/14 06:33, Peter Tonoli wrote:
On 29/12/2014 3:50 pm, Gregory Foster wrote:
On 12/28/14 10:07 PM, Ryan Carboni wrote:
CRC failed in 'media-35515.pdf' file is broken http://www.spiegel.de/media/media-35515.pdf
I guess this is why John never promised anonymity to his sources, he can't get zip files right. Zip worked for me. Thanks, John.
Failed for me, using both UnArchiver and UnRarX :(
From discussion on these lists and elsewhere tampering with data can, does, occur at every software and hardware hand-off, with each self-serving iteration having hidden and vulnerable hardware and software undisclosed malignity, no matter the security ostentatiously applied: reputation, credibility, impeccability, highly trusted, crypto, hashes, fail by ruses of unexamined modules and inevitable, unavoidable deceptions of too little skill, too little time, too little suspicion, driven by need to pay alimony, debts, IRS, loutish family's begging. Selected hand-offs of innumerable: Multiple devious inventors, manufacturers and handlers inside and outside NSA Devious NSA leaking like a sieve to madly grabbing everything devious Snowden Snowden madly shoveling everything to multiple exceptionally devious media persons Multiple media persons to hyper devious lawyers, publishing staff, tech experts, govs consulted Devious selections of data to publish, then revised, then corrected DEvious posting on outlet web sites and shoveling to cohort journos Devious "authenticating" of docs (the prime deception) Deviously orchestrated subsequently: Downloads of docs Sharing of docs Archiving of docs Dropboxing, torrenting of docs Biased analysis and cherrypicking of docs Multiple tagging and piggybacking and implanting of docs Shading, smearing, vaunting, lying about docs Accusing and defending about docs Writing, lecturing, TEDing about docs Dismissing of docs, the threat, the countermeasures Then deviously shipping, shopping fools to take blame by signature-bold leaders of pro and con opportunities or to a prize ceremony for valorizing the criminal prize-funder and bestowing generous tax avoidances. These vulns and subterfuges and braggardies are as old as comsec, hyperbolized by the digital era for rep building, monetizing, and political ideology. These lists survive on ingesting these toxic fumes and expel multiple recyclings of them for jingle-jangle of gullible consumers, here as in in the spy agencies working the yokels. "NSA" or some monstrous threat -- God, Google, Cisco, MS -- is inside our skulls and peripherals, left brain in mortal combat with the right brain, digital vs analog. Or so we imagine the two halves pretending opposition like officials and anarchists to outfox deviously malign genitalia orchestrating brain to slave at getting food, air and water -- rigging the mind game to lose after 60-70 years of wanking the slot handle obsessively. Hash this motherfucker, said math to germ. At 03:02 AM 12/29/2014, you wrote:
Suggestion: Anyone with a correct version, post sha512 hashes to list. Those with hashes matching John: Do *NOT* change filename, make a single-file torrent, and start seeding. Should have same info-hash, so should simultaneously seed from same DHT node. John can post a magnet link here (or the torrent file on cryptome?) and we can get a verifiable version through P2P.
On 29/12/14 06:33, Peter Tonoli wrote:
On 29/12/2014 3:50 pm, Gregory Foster wrote:
On 12/28/14 10:07 PM, Ryan Carboni wrote:
CRC failed in 'media-35515.pdf' file is broken http://www.spiegel.de/media/media-35515.pdf
I guess this is why John never promised anonymity to his sources, he can't get zip files right. Zip worked for me. Thanks, John. Failed for me, using both UnArchiver and UnRarX :(
I'll just take that as "no, I won't post a hash", then. 29/12/14 13:20, John Young wrote:
From discussion on these lists and elsewhere tampering with data can, does, occur at every software and hardware hand-off, with each self-serving iteration having hidden and vulnerable hardware and software undisclosed malignity, no matter the security ostentatiously applied: reputation, credibility, impeccability, highly trusted, crypto, hashes, fail by ruses of unexamined modules and inevitable, unavoidable deceptions of too little skill, too little time, too little suspicion, driven by need to pay alimony, debts, IRS, loutish family's begging.
Selected hand-offs of innumerable:
Multiple devious inventors, manufacturers and handlers inside and outside NSA Devious NSA leaking like a sieve to madly grabbing everything devious Snowden Snowden madly shoveling everything to multiple exceptionally devious media persons Multiple media persons to hyper devious lawyers, publishing staff, tech experts, govs consulted Devious selections of data to publish, then revised, then corrected DEvious posting on outlet web sites and shoveling to cohort journos Devious "authenticating" of docs (the prime deception)
Deviously orchestrated subsequently:
Downloads of docs Sharing of docs Archiving of docs Dropboxing, torrenting of docs Biased analysis and cherrypicking of docs Multiple tagging and piggybacking and implanting of docs Shading, smearing, vaunting, lying about docs Accusing and defending about docs Writing, lecturing, TEDing about docs Dismissing of docs, the threat, the countermeasures
Then deviously shipping, shopping fools to take blame by signature-bold leaders of pro and con opportunities or to a prize ceremony for valorizing the criminal prize-funder and bestowing generous tax avoidances.
These vulns and subterfuges and braggardies are as old as comsec, hyperbolized by the digital era for rep building, monetizing, and political ideology. These lists survive on ingesting these toxic fumes and expel multiple recyclings of them for jingle-jangle of gullible consumers, here as in in the spy agencies working the yokels.
