From ravage at einstein.ssz.com Fri Aug 1 04:31:53 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Fri, 1 Aug 2003 06:31:53 -0500 (CDT) Subject: [eff-austin] Antispam Bills: Worse Than Spam? In-Reply-To: Message-ID: For this to be taken seriously one must be able to -define spam- as if it were a mathematical entity (eg a 'point'). It must be absolutely differentiable from -all- other speech. You can't do that, nobody can. Anti-spam bills are worse than spam because they put transient feelings of anger above the principles of freedom. Freedom is -not- free! On Fri, 1 Aug 2003, Carl Webb wrote: > Antispam Bills: Worse Than Spam? > > > By Ryan Singel | Also by this reporter Page 1 of 2 next ; > > 03:55 PM Jul. 30, 2003 PT > > While no one has sympathy for the devils that fill inboxes with promises > of lower mortgages and larger members, not everyone is supporting the new > movement to banish spammers from the Internet. > > Some online advocates worry that heavy-handed antispam measures, such as > centralized blacklists and charging for delivery, will destroy e-mail. > Advertisement > > * Story Tools > > [Print story] [E-mail story] > > Electronic Frontier Foundation's head counsel Cindy Cohn, for instance, > argues that antispam crusaders are forgetting the Internet's first > principle -- information flows freely from end to end. Cohn fears that > the Internet's openness will be collateral damage in the war against > unwanted e-mail. > > Cohn says her organization's position on spam blocking can be boiled down > to a simple proposition: "All nonspam e-mail should be delivered." It's > an information age take on the Hippocratic oath, which requires doctors > to first do no harm. > > "It's not the job of an ISP to block e-mail," added Cohn. "E-mail isn't a > toy anymore. If I don't get an e-mailed notice from the federal district > court mailing list, it's malpractice." > > Even some who sell antispam software to companies say that ISPs shouldn't > be blocking mail. > > "Blocking e-mails is folly," said Brian Gillette, whose company sells an > enterprise-level, antispam appliance called trimMail Inbox. "If I'm an > ISP and I stop a $150,000 equipment sale because I decided it was spam, > I'm in for a lawsuit." > > Marv Johnson, legislative counsel for the American Civil Liberties Union, > worries that the ability to speak anonymously on the Internet is being > put at risk by federal antispam legislation. > > Howard Beale of the Federal Trade Commission told House members at a > recent hearing on proposed antispam legislation that "spam threatens to > destroy e-mail." > > Several of the bills currently under consideration would make it illegal > to mask a sender's identity or forge routing information, both of which > are tricks used by spammers to avoid the ire of those who receive their > e-mails. But it's also a tactic used by dissidents in countries with > repressive governments who want to communicate with like-minded > individuals. > > "Many of these bills criminalize a message header that isn't accurate," > said Johnson. "That's not fraud. If you send out messages through an > anonymizer, then you could get sent to jail." > > Cohn concurs, arguing that the bills criminalize the behavior of people > -- such as closeted gay teens or government whistle-blowers -- who have > legitimate reasons for speaking anonymously on the Internet. > > EFF already has been a victim of overbroad spam filters. Its newsletter, > which has more than 30,000 subscribers, has been bounced by aggressive > keyword filters. In one case, its message was blocked because it > contained the word "rape," used when talking about EFF's advocacy on > behalf of an online group, Stop Prisoner Rape. > > When the EFF asked around, it found that other noncommercial bulk > mailers, such as listservs, were running into problems, too. > > For example, AOL blocked e-mails from one of EFF's clients, MoveOn.org, > an online, liberal political action group which saw its membership swell > to more than 2 million during the antiwar movement. > > "MoveOn.org, one of EFF's clients, has problems all the time, but > MoveOn.org is now big enough to be on whitelists," said Cohn. "I'm more > concerned about the next MoveOn." > > Challenge-and-response systems pose particular problems for newsletters > and listservs. These systems try to cut down on fraudulent e-mail by not > delivering a message until the sender replies to a confirmation e-mail > sent by the intended recipient's ISP or e-mail host. > > "Declan McCullagh of Politech and Dave Farber of Interesting-People can't > do 100 challenge-responses a day," said Cohn. "That, as a solution, > doesn't scale." > > It would be wrong to call Cohn soft on spam. While in private practice > she sued a spammer and won a court injunction and $60,000. And her > employer uses antispam technology on its own servers. > > The difference, according to Cohn, is that the SpamAssassin software EFF > uses doesn't block spam, it simply rates each e-mail. Staffers then set > up their e-mail clients to separate messages into different inboxes. This > keeps the main e-mail boxes free of spam, but allows individuals to check > the spam folder occasionally to see if a legitimate e-mail was > incorrectly tagged as junk. > > Many in the technology industry think that only better technology can > stop the spam deluge. > > "The only people who can stop spammers are other technologists," said > trimMail's Gillette. > > The most promising new approach is better filters that use Bayesian > algorithms to tag spam automatically and move it into a spam folder. The > algorithms look at the body and header of an e-mail and judge from past > experience whether an incoming message is junk. Users then train the > algorithm, by moving misclassified e-mail from one e-mail folder to > another. > > Paul Graham, who many credit for applying Bayesian filtering to the spam > problem, is ecstatic at the power of the new filters. > > "I don't need blacklists," said Graham. "My own software is better than I > am at deciding what is spam and what is not." > > Several open-source and commercial products, such as SpamBayes and Spam > Bully, already use Bayesian filtering. > > The ACLU's Johnson hopes the new technology will head off the worst of > the antispam legislation. > > "Why do we want to start imposing a different world for the Internet than > we have in the real world?" asked Johnson. > > "Let the marketplace handle spam," he said. "When Congress wants to show > they are doing something about an issue, they often screw it up." > > End of story > > Send e-mail icon Have a comment on this article? Send it > > More stories written by Ryan Singel > > > ________________________________________________________________________________ > MSN 8 with e-mail virus protection service: 2 months FREE* > -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From doug at dwhite.ws Fri Aug 1 05:08:47 2003 From: doug at dwhite.ws (Doug) Date: Fri, 1 Aug 2003 07:08:47 -0500 Subject: [eff-austin] Antispam Bills: Worse Than Spam? References: Message-ID: <037801c35825$a9a457e0$265b8b42@lake> I guess it is unfortunate that I personally disagree with the article, almost in its entirety. I fully support any technological means to prevent the junk from ever entering my system, using my bandwidth, my productivity and my storage space, while some "decision" or another is being made. Sure, to some it seems arcane to using blocking methods at the server level, but the quantity of the spew alone justifies the practice. I have never considered it a form of "freedom" for an advertiser to pummel me with advertising at my own expense. While I realize not all advertising should be considered as spam, most of it is, in my opinion, and consequently I use a variety of methods to prevent the MTA from even connecting to my mail server. If the widespread use of this technology hurts email advertising, then so much the better. I would prefer email systems be able to return to their intended purpose. My email hosting service provides the free option of unfiltered and filtered (spam blacklisting), and it is no surprise that over 98% of my clients opt for the filtered routing. I will continue to support legislation and other methods to transfer the cost of advertising back to the advertiser. If there are enforceable penalties for fraudulent message headers and routing, so be it. If the legislation forces dissidents and whistleblowers to use postal mail, so much the better. I do not agree that these so-called "freedoms" need to be at my expense. Legitimate email - deliver as intended. non-legitimate email - block the connection at the server. ================================ This address is filtered through open relay databases and is virus scanned by ANTIVIR http://www.dwhite.ws mailto:doug at dwhite.ws ================================ ================================ This address is filtered through the open relay database at http://www.ordb.org and is virus scanned by ANTIVIR http://www.dwhite.ws mailto:doug at dwhite.ws ================================ ----- Original Message ----- From: "Jim Choate" To: cypherpunks at lne.com X-Orig-To: "Carl Webb" Cc: ; ; ; Sent: Friday, August 01, 2003 6:31 AM Subject: Re: [eff-austin] Antispam Bills: Worse Than Spam? For this to be taken seriously one must be able to -define spam- as if it were a mathematical entity (eg a 'point'). It must be absolutely differentiable from -all- other speech. You can't do that, nobody can. Anti-spam bills are worse than spam because they put transient feelings of anger above the principles of freedom. Freedom is -not- free! On Fri, 1 Aug 2003, Carl Webb wrote: > Antispam Bills: Worse Than Spam? > > > By Ryan Singel | Also by this reporter Page 1 of 2 next ; > > 03:55 PM Jul. 30, 2003 PT > > While no one has sympathy for the devils that fill inboxes with promises > of lower mortgages and larger members, not everyone is supporting the new > movement to banish spammers from the Internet. > > Some online advocates worry that heavy-handed antispam measures, such as > centralized blacklists and charging for delivery, will destroy e-mail. > Advertisement > > * Story Tools > > [Print story] [E-mail story] > > Electronic Frontier Foundation's head counsel Cindy Cohn, for instance, > argues that antispam crusaders are forgetting the Internet's first > principle -- information flows freely from end to end. Cohn fears that > the Internet's openness will be collateral damage in the war against > unwanted e-mail. > > Cohn says her organization's position on spam blocking can be boiled down > to a simple proposition: "All nonspam e-mail should be delivered." It's > an information age take on the Hippocratic oath, which requires doctors > to first do no harm. > > "It's not the job of an ISP to block e-mail," added Cohn. "E-mail isn't a > toy anymore. If I don't get an e-mailed notice from the federal district > court mailing list, it's malpractice." > > Even some who sell antispam software to companies say that ISPs shouldn't > be blocking mail. > > "Blocking e-mails is folly," said Brian Gillette, whose company sells an > enterprise-level, antispam appliance called trimMail Inbox. "If I'm an > ISP and I stop a $150,000 equipment sale because I decided it was spam, > I'm in for a lawsuit." > > Marv Johnson, legislative counsel for the American Civil Liberties Union, > worries that the ability to speak anonymously on the Internet is being > put at risk by federal antispam legislation. > > Howard Beale of the Federal Trade Commission told House members at a > recent hearing on proposed antispam legislation that "spam threatens to > destroy e-mail." > > Several of the bills currently under consideration would make it illegal > to mask a sender's identity or forge routing information, both of which > are tricks used by spammers to avoid the ire of those who receive their > e-mails. But it's also a tactic used by dissidents in countries with > repressive governments who want to communicate with like-minded > individuals. > > "Many of these bills criminalize a message header that isn't accurate," > said Johnson. "That's not fraud. If you send out messages through an > anonymizer, then you could get sent to jail." > > Cohn concurs, arguing that the bills criminalize the behavior of people > -- such as closeted gay teens or government whistle-blowers -- who have > legitimate reasons for speaking anonymously on the Internet. > > EFF already has been a victim of overbroad spam filters. Its newsletter, > which has more than 30,000 subscribers, has been bounced by aggressive > keyword filters. In one case, its message was blocked because it > contained the word "rape," used when talking about EFF's advocacy on > behalf of an online group, Stop Prisoner Rape. > > When the EFF asked around, it found that other noncommercial bulk > mailers, such as listservs, were running into problems, too. > > For example, AOL blocked e-mails from one of EFF's clients, MoveOn.org, > an online, liberal political action group which saw its membership swell > to more than 2 million during the antiwar movement. > > "MoveOn.org, one of EFF's clients, has problems all the time, but > MoveOn.org is now big enough to be on whitelists," said Cohn. "I'm more > concerned about the next MoveOn." > > Challenge-and-response systems pose particular problems for newsletters > and listservs. These systems try to cut down on fraudulent e-mail by not > delivering a message until the sender replies to a confirmation e-mail > sent by the intended recipient's ISP or e-mail host. > > "Declan McCullagh of Politech and Dave Farber of Interesting-People can't > do 100 challenge-responses a day," said Cohn. "That, as a solution, > doesn't scale." > > It would be wrong to call Cohn soft on spam. While in private practice > she sued a spammer and won a court injunction and $60,000. And her > employer uses antispam technology on its own servers. > > The difference, according to Cohn, is that the SpamAssassin software EFF > uses doesn't block spam, it simply rates each e-mail. Staffers then set > up their e-mail clients to separate messages into different inboxes. This > keeps the main e-mail boxes free of spam, but allows individuals to check > the spam folder occasionally to see if a legitimate e-mail was > incorrectly tagged as junk. > > Many in the technology industry think that only better technology can > stop the spam deluge. > > "The only people who can stop spammers are other technologists," said > trimMail's Gillette. > > The most promising new approach is better filters that use Bayesian > algorithms to tag spam automatically and move it into a spam folder. The > algorithms look at the body and header of an e-mail and judge from past > experience whether an incoming message is junk. Users then train the > algorithm, by moving misclassified e-mail from one e-mail folder to > another. > > Paul Graham, who many credit for applying Bayesian filtering to the spam > problem, is ecstatic at the power of the new filters. > > "I don't need blacklists," said Graham. "My own software is better than I > am at deciding what is spam and what is not." > > Several open-source and commercial products, such as SpamBayes and Spam > Bully, already use Bayesian filtering. > > The ACLU's Johnson hopes the new technology will head off the worst of > the antispam legislation. > > "Why do we want to start imposing a different world for the Internet than > we have in the real world?" asked Johnson. > > "Let the marketplace handle spam," he said. "When Congress wants to show > they are doing something about an issue, they often screw it up." > > End of story > > Send e-mail icon Have a comment on this article? Send it > > More stories written by Ryan Singel > > > ________________________________________________________________________________ > MSN 8 with e-mail virus protection service: 2 months FREE* > -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From mv at cdc.gov Fri Aug 1 11:04:37 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Fri, 01 Aug 2003 11:04:37 -0700 Subject: Digicash Patents, patent-expiry landrushes Message-ID: <3F2AABB5.2A3CD26F@cdc.gov> At 11:34 AM 7/31/03 -0700, Tim May wrote: >Some people expected a "land rush" when the main RSA patents expired >several years ago. Parties were even thrown. The land rush never >happened. Wrong. RSA algorithm is used freely now in US designs, knowing it is no longer patented. I didn't go to any party, but I flipped a bit in my cranial store indicating that it could be used freely. And this is/was critical, because whereas a block cipher (eg IDEA) can be replaced, RSA can't in some apps. As someone currently rolling his own RSA by setting up the bignums in C, it is a relief to be free of patent issues. I don't believe this would have been the case before the expiry. (This is for embedded devices, I'm not reinventing a protocol wheel.) I'll predict a similarly invisible "land rush" when ECC patents run out, assuming that its patented and also considered useful when the supposed patents expire. From bill.stewart at pobox.com Fri Aug 1 12:18:52 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Fri, 01 Aug 2003 12:18:52 -0700 Subject: Poindexter to Resign In-Reply-To: <5.2.1.1.0.20030801083855.04864150@mail.comcast.net> Message-ID: <5.1.1.6.2.20030801113828.02dcd0a0@idiom.com> At 08:41 AM 08/01/2003 -0700, Steve Schear wrote: >Report: Poindexter to Resign >Wired News 2:43 PM Jul. 31, 2003 PT > >WASHINGTON -- John Poindexter, the Iran-Contra scandal figure who headed >two criticized Pentagon projects, including one that would have enabled >investors to profit by predicting terrorist attacks, will quit his post >within weeks, U.S. defense officials said Thursday. .... > http://www.wired.com/news/politics/0,1283,59853,00.html > http://reuters.com/newsArticle.jhtml?type=topNews&storyID=3198102 It's nice that some of the news media have changed from their previous policy of toadying up to "Admiral Poindexter" and are now starting out their article by referring to his known dishonesty and unfitness for public service before getting down to explaining what they're talking about. It may not be Fair, but it's a bit more Balanced :-) Of course, much of this may be a play by the "Senior US Defense Officials" to make sure he gets the point and does resign, rather than commentary by the news media, and/or an attempt to distance themselves from a couple of unpopular programs by sticking it on the designated fall guy, but it still couldn't happen to a nicer guy. Wired is a lot more enthusiastic in its comments than Reuters, which was terser. WaPo toadies up to him by starting out "John M. Poindexter, the retired rear admiral involved in the Pentagon's ill-fated plan", while Fox News says "The admiral who developed two controversial Pentagon database programs quickly killed by Congress" and goes on to make it clear that it's that nasty Congress's fault for refusing to fund Poindexter's cool programs. The real question is whether the administration and officials that rehired Poindexter and hired Ashcroft and Homeland Security will continue the same kinds of attacks on US civil liberties now that he's gone, and unfortunately, the answer is presumably yes. From s.schear at comcast.net Fri Aug 1 16:28:47 2003 From: s.schear at comcast.net (Steve Schear) Date: Fri, 01 Aug 2003 16:28:47 -0700 Subject: CA Gov calls Shrub Shrub In-Reply-To: Message-ID: <5.2.1.1.0.20030801162451.037d1008@mail.comcast.net> At 18:40 2003-08-01 -0400, Sunder wrote: >http://theglobeandmail.com/servlet/story/RTGAM.20030731.ushrub0730/BNStory/National/ This week's Economist has an article which claims that Canada's cattle industry is losing $7.8 million (not sure if this is USD or CAD) per day due to the boycott. Japan has also restricted Canadian imports and has told the U.S. that if it starts re-importing Canadian beef it will restrict U.S imports as well because there is inadequate tracking of livestock once they enter the U.S. The article claims Canada is getting its just deserts for its earlier quick restrictions on Japanese and British BSE. steve "Il dulce far niente" The sweetness of doing nothing My unemployment motto From ravage at einstein.ssz.com Fri Aug 1 15:29:56 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Fri, 1 Aug 2003 17:29:56 -0500 (CDT) Subject: [9fans] Call for Papers - 6th Symposium on Operating Systems Design and Implementation (OSDI '04) (fwd) Message-ID: ---------- Forwarded message ---------- Date: 1 Aug 2003 09:28:07 -0800 From: Alex Walker To: 9fans at cse.psu.edu Subject: [9fans] Call for Papers - 6th Symposium on Operating Systems Design and Implementation (OSDI '04) The 6th Symposium on Operating Systems Design and Implementation (OSDI '04) will take place December 6-8, 2004 at the Renaissance Parc 55 Hotel in San Francisco, California, and we would like to encourage your participation. OSDI 2004 will bring together professionals from academic and industrial backgrounds in what has become a premier forum for discussing the design, implementation, and implications of systems software. Paper submissions are due on May 14, 2004. This is a hard deadline -- no extensions will be given. Submission guidelines are available on our Web site: http://www.usenix.org/events/osdi04/cfp Emphasizing both innovative research and quantified experience, OSDI takes a broad view of the systems area and solicits contributions from all fields of systems practice