"NSA" or some monstrous threat -- God, Google, Cisco, MS -- is inside our skulls and peripherals, left brain in mortal combat with the right brain, digital vs analog. Or so we imagine the two halves pretending opposition like officials and anarchists to outfox deviously malign genitalia orchestrating brain to slave at getting food, air and water -- rigging the mind game to lose after 60-70 years of wanking the slot handle obsessively.
Hash this motherfucker, said math to germ.
At 03:02 AM 12/29/2014, you wrote:
Suggestion: Anyone with a correct version, post sha512 hashes to list. Those with hashes matching John: Do *NOT* change filename, make a single-file torrent, and start seeding. Should have same info-hash, so should simultaneously seed from same DHT node. John can post a magnet link here (or the torrent file on cryptome?) and we can get a verifiable version through P2P.
On 29/12/14 06:33, Peter Tonoli wrote:
On 29/12/2014 3:50 pm, Gregory Foster wrote:
On 12/28/14 10:07 PM, Ryan Carboni wrote:
CRC failed in 'media-35515.pdf' file is broken http://www.spiegel.de/media/media-35515.pdf
I guess this is why John never promised anonymity to his sources, he can't get zip files right. Zip worked for me. Thanks, John. Failed for me, using both UnArchiver and UnRarX :(
I browsed something like 3/4 of the docs John linked and didn't find anything really interesting. A couple of them seem to have more substance than the typical slides-for-retards - Ill take a better look at those later. Anyway, I'm getting the impression that all the Snowden stuff that gets 'leaked' to the public has been somehow approved by the US govt? For instance, the 35539 doc about tor hidden services - less than zero 'secret' content?
On Mon, Dec 29, 2014 at 2:46 PM, Juan <juan.g71@gmail.com> wrote:
Anyway, I'm getting the impression that all the Snowden stuff that gets 'leaked' to the public has been somehow approved by the US govt?
It's well known that media seeks confirmation and approval from govts before publishing anything. Bunch of fucking spineless sheep they are. And these days any leaker who seeks an outlet instead of selfpublishing both via and into the anonspace... is a media and govt dependant retard. Ignore the traditional, revolutionize the process.
On Tue, 30 Dec 2014 01:32:44 -0500 grarpamp <grarpamp@gmail.com> wrote:
On Mon, Dec 29, 2014 at 2:46 PM, Juan <juan.g71@gmail.com> wrote:
Anyway, I'm getting the impression that all the Snowden stuff that gets 'leaked' to the public has been somehow approved by the US govt?
It's well known that media seeks confirmation and approval from govts before publishing anything.
OK, I'll bite: why? What benefit does the US govt get from the information leaked by Snowden? J
On 12/30/2014 03:47 AM, Jason Richards wrote:
On Tue, 30 Dec 2014 01:32:44 -0500 grarpamp <grarpamp@gmail.com> wrote:
On Mon, Dec 29, 2014 at 2:46 PM, Juan <juan.g71@gmail.com> wrote:
Anyway, I'm getting the impression that all the Snowden stuff that gets 'leaked' to the public has been somehow approved by the US govt?
It's well known that media seeks confirmation and approval from govts before publishing anything.
OK, I'll bite: why? What benefit does the US govt get from the information leaked by Snowden?
J
Benefit? Who knows? But media asks for comment, and government gets the chance to argue against release, and for redaction.
ask yourself what does the US government benefit from the mere existence of tor let alone the use? why would they fund tor? is it really not obvious? bait and switch tactics - 'they' are 'us' - infiltration - knowledge.... fucking us to see where we are blah blah blah tech wise and head wise to be able to take out kim dot coms etc .... where are all the bad anti-capitalist children playing? .... how would they know? i would argue they dont care if people know about snowden shit cause what they have in line for the future is beyond all of what snowden knew what he used - they dont think in terms of this generation like the people are taught to do - they think incredibly long term the system is not stupid in this way but in other ways yes it is performative - political theater .... keep those brats busy... its like a false flag also the media does not have to abide by these shit rules but intercourse online magazine chooses to align while everyone bows down to laura poitras like she is fucking god and they do all kinds of sucking at gg - its disgusting.... isnt it john? On Tue, Dec 30, 2014 at 1:08 PM, Mirimir <mirimir@riseup.net> wrote:
On 12/30/2014 03:47 AM, Jason Richards wrote:
On Tue, 30 Dec 2014 01:32:44 -0500 grarpamp <grarpamp@gmail.com> wrote:
On Mon, Dec 29, 2014 at 2:46 PM, Juan <juan.g71@gmail.com> wrote:
Anyway, I'm getting the impression that all the Snowden stuff that gets 'leaked' to the public has been somehow approved by the US govt?
It's well known that media seeks confirmation and approval from govts before publishing anything.
OK, I'll bite: why? What benefit does the US govt get from the information leaked by Snowden?
J
Benefit? Who knows? But media asks for comment, and government gets the chance to argue against release, and for redaction.
-- Cari Machet NYC 646-436-7795 carimachet@gmail.com AIM carismachet Syria +963-099 277 3243 Amman +962 077 636 9407 Berlin +49 152 11779219 Reykjavik +354 894 8650 Twitter: @carimachet <https://twitter.com/carimachet> 7035 690E 5E47 41D4 B0E5 B3D1 AF90 49D6 BE09 2187 Ruh-roh, this is now necessary: This email is intended only for the addressee(s) and may contain confidential information. If you are not the intended recipient, you are hereby notified that any use of this information, dissemination, distribution, or copying of this email without permission is strictly prohibited.