including, but not limited to: operating systems, networking, file and storage systems, distributed systems, mobile systems, secure systems, embedded systems, and the interaction of hardware and software development. We particularly encourage contributions containing highly original ideas or groundbreaking results that push the frontier of systems research. The symposium will consist of 2.5 days of single-track technical sessions with presentations of refereed papers and a keynote address. A session of Work-in-Progress presentations is planned, and informal Birds-of-a-Feather sessions may be organized by attendees. We look forward to receiving your submissions. Eric Brewer and Peter Chen OSDI '04 Program Co-Chairs OSDI is Sponsored by the USENIX Association and co-sponsored by ACM SIGOPS From ravage at einstein.ssz.com Fri Aug 1 15:32:59 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Fri, 1 Aug 2003 17:32:59 -0500 (CDT) Subject: Digicash Patents, patent-expiry landrushes In-Reply-To: <3F2AABB5.2A3CD26F@cdc.gov> Message-ID: > At 11:34 AM 7/31/03 -0700, Tim May wrote: > >Some people expected a "land rush" when the main RSA patents expired > >several years ago. Parties were even thrown. The land rush never > >happened. Wrong, as a result RSA (as well as AES) in Plan 9 so we're no longer stuck with DES as the only option. -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From ravage at einstein.ssz.com Fri Aug 1 15:33:34 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Fri, 1 Aug 2003 17:33:34 -0500 (CDT) Subject: Man sues over DNA swabs during investigation (fwd) Message-ID: http://www.usatoday.com/tech/news/techpolicy/2003-08-01-give-back-dna_x.htm -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From ravage at einstein.ssz.com Fri Aug 1 15:33:53 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Fri, 1 Aug 2003 17:33:53 -0500 (CDT) Subject: Judges OK evidence from hacker vigilante! (fwd) Message-ID: http://zdnet.com.com/2100-1105_2-5058835.html -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From ravage at einstein.ssz.com Fri Aug 1 15:34:15 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Fri, 1 Aug 2003 17:34:15 -0500 (CDT) Subject: Crackers Tuning Up for Massive Net Attack (fwd) Message-ID: http://www.eweek.com/article2/0,3959,1208666,00.asp -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From ravage at einstein.ssz.com Fri Aug 1 15:35:29 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Fri, 1 Aug 2003 17:35:29 -0500 (CDT) Subject: The Great Debate Over Software Patents (fwd) Message-ID: http://www.cio.com/archive/080103/debate_intro.html -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From sunder at sunder.net Fri Aug 1 15:40:32 2003 From: sunder at sunder.net (Sunder) Date: Fri, 1 Aug 2003 18:40:32 -0400 (edt) Subject: CA Gov calls Shrub Shrub Message-ID: http://theglobeandmail.com/servlet/story/RTGAM.20030731.ushrub0730/BNStory/National/ ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------ From eresrch at eskimo.com Fri Aug 1 19:28:36 2003 From: eresrch at eskimo.com (Mike Rosing) Date: Fri, 1 Aug 2003 19:28:36 -0700 (PDT) Subject: Digicash Patents, patent-expiry landrushes In-Reply-To: <3F2AABB5.2A3CD26F@cdc.gov> Message-ID: On Fri, 1 Aug 2003, Major Variola (ret) wrote: > I'll predict a similarly invisible "land rush" when ECC patents run out, > assuming > that its patented and also considered useful when the supposed patents > expire. the major one is hardware, and it expires in april 2005. A minor one is MQV, and it expires soon after. Otherwise, there's not that many patents on ECC. No need to, people keep finding faster ways of doing things and publishing it :-) Patience, persistence, truth, Dr. mike From eresrch at eskimo.com Fri Aug 1 19:35:43 2003 From: eresrch at eskimo.com (Mike Rosing) Date: Fri, 1 Aug 2003 19:35:43 -0700 (PDT) Subject: Poindexter to Resign In-Reply-To: <5.1.1.6.2.20030801113828.02dcd0a0@idiom.com> Message-ID: On Fri, 1 Aug 2003, Bill Stewart wrote: > Of course, much of this may be a play by the "Senior US Defense Officials" > to make sure he gets the point and does resign, > rather than commentary by the news media, > and/or an attempt to distance themselves from a couple of > unpopular programs by sticking it on the designated fall guy, > but it still couldn't happen to a nicer guy. I think there's a lot in the game to that. He *will* resign, he won't be fired :-) > The real question is whether the administration and officials > that rehired Poindexter and hired Ashcroft and Homeland Security > will continue the same kinds of attacks on US civil liberties > now that he's gone, and unfortunately, the answer is presumably yes. That has nothing to do with it. The pentagon had a choice, fire Poindexter or lose all of DARPA. DARPA has a lot of cool programs that are too important to lose, and Poindexter was giving them bad publicity. >From congres's perspective, choping off $2.5 billion to get rid of Poindexter was no big deal. For the pentagon it is a big deal. So they rid themselves of Poindexter and save everything else. Even Rumsfeld can understand that :-) Patience, persistence, truth, Dr. mike From ravage at einstein.ssz.com Fri Aug 1 17:51:51 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Fri, 1 Aug 2003 19:51:51 -0500 (CDT) Subject: Poindexter to Resign In-Reply-To: <5.1.1.6.2.20030801113828.02dcd0a0@idiom.com> Message-ID: On Fri, 1 Aug 2003, Bill Stewart wrote: > It's nice that some of the news media have changed from > their previous policy of toadying up to "Admiral Poindexter" > and are now starting out their article by referring to his > known dishonesty and unfitness for public service before getting > down to explaining what they're talking about. > It may not be Fair, but it's a bit more Balanced :-) Man, you fell for their spin doctor bullshit hook, line, and sinker. The news media is still playing to their masters, it's just that somebody had to lose their head and he was the one. It's not like he will lose a single opportunity, if anything it will open more up for him. -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From ravage at einstein.ssz.com Fri Aug 1 20:47:10 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Fri, 1 Aug 2003 22:47:10 -0500 (CDT) Subject: Antispam Bills: Worse Than Spam? In-Reply-To: Message-ID: On Fri, 1 Aug 2003, Earl Cooley wrote: > Jim Choate wrote: > > > > For this to be taken seriously one must be able to -define spam- as if it > > were a mathematical entity (eg a 'point'). It must be absolutely > > differentiable from -all- other speech. > > > > You can't do that, nobody can. > > Well, actually, SpamAssassin calculated that Carl's original post was spam. > Here's the breakdown: > > Content analysis details: (3.50 points, 3 required) > MORTGAGE_BEST (2.6 points) BODY: Information on mortgages > HTML_40_50 (0.7 points) BODY: Message is 40% to 50% HTML > HTML_FONT_COLOR_RED (0.1 points) BODY: HTML font color is red > HTML_WEB_BUGS (0.1 points) BODY: Image tag with an ID code to identify you > HTML_MESSAGE (0.1 points) BODY: HTML included in message > HTML_RELAYING_FRAME (0.5 points) BODY: Frame wanted to load outside URL > HTML_FONT_BIG (0.1 points) BODY: FONT Size +2 and up or 3 and up > HTML_FONT_COLOR_BLUE (0.1 points) BODY: HTML font color is blue > KNOWN_MAILING_LIST (-0.9 points) Email came from some known mailing list software > MIME_HTML_ONLY (0.1 points) Message only has text/html MIME parts > > That's really useful, right? heh. :) There is an old saying that one becomes what one hates. Personaly, I'm opposed to any legislative responce. Nada, none, nil. I don't agree that whatever the cost at the personal level it will be less than the increase in taxes to pay for the additional officers, legal support staff, etc. In particular I don't like the aspect of making it a crime. There is no way you're going to convince me that irrespective of the level, it's worth sending black clad stormtroopers into peoples lives. Especially when that includes the potentail for people dying. No, sorry. Ain't gonna happen. It violates both speech and press aspects of the first. And to be clear 'press' in the Constitution isn't the news agencies. Thomas Jefferson made that perfectly clear. It's the right of people to share their activities with others. People have a right to speak their mind, and they have a right to share it with others. To base that right on content is an abrogation of the fundamental ethos of this nation. There is of course the concepts of harassment and trespass. Of which we have sufficient laws on the book already. What we do need is a good case and a couple of supporting court rulings. In particular people have a right to ring your doorbell or drop a note on their porch, or ring their doorbell to talk to the residents. When they do it in a confrontational manner, by say ringing your doorbell over and over. This of course is one reason I am completely opposed to blacklists as well. Not only is there no technical or legal backing with respect to speech, but their probing of my system after I tell them to stay away is a form of trespass. Let's not even get into the aspect that this is one of the primary channels of Open Relay machines around. They do all the work and then sell the list, to who? Your ISP and spammers. If they didn't exist each spammer would have to scan the net for relays IP by IP. But no, for some reason people think it's a good idea. People have the right to the pursuit of happines, not the attainment or retention of it. It's simply not the governments job to protect what you have from simple market alteration. Stability in that respect is a bad thing. It denies others pursuit of happiness with the goal of the individual. There are some things that aren't a question of majority view. Sometimes that only means all the idiots are on one side. It has no moral or ethic weight. Get over it and move on to something more important. -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From ravage at einstein.ssz.com Fri Aug 1 20:51:50 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Fri, 1 Aug 2003 22:51:50 -0500 (CDT) Subject: Gonzo revelation. In-Reply-To: <5.2.0.9.0.20030802133401.01f300b0@mail.nex.com.au> Message-ID: On Sat, 2 Aug 2003, Professor Rat. wrote: > In truth, I could be a lot happier about the collapse of Bush and his > people and his whole house of cards and everything he stands for, if it > didn't also mean the certain collapse of the U.S. economy, and the vital > infrastructure, and, indeed, the whole "American way of life." You're an idiot. Never confuse the nation of America with its government. -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From ravage at einstein.ssz.com Fri Aug 1 21:20:24 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Fri, 1 Aug 2003 23:20:24 -0500 (CDT) Subject: [eff-austin] Antispam Bills: Worse Than Spam? In-Reply-To: Message-ID: > On Fri, 1 Aug 2003, Doug wrote: > > > I will continue to support legislation and other methods to transfer the cost of > > advertising back to the advertiser. If there are enforceable penalties for > > fraudulent message headers and routing, so be it. If the legislation forces > > dissidents and whistleblowers to use postal mail, so much the better. I do not > > agree that these so-called "freedoms" need to be at my expense. But you have zero problem moving into my tax budget and threating peoples lives over it (you think that's 'free'?)... Whaledreck. Fascism (economic or otherwise) we can do without. -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From emc at artifact.psychedelic.net Sat Aug 2 01:23:49 2003 From: emc at artifact.psychedelic.net (Eric Cordian) Date: Sat, 2 Aug 2003 01:23:49 -0700 (PDT) Subject: Hackers Bypass 4th Amendment Message-ID: <200308020823.h728NnwI006799@artifact.psychedelic.net> OK - Here's a really dumb decision which shows how willing the courts are to shred the Constitution. Just to make sure that Puritans don't have to worry that someone, somewhere, is looking at a picture of someone under 18, and touching themselves improperly. http://news.com.com/2100-1029_3-5058835.html Apparently, criminals can break into your home, and look for evidence of illegal activity and thoughtcrime, and if they find it or even plant it themselves, they can give it to the police, not be prosecuted for breaking in, and it can be used as evidence against you. No problem with obtaining those pesky search warrants from the handy rotary tear-off dispenser in the Judge's chambers any more. No indeed. ----- Judges OK evidence from hacker vigilante By Lisa M. Bowman Staff Writer, CNET News.com August 1, 2003, 10:22 AM PT [Comments in [] are mine. -emc] A federal appeals panel ruled this week that the government did not violate search and seizure laws when it used evidence that a hacker gathered to establish a child pornography case. The opinion reverses a lower court ruling in which a U.S. District Court judge in Virginia suppressed the evidence, saying the government had violated a defendant's rights. The decision stems from a case in which a hacker uploaded a file to a child porn newsgroup that made it possible to track who downloaded files from the service. The uploaded file contained the SubSeven virus, which the hacker used to remotely search people's computers for porn. [Notice how the claims by the "hacker" are reported as fact here. For all we know, the hacker could have broken into the computer, and planted the alleged child porn himself. Once the hacker had access, the PC was no longer under the exclusive control of the owner, and I don't see how he could be prosecuted for anything on it. It's not like these child porn crusaders don't lie. Mike Echols lied about child porn for years, and through the posting of his list of the personal information of those he falsely claimed were child pornographers on yet another Web hosting service, by the remnants of his sham organization, he continues to lie from beyond the grave. History has proven that Lying Feminist Cunts and Religious Nutballs will do anything to silence their critics, including planting porn on their computers. How dumb and naive can the courts be?] The hacker then played the role of a cybervigilante, sending anonymous tips to law enforcement officials that alerted them to child porn files the hacker had found on people's PCs. [Again, the files the hacker "claimed" to have found on peoples PCs, but which in reality, could have been planted because the hacker didn't like the subject's public comments about Vigilante Hackers, Bon-Bon Munching Holsteins, and other loathesome creatures.] The attorneys for one of the men nabbed in the hacker's sting sued, saying that the hacker was acting as an agent of the government and therefore needed a warrant before conducting a search of someone's computer. A federal court judge ruled that the government had indeed violated the man's Fourth Amendment rights protecting him from unreasonable search and seizure. [This certainly seems to be the correct interpretation of the law.] However, an appellate panel of the Fourth Circuit Court of Appeals reversed that decision because, among other things, most of the major exchanges between law enforcement and the hacker took place after he had searched the man's computer. As a result, the judges said, the government had not established a relationship with the hacker prior to his search that would have made him an agent of the government. "In order to run afoul of the Fourth Amendment, therefore, the government must do more than passively accept or acquiesce in a private party's search efforts," the judges wrote. "Rather there must be some degree of government participation in the private search." However, the appellate judges warned that law enforcement "operated close to the line" in the case. [This is clearly bullshit. We are now privatizing illegal searching, as long as the vigilante group doesn't run to the police until after they break into your home and discover/plant evidence? Someone needs to confiscate these judges' crack pipes.] -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division "Do What Thou Wilt Shall Be The Whole Of The Law" From bill.stewart at pobox.com Sat Aug 2 01:57:40 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Sat, 02 Aug 2003 01:57:40 -0700 Subject: CA Gov calls Shrub Shrub In-Reply-To: Message-ID: <5.1.1.6.2.20030802015649.02ea9b38@idiom.com> At 06:40 PM 08/01/2003 -0400, Sunder wrote: >http://theglobeandmail.com/servlet/story/RTGAM.20030731.ushrub0730/BNStory/National/ I'd interpreted "CA Gov" as "The Governor of California" rather than "The Government of Canada" (or a province thereof), and was hoping for some good flames about our recallable incompetent :-) From shaddack at ns.arachne.cz Fri Aug 1 20:33:27 2003 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Sat, 2 Aug 2003 05:33:27 +0200 (CEST) Subject: [eff-austin] Antispam Bills: Worse Than Spam? In-Reply-To: <037801c35825$a9a457e0$265b8b42@lake> Message-ID: On Fri, 1 Aug 2003, Doug wrote: > I will continue to support legislation and other methods to transfer the cost of > advertising back to the advertiser. If there are enforceable penalties for > fraudulent message headers and routing, so be it. If the legislation forces > dissidents and whistleblowers to use postal mail, so much the better. I do not > agree that these so-called "freedoms" need to be at my expense. It's fairly possible, if the adversary know what he's doing and takes the time and effort, to disguise the mail's origin pretty well. (Think eg. open HTTPS proxies or a hacked box.) Now, you irked someone. That someone forges a spam mail advertising your business. Prove your innocence! > Legitimate email - deliver as intended. non-legitimate email - block the > connection at the server. Do we need laws for that? Software is easier to upgrade/change than laws, less likely to misfire, and easier to deal with when it misfires. Laws won't help in recognizing legitimate and non-legitimate mail. Artificial intelligence will be more effective than the Congress. (On the other hand, *anything* is usually more effective than the Congress.) The law in question will be TOO easy to use as a weapon. From mv at cdc.gov Sat Aug 2 07:29:19 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Sat, 02 Aug 2003 07:29:19 -0700 Subject: Hackers Bypass 4th Amendment Message-ID: <3F2BCABF.41317E63@cdc.gov> At 01:23 AM 8/2/03 -0700, Eric Cordian wrote: >OK - Here's a really dumb decision which shows how willing the courts are >to shred the Constitution. Just to make sure that Puritans don't have to >worry that someone, somewhere, is looking at a picture of someone under >18, and touching themselves improperly. > >http://news.com.com/2100-1029_3-5058835.html > >Apparently, criminals can break into your home, and look for evidence of >illegal activity and thoughtcrime, and if they find it or even plant it >themselves, they can give it to the police, not be prosecuted for breaking >in, and it can be used as evidence against you. No problem with obtaining >those pesky search warrants from the handy rotary tear-off dispenser in >the Judge's chambers any more. No indeed. > >----- > >Judges OK evidence from hacker vigilante >By Lisa M. Bowman >Staff Writer, CNET News.com >August 1, 2003, 10:22 AM PT > > [Comments in [] are mine. -emc] > >A federal appeals panel ruled this week that the government did not >violate search and seizure laws when it used evidence that a hacker >gathered to establish a child pornography case. Interesting, because in Calif some hacker-discovered kiddy prawns were tossed out on 4th violations. Perhaps this will go to higher courts. Evidence Barred in Ex-O.C. Judge's Child-Porn Case Writings and photos were illegally obtained from Ronald Kline's computer, court rules. By Christine Hanley, Times Staff Writer A federal judge on Tuesday threw out most of the key evidence in a high-profile child pornography case against a former Orange County judge, ruling that sexually explicit diary entries and photos were discovered after illegal computer searches by a Canadian hacker who was working for police. The ruling could undermine much of the case against Ronald C. Kline, whose arrest drew national attention and ultimately resulted in the judge dropping his bid for reelection. http://www.latimes.com/news/local/la-me-kline18jun18120422,1,5845207.story --- "To the electron -- may it never be of any use to anybody." -- JJ. Thomson's favorite toast From ravage at einstein.ssz.com Sat Aug 2 07:47:36 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Sat, 2 Aug 2003 09:47:36 -0500 (CDT) Subject: Inferno: Big Nous Day (fwd) Message-ID: ---------- Forwarded message ---------- Date: Fri, 1 Aug 2003 11:39:42 -0500 (CDT) Subject: Inferno: Big Nous Day If I hadn't accidentally looked at a newspaper stand late last night, and noticed the headline that "Bush Takes Responsibility For Misleading Information" I would probably not have known where to look today to find anything out about it: http://www.wane.com/Global/story.asp?S=1382287 http://www.middle-east-online.com/english/?id=6620 Although it is a purely rhetorical admission, it is a significant one in that it takes the wind from the sails of any notion of an independent inquiry. And as well, if you look at the front page of CNN, it has already been removed from public consciousness to be replaced with the much more pressing and incendiary notions of: A new audiotape of Saddam's Greatest Hits: http://www.cnn.com/2003/WORLD/meast/08/01/sprj.irq.main/index.html The Vatican and W come out to bat: http://www.cnn.com/2003/WORLD/europe/08/01/vatican.gay.marriages/index.html and in a strange tautological twist, Condi takes personal responsibility for Bush and Bush says Condi is an "honest, fabulous person": http://www.cnn.com/2003/ALLPOLITICS/07/31/rice/index.html You see, because BushCo will have its cake and eat you too: "I think the American people should be prepared for surprises," said David Kay, a former U.N. weapons inspector who is leading the CIA's weapons investigation. "I think it's very likely that we will discover remarkable surprises in this enterprise." http://www.cnn.com/2003/ALLPOLITICS/07/31/wmd.search/index.html And if that's not enough for you: http://abcnews.go.com/wire/World/ap20030801_689.html http://mdn.mainichi.co.jp/news/20030801p2a00m0fp015000c.html Now I remember why I care more about the nous than the news. From s.schear at comcast.net Sat Aug 2 11:21:54 2003 From: s.schear at comcast.net (Steve Schear) Date: Sat, 02 Aug 2003 11:21:54 -0700 Subject: California considering curb on 50 caliber rifles Message-ID: <5.2.1.1.0.20030802111635.04928c78@mail.comcast.net> Sniper weapons should be restricted A .50-caliber BMG sniper rifle, in the wrong hands, would be terrorism unleashed. The gun is powerful enough to punch a hole in an oil tank or take down a civilian airplane. Its 5 1/2-inch long bullets can pierce an inch of armor 40 yards away and hit a target a mile away. A massive weapon, with some models weighing in at 28 pounds, it's ill-suited for hunters -- it would take out a deer and the tree behind it -- but ideal for assassins. Monday, July 28, 2003 (Mercury News) http://www.bayarea.com/mld/mercurynews/news/opinion/6400612.htm See my opinion piece reply at http://www.bayarea.com/mld/mercurynews/news/opinion/6442894.htm "To those who scare peace-loving people with phantoms of lost liberty, my message is this: Your tactics only aid terrorists." --John Ashcroft, U.S. Attorney General From jya at pipeline.com Sat Aug 2 15:05:29 2003 From: jya at pipeline.com (John Young) Date: Sat, 02 Aug 2003 15:05:29 -0700 Subject: 2nd Brit Agent Named Message-ID: This story is breaking in British news, though the name of the agent has not yet been published there -- probably tonight or tomorrow unless OSA kills it like David Kelly. ----- http://cryptome.org/sean-maguire.htm 2 August 2003. Thanks to Anonymous. Kevin Fulton is reported to have named Stakeknife as Freddie Scappaticci. From sfurlong at acmenet.net Sat Aug 2 13:03:18 2003 From: sfurlong at acmenet.net (Steve Furlong) Date: Sat, 2 Aug 2003 16:03:18 -0400 Subject: Hackers Bypass 4th Amendment In-Reply-To: <200308020823.h728NnwI006799@artifact.psychedelic.net> References: <200308020823.h728NnwI006799@artifact.psychedelic.net> Message-ID: <200308021603.18884.sfurlong@acmenet.net> On Saturday 02 August 2003 04:23, Eric Cordian wrote: > Apparently, criminals can break into your home, and look for evidence > of illegal activity and thoughtcrime, and if they find it or even > plant it themselves, they can give it to the police, not be > prosecuted for breaking in, and it can be used as evidence against > you. Sounds like an opportunity, not a problem. Anybody know John Asscruft's home IP address? -- Steve Furlong Computer Condottiere Have GNU, Will Travel "If someone is so fearful that, that they're going to start using their weapons to protect their rights, makes me very nervous that these people have these weapons at all!" -- Rep. Henry Waxman From ravage at einstein.ssz.com Sat Aug 2 14:12:53 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Sat, 2 Aug 2003 16:12:53 -0500 (CDT) Subject: Slashdot | Xerox Exploits Printer Flaws To Make Pseudo-Holograms (fwd) Message-ID: http://slashdot.org/articles/03/08/02/1324257.shtml?tid=126&tid=137&tid=152&tid=185&tid=194 -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From mindfuq at comcast.net Sat Aug 2 16:13:38 2003 From: mindfuq at comcast.net (mindfuq at comcast.net) Date: Sat, 2 Aug 2003 16:13:38 -0700 Subject: Antispam Bills: Worse Than Spam? In-Reply-To: References: Message-ID: <20030802231338.GB2201@tango.gombos.name> * Jim Choate [2003-08-01 21:54]: > > > Personaly, I'm opposed to any legislative responce. Nada, none, nil. > > I don't agree that whatever the cost at the personal level it will be less > than the increase in taxes to pay for the additional officers, legal > support staff, etc. In particular I don't like the aspect of making it a > crime. There is no way you're going to convince me that irrespective of > the level, it's worth sending black clad stormtroopers into peoples lives. > Especially when that includes the potentail for people dying. > > No, sorry. Ain't gonna happen. I somewhat agree here.. but probably on different grounds. Such an effort may be taxes well spent under the right circumstances, but if the same people who would enforce spam who are also enforcing the current telemarketing laws, it would be money wasted, because these people are unmotivated. > It violates both speech and press aspects of the first. And to be clear > 'press' in the Constitution isn't the news agencies. Thomas Jefferson made > that perfectly clear. It's the right of people to share their activities > with others. I can't quite agree here. I'm 100% for free speech, and if a spammer wants to print a newspaper, I have no objection. But if the spammer wants to deliver this newspaper by walking into my home and dump a stack of newspapers on my keyboard, we have problems. There's a classic test to determine whether supressing an act is a supression of free speech. The test is to remove the speech, and determine whether the aggrivated party still has a claim. So in the example above, would I still have a claim if someone broke into my home and set a stack of blank paper on my keyboard? I think so. And if the spam email had a space in place of each character, I believe I would still have a claim because of the bandwidth and space consumed, and my ability to sort through my inbox for legitimate mail would still be hindered. > People have a right to speak their mind, and they have a right to share it > with others. To base that right on content is an abrogation of the > fundamental ethos of this nation. Absolutely. > There is of course the concepts of harassment and trespass. Of which we > have sufficient laws on the book already. What we do need is a good case > and a couple of supporting court rulings. In particular people have a > right to ring your doorbell or drop a note on their porch, or ring their > doorbell to talk to the residents. When they do it in a confrontational > manner, by say ringing your doorbell over and over. We need more law. Example- I sue telemarketers on a regular basis using the tort law written in the Telephone Consumer Protection Act. This is practically a hobby for me now. I have won every case, and I've been well compensated for my troubles. This is a great law, because consumers who are motivated enough to play watchdog can be compensated for their troubles. The law is so beneficial, that I have not added myself to the FCC's DNC list. Also, I don't think it will be as difficult to define spam as people on this list have suggested. I have had no trouble showing the court that the calls I received are "telemarketing" calls. At the same time, I think I would have difficulty showing that a call from a friend, or family member, or enemy, was a telemarketing call, because the TCPA states that intent must show intent to sell a product or service, and to go with it there is a list of exclusions, like calls from entities where you have an established relationship with (ie. an account or previous transaction). Legally defining spam would be an excersize that woud pay off. Even if such a definition left a grey area, spammers would be forced to compose their messages to get into the grey area, and that would either deter them completely, or make it easier for the user to mechanize the sorting of the junk, because they would be more constrained on how to write their messages. I can't sue spammers though, because there is no tort law. I can really only sue for damages, which I would have to prove, and even then it would be a grey area. However, with the tort law written for telemarketing, I don't need to show that there were any damages.. I can automatically make a claim for $500 per violation. > This of course is one reason I am completely opposed to blacklists as > well. Not only is there no technical or legal backing with respect to > speech, but their probing of my system after I tell them to stay away is a > form of trespass. Let's not even get into the aspect that this is one of > the primary channels of Open Relay machines around. They do all the work > and then sell the list, to who? Your ISP and spammers. If they didn't > exist each spammer would have to scan the net for relays IP by IP. But no, > for some reason people think it's a good idea. I agree.. but again, for other reasons. My personal email to friends and family is blocked because these AOL idiots using a blacklist have decided to blacklist all dynamic IP addresses. I've never sent spam in my life, and my legitimate mail is getting blocked by these morons. My strongest motivation is to sue MAPS, AOL, Sourceforge, and all other not so bright ISPs who are blocking my speech, which is not and never was spam. I would join forces with spammers to sue these people, because they're more damaging than spammers. > People have the right to the pursuit of happines, not the attainment or > retention of it. It's simply not the governments job to protect what you > have from simple market alteration. Stability in that respect is a bad > thing. It denies others pursuit of happiness with the goal of the > individual. I don't follow you here. What are you saying? The role of the government is to protect peoples rights, in which the ultimate vision is happiness... but every law works in favor of some peoples happiness and not others, so it's always a trade off. But I see corporations and companies as machines, not people, so in the interest of the peoples persuit of happiness, the government needs to control these machines. My overall stance is the the government needs to put a tort law in place so I can eagerly persue the happiness of suing spammers (but only after suing the antispammers for blocking my legitimate mail). > There are some things that aren't a question of majority view. Sometimes > that only means all the idiots are on one side. It has no moral or ethic > weight. Sure it does. If a majority of the population decides that spam is immoral, then it only makes sense to align laws in persuit of the happiness of the majority. Isn't this the idea behind democracy? > Get over it and move on to something more important. No no no.. this is still a problem. We don't "move on" until the problem is resolved. The technicians have tried and failed to stop spam. Time for the lawyers to take a crack at it. I'm not a lawyer, but I'm definately motivated to sue some spammers. I'm only asking that the government arm me with the tools I need. From mindfuq at comcast.net Sat Aug 2 16:45:07 2003 From: mindfuq at comcast.net (mindfuq at comcast.net) Date: Sat, 2 Aug 2003 16:45:07 -0700 Subject: [eff-austin] Antispam Bills: Worse Than Spam? In-Reply-To: References: <037801c35825$a9a457e0$265b8b42@lake> Message-ID: <20030802234507.GC2201@tango.gombos.name> * Thomas Shaddack [2003-08-01 21:54]: > > > Legitimate email - deliver as intended. non-legitimate email - block the > > connection at the server. > > Do we need laws for that? We definately need a law making it illegal for an ISP to block non-spam email. I cannot email a friend who uses AOL, and wants to receive my email, because AOL blocks it. The only law out there to protect me from this is a denial of service law, but it will be difficult for me to argue that AOL is doing a DoS attack on me. I have no choice but to take actions under the DoS laws, but I would much rather have a law that makes blocking legitimate communication a crime. > Software is easier to upgrade/change than laws, less likely to > misfire, and easier to deal with when it misfires. What software are you talking about? If it's the end user software, I don't care, because if I cannot email a friend I can motivate them to fix the problem. But if you're talking about software that an ISP would run, you're missing something. AOL's software is falsely blocking my email, and even though they could fix the problem, they are not motivated because I'm a single user. I've complained several times. They just ignore the complaint. So software is a poor solution if the people implementing the software are not motivated to fix false positives. > Laws won't help in recognizing legitimate and non-legitimate mail. > Artificial intelligence will be more effective than the Congress. (On the > other hand, *anything* is usually more effective than the Congress.) Why would you say this? It's not difficult to define spam. You simply list the charactoristics of spam, and then list exclusions to ensure legitimate mail doesn't fit the definition. This has working beautifully for defining telemarketing phone calls. There is not a single math equation in the legal definition for "unsolicited telemarketing call". Even if there are imperfections in the definition, people can at least be aware of the definition and make sure that they aren't in the grey area. If an email is in a grey area, then the sender takes a risk by sending it. But to argue that law should not address a particular issue because of the difficulty of writing a definition is silly. You just write the definition such that the law doesn't target email that it doesn't intend to target, and let go the fact that it may not target everything we would like it to. And to say that software can define spam better than laws written in english is rediculous. AOL blocks my personal email to a friend, and I don't use a single spam phrase. So it goes the other way too.. the way software can define spam can get pretty stupid, I've seen it too many times. > The law in question will be TOO easy to use as a weapon. What do you mean by this? One could argue that I'm using the TCPA as a weapon against all these telemarketers I drag into court. So what? Most people see what I do as a service to the community. From mindfuq at comcast.net Sat Aug 2 17:13:02 2003 From: mindfuq at comcast.net (mindfuq at comcast.net) Date: Sat, 2 Aug 2003 17:13:02 -0700 Subject: Antispam Bills: Worse Than Spam? In-Reply-To: References: <20030802231338.GB2201@tango.gombos.name> Message-ID: <20030803001302.GD2201@tango.gombos.name> * Jim Choate [2003-08-02 17:00]: > On Sat, 2 Aug 2003 mindfuq at comcast.net wrote: > > > I somewhat agree here.. but probably on different grounds. Such an > > effort may be taxes well spent under the right circumstances, but if > > the same people who would enforce spam who are also enforcing the > > current telemarketing laws, it would be money wasted, because these > > people are unmotivated. > > You seem to miss the fundamental point of what 'law' is for in a > democracy. Please explain. > > I can't quite agree here. I'm 100% for free speech, and if a spammer > > wants to print a newspaper, I have no objection. But if the spammer > > wants to deliver this newspaper by walking into my home and dump a > > stack of newspapers on my keyboard, we have problems. > > What if all he's doing it dumping them on your front porch? That's no good either. If he's tresspassing in order to put obsticles in front of my front door to trip over, expect me to take actions. I don't care what's printed.. It could be blank paper for all I care, but I don't want it on my property. It's litter that I have to deal with. > Your comparison of your email inbox and your living room being equivalent > is flawed on several layers. The first is the concept of 'privacy', you > have it in your living room because you have a door and locks. You don't > have any of that in an electronic mailbox. An electronic mailbox is like > ones front porch, inherently a place with -public- access. My arguement was that you can't expect free speech to have absolute protection. There are many rights that are on the same level with free speech, and if someone is going to use the free speech protection in order to violate someone elses right, you're greatly misunderstanding the purpose of free speech. You need to study where free speech came from and why. People ideas should not be blocked. No one objects to the speech or expression that spammers create. They can write all the spam they want. It's the *delivery* of that speech that we are objecting to. If they deliver it in a nasty way, that violates other rights, then that should be actionable. The first amendment doesn't say anything about the way in which you can deliver your speech. Go stand on a street corner for all I care, but don't enter my home and put it in my face.. that kind of act should not be protected. Your disagreement with this puts you in the minority. > > We need more law. > > No, we don't. All law will do is make life more complicated and reduce the > concept of individual choice. What you propose is to let others decide and > it is clear that they will decide based on their desires and wants and not > yours. Spammers have the choice to make whatever speech they want, and I don't intend to take that choice away from them. But I will take whatever actions necessary to ensure that they deliver it in a way that is not intrusive. > > Example- I sue telemarketers on a regular basis > > using the tort law written in the Telephone Consumer Protection Act. > > This is practically a hobby for me now. I have won every case, and > > I've been well compensated for my troubles. > > You just shot yourself in the foot and in the process demonstrated your > lack of understanding of what a democracy is about. > > Democracy (and the USA) is dead. This arguement boils down to an ad hominem, and it's empty with no intellectual content. Please explain what you mean here. Give us an academic argument with merit. From mindfuq at comcast.net Sat Aug 2 17:31:24 2003 From: mindfuq at comcast.net (mindfuq at comcast.net) Date: Sat, 2 Aug 2003 17:31:24 -0700 Subject: Antispam Bills: Worse Than Spam? In-Reply-To: References: <20030802231338.GB2201@tango.gombos.name> Message-ID: <20030803003124.GE2201@tango.gombos.name> * Jim Choate [2003-08-02 17:00]: > > Your comparison of your email inbox and your living room being equivalent > is flawed on several layers. The first is the concept of 'privacy', you > have it in your living room because you have a door and locks. You don't > have any of that in an electronic mailbox. An electronic mailbox is like > ones front porch, inherently a place with -public- access. I should address this in more detail. The privacy I have in my livingroom is not because of doors and locks. These don't stop those who want to violate my privacy. The law does, however. It's more important and effective to have breaking an entering laws than to have these locks. A six foot pry bar will get past most locks, but to get past the law, they better have one hell of a lawyer (more difficult to acquire than a pry bar). This is the point Bruce Schneier made in a recent issue of Wired. People are so focused on perimeter protection that they're completely overlooking detection and *response*, and blocking legitimate access at the same time. Example- people who think technical solutions will keep out the telemarketers and they buy all these privacy features for their phone. This doesn't stop telemarketers- they still get through. But it does hinder family members, forcing them to go through hoops to get to your voice. But if you get wise and improve on your *reaction* to telemarketing calls, you don't need the privacy features. Remove them, and welcome all callers as I do. Default to trusting people, so you don't distrust someone you should. Then when one of the bastards takes advantage, respond and make them accountable. Sue them. This philosophy doesn't work for everything, but it is the absolute best tool for stopping telemarketing. I don't block anyone I want to talk to, yet I get compensated for the telemarketing calls. And I'm even able to do this w/out preventing the free speech right of the telemarketer, because they were able to make their pitch. If someone tried to take the tort law out of the TCPA, I would probably sue them for violating my freedom of enterprise :) From john at kozubik.com Sat Aug 2 17:45:36 2003 From: john at kozubik.com (John Kozubik) Date: Sat, 2 Aug 2003 17:45:36 -0700 (PDT) Subject: [eff-austin] Antispam Bills: Worse Than Spam? In-Reply-To: <20030802234507.GC2201@tango.gombos.name> Message-ID: <20030802171133.H60664-100000@kozubik.com> On Sat, 2 Aug 2003 mindfuq at comcast.net wrote: > > > Legitimate email - deliver as intended. non-legitimate email - block the > > > connection at the server. > > > > Do we need laws for that? > > We definately need a law making it illegal for an ISP to block > non-spam email. I cannot email a friend who uses AOL, and wants to > receive my email, because AOL blocks it. The only law out there to That is incorrect. AOL owns their network, and they can respond to your arbitrary communications on their network in any way they see fit. Maybe they will deliver your email to your AOL subscribing friend. Maybe they will block that email. Maybe they will translate the email into French and reverse the word-order and then send it to your friend. Maybe they will print it out and mail it back to you for no reason. All of these responses are perfectly legitimate, and represent a private entity using their property in whatever way they see fit, _provided that_ they abide by any contracts they have entered into with their subscriber (which, in this case, is not you). It amazes me how many people on this list only respect private property when it is convenient for them to do so. (For reference, see the "Tim May argues (correctly) that people can't protest in his house" and, more recently, the "Gilmore thinks airlines can't refuse him travel for any reason they see fit" threads) ----- John Kozubik - john at kozubik.com - http://www.kozubik.com From ravage at einstein.ssz.com Sat Aug 2 15:52:09 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Sat, 2 Aug 2003 17:52:09 -0500 (CDT) Subject: Antispam Bills: Worse Than Spam? In-Reply-To: <20030802231338.GB2201@tango.gombos.name> Message-ID: On Sat, 2 Aug 2003 mindfuq at comcast.net wrote: > I somewhat agree here.. but probably on different grounds. Such an > effort may be taxes well spent under the right circumstances, but if > the same people who would enforce spam who are also enforcing the > current telemarketing laws, it would be money wasted, because these > people are unmotivated. You seem to miss the fundamental point of what 'law' is for in a democracy. > I can't quite agree here. I'm 100% for free speech, and if a spammer > wants to print a newspaper, I have no objection. But if the spammer > wants to deliver this newspaper by walking into my home and dump a > stack of newspapers on my keyboard, we have problems. What if all he's doing it dumping them on your front porch? Your comparison of your email inbox and your living room being equivalent is flawed on several layers. The first is the concept of 'privacy', you have it in your living room because you have a door and locks. You don't have any of that in an electronic mailbox. An electronic mailbox is like ones front porch, inherently a place with -public- access. > We need more law. No, we don't. All law will do is make life more complicated and reduce the concept of individual choice. What you propose is to let others decide and it is clear that they will decide based on their desires and wants and not yours. There are no angels among men. > Example- I sue telemarketers on a regular basis > using the tort law written in the Telephone Consumer Protection Act. > This is practically a hobby for me now. I have won every case, and > I've been well compensated for my troubles. You just shot yourself in the foot and in the process demonstrated your lack of understanding of what a democracy is about. Democracy (and the USA) is dead. -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From ravage at einstein.ssz.com Sat Aug 2 16:53:55 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Sat, 2 Aug 2003 18:53:55 -0500 (CDT) Subject: Antispam Bills: Worse Than Spam? In-Reply-To: <20030803001302.GD2201@tango.gombos.name> Message-ID: On Sat, 2 Aug 2003 mindfuq at comcast.net wrote: > Please explain. Read Zamyatin's "We". > That's no good either. Actually it's a perfect comparison. Anyone can put stuff on your front porch. They can't take it away or read it, that is using personal property without permission. Hence, people have a -right- to send you mail. They don't have a right to read your mail without permission. > If he's tresspassing in order to put obsticles Sorry, your front porch isn't considerd 'trespassable' unless -you- take explicit and particular steps. > don't care what's printed.. It could be blank paper for all I care, > but I don't want it on my property. It's litter that I have to deal > with. Then you must put up a sign, does your mailbox have such a sign? In fact your position backs up mine that the current trespass and harassment laws are sufficient to handle this problem. In other words, you shot yourself in your own foot with regard to 'new' law. We don't need it. What we need is the courts to recognize that if we tell somebody to stay away and they don't then an actionable event has taken place. So, we actually agree but you don't see it, yet. -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From hseaver at cybershamanix.com Sat Aug 2 17:27:08 2003 From: hseaver at cybershamanix.com (Harmon Seaver) Date: Sat, 2 Aug 2003 19:27:08 -0500 Subject: California considering curb on 50 caliber rifles In-Reply-To: <5.2.1.1.0.20030802111635.04928c78@mail.comcast.net> References: <5.2.1.1.0.20030802111635.04928c78@mail.comcast.net> Message-ID: <20030803002708.GA32419@cybershamanix.com> On Sat, Aug 02, 2003 at 11:21:54AM -0700, Steve Schear wrote: > Sniper weapons should be restricted > A .50-caliber BMG sniper rifle, in the wrong hands, would be terrorism > unleashed. The gun is powerful enough to punch a hole in an oil tank or > take down a civilian airplane. Its 5 1/2-inch long bullets can pierce an What crap, eh? The bullet is more like 1.5" -- even a 20mm doesn't have a 5.5" bullet. -- Harmon Seaver CyberShamanix http://www.cybershamanix.com From mindfuq at comcast.net Sat Aug 2 20:35:07 2003 From: mindfuq at comcast.net (mindfuq at comcast.net) Date: Sat, 2 Aug 2003 20:35:07 -0700 Subject: I'm asking for more rights, not restrictions (was Re: Antispam Bills: Worse Than Spam?) In-Reply-To: References: <20030803001302.GD2201@tango.gombos.name> Message-ID: <20030803033507.GF2201@tango.gombos.name> Things got pretty twisted there in your response- let me unravel this: * Jim Choate [2003-08-02 18:04]: > On Sat, 2 Aug 2003 mindfuq at comcast.net wrote: > > > Please explain. > > Read Zamyatin's "We". This is a cop out. Speak for yourself. For all we know, you didn't read this book. Even if the book says it better than you could, explain why you think I miss the purpose of law in a democracy. If you don't, your argument falls with it's own dead weight- one beauty of free speech: ideas without merit fall, good ideas are carried as far as they're worth. > > That's no good either. > > Actually it's a perfect comparison. Anyone can put stuff on your front > porch. They can't take it away or read it, that is using personal property > without permission. Hence, people have a -right- to send you mail. They > don't have a right to read your mail without permission. No one has this right. There is no inherent right to put stuff on someones front porch. And yes, to remove any doubt, I can put up a sign making it clear that such an act is trespassing. I don't know if people have a right to send me mail; but my argument is that reguardless of whether they have this right, I should have a private right of action to claim $500 per spam mail. If they do have such a right, then if anything it makes it even more necessary to have tort laws against spam. > > If he's tresspassing in order to put obsticles > > Sorry, your front porch isn't considerd 'trespassable' unless -you- take > explicit and particular steps. Exactly, and because I can take steps to make it clear that such an act is trespassing, you do not have an inherent *right* to put stuff on my porch. > > don't care what's printed.. It could be blank paper for all I care, > > but I don't want it on my property. It's litter that I have to deal > > with. > > Then you must put up a sign, does your mailbox have such a sign? It doesn't, mainly because this isn't a problem. > In fact your position backs up mine that the current trespass and > harassment laws are sufficient to handle this problem. That's complete bullshit. Trespass and harassment laws are insufficient. The point I was making with trespassing is that because of trespassing law, you do not have a right to put things on my porch. Whether this law is effective is quite a different thing. If I go to the police station and say that someone is putting stuff on my front porch even though I have all the proper notices posted, I will get laughed out of the police station. It's illegal and enforceable, but that doesn't mean it will be enforced. A very similar thing happened to me when I first started taking actions against telemarketers. I went to my local white collar crimes unit to file a report against a telemarketer. I had proof as to who done it, what they did, and what laws were broken. This was criminal activity I was there to report, and they wouldn't even make a report. Because the laws are broken so regularly, the police dept. is only going to enforce the repeat offenders. IOW, when I get three calls from the same telemaketer, only then will they write a report. And even then, there's nothing to motivate them to act on the report. So the mere presence of a law doesn't mean you rest assured that it will do anything. Tort law, on the other hand, is effective. I'm suing telemarketers left and right, because I am empowered to take action. So no, my position does not back up yours. My position is that we need tort law, because trespassing law does not work. I know that if I post an appropriate use statement for my email box, and I get spammed anyway, I will get laughed out of the police station for trying to press trespassing charges. > In other words, you shot yourself in your own foot with regard to 'new' > law. We don't need it. What we need is the courts to recognize that if we > tell somebody to stay away and they don't then an actionable event has > taken place. We do need it, because I still get spam. The laws in place aren't working. I need tort law, and nothing I've said indicates otherwise. > So, we actually agree but you don't see it, yet. Not even close. Until you support tort law, we will not agree on this. Ultimately, you could say my objective is to ask for more RIGHTS, not RESTRICTIONS. But rights also come in the form of law. I'm not asking for more restrictions on email. I'm just asking for the *right* to sue someone who sends spam. Spam is damaging, and costly. Let them send it (that way they can't complain about loss of free speech), but I should have a right to seek compensation. $500 per email. That's all I want. From mindfuq at comcast.net Sat Aug 2 20:57:49 2003 From: mindfuq at comcast.net (mindfuq at comcast.net) Date: Sat, 2 Aug 2003 20:57:49 -0700 Subject: Where is the Remailer discussion? Message-ID: <20030803035749.GG2201@tango.gombos.name> Folks- I noticed very little discussion on remailers here. Can anyone tell me of a mailing list more suitable for remailer discussion? In the meantime, maybe someone can answer this: I'm reading the design docs for MixMinion. The authors are saying that reply blocks must be single use because traffic analysis can be done via flooding replay attacks, and that the replay block can be derived from this. I can see how this is the case with simple reply blocks, but what about the reply blocks that have branching and varying probabilities? Couldn't one create a reusable reply block complex enough to foil this type of analysis? From eresrch at eskimo.com Sat Aug 2 21:01:47 2003 From: eresrch at eskimo.com (Mike Rosing) Date: Sat, 2 Aug 2003 21:01:47 -0700 (PDT) Subject: Secure IDE? (fwd) Message-ID: Forwarded by request. ---------- Forwarded message ---------- sector address as the IV. IVs don't need to be random, secret, or unpredictable - they just need to be unrepeated. (I'm assuming sector-at-a- time encryption). If the IV is not a secret how are we going to prevent block replay attacks on cipher text? Regards Sarath. --- Peter Gutmann wrote: > "Trei, Peter" writes: > pgut001 at cs.auckland.ac.nz[SMTP:pgut001 at cs.auckland.ac.nz] > >>"Trei, Peter" writes: > >>>with a good distribution of IVs > >> > >>Where would you store them? The feature of this > is that it's fully > >>transparent, so you can't store IVs anywhere. > > > >I'm not really up on crypto file systems, but I > beleive at least some use the > >sector address as the IV. IVs don't need to be > random, secret, or > >unpredictable - they just need to be unrepeated. > (I'm assuming sector-at-a- > >time encryption). > > But the IV is repeated, every time you encrypt new > data for that sector. You > need to either store a random IV for each sector > (usually infeasible) or make > two passes over the data (details vary), using the > output from pass 1 to > affect pass 2 (slow). > > >>>* Some kind of PIN or password protection on the > dongle. > >> > >>How would you do this without a custom BIOS > (remember that their general > >>product is for dropping into any PC)? > > > >We're talking about two different products. The > ABIT is a MB, presumably with > >it's own custom BIOS, so that's not an issue there. > > Customised, not custom. Think of it as a > Chinese-menu type setup, it's a one- > size-fits-all BIOS with appropriate modules compiled > in for handling the CPU > and chipset features. Now motherboard vendors can > plug in their own feature > modules, but it's a somewhat nontrivial option > usually used only for highly > marketable features (overclocking options, ability > to re-flash from Windows, > etc etc). > > Peter. > > > __________________________________ > Do you Yahoo!? > Yahoo! SiteBuilder - Free, easy-to-use web site > design software > http://sitebuilder.yahoo.com __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com From roy at rant-central.com Sat Aug 2 18:14:57 2003 From: roy at rant-central.com (Roy M. Silvernail) Date: Sat, 2 Aug 2003 21:14:57 -0400 Subject: California considering curb on 50 caliber rifles In-Reply-To: <20030803002708.GA32419@cybershamanix.com> References: <5.2.1.1.0.20030802111635.04928c78@mail.comcast.net> <20030803002708.GA32419@cybershamanix.com> Message-ID: <200308022114.57119.roy@rant-central.com> On Saturday 02 August 2003 20:27, Harmon Seaver wrote: > On Sat, Aug 02, 2003 at 11:21:54AM -0700, Steve Schear wrote: > > Sniper weapons should be restricted > > A .50-caliber BMG sniper rifle, in the wrong hands, would be terrorism > > unleashed. The gun is powerful enough to punch a hole in an oil tank or > > take down a civilian airplane. Its 5 1/2-inch long bullets can pierce an > > What crap, eh? The bullet is more like 1.5" -- even a 20mm doesn't have > a 5.5" bullet. You forget that this is the popular press. Doubtless they're describing the full length of the round, including casing. From rah at shipwright.com Sat Aug 2 18:18:42 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Sat, 2 Aug 2003 21:18:42 -0400 Subject: [eff-austin] Antispam Bills: Worse Than Spam? In-Reply-To: <20030802234507.GC2201@tango.gombos.name> References: <037801c35825$a9a457e0$265b8b42@lake> <20030802234507.GC2201@tango.gombos.name> Message-ID: At 4:45 PM -0700 8/2/03, Mr. um, Fuq wrote the following: >We definately need a law BZZZT! -100 points. Game over. Thank you for playing... Cheers, RAH (Don't worry kid, that one used to hang me up all that time, too. I got over it, so will you, if you hang around long enough...) -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From ravage at einstein.ssz.com Sat Aug 2 19:21:46 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Sat, 2 Aug 2003 21:21:46 -0500 (CDT) Subject: California considering curb on 50 caliber rifles In-Reply-To: <20030803002708.GA32419@cybershamanix.com> Message-ID: On Sat, 2 Aug 2003, Harmon Seaver wrote: > On Sat, Aug 02, 2003 at 11:21:54AM -0700, Steve Schear wrote: > > Sniper weapons should be restricted > > A .50-caliber BMG sniper rifle, in the wrong hands, would be terrorism > > unleashed. The gun is powerful enough to punch a hole in an oil tank or > > take down a civilian airplane. Its 5 1/2-inch long bullets can pierce an > > What crap, eh? The bullet is more like 1.5" -- even a 20mm doesn't have a > 5.5" bullet. Dipshit, they're talking about the entire shell. While their mistake makes them seem ludicrous at best, your spin doctor bullshit doesn't help you either. -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From sexpot at zork.net Sat Aug 2 22:21:45 2003 From: sexpot at zork.net (Jay Sexpot Sulzberger) Date: Sat, 02 Aug 2003 22:21:45 -0700 Subject: Sunday 3 August 2003 Three Jewels Free Software Workshop: Install Fest and Five Lines in Three Files Message-ID: Sunday 3 August 2003 there will be an Install Fest and Talk at Three Jewels Refuge and Free Internet Cafe 211 East 5th Street east of Third Avenue Island of the Manahattoes Subway: Eighth Street stop on the N, R, sometimes W, lines; Astor Place on the 6 line; Third Avenue on the crosstown L line; Lower East Side-Second Avenue-Houston Street on the F, V lines Note that some of these lines may not be running right this weekend. The Fest will start at 3:00 pm and run until 9:00 pm. At 7:00 pm there will a short talk followed by discussion. The title of the talk is Five Lines in Three Files. This meeting is free and open to the public. There are certain rules which will be strictly observed: 1. No meat eating inside the Refuge. 2. No personal abuse. Every member of every free software org, tribe, drinking club, and family, is invited, without prejudice, without fear, and without favor. Newcomers are particularly invited. Come down and join us, even if you bring no hardware. Likely we will have enough electric power strips and cables, but bring extras if you wish. CDs, DVDs, tapes, wax cylinders, quipus, memorable stanzas, black cubes, etc. of your favorite operating systems and software are welcome. See below about management of stuff you bring with you. Please read the appended standard blurb about Install Fests before you come down, if you hope to get stuff installed. Jonas Arnaldo and Kevin Mark and Jay Sulzberger will be available to answer any questions we may. In the next month we will likely have special meetings dealing with: 1. Lisp and RoboCup, http://www.lispnyc.org 2. Introduction to network security, special emphasis on time series analysis and key management 3. How to buy parts and assemble a computer well suited to run a Free *n*x We thank the Three Jewels, LXNY, and GNUbies for their generous help in making this Fest possible, and we thank the Three Jewels for hosting this Workshop, and Sunday Workshops to come, Sundays of Free Software in New York City. Jay Sulzberger Corresponding Secretary LXNY LXNY is New York's Free Computing Organization. http://www.lxny.org
Here is general information about Install Fests: Hardware: Bring the boxes on which you wish to run a Free OS. Software: Bring whatever distribution CDs, boot and rescue disks, boot managers, tiny distributions, manuals, and anything else you want. Important: Everything done to/with any computer at any Install Fest, and in particular, at this Install Fest, is done at the specific request of the owner of the computer. As with all human endeavor, there is some risk of catastrophe. Back up all your data, before coming to the Fest! In addition, make a list of all hardware and media you bring to the Fest, and check that you have all your hardware and media when you leave the Fest. Useful reading: http://www.netcom.com/~casandra/mirror-of-luny-site/installfest/guidelines.html http://linuxmafia.com/bale/linuxprep.html http://www.luv.asn.au/if/preparation.php3 The LDP hardware HOW-TO: http://www.linuxdoc.org/HOWTO/Hardware-HOWTO/index.html Linux pre-install checklist: http://www.linuxdoc.org/HOWTO/mini/Pre-Installation-Checklist/index.html Linux post-install mini-checklist: http://algolog.tripod.com/postlnx.htm http://www.linuxdoc.org/HOWTO/mini/Post-Installation-Checklist/index.html http://www.lxny.org http://www.gnubies.org http://www.nylug.org http://www.sixgirls.org http://www.fsf.org http://www.debian.org http://www.multicians.org http://www.gnu.org/projects/dotgnu http://tinfoilhat.cultists.net http://www.nsa.gov/selinux http://www.linux.org http://www.debian.org/ports/hurd http://www.squeak.org http://www.freebsd.org http://www.netbsd.org http://www.openbsd.org http://www2.ics.hawaii.edu/~esb/prof/proj/hello http://www.daemonnews.org http://slashdot.org http://dmoz.org/Computers/Software/Operating_Systems http://www2.tunes.org/Review/OSes.html