The US government benefits greatly from dissidents in North Korea, China, Russia, Japan, and Germany being able to effectively use Tor to exfiltrate business intelligence and leak it to the people that run this country, the campaign contributors. The ability to use Tor to anonymously gather information about what multinational companies are planning to do is very valuable to said multinational companies. What's amusing about this is it's good for the CEOs, security officers, security agencies, and sentient high frequency trading AI's, but not very good for most investors. The US government is not a single entity, it is full of people who have biases, turf battles, and mixed loyalties. So there are parts that fund tor, for ideological reasons, and parts that hate it, and they are playing very long-term battles with each other, in addition to the perceived 'battle' between the noble cypherpunks and the despotic good for nothing government On Tue, Dec 30, 2014 at 02:41:57PM +0100, Cari Machet wrote:
ask yourself what does the US government benefit from the mere existence of tor let alone the use?
why would they fund tor?
is it really not obvious?
bait and switch tactics - 'they' are 'us' - infiltration - knowledge.... fucking us
to see where we are blah blah blah tech wise and head wise to be able to take out kim dot coms etc .... where are all the bad anti-capitalist children playing? .... how would they know?
i would argue they dont care if people know about snowden shit cause what they have in line for the future is beyond all of what snowden knew what he used - they dont think in terms of this generation like the people are taught to do - they think incredibly long term
the system is not stupid in this way but in other ways yes
it is performative - political theater .... keep those brats busy... its like a false flag
also the media does not have to abide by these shit rules but intercourse online magazine chooses to align while everyone bows down to laura poitras like she is fucking god and they do all kinds of sucking at gg - its disgusting.... isnt it john?
On Tue, Dec 30, 2014 at 1:08 PM, Mirimir <mirimir@riseup.net> wrote:
On 12/30/2014 03:47 AM, Jason Richards wrote:
On Tue, 30 Dec 2014 01:32:44 -0500 grarpamp <grarpamp@gmail.com> wrote:
On Mon, Dec 29, 2014 at 2:46 PM, Juan <juan.g71@gmail.com> wrote:
Anyway, I'm getting the impression that all the Snowden stuff that gets 'leaked' to the public has been somehow approved by the US govt?
It's well known that media seeks confirmation and approval from govts before publishing anything.
OK, I'll bite: why? What benefit does the US govt get from the information leaked by Snowden?
J
Benefit? Who knows? But media asks for comment, and government gets the chance to argue against release, and for redaction.
-- Cari Machet NYC 646-436-7795 carimachet@gmail.com AIM carismachet Syria +963-099 277 3243 Amman +962 077 636 9407 Berlin +49 152 11779219 Reykjavik +354 894 8650 Twitter: @carimachet <https://twitter.com/carimachet>
7035 690E 5E47 41D4 B0E5 B3D1 AF90 49D6 BE09 2187
Ruh-roh, this is now necessary: This email is intended only for the addressee(s) and may contain confidential information. If you are not the intended recipient, you are hereby notified that any use of this information, dissemination, distribution, or copying of this email without permission is strictly prohibited.
-- ---------------------------------------------------------------------------- Troy Benjegerdes 'da hozer' hozer@hozed.org 7 elements earth::water::air::fire::mind::spirit::soul grid.coop Never pick a fight with someone who buys ink by the barrel, nor try buy a hacker who makes money by the megahash
On Tue, Dec 30, 2014 at 09:09:08AM -0600, Troy Benjegerdes wrote:
The US government benefits greatly from dissidents in North Korea, China, Russia, Japan, and Germany being able to effectively use Tor to exfiltrate business intelligence and leak it to the people that run this country, the campaign contributors.
Sorry, but I don't believe this. I agree with juan that tor has many bugs and quite likely is _heavily_ backdoored, the bugs we see are probably just the top of the iceberg. I suppose sufficiently many people got busted because of trusting tor naively. The usa profits more from sniffing tor traffic than your alleged dissidents IMHO. Also some of the Snowden docs suggest "NSA can monitor tor, but don't want to scare _all_ tor users" (almost literally quoted).
Dnia wtorek, 30 grudnia 2014 18:46:10 Georgi Guninski pisze:
On Tue, Dec 30, 2014 at 09:09:08AM -0600, Troy Benjegerdes wrote:
The US government benefits greatly from dissidents in North Korea, China, Russia, Japan, and Germany being able to effectively use Tor to exfiltrate business intelligence and leak it to the people that run this country, the campaign contributors.
Sorry, but I don't believe this.
I agree with juan that tor has many bugs and quite likely is _heavily_ backdoored, the bugs we see are probably just the top of the iceberg.
I suppose sufficiently many people got busted because of trusting tor naively.
Show us the bugs, the backdoors, the examples of busted people, eh? -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147
On Sat, Jan 10, 2015 at 02:13:33AM +0100, rysiek wrote:
Dnia wtorek, 30 grudnia 2014 18:46:10 Georgi Guninski pisze:
On Tue, Dec 30, 2014 at 09:09:08AM -0600, Troy Benjegerdes wrote:
The US government benefits greatly from dissidents in North Korea, China, Russia, Japan, and Germany being able to effectively use Tor to exfiltrate business intelligence and leak it to the people that run this country, the campaign contributors.
Sorry, but I don't believe this.
I agree with juan that tor has many bugs and quite likely is _heavily_ backdoored, the bugs we see are probably just the top of the iceberg.
I suppose sufficiently many people got busted because of trusting tor naively.
Show us the bugs, the backdoors, the examples of busted people, eh?
Well, I for one, have been busted real hard. They call it PITA.
Dnia środa, 14 stycznia 2015 01:39:42 L pisze:
On Sat, Jan 10, 2015 at 02:13:33AM +0100, rysiek wrote:
Dnia wtorek, 30 grudnia 2014 18:46:10 Georgi Guninski pisze:
On Tue, Dec 30, 2014 at 09:09:08AM -0600, Troy Benjegerdes wrote:
The US government benefits greatly from dissidents in North Korea, China, Russia, Japan, and Germany being able to effectively use Tor to exfiltrate business intelligence and leak it to the people that run this country, the campaign contributors.
Sorry, but I don't believe this.
I agree with juan that tor has many bugs and quite likely is
_heavily_ backdoored, the bugs we see are probably just the top of
the iceberg.
I suppose sufficiently many people got busted because of trusting tor naively.
Show us the bugs, the backdoors, the examples of busted people, eh?
Well, I for one, have been busted real hard. They call it PITA.
Great. Can we try to locate and identify the backdoor? The code is open, so it *should* be possible, right? inb4 trusting trust, use your own compiler or something ;) -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147
Well, for one, the military has plenty of uses for Tor. Anonymous networks protect wartime informants, and spies in other countries. The US gov't also funded the Internet, via ARPA's research into packet-switching. I don't think it's an elaborate plan - just irony. William On 12/30/2014 08:41 AM, Cari Machet wrote:
ask yourself what does the US government benefit from the mere existence of tor let alone the use?
why would they fund tor?
is it really not obvious?
bait and switch tactics - 'they' are 'us' - infiltration - knowledge.... fucking us
to see where we are blah blah blah tech wise and head wise to be able to take out kim dot coms etc .... where are all the bad anti-capitalist children playing? .... how would they know?
i would argue they dont care if people know about snowden shit cause what they have in line for the future is beyond all of what snowden knew what he used - they dont think in terms of this generation like the people are taught to do - they think incredibly long term
the system is not stupid in this way but in other ways yes
it is performative - political theater .... keep those brats busy... its like a false flag
also the media does not have to abide by these shit rules but intercourse online magazine chooses to align while everyone bows down to laura poitras like she is fucking god and they do all kinds of sucking at gg - its disgusting.... isnt it john?
On Tue, Dec 30, 2014 at 1:08 PM, Mirimir <mirimir@riseup.net <mailto:mirimir@riseup.net>> wrote:
On 12/30/2014 03:47 AM, Jason Richards wrote: > On Tue, 30 Dec 2014 01:32:44 -0500 grarpamp <grarpamp@gmail.com <mailto:grarpamp@gmail.com>> wrote: >> On Mon, Dec 29, 2014 at 2:46 PM, Juan <juan.g71@gmail.com <mailto:juan.g71@gmail.com>> wrote: >>> Anyway, I'm getting the impression that all the Snowden >>> stuff that gets 'leaked' to the public has been somehow >>> approved by the US govt? >> >> It's well known that media seeks confirmation and approval from govts >> before publishing anything. > > OK, I'll bite: why? What benefit does the US govt get from the > information leaked by Snowden? > > J
Benefit? Who knows? But media asks for comment, and government gets the chance to argue against release, and for redaction.
-- Cari Machet NYC 646-436-7795 carimachet@gmail.com <mailto:carimachet@gmail.com> AIM carismachet Syria +963-099 277 3243 Amman +962 077 636 9407 Berlin +49 152 11779219 Reykjavik +354 894 8650 Twitter: @carimachet <https://twitter.com/carimachet>
7035 690E 5E47 41D4 B0E5 B3D1 AF90 49D6 BE09 2187
Ruh-roh, this is now necessary: This email is intended only for the addressee(s) and may contain confidential information. If you are not the intended recipient, you are hereby notified that any use of this information, dissemination, distribution, or copying of this email without permission is strictly prohibited.
Anyway, I'm getting the impression that all the Snowden stuff that gets 'leaked' to the public has been somehow approved by the US govt?
It's well known that media seeks confirmation and approval from govts before publishing anything.
OK, I'll bite: why? What benefit does the US govt get from the information leaked by Snowden?
Benefit? Who knows? But media asks for comment, and government gets the chance to argue against release, and for redaction.
Cari, Troy and Georgi have covered why Tor is valuable to the US government, but I still don't understand how the Snowden docs provide benefit. These documents have confirmed what many members of lists like this suspected, and has brought that information to the mind of the wider public. Essentially: the tinfoil hat wearers were proven correct. The five eyes nations' governments have been shown to monitor their citizens and share that information, in ways that are either illegal or not supported by their citizens. Crypto standards and implementations have been influenced for the benefit of those governments. What value does releasing this information provide to those governments? This information is pushing people towards encryption by default, and also pushing service providers towards encryption by default, not just on their front ends but also on their back end links. There also appears to be some clear messages: 1. The math is sound. So if we use well-tested and heavily analyzed crypto products then we are reasonably secure. (OpenSSL and GNUTLS appear to be clear exceptions, although closed source SSL/TLS implementation suffered here this year too.) 2. Open source software is harder to crack than closed source. So the US government seems to have said "we do things you don't want us to, but if you use proven, open source crypto you're reasonably secure." The only benefit I can see would be if they could break that crypto and wanted people to have a false sense of security by using that easily broken crypto. My tinfoil hat isn't that thick. I don't buy it. So what are the other benefits? J
On Tue, 30 Dec 2014 14:16:21 -0800, Jason Richards <jjr2@gmx.com> wrote:
OK, I'll bite: why? What benefit does the US govt get from the information leaked by Snowden?
The way this question is worded frames the debate to an extent. To me, using the phrase 'the US Govt' implies a monolithic entity with coherent motives. It does not leave room for explanations involving fedgov internecine info-warfare for example.