----- End forwarded message ----- From hseaver at cybershamanix.com Sat Aug 2 21:22:46 2003 From: hseaver at cybershamanix.com (Harmon Seaver) Date: Sat, 2 Aug 2003 23:22:46 -0500 Subject: California considering curb on 50 caliber rifles In-Reply-To: References: <20030803002708.GA32419@cybershamanix.com> Message-ID: <20030803042246.GA32582@cybershamanix.com> On Sat, Aug 02, 2003 at 09:21:46PM -0500, Jim Choate wrote: > On Sat, 2 Aug 2003, Harmon Seaver wrote: > > > On Sat, Aug 02, 2003 at 11:21:54AM -0700, Steve Schear wrote: > > > Sniper weapons should be restricted > > > A .50-caliber BMG sniper rifle, in the wrong hands, would be terrorism > > > unleashed. The gun is powerful enough to punch a hole in an oil tank or > > > take down a civilian airplane. Its 5 1/2-inch long bullets can pierce an > > > > What crap, eh? The bullet is more like 1.5" -- even a 20mm doesn't have a > > 5.5" bullet. > > Dipshit, they're talking about the entire shell. > > While their mistake makes them seem ludicrous at best, your spin doctor > bullshit doesn't help you either. > Spin doctor yer ass. A bullet is a bullet is a bullet. Cartridge is quite something else -- made up of case, powder, primer, and *bullet*. So their ignorance is apparant, if they don't even know the basic facts, what could they possibly have to say that was relevant? -- Harmon Seaver CyberShamanix http://www.cybershamanix.com From ravage at einstein.ssz.com Sat Aug 2 21:35:59 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Sat, 2 Aug 2003 23:35:59 -0500 (CDT) Subject: I'm asking for more rights, not restrictions (was Re: Antispam Bills: Worse Than Spam?) In-Reply-To: <20030803033507.GF2201@tango.gombos.name> Message-ID: On Sat, 2 Aug 2003 mindfuq at comcast.net wrote: > Things got pretty twisted there in your response- let me unravel this: > > * Jim Choate [2003-08-02 18:04]: > > On Sat, 2 Aug 2003 mindfuq at comcast.net wrote: > > > > > Please explain. > > > > Read Zamyatin's "We". > > This is a cop out. No, you asked for an explanation. The book is an excellent one. Just another example of you wanting somebody else to do it for you. > Speak for yourself. I never speak for others, that's their job. > For all we know, you didn't read this book. Irrelevant. For all we know you can't read. You might be having somebody else read and write this text that supposedly comes from you. Not my problem or of any interest to me really. By the way your commentary is a ad hominim attack and tends to weaken your argument. > explain why you think I miss the purpose of law in a democracy. Your commentary. > If you don't, your argument falls with it's own dead weight If I don't what, explain my self? I did, I suggest that you read "We". My argument at no point requires 'We' and I've explained my views much better than you have. > - one beauty of free speech: ideas without merit fall, That's a laughable one. How come religions like Christianity still hang around then? Peoples belief that gay marriage is a sin and will cause the collapse of western civilization? Or that government is 'good'? > good ideas are carried as far as they're worth. Not hardly. If that were so then this discussion would have been resolved 200 years ago. It isn't, and it won't be 200 (or 2,000 for that matter) years from now. Your thesis is bogus. > > Actually it's a perfect comparison. Anyone can put stuff on your front > > porch. They can't take it away or read it, that is using personal property > > without permission. Hence, people have a -right- to send you mail. They > > don't have a right to read your mail without permission. > > No one has this right. There is no inherent right to put stuff on > someones front porch. Right to speak and press. People have a right to speak their mind and they have a right to use a press to spread it around. You better talk to a lawyer and do some deeper thinking. People have a right to contact you, you have the right to tell them to go away. You don't have the right to be hermit. Your views of 'individualism' are the exact sort that Hayek and others warn against. Individualism and Economic Order F.A. Hayek ISBN 0-226-32093-6 In particular the very first section, "Individualims: True or False". > And yes, to remove any doubt, I can put up a > sign making it clear that such an act is trespassing. That is correct, YOU are responsible for it. And even that is a perfect defence since there is still a public access to your property where it meets public property, an easment (ie the place where a sidewalk goes). In most cities it ranges from 3 to 4 ft. from the curb. That property is managed under imminent domain concepts even though you are responsible for its upkeep and such. > I don't know if people have a right to send me mail; but my argument > is that reguardless of whether they have this right, I should have a > private right of action to claim $500 per spam mail. I have no problem with a 'private right', sue in civil court till the cows come home. That's not what you're talking about or promoting. You're talking about of both sides of your face. -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From ravage at einstein.ssz.com Sat Aug 2 21:39:41 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Sat, 2 Aug 2003 23:39:41 -0500 (CDT) Subject: California considering curb on 50 caliber rifles In-Reply-To: <20030803042246.GA32582@cybershamanix.com> Message-ID: On Sat, 2 Aug 2003, Harmon Seaver wrote: > Spin doctor yer ass. A bullet is a bullet is a bullet. Cartridge is quite > something else You mean 'casing', a cartridge is a bullet, case, powder, and primer. The whole shebang. Which is what they're talking about with 'bullet'. To most people, they draw zero distinction between the two. And since you can't even seem to get it right... The fact is that you're using that confusion to ridicule for no reason other than your own ego. -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From ravage at einstein.ssz.com Sat Aug 2 21:42:29 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Sat, 2 Aug 2003 23:42:29 -0500 (CDT) Subject: I'm asking for more rights, not restrictions (was Re: Antispam Bills: Worse Than Spam?) In-Reply-To: <200308030037.19372.roy@rant-central.com> Message-ID: On Sun, 3 Aug 2003, Roy M. Silvernail wrote: > Your actions against telemarketers are successful because both you and the > telemarketer are within the same jurisdiction and tort law exists to support > your action. You're both wrong, his actions are not successfull. In fact they harm the society as a whole and help the company. The money he 'wins' doesn't come from the company, any more than the money that pays the companies lawyers comes from the company. It comes from the customers via higher prices. So what you're actually doing is allowing the company to take more money from the community then would have happened without such laws. What you're doing is stealing from the poor and giving to the rich. Some 'good'. -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From mindfuq at comcast.net Sat Aug 2 23:57:50 2003 From: mindfuq at comcast.net (mindfuq at comcast.net) Date: Sat, 2 Aug 2003 23:57:50 -0700 Subject: I'm asking for more rights, not restrictions (was Re: Antispam Bills: Worse Than Spam?) In-Reply-To: References: <20030803033507.GF2201@tango.gombos.name> Message-ID: <20030803065750.GH2201@tango.gombos.name> * Jim Choate [2003-08-02 23:06]: > > > This is a cop out. > > No, you asked for an explanation. The book is an excellent one. Just > another example of you wanting somebody else to do it for you. Right, the book may be an explanation of law and democracy- no one is arguing that, but you're statement is a cop out, because you're not willing to back your statements with a supporting arguement. "Go read a book" fails as a supporting argument because it lacks the connection you're trying to draw with your statement. > > Speak for yourself. > > I never speak for others, that's their job. Then don't try to use someone elses book as your words. > > For all we know, you didn't read this book. > > Irrelevant. This is relevent, because by not drawing connections necessary to support your argument, you're not offering any reason for your readers to believe that reading this book will add any support to your statements. > For all we know you can't read. You might be having somebody else read and > write this text that supposedly comes from you. Not my problem or of any > interest to me really. Now this is irrelevant, because even if I couldn't read, my arguments would still stand. I could be blind, doesn't matter. > By the way your commentary is a ad hominim attack and tends to weaken your > argument. To point out an ad hominem attack is not an argument to begin with, so there's no argument to weaken here. It merely points out a fallacious argument, if anything to help you, because your reader already disposed of your ad hominem, and it already reflected poorly on you. Consider it "help", FYI, for future reference. There's no reason to hold back a netettiquite lesson when one is due. Everyone could smell the bullshit. All I did was identify what kind of bullshit it was and slapped a label on it for confirmation. You shouldn't consider ad hominems as a form of counter attack, or an arguement that is weak or strong, but rather just feedback that your argument in question failed to be effective. Making an ad hominem argument is just like making no argument at all. Some people in forums have developed a way to embed ad hominems in good intellectual content, but your ad hominems are coming out in a pure form. You should try to at least inject some intellect into your ad hominems so we can all get something from them. If you don't at least do this much, you'll end up getting filtered out in peoples procmail scripts. > > explain why you think I miss the purpose of law in a democracy. > > Your commentary. So you have nothing to add to this? An argument that goes unaddressed is also an argument lost, so if you leave this alone, it will fail to be effective, just as your ad hominem failed to be effective. > > If you don't, your argument falls with it's own dead weight > > If I don't what, explain my self? I did, I suggest that you read "We". My > argument at no point requires 'We' and I've explained my views much better > than you have. Again, you haven't made any sort of philosophical connection between your unsupported comment and this book. Basically, you copped out of the argument. > > - one beauty of free speech: ideas without merit fall, > > That's a laughable one. How come religions like Christianity still hang > around then? Peoples belief that gay marriage is a sin and will cause the > collapse of western civilization? Or that government is 'good'? No one said YOU had to agree with an idea for it to have merit. > > good ideas are carried as far as they're worth. > > Not hardly. If that were so then this discussion would have been resolved > 200 years ago. It isn't, and it won't be 200 (or 2,000 for that matter) > years from now. Your thesis is bogus. The problem is that you're analyzing this from a bipolar perspective. It's actually a fallacy to argue that there are only two sides to something, and one must be the correct one. This is what you're implying by expecting a quick resolution. Multiple competing ideas often have merit. Just because one perspective is a good one, does not mean the competing ideas are worthless. Because the idea of absolute unequaled free speech is a good one, and ideas that limit free speech also have merit and support from the greatest thinkers of our time, you can't expect a quick resolution, despite the fact that you can only see one side to this as being one with any strength. > > > Actually it's a perfect comparison. Anyone can put stuff on your front > > > porch. They can't take it away or read it, that is using personal property > > > without permission. Hence, people have a -right- to send you mail. They > > > don't have a right to read your mail without permission. > > > > No one has this right. There is no inherent right to put stuff on > > someones front porch. > > Right to speak and press. People have a right to speak their mind and they > have a right to use a press to spread it around. Yes, as long as it doesn't interfere with other rights. As soon as it does, you can't expect all rights can win protection. > You better talk to a lawyer and do some deeper thinking. People have a > right to contact you, you have the right to tell them to go away. You > don't have the right to be hermit. They don't have a right to contact me in certain ways. ie. they don't have a right to break my door down to make contact with me. They may have a right to contact me if they use a form of contact that doesn't infringe on my rights. And, correct, I don't have an inherent right to be a hermit. Your point? > Your views of 'individualism' are the exact sort that Hayek and others > warn against. Why would they warn against this? > > And yes, to remove any doubt, I can put up a > > sign making it clear that such an act is trespassing. > > That is correct, YOU are responsible for it. And even that is a perfect > defence since there is still a public access to your property where it > meets public property, an easment (ie the place where a sidewalk goes). In > most cities it ranges from 3 to 4 ft. from the curb. That property is managed > under imminent domain concepts even though you are responsible for its > upkeep and such. What's your point here? > > I don't know if people have a right to send me mail; but my argument > > is that reguardless of whether they have this right, I should have a > > private right of action to claim $500 per spam mail. > > I have no problem with a 'private right', sue in civil court till the cows > come home. That's not what you're talking about or promoting. This is *exactly* what I'm advocating. I want to have a private right action against spammers, and I want that to be a protected right via tort law. > You're talking about of both sides of your face. Lost ya there. From bill.stewart at pobox.com Sun Aug 3 00:02:52 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Sun, 03 Aug 2003 00:02:52 -0700 Subject: Secure IDE? (fwd) In-Reply-To: Message-ID: <5.1.1.6.2.20030802235300.02dcae28@idiom.com> Sarath or maybe Mike Rosing wrote: >If the IV is not a secret how are we going to prevent >block replay attacks on cipher text? If you look at the usage models and threat models, it's simply not a problem. This is a disk drive. Anybody who has access to disk drive transactions sufficient to try replay attacks already has deep-level access to your hardware, so you're toast anyway because they can see the unencrypted data before it's written. What this kind of system is normally good for is making sure that anybody who steals your hardware when it's not running can't read your disk's data. (Steals includes thieves with and without warrants or subpoenas...) There's not really a risk of replay attacks there. However, there's an emerging application for which disk drives are more vulnerable, which is remote storage. Some of the new disk interface standards, like Fibre Channel, and probably some of the flavors of iSCSI, can operate over distances of 20km and longer over fiber, leading to businesses like colocation centers in New Jersey providing big disk drive farms for New York City financial businesses which have their mainframes in Manhattan. For applications like that, it is important to do good IVs, because control of the disk drive doesn't imply control of the machine. From ptrei at rsasecurity.com Sat Aug 2 21:11:38 2003 From: ptrei at rsasecurity.com (Trei, Peter) Date: Sun, 3 Aug 2003 00:11:38 -0400 Subject: Secure IDE? (fwd) Message-ID: > Mike Rosing[SMTP:eresrch at eskimo.com] > > > Forwarded by request. > > ---------- Forwarded message ---------- > > sector address as the IV. IVs don't need to be > random, secret, or > unpredictable - they just need to be unrepeated. > (I'm > assuming > sector-at-a- > time encryption). > > > > If the IV is not a secret how are we going to prevent > block replay attacks on cipher text? > > > Regards Sarath. > This isn't a communications protocol. We're talking about disk storage. The only circumstances where an attacker could use this as an attack vector would be if the attacker could take multiple snapshots of the disk, possibly replacing blocks at later times. Peter From bill.stewart at pobox.com Sun Aug 3 00:23:30 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Sun, 03 Aug 2003 00:23:30 -0700 Subject: Antispam Bills: Worse Than Spam? In-Reply-To: References: <20030802231338.GB2201@tango.gombos.name> Message-ID: <5.1.1.6.2.20030803000825.02eb1418@idiom.com> At 05:52 PM 08/02/2003 -0500, Jim Choate wrote: >You seem to miss the fundamental point of what >'law' is for in a democracy. No, Jim, he understands exactly what law is for in a democracy, which is enforcing anything 51% of the people want until something else gets its 15 minutes of public attention, and that includes "doing something" about spam, or about people with the wrong skin color or nationality wanting to live in your neighborhood, or making sure that people with the wrong combinations of number or gender can't be married, or providing landing zones for visitors from other planets. What law is for in a free society is an entirely different question - I think you're saying that laws that define spam as a tort are wrong as well as not useful, and I think agree with you. But democracy is only compatible with a free society when everybody remembers to bash politicians who interfere with freedom. Laws _could_ help by defining use of nuclear weapons on spammers to be justifiable homicide (or litterin' an' creatin' a disturbance.) From mindfuq at comcast.net Sun Aug 3 00:34:17 2003 From: mindfuq at comcast.net (mindfuq at comcast.net) Date: Sun, 3 Aug 2003 00:34:17 -0700 Subject: I'm asking for more rights, not restrictions (was Re: Antispam Bills: Worse Than Spam?) In-Reply-To: <200308030037.19372.roy@rant-central.com> References: <20030803001302.GD2201@tango.gombos.name> <20030803033507.GF2201@tango.gombos.name> <200308030037.19372.roy@rant-central.com> Message-ID: <20030803073417.GI2201@tango.gombos.name> * Roy M. Silvernail [2003-08-02 23:06]: > On Saturday 02 August 2003 23:35, mindfuq at comcast.net wrote: > > > Ultimately, you could say my objective is to ask for more RIGHTS, not > > RESTRICTIONS. But rights also come in the form of law. I'm not > > asking for more restrictions on email. > > If we accept that the set of "natural rights" is fixed, then by asking for > more rights (for yourself), you are in fact arguing for more restrictions (on > others). I would almost agree with that, but in this particular case I don't see how tort law restricts them from sending spam. With a tort law that gives me a right to claim $500 per spam, they can still send spam, in fact, I might even welcome the spam. But then it's only fair to compensate me for my damages and troubles. Heck, I might even buy the product they're selling at the same time. > I have long argued that spam is tresspass and theft of service, but > I have stopped arguing for legislation because I recognize that it > is futile. You've given up? > Your actions against telemarketers are successful because both you and the > telemarketer are within the same jurisdiction and tort law exists to support > your action. But try to apply the same tort concept against some Chinese > spam generator (or Korean, or Romainian, ad infinitum) and you will quickly > see that the global nature of the internet renders regional tort law > moot. I'm not sure I agree with that. Being outside of the U.S. would make it more difficult for me to assert a claim, but not impossible. I'm no expert on this, but I believe there are lawsuits against overseas companies, and I heard that countries basically trade judgements.. ie. if we have $1 million in judgements against Canadian companies, and vice versa, they enforce our judgements and in exchange we enforce theirs. > I keep a loose track of the spam I receive (typically >50/day) and a > good 85% originates offshore, even though the benefiting party may > be domestic. Enacting tort law will simply drive the remaining 15% > offshore, and the benefiting parties will just argue that they have > been Joe-jobbed. I don't know about your numbers, but lets assume they're accurate. I would be happy with going after the locals, because I want to be compensated whether it's someone in my country or otherwise. So it would be a good start to get compensation for internal spam- no reason to ignore that. In fact, considering all the spam I get, and figuring that I can only handle a few lawsuits a week while maintaining my real job, 15% of of your 50/day leaves 7.5 emails per day that are actionable. Not bad. That's more than enough. If I get $500 per lawsuit, I would actually feel that the whole spam problem is resolved, because it would be enough compensation to collectively not care about the foreign spam. If the 15% are eventually driven offshore, that's still an improvement. But in reality, a large chunk of that 15% will just stop what they're doing. Also, if their email originates offshore, but they still live locally, I can still sue them, because their personal jurisdiction is within my long-arms reach. Relocating servers does not get them off the hook. If I'm in New York, then they are doing business in New York under New York's jurisdiction, and that is where the forum would be. Enforcement of the judgement would be in the jurisdiction of their person, or their assets. So if that's Florida, that is where the money will come from. The legal system doesn't care if their servers are in Vanuatu. Sure it would be more difficult to trace them, but let's not deny the private right of action for those with the resources and motivation to make their claim. > The problem is that the present email structure was designed for a > more naive time when all parties were trusting and trusted. The > solution *is* a technical one. We must build fences against the > tresspassers, but inevitably some will sneak through. If you want > to receive email, you will have to deal with email. That's freedom, > isn't it? No, it doesn't have to be this way. A system of trust is a good one, as long as there is accountability. I love not having any privacy / blocking features on my phone. Anyone can call me, and family members aren't blocked or screened. They get my voice immediately. Even telemarketers are free to call me; but if they dare break the TCPA, they will have to compensate me. This is a great arrangement because I don't need to barricade everything and fear blocking people I want to talk to. I don't have to pay my phone company for privacy features, adding to their profits while they sell my number to the telemarketers simultaneously. And when a bad guy gets through, I get compensated well enough not to care. In fact, I even welcome telemarketing calls.. muahaha! And I must say, the corporations are failing with their technical solutions. This is not working. Spam still gets through, and I don't get compensated when this happens. My legitimate mail gets blocked because the filters don't work, and even worse, I don't get compensated when that happens. Private corporations are abusively exercising their power to regulate who can email who, and the collateral damage is ignored. These private corporations need to be removed from power. They should not have this power. If an entity must have this power, it should be the government, but certainly not a careless profit driven heavyweight. Spamassassin works pretty well, but this is a user level tool, not being used by ISPs. I would use spamassassin in combination with tort law. This would be the best protection. As it stands, the technicians are blocking my legit mail, and I want to sue these people more than anything. They are causing more damage and frustration than the spammers. I won't rest until MAPS and AOL are removed from power. From bill.stewart at pobox.com Sun Aug 3 00:34:20 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Sun, 03 Aug 2003 00:34:20 -0700 Subject: Digicash Patents In-Reply-To: <08CBC76751B32946BC0E3E1DEF5415E50672A2@server04.firm.wlj.c om> Message-ID: <5.1.1.6.2.20030803002806.02ea04f8@idiom.com> At 10:19 PM 07/31/2003 -0500, Mac Norton wrote: >I'm not sure that Paypal has met the needs of any enduser yet, >so I'd question whether it "succeeded." Huh? Paypal was wildly successful at meeting the perceived needs of end users. Whether it met the needs of stockholders before EBay bought it is a separate question. It wasn't pretending to be a perfect cypherpunks solution. Paypal gave people who wanted to occasionally sell things on the net a way to receive payments online, quasi-immediately, without going to the major hassle of becoming a registered credit-card-accepting business, and let people who wanted to buy things online send money immediately without sending their credit cards directly to random individuals, and let both sides avoid the delay and bounceability of checks-by-snail, and reduced the likelihood of fraud in the payment process. From roy at rant-central.com Sat Aug 2 21:37:19 2003 From: roy at rant-central.com (Roy M. Silvernail) Date: Sun, 3 Aug 2003 00:37:19 -0400 Subject: I'm asking for more rights, not restrictions (was Re: Antispam Bills: Worse Than Spam?) In-Reply-To: <20030803033507.GF2201@tango.gombos.name> References: <20030803001302.GD2201@tango.gombos.name> <20030803033507.GF2201@tango.gombos.name> Message-ID: <200308030037.19372.roy@rant-central.com> On Saturday 02 August 2003 23:35, mindfuq at comcast.net wrote: > Ultimately, you could say my objective is to ask for more RIGHTS, not > RESTRICTIONS. But rights also come in the form of law. I'm not > asking for more restrictions on email. If we accept that the set of "natural rights" is fixed, then by asking for more rights (for yourself), you are in fact arguing for more restrictions (on others). I have long argued that spam is tresspass and theft of service, but I have stopped arguing for legislation because I recognize that it is futile. Your actions against telemarketers are successful because both you and the telemarketer are within the same jurisdiction and tort law exists to support your action. But try to apply the same tort concept against some Chinese spam generator (or Korean, or Romainian, ad infinitum) and you will quickly see that the global nature of the internet renders regional tort law moot. I keep a loose track of the spam I receive (typically >50/day) and a good 85% originates offshore, even though the benefiting party may be domestic. Enacting tort law will simply drive the remaining 15% offshore, and the benefiting parties will just argue that they have been Joe-jobbed. The problem is that the present email structure was designed for a more naive time when all parties were trusting and trusted. The solution *is* a technical one. We must build fences against the tresspassers, but inevitably some will sneak through. If you want to receive email, you will have to deal with email. That's freedom, isn't it? From bogus@does.not.exist.com Sat Aug 2 22:00:42 2003 From: bogus@does.not.exist.com () Date: Sun, 03 Aug 2003 01:00:42 -0400 Subject: Paper submission deadline for ASIAN03 extended to Aug 11, 2003 Message-ID: Final Call for Papers ASIAN'03 Eighth Asian Computing Science Conference http://www.cse.psu.edu/asian03 Tata Institute of Fundamental Research, Mumbai, India December 10-13, 2003 Collocated with ICLP'03 and FSTTCS'03 http://www.cse.psu.edu/asian03/ ****** SUBMISSION DEADLINE EXTENDED TO AUGUST 11, 2003****** The phenomenal success of the Internet at the application level may perhaps primarily be attributed to a few simple but powerful ideas: a client-server computing model, stateless (or partially stateful) protocols (such as SMTP, HTTP, Instant Messaging and Presence Protocols), the separation of transport from content, etc. Fundamental limitations of these ideas are already being addressed by the development of middleware platforms for distributed applications (e.g., J2EE, Groove, Jini, .Net). In the future, experience with large-scale distributed applications may result in well-understood computational models that are enshrined in programming languages with support for uniform naming, reflexive operation, fault tolerance, distribution, locality, partially disconnected operation, persistence, mobility, autonomic operation, spatial aggregation, continuous streaming, etc. SCOPE The theme of this conference is PROGRAMMING LANGUAGES and DISTRIBUTED COMPUTATION. Papers are invited on all aspects of theory, practice and applications related to this theme. Papers targeting lessons learnt from the development of large-scale application frameworks (e.g., Internet applications, distributed sensor networks) that may serve as the basis for the development of programming languages are particularly welcome. - Programming languages for distributed computation - Distributed capability-based computing - Grid computing - Peer-to-peer computing - Static analysis and type systems - Provably secure distributed computing - Proof-carrying code - Persistence in distributed computation - Language implications for Trust management / Reputation management / Public-key infrastructure - Language aspects of Internet middleware - Web services - Programming models for: Distributed sensor networks / Epidemic algorithms / Real-time streaming and querying - Model-based methods for distributed systems - Modeling of distributed systems - Large-scale distributed applications: Distributed MUDs / Distributed gaming environments / Electronic communities / Distributed collaboration environments INVITED SPEAKERS Greg Morrisett (Cornell U.) Mark S. Miller (Combex, Inc./Johns Hopkins U.) SUBMISSIONS Submissions are to be sent to Vijay Saraswat by 11:59PM, August 11, 2003, EST. Authors must submit their papers electronically, as a Postscript or PDF file. Please send your submission via email to asian03-submissions at cse.psu.edu PROCEEDINGS The proceedings will be published by Springer-Verlag in the LNCS series. Please prepare your manuscript using the series' style, following the instructions at http://www.springer.de/comp/lncs/authors.html. The proceedings papers will be limited to 15 pages. IMPORTANT DATES Paper submission deadline: August 11, 2003 (EST) Acceptance notification: September 7, 2003 Final paper due: September 21, 2003 ORGANIZATION General Co-chairs: R.K. Shyamasundar (TIFR, India) Kazunori Ueda (Waseda U., Japan) Program Committee: Gul Agha (UIUC, USA) Guruduth Banavar (IBM Research, USA) Gilad Bracha (Sun Microsystems, USA) Luca Cardelli (Microsoft Research, UK) Georges Gonthier (INRIA, France) Seif Haridi (SICS, Sweden / NUS, Singapore) Nevin Heintze (Agere Research, USA) Radha Jagadeesan (DePaul U., USA) Naoki Kobayashi (Tokyo Inst. Tech., Japan) Doug Lea (SUNY Oswego, USA) Sanjiva Prasad (IIT Delhi, India) Padma Raghavan (Penn State U., USA) VIJAY SARASWAT, Chair (Penn State U., USA) R. K. Shyamasundar (TIFR, India) Anand Sivasubramaniam (Penn State U., USA) Kazunori Ueda (Waseda U., Japan) Sanjiva Weerawarana (IBM Research, USA / U. Moratuwa, Sri Lanka) Feng Zhao (PARC, USA) Workshop Chair: Kanchana Kanchanasut (AIT, Thailand) Steering Committee: Shigeki Goto (Waseda U., Japan) Stephane Grumbach (INRIA, France) Joxan Jaffar (NUS, Singapore) Gilles Kahn (INRIA, France) Kanchana Kanchanasut (AIT, Thailand) R.K. Shyamasundar (TIFR, India) Kazunori Ueda (Waseda U., Japan) BACKGROUND The series of annual Asian Computing Science Conferences (ASIAN) was initiated in 1995 by AIT, INRIA and UNU/IIST to provide a forum for researchers in computer science from the Asian region and to promote interaction with researchers from other regions. The first seven conferences were held, respectively, in Bangkok, Singapore, Kathmandu, Manila, Phuket, Penang, and Hanoi. In addition to support from the host countries, they have also been sponsored by INRIA, France, UNU/IIST, Macau and NUS, Singapore. The proceedings have been published as Lecture Notes in Computer Science by Springer-Verlag. ----- End forwarded message ----- From mindfuq at comcast.net Sun Aug 3 01:02:02 2003 From: mindfuq at comcast.net (mindfuq at comcast.net) Date: Sun, 3 Aug 2003 01:02:02 -0700 Subject: I'm asking for more rights, not restrictions (was Re: Antispam Bills: Worse Than Spam?) In-Reply-To: References: <200308030037.19372.roy@rant-central.com> Message-ID: <20030803080202.GJ2201@tango.gombos.name> * Jim Choate [2003-08-02 23:06]: > On Sun, 3 Aug 2003, Roy M. Silvernail wrote: > > > Your actions against telemarketers are successful because both you and the > > telemarketer are within the same jurisdiction and tort law exists to support > > your action. > > You're both wrong, his actions are not successfull. I guess you'd have to define what you mean by 'success' in this case. Clearly in terms of my own well-being, this activity is successful because I get an opportunity to vent my frustrations, which is a very good theraputic feeling, and I also get well compensated for my trouble. I feel pretty good about it. I don't get raging pissed at telemarkters anymore. > In fact they harm the society as a whole and help the company. You'll have to support that claim somehow. > The money he 'wins' doesn't come from the company, any more than the money > that pays the companies lawyers comes from the company. It comes from the > customers via higher prices. If it were my choice, such a company wouldn't have any customers. But hey, there's a sucker born every minute, and if these telemarketers are going to seperate idiots from their money, fine by me. The money is better off in the hands of the company in this case. > So what you're actually doing is allowing the company to take more > money from the community then would have happened without such laws. I could always pull a republican comeback, and say that the money I take from the community trickles back into the community :) But I'm not a republican, so I can only say that the money funds my schooling (and gambling, which in turn funds my schooling). If I'm helping the telemarketing company as you claim, I wonder why telemarketing companies don't excessively intentionally break the law on a larger scale, and deliberately attempt to rack up the charges. Hey, I could be a consultant, and advise telemarketing companies how they can really rack up 1500 dollar lawsuits to really help their business. Really Jim, I guess I'm just failing to see how this is profitable to the companies. How do they profit from my lawsuits against them? > What you're doing is stealing from the poor and giving to the rich. My winnings end up in my pocket, and I'm not exactly rich, so where else is the money going Jim? These companies? How does such a cost get passed on to the consumer? Higher prices, you say? If a company can turn around and charge higher prices for their product or service and stay in business, why didn't they do this in the first place? Why would it require a lawsuit to get the prices up? Well, I'll tell you. The fact is that the company is charging as much as they can to begin with, because their goal is to maximize profits. If they can turn around and start charging the customer more to increase profits, there's no reason why my lawsuit was needed. The fact is, if the company has any sense, they're charging as much as they can from day one. So while my lawsuit doesn't increase the price to the consumer, it does deter the company from harassing other consumers on the phone. So it pays off for everyone. Consumers get decent prices, and there's no hidden cost for them to pay in the form of coping with harassing phone calls. This cost is removed, thanks to me :) From jtrjtrjtr2001 at yahoo.com Sun Aug 3 04:13:15 2003 From: jtrjtrjtr2001 at yahoo.com (Sarad AV) Date: Sun, 3 Aug 2003 04:13:15 -0700 (PDT) Subject: Secure IDE? (fwd) In-Reply-To: Message-ID: <20030803111315.94827.qmail@web21204.mail.yahoo.com> hi, > This isn't a communications protocol. We're talking > about > disk storage. The only circumstances where an > attacker > could use this as an attack vector would be if the > attacker > could take multiple snapshots of the disk, possibly > replacing > blocks at later times. > > Peter > Thank you-i get that.The attacker might certainly like to try it ,if it is a banking DatBase. Bill Stewart" wrote >However, there's an emerging application for which >disk drives are more vulnerable, which is remote >storage. >Some of the new disk interface standards, like Fibre >Channel, >and probably some of the flavors of iSCSI, >can operate over distances of 20km and longer over >fiber, >leading to businesses like colocation centers in New >Jersey >providing big disk drive farms for New York City >financial businesses >which have their mainframes in Manhattan. >For applications like that, it is important to do >good IVs, >because control of the disk drive doesn't imply >control of the machine. okay-lets look the same in a communication protocol. We have digital cash transactions between Bank A and Bank B. Say I am an employee of Bank A. I don't keep the IV as secret,i just append the IV along with the cipher text which i have chained using a chaining mode and send it to bank B.There is a man in the middle M,who also sniffs out the IV,now he can successfully perform a block replay attack. I can think of one way this can be prevented. It would take us to share a common seed value (a secret)between Bank A and Bank B. 1.Bank A uses a pseudo random number generator like Tauss88 with a period of nearly 2^80 or MT19937 with a period of 2^19937-1 and generates the first IV using the generator. 2.This IV,is used for chaining but the IV itself is not transmitted along with the cipher text to the bank of B. 3.Once the chained cipher text reaches bank of B, they use the common seed to generate the first IV and this IV can be used to obtain the actual cipher text. 4.Continue steps 1 to 4 till the period of the generator.If we use Taus88 we can get nearly 2^80 IV's and if we use MT19937 we can get upto 2^19937-1 IV's. We also dont need to hash the IV's itself though they form a linear recurring sequence, since they are not transmitted from Bank A to Bank B and we derive no information of the IV from any number of blocks of the chained cipher text. In this way the attacker can no longer perform block replay attacks. The funny part is that I have seen some cryptographic utilities simply appened the IV to the chained cipher text and transmit to a receiver. Regards Sarath. __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com From adam at cypherspace.org Sat Aug 2 21:41:21 2003 From: adam at cypherspace.org (Adam Back) Date: Sun, 3 Aug 2003 05:41:21 +0100 Subject: Secure IDE? In-Reply-To: References: Message-ID: <20030803044121.GA15240144@exeter.ac.uk> On Thu, Jul 31, 2003 at 12:04:13PM -0400, Trei, Peter wrote: > [...] > > >with a good distribution of IVs > > > > Where would you store them? The feature of this is that it's fully > > transparent, so you can't store IVs anywhere. > > I'm not really up on crypto file systems, but I beleive at least some > use the sector address as the IV. IVs don't need to be random, > secret, or unpredictable - they just need to be unrepeated. (I'm > assuming sector-at-a-time encryption). I believe that is what some of them are doing. I think it's a little better to use some fast PRNG seeded from the sector (or eg HMAC of sector number or encryption of sector number if you have hardware). The sector number is changing in counter order and cancels with the plaintext difference. I did some tests on a 10GB disk full of windows app and program data (accessed the raw windows partition from linux /dev/hda1) and if you do that (xor first block of sector with sector number) you get a fair few collisions. > > How would you do this without a custom BIOS (remember that their > > general product is for dropping into any PC)? one of the products on show at RSA earlier this year would boot from the IDE sector onto a virtual drive (it would pretend to be a boot sector over the IDE connector), then that boot sector has code to ask for your password, derive the key and load it, and then reboot onto the real drive. If you pulled power from the drive it would forget the key. Adam From justin-cypherpunks at soze.net Sat Aug 2 22:41:54 2003 From: justin-cypherpunks at soze.net (Justin) Date: Sun, 3 Aug 2003 05:41:54 +0000 Subject: I'm asking for more rights, not restrictions (was Re: Antispam Bills: Worse Than Spam?) In-Reply-To: References: <20030803033507.GF2201@tango.gombos.name> Message-ID: <20030803054154.GH11093@dreams.soze.net> Jim Choate (2003-08-03 04:35Z) wrote: > By the way your commentary is a ad hominim attack and tends to weaken > your argument. ad homonym? > Right to speak and press. People have a right to speak their mind and > they have a right to use a press to spread it around. But do they have a right to use my property to queue up bulk ads that I'm stuck either reading or putting in the trash? And how unreasonable is it for each such medium to have an opt-in do-not-contact list? Should it be legal to dump stuff on my doorstep or in my mailbox even when I've clearly indicated I don't want any of it? Why do they have the right to assume, "maybe he didn't know what he was saying... maybe he wants *this* ad?" It's obvious where that line of reasoning goes with another more heinous crime. -- Freedom's untidy, and free people are free to make mistakes and commit crimes and do bad things. They're also free to live their lives and do wonderful things. --Rumsfeld, 2003-04-11 From ravage at einstein.ssz.com Sun Aug 3 06:23:38 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Sun, 3 Aug 2003 08:23:38 -0500 (CDT) Subject: Slashdot | There Is No Single Instant In Time (fwd) Message-ID: http://science.slashdot.org/science/03/08/03/029213.shtml?tid=134 -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From hseaver at cybershamanix.com Sun Aug 3 07:07:04 2003 From: hseaver at cybershamanix.com (Harmon Seaver) Date: Sun, 3 Aug 2003 09:07:04 -0500 Subject: California considering curb on 50 caliber rifles In-Reply-To: References: <20030803042246.GA32582@cybershamanix.com> Message-ID: <20030803140704.GA1407@cybershamanix.com> On Sat, Aug 02, 2003 at 11:39:41PM -0500, Jim Choate wrote: > > On Sat, 2 Aug 2003, Harmon Seaver wrote: > > > Spin doctor yer ass. A bullet is a bullet is a bullet. Cartridge is quite > > something else > > You mean 'casing', a cartridge is a bullet, case, powder, and primer. The > whole shebang. Which is what they're talking about with 'bullet'. > Uhh, are you not able to read these days? Better re-read my last post, you snipped it and then said what I just said: " Spin doctor yer ass. A bullet is a bullet is a bullet. Cartridge is quite something else -- made up of case, powder, primer, and *bullet*. So their ignorance is apparant, if they don't even know the basic facts, what could they possibly have to say that was relevant? " I don't mean "casing". Geez. What is your problem? -- Harmon Seaver CyberShamanix http://www.cybershamanix.com From ravage at einstein.ssz.com Sun Aug 3 09:20:04 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Sun, 3 Aug 2003 11:20:04 -0500 (CDT) Subject: Inferno: [sexpot@zork.net: Sunday 3 August 2003 Three Jewels Free Software Workshop: Install Fest and Five Lines in Three Files] (fwd) Message-ID: ---------- Forwarded message ---------- Date: Sun, 3 Aug 2003 01:15:40 -0500 Subject: Inferno: [sexpot at zork.net: Sunday 3 August 2003 Three Jewels Free Software Workshop: Install Fest and Five Lines in Three Files] Sharing the love... ----- Forwarded message from Jay Sexpot Sulzberger ----- From sunder at sunder.net Sun Aug 3 09:12:58 2003 From: sunder at sunder.net (Sunder) Date: Sun, 3 Aug 2003 12:12:58 -0400 (edt) Subject: Secure IDE? In-Reply-To: <20030803044121.GA15240144@exeter.ac.uk> Message-ID: So build an individual key for each cluster by some function that uses the original key. Same idea as using IV's, but with a few twists. IMHO, using CBC's for disk encryption sucks because you'll need to read previous sectors, and that's slower... I say cluster, not sector, as it's usually faster to work in 128k chunks than in 512 byte chunks when reading/writing to disk. YMMV, etc. Here's