So the US government seems to have said "we do things you don't want us to, but if you use proven, open source crypto you're reasonably secure." The only benefit I can see would be if they could break that crypto and wanted people to have a false sense of security by using that easily broken crypto.
My tinfoil hat isn't that thick. I don't buy it. So what are the other benefits?
Just throwing some ideas out: * Terrorize disenfranchised members of the population into the cyber-fetal position. Self-censor accordingly and don't get too uppity, submitizen! * Make it clear for any potential rivals to deep state power who 'didn't get the memo' that their every move is being watched, cataloged, recorded and stored in perpetuity. * Frame the debate. Never ask the fundamental question of whether the surveillance state should exist or not. Keep the discussion focused on 'how much' surveillance. * Throw up a fog of dis-information consisting of yesterdays obsolete capabilities, which by themselves are enough to stun even the tinfoil hat brigade. Mobilize interesting targets into adopting defenses against the obsolete attacks, until they think they are safe and can let their hair down again. Immediately begin harvesting juicy new intel via unrevealed nextgen attacks. * Inflict political pain on rival agencies and political enemies Anyone else? Let the paranoia flow...
as long as we have our tinfoil hats on, one data point to keep in mind here is to remember that USGov, despite having many uniform policies, is also shot through with warring fiefdoms and turfs. Snowden and Michael Hayden both have the odd career path CIA - NSA. To say that is unusual is to make an enormous understatement. we are usually told, "once CIA, always CIA." you can't "quit." and there are hundreds of stories over 50+ years of history to suggest this. CIA and NSA have often been thought not to be on the same page, largely because NSA is military and CIA is civilian (or whatever special/uber designation it has at this point). CIA sees itself as entitled to operate much *more* lawlessly than NSA. it is not hard to imagine scenarios where CIA might want to weaken NSA capabilities in part via public embarrassment. and one involved in the plot could even go public with his statements about how damaging the leaks are. convenient! our noble leaker(s) would not even necessarily need to know how it was possible to grab so much information without being stopped/noticed. On Wed, Dec 31, 2014 at 10:29 PM, Seth <list@sysfu.com> wrote:
On Tue, 30 Dec 2014 14:16:21 -0800, Jason Richards <jjr2@gmx.com> wrote:
OK, I'll bite: why? What benefit does the US govt get from the
information leaked by Snowden?
The way this question is worded frames the debate to an extent. To me, using the phrase 'the US Govt' implies a monolithic entity with coherent motives.
It does not leave room for explanations involving fedgov internecine info-warfare for example.
So the US government seems to have said "we do things you don't want us
to, but if you use proven, open source crypto you're reasonably secure." The only benefit I can see would be if they could break that crypto and wanted people to have a false sense of security by using that easily broken crypto.
My tinfoil hat isn't that thick. I don't buy it. So what are the other benefits?
Just throwing some ideas out:
* Terrorize disenfranchised members of the population into the cyber-fetal position. Self-censor accordingly and don't get too uppity, submitizen!
* Make it clear for any potential rivals to deep state power who 'didn't get the memo' that their every move is being watched, cataloged, recorded and stored in perpetuity.
* Frame the debate. Never ask the fundamental question of whether the surveillance state should exist or not. Keep the discussion focused on 'how much' surveillance.
* Throw up a fog of dis-information consisting of yesterdays obsolete capabilities, which by themselves are enough to stun even the tinfoil hat brigade. Mobilize interesting targets into adopting defenses against the obsolete attacks, until they think they are safe and can let their hair down again. Immediately begin harvesting juicy new intel via unrevealed nextgen attacks.
* Inflict political pain on rival agencies and political enemies
Anyone else?
Let the paranoia flow...
I THINK WE UNDERSTAND TURF WARS WITHIN THE US GOV RUDIMENTARY do you understand the privitization of the security state? do you know who the fuck barrett brown is - waht about jeremy hammond? On Wed, Dec 31, 2014 at 4:03 PM, z9wahqvh <z9wahqvh@gmail.com> wrote:
as long as we have our tinfoil hats on, one data point to keep in mind here is to remember that USGov, despite having many uniform policies, is also shot through with warring fiefdoms and turfs.
Snowden and Michael Hayden both have the odd career path CIA - NSA. To say that is unusual is to make an enormous understatement. we are usually told, "once CIA, always CIA." you can't "quit." and there are hundreds of stories over 50+ years of history to suggest this.
CIA and NSA have often been thought not to be on the same page, largely because NSA is military and CIA is civilian (or whatever special/uber designation it has at this point). CIA sees itself as entitled to operate much *more* lawlessly than NSA.
it is not hard to imagine scenarios where CIA might want to weaken NSA capabilities in part via public embarrassment. and one involved in the plot could even go public with his statements about how damaging the leaks are. convenient!
our noble leaker(s) would not even necessarily need to know how it was possible to grab so much information without being stopped/noticed.
On Wed, Dec 31, 2014 at 10:29 PM, Seth <list@sysfu.com> wrote:
On Tue, 30 Dec 2014 14:16:21 -0800, Jason Richards <jjr2@gmx.com> wrote:
OK, I'll bite: why? What benefit does the US govt get from the
information leaked by Snowden?
The way this question is worded frames the debate to an extent. To me, using the phrase 'the US Govt' implies a monolithic entity with coherent motives.
It does not leave room for explanations involving fedgov internecine info-warfare for example.
So the US government seems to have said "we do things you don't want us
to, but if you use proven, open source crypto you're reasonably secure." The only benefit I can see would be if they could break that crypto and wanted people to have a false sense of security by using that easily broken crypto.
My tinfoil hat isn't that thick. I don't buy it. So what are the other benefits?
Just throwing some ideas out:
* Terrorize disenfranchised members of the population into the cyber-fetal position. Self-censor accordingly and don't get too uppity, submitizen!
* Make it clear for any potential rivals to deep state power who 'didn't get the memo' that their every move is being watched, cataloged, recorded and stored in perpetuity.
* Frame the debate. Never ask the fundamental question of whether the surveillance state should exist or not. Keep the discussion focused on 'how much' surveillance.
* Throw up a fog of dis-information consisting of yesterdays obsolete capabilities, which by themselves are enough to stun even the tinfoil hat brigade. Mobilize interesting targets into adopting defenses against the obsolete attacks, until they think they are safe and can let their hair down again. Immediately begin harvesting juicy new intel via unrevealed nextgen attacks.
* Inflict political pain on rival agencies and political enemies
Anyone else?
Let the paranoia flow...
-- Cari Machet NYC 646-436-7795 carimachet@gmail.com AIM carismachet Syria +963-099 277 3243 Amman +962 077 636 9407 Berlin +49 152 11779219 Reykjavik +354 894 8650 Twitter: @carimachet <https://twitter.com/carimachet> 7035 690E 5E47 41D4 B0E5 B3D1 AF90 49D6 BE09 2187 Ruh-roh, this is now necessary: This email is intended only for the addressee(s) and may contain confidential information. If you are not the intended recipient, you are hereby notified that any use of this information, dissemination, distribution, or copying of this email without permission is strictly prohibited.
On 12/31/14, z9wahqvh <z9wahqvh@gmail.com> wrote:
... we are usually told, "once CIA, always CIA." you can't "quit." and there are hundreds of stories over 50+ years of history to suggest this.
i didn't see "no spooks" on the secure drop posting, [0] but perhaps they save that for the interview / second date. ;) 0. "Skills and Experience... Required:... Would be great:" https://freedom.press/jobs/job-opening-devops-engineer-securedrop
On Wed, 31 Dec 2014 10:03:06 -0500 z9wahqvh <z9wahqvh@gmail.com> wrote:
as long as we have our tinfoil hats on, one data point to keep in mind here is to remember that USGov, despite having many uniform policies, is also shot through with warring fiefdoms and turfs.
To the people who say that governments are not 'monolithic', something that entry-level tor apologists and the like mindlessly parrot. An entity like the us govt is, for all intents and purposes, indeed 'monolithic' The fact that in a criminal organization like the US government different factions may sometimes quarrel doesnt change the big picture at all. Virtually all people who work for the government share a basic 'philosophy', otherwise they wouldn't work for the government...I imagine people are familiar with the "good cop bad cop" routine... How many millions of employees does the US govt have? How many have betrayed it? Off the top of my head I can think of TWO. Snowden, exiled in Russia (wha ha ha*) and Manning, in jail. See how un-monolithic and 'diverse' the US govt really is? *loling at all the fucktards who like to think that the US is a 'free' society while the ruskies are the bad totalitarian guys
Dnia środa, 31 grudnia 2014 22:13:45 Juan pisze:
On Wed, 31 Dec 2014 10:03:06 -0500
z9wahqvh <z9wahqvh@gmail.com> wrote:
as long as we have our tinfoil hats on, one data point to keep in mind here is to remember that USGov, despite having many uniform policies, is also shot through with warring fiefdoms and turfs.
To the people who say that governments are not 'monolithic', something that entry-level tor apologists and the like mindlessly parrot.
An entity like the us govt is, for all intents and purposes, indeed 'monolithic'
The fact that in a criminal organization like the US government different factions may sometimes quarrel doesnt change the big picture at all. Virtually all people who work for the government share a basic 'philosophy', otherwise they wouldn't work for the government...I imagine people are familiar with the "good cop bad cop" routine...
How many millions of employees does the US govt have? How many have betrayed it? Off the top of my head I can think of TWO. Snowden, exiled in Russia (wha ha ha*) and Manning, in jail.
Well... https://en.wikipedia.org/wiki/Category:American_whistleblowers -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147
On Sat, 10 Jan 2015 02:20:31 +0100 rysiek <rysiek@hackerspace.pl> wrote:
How many millions of employees does the US govt have? How many have betrayed it? Off the top of my head I can think of TWO. Snowden, exiled in Russia (wha ha ha*) and Manning, in jail.
Well... https://en.wikipedia.org/wiki/Category:American_whistleblowers
Well, your wikipedia link doesn't counter anything I said. Furthermore, I browsed a few of the links and that's not a list of *government* whistleblowers - there are also people from the 'private' sector, for instance https://en.wikipedia.org/wiki/Linda_Peeno Then, there there's old stuff https://en.wikipedia.org/wiki/Victor_Marchetti "Marchetti published books critical of the CIA with author John D. Marks. The books included, The CIA and the Cult of Intelligence (1973).[4] Before this book was published, the CIA demanded that Marchetti remove 399 passages, but Marchetti resisted and only 168 passages were censored. " lol - so 'only' 168 - and that actually says nothing about what the guy published. Maybe it was all irrelevant nonsense anyway. https://en.wikipedia.org/wiki/Frederic_Whitehurst "was a Supervisory Special Agent in the Federal Bureau of Investigation Laboratory from 1986 to 1998, where he went public as a whistleblower to bring attention to procedural errors and misconduct." Doesn't sound too impressive. I'm not going to waste any more time reviewing your list. I wouldn't be surprised if you didn't check a single link. All in all there are 150 people in that list, covering both the public and 'private' sector for 50 or more years. So, out of probably millions of people having access to compromising information you have 150 whistleblowers? That's of course to be expected from a fascist society like the US. J.