the idea: For example, use a very large random key preferably from a good hrng... say a few megs in size... maybe something that would fit on a flash fob... say 16-128mb. Let's call this K. (This can also be one of those business card CD's, etc...) Protect the actual key by encrypting it with a has from the user's passphrase to prevent someone from grabbing the fob and just using it of course. Call this E(k). Make sure that the user has backup copies of this fob. Perhaps this can be an N of M split for the backup, so the user will need several of the backup fob's to generate the key... This way an attack that has temporary physical access won't be able to simply steal a backup fob. At boot up/mount time, you'll need both the flash fob and the key to unlock it. You can even put some sort of unique disk id on the physical disk and use this as part of the key for that disk. Call this D. D might depend on the physical parameters of the disk and the manufacturer - but this is probably not such a great idea -- if the disk fails, you can't just restore it's image over another for example... So more random numbers are a good way to go. D can be stored on the disk itself (in encrypted form of course - say by a hash of the passphrase or something else.) This way, you can securely encrypt multiple disks with the same fob/passphrase. You can now build some function that grabs N bits from K based on the value of D and the cluster number, where N is the size of the key for your cypher. This will serve instead of the IV. You should also test this key to see if it is a weak key for the particular cypher - and if so, switch to an alternate function, etc. In the case of cyphers such as blowfish where the cypher is relatively fast, but the setup time is too slow to have as many keys as clusters, you'll need to limit the above function so that it can only produce a manageable number of keys (say 256, 1024, or whatever you think is manageable) - that way you can intialize each decode key ahead of time and keep them in non-swapable RAM. You'll need to figure out what a good balance is so you don't wind up exhausting RAM, and at the same time, have enough keys available to give you protection. Optionally, if you have access to the file system (i.e. you're running an open source OS and have access to the file system structures), you might want to add something that fills in deleted blocks with random garbage to throw off attackers. No need to encrypt them, but you'll need to make sure that there's nothing statistically distinguishing them from encrypted blocks. This can help you speed things up if you have access to a moderately fast rng. Another thing to consider from the "I have OS source code" level is to perhaps optionally also compress files stored to the disk, and use a file system that can handle gappy files. The worse thing you could do is to actually store a long string of clusters of 00's in the plaintext... (Then again, if your crypto cypher is good, this is much less of an issue.) Another thing to worry about is how to not have known plaintext on the encrypted disk - the majority of binaries for example are going to be well known and can act as this plaintext for the attacker. Compression somewhat takes care of this. Compiling your own software with slightly different optimizations or compiler versions rather than using the distributed binaries of your OS is a good thing. i.e. use Linux from Scratch as a distro and tweak your compiler to use different optimizations or target processors than usual. Having access to the OS adds another advantage in that you can reserve access to the fob (or key cd) just for the disk encryption system and prevent rogue software from just stealing the key. (Assuming of course that your kernel is secured, and can limit non-kernel access to devices, etc, etc, etc.) A lot of this can be done in hardware if you have enough $$$ to build it on a separate embedded computer -- I constantly see these advertised in the usual Linux mags for several hundred dollars and they contain flash, ethernet, serial ports, etc... Some even have IDE ports... This would be a perfect thing to sit between your disks and your main computer. It could add another layer of complexity for the attacker to have to deal with... In this case, the main computer wouldn't even have access to the key fob at all. This embedded computer can possibly do other things for you, such as act as a hardware RAID controller - thus freeing up the host machine from that task, etc, and even better, the host machine wouldn't store any keys on it whatsoever. You could also make the embedded machine into a firewall with an application level http/smtp filter as well. It would just access the embedded machine as if it were an IDE or SCSI device without any way to attack it. This way you could even run Windblows on it (somewhat) securely. If you added a firewall to the embedded machine, it could also prevent trojans from sending back information to their owners, installing spyware, whatever... You can even go as far as using one of those happy gamer clear plastic cases (very bad because of RF emissions, but it will let you see the insides of your computer making it harder for someone to add their own hardware to it.) Now backups are going to be the next main thing to worry about. Letting the user make backups of plaintext data is a horrible idea. It's better to provide a backup facility ahead of time that would take chunks of the disk 650MB/800MB/4.5GB (or tape sized) at a time so they can be burned to CD. You may optionally wish to not write the empty random clusters - but that would aid an attacker in that they wouldn't have to deal with figuring out what the ununsed sectors were as per the previous paragraph. BTW: If you implement this idea commercially, all I ask in return is that you give me a copy of the software/hardware -- or license it under the GPL, or FreeBSD license. :) ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------ On Sun, 3 Aug 2003, Adam Back wrote: > I believe that is what some of them are doing. I think it's a little > better to use some fast PRNG seeded from the sector (or eg HMAC of > sector number or encryption of sector number if you have hardware). > The sector number is changing in counter order and cancels with the > plaintext difference. I did some tests on a 10GB disk full of windows > app and program data (accessed the raw windows partition from linux > /dev/hda1) and if you do that (xor first block of sector with sector > number) you get a fair few collisions. From jamesd at echeque.com Sun Aug 3 12:28:02 2003 From: jamesd at echeque.com (James A. Donald) Date: Sun, 3 Aug 2003 12:28:02 -0700 Subject: Digicash Patents In-Reply-To: <5.1.1.6.2.20030803002806.02ea04f8@idiom.com> References: <08CBC76751B32946BC0E3E1DEF5415E50672A2@server04.firm.wlj.c om> Message-ID: <3F2CFFD2.2934.2CF0B32E@localhost> -- On 3 Aug 2003 at 0:34, Bill Stewart wrote: > Paypal gave people who wanted to occasionally sell things on > the net a way to receive payments online, quasi-immediately, > without going to the major hassle of becoming a registered > credit-card-accepting business, There is a big problem in that "quasi" Because paypal payments are reversible, Paypal finds itself very reluctantly in the business of arbitrating disputes, a potentially expensive and unpopular business which it does very badly indeed. The integration with Ebay was intended to reduce this problem, since ebay does rather well at arbitrating disputes, but paypal's arbitration is still universally loathed. If your business model sticks you with performing arbitration, you find yourself up against the credit card companies, the eight hundred pound gorilla of arbitration, who do it well, and more importantly, do it a lot cheaper than you can. This provides a strong argument for making your payment service truly irreversible, that is to say, Chaumian. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG wPTF3iJd+YV5zLY6lEBVNFkcGnmNYeC0BBOiAKnK 4B0UcuuS/khYebiuvTgWDuOOyEiINiAP276pz+oZe From sunder at sunder.net Sun Aug 3 10:36:05 2003 From: sunder at sunder.net (Sunder) Date: Sun, 3 Aug 2003 13:36:05 -0400 (edt) Subject: I'm asking for more rights, not restrictions (was Re: Antispam Bills: Worse Than Spam?) In-Reply-To: <20030803065750.GH2201@tango.gombos.name> Message-ID: While at the same time quoting from a book doesn't mean anything either. It shows that a) you can quote from a book, and b) you have no ideas of your own. If you have something valuable to say, say it. Otherwise, let's not waste time over who can read a book, who has read a specific book, or who can quote from a book. BTW: Incase you haven't been clued, arguing with Jim Choate is like arguing with a broken clock. It always returns 12:30, which twice a day is the right time, but there's no real intelligence there. Just an automaton from a realm called Choate', where physics don't follow the same laws as here, everyone uses Plan9, people earn money based on their needs, not their ability, logic is based on whatever Choate says it is, and so on. Most people, myself included have set bits emminating from that realm to find their way to the bit bucket. As for your points of view, my take is this: There ought to be a law to stop people who say "there ought to be a law." Making laws is the job of congress. Cypherpunks (supposedly) write code. Want to push laws? Email, fax, mail, or otherwise spam (oh the irony!) your congresscritter, not "us." ("Us" is in quotes because cypherpunks have no official party line, "we" don't speak for each other. It's just a mailing list, and it's "members" hold varying ideals, but a general trend of consensus is that more laws are evil, and that freedom to use strong crypto is generally a good thing. This is only my view of what cypherpunks is about, YMMV.) ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------ On Sat, 2 Aug 2003 mindfuq at comcast.net wrote: > * Jim Choate [2003-08-02 23:06]: > > > > > This is a cop out. > > > > No, you asked for an explanation. The book is an excellent one. Just > > another example of you wanting somebody else to do it for you. > > Right, the book may be an explanation of law and democracy- no one is > arguing that, but you're statement is a cop out, because you're not > willing to back your statements with a supporting arguement. "Go read > a book" fails as a supporting argument because it lacks the connection > you're trying to draw with your statement. From rah at shipwright.com Sun Aug 3 13:04:43 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 3 Aug 2003 16:04:43 -0400 Subject: Criminals Focus on Weak Link in Banking: A.T.M. Network Message-ID: The New York Times August 3, 2003 Criminals Focus on Weak Link in Banking: A.T.M. Network By WALT BOGDANICH He fenced stolen jewels, committed bank and credit-card fraud and had been accused of having links to an Albanian-Yugoslavian criminal gang. Cloaking himself in nine aliases and Armani jackets, he was a smooth, multilingual master of the con, investigators and people who knew him say. His name is Iljmija Frljuckic, and by all accounts, he had no business being around anybody else's money. Yet after being deported in the late 1990's, he slipped back into the United States and set up shop as a banker, not in a marble lobby under the watchful eyes of auditors and regulators, but in the virtually unregulated world of privately owned automated teller machines. To tap into this electronic network, Mr. Frljuckic (pronounced Furl-YOU-kich) did not have to produce so much as a valid driver's license. After buying these machines - the kind commonly found in convenience stores, delicatessens and other retail outlets - he and his associates installed devices that captured, or "skimmed," personal bank account information from at least 21,000 people, prosecutors say. They used that information in 2001 and early 2002 to make fake A.T.M. cards, then stole at least $3.5 million, mostly from A.T.M.'s in New York City, according to the latest federal charges filed about two months ago in Manhattan. Before Mr. Frljuckic came along, small-time crooks had made crude forays into A.T.M. fraud. But in its size and technical sophistication, investigators say, the Frljuckic case is a con of an entirely different order - a new turn on identity theft, a jolting warning of the vulnerability of an A.T.M. system that has exploded in size in the last few years. No one can say precisely how much is lost through A.T.M.-related crimes. In fact, no government agency knows how many cash machines are operating, where they all are or who owns them. Though banks are reluctant to discuss their losses, they say there is no cause for alarm. But from Canada to Malaysia to the United Arab Emirates, investigators report new assaults on A.T.M.'s. The criminals, both foreign and homegrown, include gangs, embezzlers and, on occasion, money launderers, according to investigators and public records. And while A.T.M. industry officials say the Frljuckic case shocked them into tougher self-policing of privately owned machines, they also confess that the thieves are remarkably resourceful, shifting their attention now to bank-owned machines. In recent months, skimming devices have been attached to bank machines around Boston and Chicago. "A.T.M.'s have been viewed as a weak point in the banking chain - and so the criminals have focused on that," said Tom Harper, president of the A.T.M. Industry Association, the leading trade group. The global wiring of banks to A.T.M.'s means consumers can gain instant access to their money around the world. But with the government monitoring only part of this electronic network, a thief using cheap equipment and a little imagination can steal someone's banking identity in Manhattan and within hours withdraw money from that person's account at a cash machine in Europe. A.T.M. crime may also be a national security issue. Federal officials are investigating incidents in which suspected terrorists may have used the machines to fraudulently generate income, says Dennis Lormel, chief of the terrorist financing operations section of the Federal Bureau of Investigation. Banks are supposed to reimburse victims of A.T.M. theft. But unlike credit card fraud, in which banks are stuck with bills for unauthorized purchases, A.T.M. thefts take cash from consumers, who may bear the burden of proving that withdrawals were unauthorized. Kelly Quick of Studio City, Calif., said that when he reported $1,420 missing from his account early this year, his bank did not believe him. "They basically said that since I didn't give out my PIN number, it had to have been me," Mr. Quick said. Similarly, Mark Evans of Los Angeles said his bank was "basically accusing me of stealing the money." Both men say getting their money back involved a fight. Complaints like these prompted the comptroller of the currency in September 2001 to warn banks of their obligation to make A.T.M. victims whole. "Unfortunately there are people who say they have been defrauded when they have not," said John Hall, a spokesman for the American Bankers Association. As banks learn more about A.T.M. fraud, he said, they are getting better at helping customers. A.T.M.'s have been around for decades, but became ubiquitous on the American landscape in 1996, when new surcharges on withdrawals made it possible for private entrepreneurs to profit by owning machines. Since then, the number of machines, which cost as little as $3,000, has tripled, to an estimated 370,000, fueling the growth of companies that sell and service them. This growth, in turn, has spawned criminal activity that goes beyond just the skimming of bank account numbers. Embezzlements in recent years have involved companies that supply cash to the expanded A.T.M. market, including a New Jersey company, Tri-State Armored Services, where $50 million turned up missing. By contrast, the biggest bank robbery in the last 25 years, according to federal statistics, involved $11 million. Banks call credit-card and check fraud a much bigger problem. Besides, they say, rare cases of A.T.M. fraud are a small price to pay for convenient cash. But banks are not eager to publicize breaches of A.T.M. security. "They don't want to give people ideas," said Nessa Feddis, a lawyer with the American Bankers Association. Another reason, some financial experts say, is that banks do not want to undermine confidence in a system that cuts their overhead while making them billions in fees, collected when their customers use private A.T.M.'s or machines owned by other banks. Several large banks also own parts of a network that connects the machines and financial institutions. "These fees are cash cows for the banks," said Edmund Mierzwinski, of the U.S. Public Interest Research Group in Washington. A former president of a Federal Reserve bank said: "You write your story and they will hate it because it will say, `Be careful where you stick your card.' " 4,000 Accounts Vulnerable The nation's biggest A.T.M. fraud began in late 2000 with trial runs in California, Florida and New York. At 13 sites, thieves started installing machines rigged internally to capture bank data and personal identification numbers. They were in no hurry; the longer they waited, the more account numbers they could steal. In four months, with just the dozen or so machines, they had the electronic keys to 4,000 accounts, fraud investigators say. Only when the gang began siphoning money did banks and customers realize they had been scammed. By the time the rigged machines had been identified, they had vanished, along with their owners and tens of thousands of dollars. By the end of June 2001, banks had identified the compromised cards and electronically blocked them. "They covered their tracks throughout the process," said Michael Urban, who works for a division of Fair Isaac, a company that helps financial institutions detect electronic fraud. "We didn't know anything other than they had good PIN's, good cards." Investigators say the machines were bought in the names Michael Dokovich and Michael Bugatti, who turned out to be the same man: Iljmija Frljuckic. He is believed to have first entered the country in 1981. By the early 1990's, federal authorities had linked him to "an Albanian/Yugoslavian organized crime gang." The government wrote in court papers that the group "is believed responsible for a host of serious crimes, including arson, insurance fraud, bank fraud, large-scale mail theft, drug trafficking and sophisticated jewelry heists." Mr. Frljuckic married the daughter of a Florida law enforcement official in January 1994, telling her that he was Michael Illyriani, an international businessman, court records show. He did not say he was facing federal bank fraud charges, filed in 1992, and was out of jail only because, hoping for a plea bargain, he had agreed to inform against the Albanian gang. Actually, officials say, he was conning the government, too. While he helped on a few minor investigations, prosecutors say he provided "absolutely no assistance" in exposing the gang. Then, before the first case was settled, he was arrested in a new bank fraud. After his release from federal prison in June 1996, a judge ordered him deported to Yugoslavia. But he soon returned to the United States, and by then the A.T.M. system had opened its doors to private entrepreneurs. Surcharges Fuel Industry The system that beckoned Mr. Frljuckic runs on the ever-accruing stream of money from the surcharges first widely permitted in 1996. Today, many customers pay twice - usually $1 to $3 to the owner of the machine, and $1 to $1.50 to the bank that issued the card. A.T.M. fees now add up to $4.5 billion annually, according to Dove Consulting, a Boston-based firm. An A.T.M. entrepreneur needs a machine and cash, which can be borrowed, to stock it, and a bank account, so that when a cardholder withdraws money, the cardholder's bank has some place to send the reimbursement. What the owner does not need is a license or government approval. New owners are supposed to be evaluated by what are known as independent service organizations, or I.S.O.'s, which connect privately owned machines to the network. Each I.S.O., in turn, must be sponsored by a bank. But the I.S.O.'s and banks have a spotty record of oversight, according to some in the A.T.M. industry. Fraud investigators, for example, have sometimes had trouble establishing the owners and locations of specific A.T.M.'s. "It's harder to switch a registration on your car than to move around an A.T.M.," said Gregg James, a Secret Service agent who investigates financial crime. The system, if not properly supervised, can be used to launder money. An owner can stock a machine with the proceeds from crime and then, after withdrawals, be reimbursed from customers' banks with "clean" currency. The American Bankers Association says its members do not see money laundering as a problem. "That's not something that's come to my attention," said John Byrne, a lawyer with the association. It has, however, caught the attention of the Secret Service and other federal officials. In 2000, an Indiana man pleaded guilty to laundering money through his machines. Another A.T.M. money-laundering case is awaiting trial in California. "When I found out what he was doing I thought, `Ah, the perfect scheme,' " said Donna Eide, the prosecutor in the Indiana case. "It's a perfect way to get cash back into the system