On Wed, 31 Dec 2014 10:03:06 -0500 z9wahqvh <z9wahqvh@gmail.com> wrote:
as long as we have our tinfoil hats on, one data point to keep in mind here is to remember that USGov, despite having many uniform policies, is also shot through with warring fiefdoms and turfs.
...
CIA and NSA have often been thought not to be on the same page, largely because NSA is military and CIA is civilian (or whatever special/uber designation it has at this point). CIA sees itself as entitled to operate much *more* lawlessly than NSA.
it is not hard to imagine scenarios where CIA might want to weaken NSA capabilities in part via public embarrassment. and one involved in the plot could even go public with his statements about how damaging the leaks are. convenient!
Agreed. In my defense, I was replying to "I'm getting the impression that all the Snowden stuff that gets 'leaked' to the public has been somehow approved by the US govt?" :-) On Wed, Dec 31, 2014 at 10:29 PM, Seth <list@sysfu.com> wrote:
On Tue, 30 Dec 2014 14:16:21 -0800, Jason Richards <jjr2@gmx.com> wrote:
OK, I'll bite: why? What benefit does the US govt get from the information leaked by Snowden?
The way this question is worded frames the debate to an extent. To me, using the phrase 'the US Govt' implies a monolithic entity with coherent motives.
It does not leave room for explanations involving fedgov internecine info-warfare for example.
Agreed, as per above.
So the US government seems to have said "we do things you don't want us to, but if you use proven, open source crypto you're reasonably secure." The only benefit I can see would be if they could break that crypto and wanted people to have a false sense of security by using that easily broken crypto.
My tinfoil hat isn't that thick. I don't buy it. So what are the other benefits?
Just throwing some ideas out:
* Terrorize disenfranchised members of the population into the cyber-fetal position. Self-censor accordingly and don't get too uppity, submitizen!
* Make it clear for any potential rivals to deep state power who 'didn't get the memo' that their every move is being watched, cataloged, recorded and stored in perpetuity.
* Frame the debate. Never ask the fundamental question of whether the surveillance state should exist or not. Keep the discussion focused on 'how much' surveillance.
These do indeed seem like good outcomes for a totalitarian government. It also unfortunately reinforces and brings about the predictions of people like Orwell, Huxley and Zamyatin. I still can't see that the cost is acceptable, unless:
* Throw up a fog of dis-information consisting of yesterdays obsolete capabilities, which by themselves are enough to stun even the tinfoil hat brigade. Mobilize interesting targets into adopting defenses against the obsolete attacks, until they think they are safe and can let their hair down again. Immediately begin harvesting juicy new intel via unrevealed nextgen attacks.
This is my fear. They've outflanked us by making us think that there is only one (or a small number of) effective solution(s). We just don't know yet that it/they isn't/aren't secure.
* Inflict political pain on rival agencies and political enemies
Again, I'd think that the cost of this one is too high, but I don't know enough of the internal politics. It does seem to be a very high price to pay. I hope that your fourth point above is not correct. J
On Mon, Dec 29, 2014 at 8:20 AM, John Young <jya@pipeline.com> wrote:
Hash this motherfucker, said math to germ.
JYA, you, as the original publisher of various and valued datasets... the responsibility to calculate, sign, and publish said hashes rests with you alone. Please consult with any trusted parties should you need assistance in such matters. A future of archivers, disseminators, and analysts will thank you.
john likes to be poetic as a wall - dear john please listen to the smart people and have a small bit of humility - it will make you better at your job and we need EVERYONE to step up and be better at their jobs On Tue, Dec 30, 2014 at 7:38 AM, grarpamp <grarpamp@gmail.com> wrote:
On Mon, Dec 29, 2014 at 8:20 AM, John Young <jya@pipeline.com> wrote:
Hash this motherfucker, said math to germ.
JYA, you, as the original publisher of various and valued datasets... the responsibility to calculate, sign, and publish said hashes rests with you alone. Please consult with any trusted parties should you need assistance in such matters. A future of archivers, disseminators, and analysts will thank you.
-- Cari Machet NYC 646-436-7795 carimachet@gmail.com AIM carismachet Syria +963-099 277 3243 Amman +962 077 636 9407 Berlin +49 152 11779219 Reykjavik +354 894 8650 Twitter: @carimachet <https://twitter.com/carimachet> 7035 690E 5E47 41D4 B0E5 B3D1 AF90 49D6 BE09 2187 Ruh-roh, this is now necessary: This email is intended only for the addressee(s) and may contain confidential information. If you are not the intended recipient, you are hereby notified that any use of this information, dissemination, distribution, or copying of this email without permission is strictly prohibited.
juan it is common knowledge that the snowden so called fucking leaks are given to the US gov before publication always remember and never forget gg was fully behind the war in iraq and why was he fully behind it ? revenge ... that tells you the mind that is working on the so called leaks also laura she was an embed journo in iraq - something an activist journo wouldnt even think about doing lets not even fully talk about that she blindly backs the assange wikileaks 'merger' into one entity and jeremy scahill did a selfie (among other ethical violations against woman) in samalia with a dead body in a morgue for his little movie, again something journalists dont do - even pond scum journalists dont get their picture took with dead bodies for camera - these are the ethical parameters of the people working with the info On Tue, Dec 30, 2014 at 8:50 AM, Cari Machet <carimachet@gmail.com> wrote:
john likes to be poetic as a wall - dear john please listen to the smart people and have a small bit of humility - it will make you better at your job and we need EVERYONE to step up and be better at their jobs
On Tue, Dec 30, 2014 at 7:38 AM, grarpamp <grarpamp@gmail.com> wrote:
On Mon, Dec 29, 2014 at 8:20 AM, John Young <jya@pipeline.com> wrote:
Hash this motherfucker, said math to germ.
JYA, you, as the original publisher of various and valued datasets... the responsibility to calculate, sign, and publish said hashes rests with you alone. Please consult with any trusted parties should you need assistance in such matters. A future of archivers, disseminators, and analysts will thank you.
-- Cari Machet NYC 646-436-7795 carimachet@gmail.com AIM carismachet Syria +963-099 277 3243 Amman +962 077 636 9407 Berlin +49 152 11779219 Reykjavik +354 894 8650 Twitter: @carimachet <https://twitter.com/carimachet>
7035 690E 5E47 41D4 B0E5 B3D1 AF90 49D6 BE09 2187
Ruh-roh, this is now necessary: This email is intended only for the addressee(s) and may contain confidential information. If you are not the intended recipient, you are hereby notified that any use of this information, dissemination, distribution, or copying of this email without permission is strictly prohibited.
-- Cari Machet NYC 646-436-7795 carimachet@gmail.com AIM carismachet Syria +963-099 277 3243 Amman +962 077 636 9407 Berlin +49 152 11779219 Reykjavik +354 894 8650 Twitter: @carimachet <https://twitter.com/carimachet> 7035 690E 5E47 41D4 B0E5 B3D1 AF90 49D6 BE09 2187 Ruh-roh, this is now necessary: This email is intended only for the addressee(s) and may contain confidential information. If you are not the intended recipient, you are hereby notified that any use of this information, dissemination, distribution, or copying of this email without permission is strictly prohibited.
On Tue, 30 Dec 2014 09:06:45 +0100 Cari Machet <carimachet@gmail.com> wrote:
juan it is common knowledge that the snowden so called fucking leaks are given to the US gov before publication
Yes - I should have worded my comment a bit differently. What I was getting at is that they are not even pretending to somewhat hide the fact. Or even slightly obscure it? =P Then again, perhaps to the 'general public' the 'leaked' stuff looks oh so top secret...
always remember and never forget gg was fully behind the war in iraq and why was he fully behind it ? revenge ... that tells you the mind that is working on the so called leaks
also laura she was an embed journo in iraq - something an activist journo wouldnt even think about doing lets not even fully talk about that she blindly backs the assange wikileaks 'merger' into one entity
and jeremy scahill did a selfie (among other ethical violations against woman) in samalia with a dead body in a morgue for his little movie, again something journalists dont do - even pond scum journalists dont get their picture took with dead bodies for camera - these are the ethical parameters of the people working with the info
On Tue, Dec 30, 2014 at 8:50 AM, Cari Machet <carimachet@gmail.com> wrote:
john likes to be poetic as a wall - dear john please listen to the smart people and have a small bit of humility - it will make you better at your job and we need EVERYONE to step up and be better at their jobs
On Tue, Dec 30, 2014 at 7:38 AM, grarpamp <grarpamp@gmail.com> wrote:
On Mon, Dec 29, 2014 at 8:20 AM, John Young <jya@pipeline.com> wrote:
Hash this motherfucker, said math to germ.
JYA, you, as the original publisher of various and valued datasets... the responsibility to calculate, sign, and publish said hashes rests with you alone. Please consult with any trusted parties should you need assistance in such matters. A future of archivers, disseminators, and analysts will thank you.
-- Cari Machet NYC 646-436-7795 carimachet@gmail.com AIM carismachet Syria +963-099 277 3243 Amman +962 077 636 9407 Berlin +49 152 11779219 Reykjavik +354 894 8650 Twitter: @carimachet <https://twitter.com/carimachet>
7035 690E 5E47 41D4 B0E5 B3D1 AF90 49D6 BE09 2187
Ruh-roh, this is now necessary: This email is intended only for the addressee(s) and may contain confidential information. If you are not the intended recipient, you are hereby notified that any use of this information, dissemination, distribution, or copying of this email without permission is strictly prohibited.
* Ryan Carboni schrieb am 2014-12-29 um 05:07 Uhr:
CRC failed in 'media-35515.pdf' file is broken
You can also find a copy here: ftp://151.217.170.35/uploads/NSA-DerSpiegel-31C3-Leak.tar.gz -- Jens Kubieziel http://www.kubieziel.de "Das Reisen in die Vergangenheit nie möglich sein werden, beweist die Tatsache, dass wir heute keine Besucher aus der Zukunft haben"
On Mon, Dec 29, 2014 at 12:43 AM, John Young <jya@pipeline.com> wrote:
File size varies with programs.
Do you have a sideline as a hard disk manufacturer? File size is 196984634 bytes (188 MB). sha1sum 73d7437dba404d4cbe6eea3f2063d6b421f73cc9, md5sum cee258814d24b1966e7bcf680b0b5e26. Mark
participants (20)
-
Cari Machet -
Cathal Garvey -
coderman -
Georgi Guninski -
grarpamp -
Gregory Foster -
Jason Richards -
Jens Kubieziel -
John Young -
Juan -
L -
Mark Steward -
Mirimir -
Peter Tonoli -
Ryan Carboni -
rysiek -
Seth -
Troy Benjegerdes -
William Woodruff -
z9wahqvh