without reports being filed." Small Store Owners Used Nasser Alomari is typical of the small New York store owners who became unwitting accomplices in Mr. Frljuckic's widening fraud, investigators say. Mr. Alomari, a Yemeni immigrant, had originally owned his own A.T.M. in his delicatessen, now the 10th Avenue Gourmet, in Manhattan. A private company serviced the machine, paying him $1 for each withdrawal. In a good month, that meant $600. And until one day in January 2002, that seemed enough. Then a stranger wearing a gold Rolex with diamond insets offered him a better return - $1.75. He said the man insisted on installing his own A.T.M. Investigators say it had been fitted with a skimming device. Federal records show that the man Mr. Alomari dealt with used an alias, as he had in buying 21 other machines. Investigators say he was Hamdija Frljuckic, brother of Iljmija. Hamdija Frljuckic began buying machines in August 2001 from a New Jersey independent service organization called Money Marketing. "They knew the deep ins and outs of this business," a company spokesman, Eric Park, said. Money Marketing's vetting process conformed to the industry standard back then, he added, and included a review of a buyer's business records and driver's license. "I've never had a fake driver's license," he said. "How can you ever tell?" Money Marketing says A.T.M. buyers now undergo criminal background checks and must produce, among other things, tax returns. By early November 2001, investigators say, the thieves had collected account information from about 17,000 New Yorkers. The trap was set. Similar Fraud Patterns The first sign that something had gone seriously wrong came over that Veterans Day weekend. Just as bank customers began to miss money in their accounts, unusual withdrawal patterns were being detected by computer analysts in the Arlington, Va., office of Fair Isaac. The analysts noticed something else: The patterns echoed those observed that year in California and Florida. "Our investigators were 90 percent sure it was the same guys," said Mr. Urban of Fair Isaac. Investigators had another tactical advantage: With the highest daily withdrawal limit usually around $1,000, the thieves had to spend a lot of time feeding fake cards into machines. And during that time they were vulnerable. Once Fair Isaac had identified compromised cards, their numbers were sent to NYCE, a company that connects A.T.M.'s and banks. Then, when a suspect card was used again, NYCE, using a software program called Rooster, pinpointed the location and contacted the Secret Service within seconds. In New York's congested streets, though, getting there in time was a problem. "We had agents getting out of cars, running up the street," said Mr. James, the Secret Service agent. In an escalating game of cat and mouse, the thieves began making withdrawals during lunch hour, when sidewalk and street congestion was at its worst. And they stopped feeding large numbers of cards into a single machine, instead slipping from one location to another. "They would go in, hit an A.T.M., get on a subway, then go to the next A.T.M.," said Susan Zawodniak, executive director of the NYCE network. To improve their odds, agents began staking out the sites of suspicious withdrawals. For five days, nothing. Then, on the evening of Nov. 15, Citibank told an agent, "approximately $7,000 had just been withdrawn from different accounts in rapid and successive transactions from the same A.T.M.," according to a Secret Service affidavit. The agent rushed to the bank, where he found two other agents on stakeout. After a brief chase, they arrested a man seen leaving the bank. He was Fikret Korac, whom a federal prosecutor called "a criminal for most of his adult life." In his possession, agents said, they found 11 white plastic cards with magnetic strips and about $30,000. Investigators viewed Mr. Korac as a low-level "runner." But after his arrest, prosecutors say, he called Hamdija Frljuckic, who quickly tried to withdraw $150,000 in cash from an account in a false name at J. P. Morgan Chase . But when he asked for the money in $100 bills, a suspicious bank officer refused, according to the Secret Service. Within weeks, Hamdija Frljuckic was arrested - after visiting the machine at Nasser Alomari's store. He is awaiting trial on charges relating to the A.T.M. thefts. But Iljmija Frljuckic remains at large. "The main older brother flees with several million in a suitcase," an investigator said. "We have intelligence that he put A.T.M.'s in other places in the world." Reached overseas by telephone, Mr. Frljuckic told The New York Times that he was willing to be interviewed where he was living, in Montenegro. But after several conversations to arrange the interview, he stopped returning calls. In all, investigators say, the thieves withdrew money from 500 machines around New York City. The hardest-hit bank was Citibank, which lost about $1 million, said people close to the investigation. Banks are reluctant to discuss the case. "Our hard and fast policy is we just don't discuss these sorts of things," a Citibank spokeswoman said. At the state banking department, a spokeswoman, Bethany Blankley, said she knew little about the case because the compromised machines were not the agency's responsibility. "We regulate the safety of the A.T.M. machines only for banks," she said, "not for supermarkets or little stands where you get cigarettes." Industry Looks Inward Last March, the A.T.M. industry gathered in Miami to meet with fraud investigators for some self-examination. The New York case was not the only one on their minds. In late 2002, four Russians were arrested on charges of looting A.T.M.'s in Canada. Cardholders found their money disappearing in European cities they had not visited, including Paris, Amsterdam and Milan, according to a report filed by bank investigators. The Canadian fraud seemed to replicate what prosecutors accuse Mr. Frljuckic of having done. "The thing we found troubling," said H. Kurt Helwig, who runs the Electronic Funds Transfer Association, was that "this was organized crime." An industry task force - including machine manufacturers, electronic networks and private machine owners - is fighting fraud through, among other things, better background checks and machines less prone to tampering. The hope is that these efforts will keep the government from stepping in. "It's a marketplace issue," Mr. Helwig said. Because of their efforts, task force members say, skimming from private machines is not the danger it used to be. But concerns remain. In March, Fair Isaac sent an "urgent notice" of thefts from A.T.M.'s in San Francisco and the Los Angeles area. Investigators say they believe those card numbers were stolen through skimming devices in privately owned machines. But now more A.T.M. fraud seems to be occurring at bank-owned machines, industry officials say. They are refocusing their attention. "It's almost as if the criminals were listening and watching," said Ms. Zawodniak of NYCE. "We build a 10-foot wall, and they build an 11-foot ladder." -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From ravage at einstein.ssz.com Sun Aug 3 16:28:49 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Sun, 3 Aug 2003 18:28:49 -0500 (CDT) Subject: Inferno: fwd: Paper submission deadline for ASIAN03 extended to Aug 11, 2003 (fwd) Message-ID: ---------- Forwarded message ---------- Date: Sun, 3 Aug 2003 13:12:52 -0500 Subject: Inferno: fwd: Paper submission deadline for ASIAN03 extended to Aug 11, 2003 From mindfuq at comcast.net Sun Aug 3 19:04:28 2003 From: mindfuq at comcast.net (mindfuq at comcast.net) Date: Sun, 3 Aug 2003 19:04:28 -0700 Subject: [eff-austin] Antispam Bills: Worse Than Spam? In-Reply-To: <20030802171133.H60664-100000@kozubik.com> References: <20030802234507.GC2201@tango.gombos.name> <20030802171133.H60664-100000@kozubik.com> Message-ID: <20030804020428.GB2196@tango.gombos.name> * John Kozubik [2003-08-02 19:27]: > > That is incorrect. AOL owns their network, and they can respond to your > arbitrary communications on their network in any way they see fit. Unfortunately, you're correct. > Maybe they will deliver your email to your AOL subscribing friend. > Maybe they will block that email. Maybe they will translate the > email into French and reverse the word-order and then send it to > your friend. Maybe they will print it out and mail it back to you > for no reason. All of these responses are perfectly legitimate, and > represent a private entity using their property in whatever way they > see fit, Yes, this is the problem I'm trying to address. Normally when Alice tries to transmit information to Bob, if Mallory decides to sabotage the communication, this is a denial of service attack, forbidden by criminal law. However, if the communication passes through Mallory's back yard, we can let the attack happen because it's on Mallory's property. At the same time, if I sabotage the city water line that passes through my property, I can be held accountable. And rightly so. Mallory should also be held accountable for blocking communications. This is what needs to change. > It amazes me how many people on this list only respect private property > when it is convenient for them to do so. (For reference, see the "Tim May > argues (correctly) that people can't protest in his house" and, more > recently, the "Gilmore thinks airlines can't refuse him travel for any > reason they see fit" threads) There's a balance of rights, and obviously private property rights aren't going to always get priority. While they're high on my list in *some* cases, they don't top human rights. Some rights are a little more fundamental and important than private property rights. And when someone abuses their property to damage someone else, I have zero respect for their private property rights. So I'm not at all surprized that someone would perceive an inconsistency on this issue, because there are so many more important rights that have a greater bearing on peoples happiness. AOL isn't even a human, so to put the private property rights of AOL above the well-being of any human is a silly mistake. In my particular case, AOL is blocking me from talking to friends and family. I suppose I could argue that the packets I create and send are created with my private property and resources, so those packets are my property, and AOL is vandalizing my property by destroying these packets. You can argue that how you want, but the bottom line is that AOL is using their property to gain power to control who may talk to who. This is clearly an abusive use of property, and I have no tolarance for it. They need to be removed from power, and the consumers who contributed to the purchasing of their property need to be given some rights. So if you're saying that AOL's private property rights are supporting their effort to stop me from talking to my family, then of course I have very little respect for private property rights. I often see people using their private property to cause damage to others, so it's not real top on my list in these cases. From cpunk at lne.com Sun Aug 3 20:00:00 2003 From: cpunk at lne.com (cpunk at lne.com) Date: Sun, 3 Aug 2003 20:00:00 -0700 Subject: Cypherpunks List Info Message-ID: <200308040300.h74300m8022460@gw.lne.com> Cypherpunks Mailing List Information Last updated: Sep 12, 2002 This message is also available at http://www.lne.com/cpunk Instructions on unsubscribing from the list can be found below. 0. Introduction The Cypherpunks mailing list is a mailing list for discussing cryptography and its effect on society. It is not a moderated list (but see exceptions below) and the list operators are not responsible for the list content. Cypherpunks is a distributed mailing list. A subscriber can subscribe to one node of the list and thereby participate on the full list. Each node (called a "Cypherpunks Distributed Remailer", although they are not related to anonymous remailers) exchanges messages with the other nodes in addition to sending messages to its subscribers. A message posted to one node will be received by the list subscribers on the other nodes, and vice-versa. 1. Filtering The various CDRs follow different policies on filtering spam and to a lesser extent on modifying messages that go to/from their subscribers. Filtering is done, on nodes that do it, to reduce the huge amount of spam that the cypherpunks list is subjected to. There are three basic flavors of filtering CDRs: "raw", which send all messages to their subscribers. "cooked" CDRs try to eliminate the spam on that's on the regular list by automatically sending only messages that are from cypherpunks list subscribers (on any CDR) or people who are replying to list messages. Finally there are moderated lists, where a human moderator decides which messages from the raw list to pass on to subscribers. 2. Message Modification Message modification policy indicates what modifications, if any, beyond what is needed to operate the CDR are done (most CDRs add a tracking X-loop header on mail posted to their subscribers to prevent mail loops). Message modification usually happens on mail going in or out to each CDR's subscribers. CDRs should not modify mail that they pass from one CDR to the next, but some of them do, and others undo those modifications. 3. Privacy Privacy policy indicates if the list will allow anyone ("open"), or only list members, or no one ("private") , to retrieve the subscribers list. Note that if you post, being on a "private" list doesn't mean much, since your address is now out there. It's really only useful for keeping spammers from harvesting addresses from the list software. Digest mode indicates that the CDR supports digest mode, which is where the posts are batched up into a few large emails. Nodes that support only digest mode are noted. 4. Anonymous posting Cypherpunks encourages anonymous posting. You can use an anonymous remailer: http://www.andrebacard.com/remail.html http://anon.efga.org/Remailers http://www.gilc.org/speech/anonymous/remailer.html or you can send posts to the list via cpunks_anon at einstein.ssz.com and your mail's headers will be stripped before posting. Note that this doesn't provide complete anonymity since the receiving site will still have log file entries showing the source of the mail (or you have to trust that they delete them). You also will be 'sharing' a reputation with the other entities that post through this alias, and some of them are spammers, so some subscribers will have this alias filtered. 5. Unsubscribing Unsubscribing from the cypherpunks list: Since the list is run from a number of different CDRs, you have to figure out which CDR you are subscribed to. If you don't remember and can't figure it out from the mail headers (hint: the top Received: line should tell you), the easiest way to unsubscribe is to send unsubscribe messages to all the CDRs listed below. How to figure out which CDR you are subscribed to: Get your mail client to show all the headers (Microsoft calls this "internet headers"). Look for the Sender or X-loop headers. The Sender will say something like "Sender: owner-cypherpunks at lne.com". The X-loop line will say something like "X-Loop: cypherpunks at lne.com". Both of these inticate that you are subscribed to the lne.com CDR. If you were subscribed to the algebra CDR, they would have algebra.com in them. Once you have figured out which CDR you're subscribed to, look in the table below to find that CDRs unsubscribe instructions. 6. Lunatics, spammers and nut-cases "I'm subscribed to a filtering CDR yet I still see lots of junk postings". At this writing there are a few sociopaths on the cypherpunks list who are abusing the lists openness by dumping reams of propaganda on the list. The distinction between a spammer and a subscriber is nearly always very clear, but the dictinction between a subscriber who is abusing the list by posting reams of propaganda and a subscriber who is making lots of controversial posts is not clear. Therefore, we tolerate the crap. Subscribers with a low crap tolerance should check out mail filters. Procmail is a good one, although it works on Unix and Unix-like systems only. Eudora also has a capacity for filtering mail, as do many other mail readers. An example procmail recipie is below, you will of course want to make your own decisions on which (ab)users to filter. # mailing lists: # filter all cypherpunks mail into its own cypherspool folder, discarding # mail from loons. All CDRs set their From: line to 'owner-cypherpunks'. # /dev/null is unix for the trash can. :0 * ^From.*owner-cypherpunks at .* { :0: * (^From:.*ravage at ssz\.com.*|\ ^From:.*jchoate at dev.tivoli.com.*|\ ^From:.*mattd at useoz.com|\ ^From:.*proffr11 at bigpond.com|\ ^From:.*jei at cc.hut.fi) /dev/null :0: cypherspool } 7. List of current CDRs All commands are sent in the body of mail unless otherwise noted. --------------------------------------------------------------------------- Algebra: Operator: Subscription: "subscribe cypherpunks" to majordomo at algebra.com Unsubscription: "unsubscribe cypherpunks" to majordomo at algebra.com Help: "help cypherpunks" to majordomo at algebra.com Posting address: cypherpunks at algebra.com Filtering policy: raw Message Modification policy: no modification Privacy policy: ??? Info: ??? --------------------------------------------------------------------------- CCC: Operator: drt at un.bewaff.net Subscription: "subscribe [password of your choice]" to cypherpunks-request at koeln.ccc.de Unsubscription: "unsubscribe " to cypherpunks-request at koeln.ccc.de Help: "help" to to cypherpunks-request at koeln.ccc.de Web site: http://koeln.ccc.de/mailman/listinfo/cypherpunks Posting address: cypherpunks at koeln.ccc.de Filtering policy: This specific node drops messages bigger than 32k and every message with more than 17 recipients or just a line containing "subscribe" or "unsubscribe" in the subject. Digest mode: this node is digest-only NNTP: news://koeln.ccc.de/cbone.ml.cypherpunks Message Modification policy: no modification Privacy policy: ??? --------------------------------------------------------------------------- Infonex: Subscription: "subscribe cypherpunks" to majordomo at infonex.com Unsubscription: "unsubscribe cypherpunks" to majordomo at infonex.com Help: "help cypherpunks" to majordomo at infonex.com Posting address: cypherpunks at infonex.com Filtering policy: raw Message Modification policy: no modification Privacy policy: ??? --------------------------------------------------------------------------- Lne: Subscription: "subscribe cypherpunks" to majordomo at lne.com Unsubscription: "unsubscribe cypherpunks" to majordomo at lne.com Help: "help cypherpunks" to majordomo at lne.com Posting address: cypherpunks at lne.com Filtering policy: cooked Posts from all CDR subscribers & replies to threads go to lne CDR subscribers. All posts from other CDRs are forwarded to other CDRs unmodified. Message Modification policy: 1. messages are demimed (MIME attachments removed) when posted through lne or received by lne CDR subscribers 2. leading "CDR:" in subject line removed 3. "Reply-to:" removed Privacy policy: private Info: http://www.lne.com/cpunk; "info cypherpunks" to majordomo at lne.com Archive: http://archives.abditum.com/cypherpunks/index.html (thanks to Steve Furlong and Len Sassaman) --------------------------------------------------------------------------- Minder: Subscription: "subscribe cypherpunks" to majordomo at minder.net Unsubscription: "unsubscribe cypherpunks" to majordomo at minder.net Help: "help" to majordomo at minder.net Posting address: cypherpunks at minder.net Filtering policy: raw Message Modification policy: no modification Privacy policy: private Info: send mail to cypherpunks-info at minder.net --------------------------------------------------------------------------- Openpgp: [openpgp seems to have dropped off the end of the world-- it doesn't return anything from sending help queries. Ericm, 8/7/01] Subscription: "subscribe cypherpunks" to listproc at openpgp.net Unsubscription: "unsubscribe cypherpunks" to listproc at openpgp.net Help: "help" to listproc at openpgp.net Posting address: cypherpunks at openpgp.net Filtering policy: raw Message Modification policy: no modification Privacy policy: ??? --------------------------------------------------------------------------- Ssz: Subscription: "subscribe cypherpunks" to majordomo at ssz.com Unsubscription: "unsubscribe cypherpunks" to majordomo at ssz.com Help: "help cypherpunks" to majordomo at ssz.com Posting address: cypherpunks at ssz.com Filtering policy: raw Message Modification policy: Subject line prepended with "CDR:" Reply-to cypherpunks at ssz.com added. Privacy policy: open Info: http://www.ssz.com/cdr/ --------------------------------------------------------------------------- Sunder: Subscription: "subscribe" to sunder at sunder.net Unsubscription: "unsubscribe" to sunder at sunder.net Help: "help" to sunder at sunder.net Posting address: sunder at sunder.net Filtering policy: moderated Message Modification policy: ??? Privacy policy: ??? Info: ??? --------------------------------------------------------------------------- Pro-ns: Subscription: "subscribe cypherpunks" to majordomo at pro-ns.net Unsubscription: "unsubscribe cypherpunks" to majordomo at pro-ns.net Help: "help cypherpunks" to majordomo at pro-ns.net Posting address: cypherpunks at pro-ns.net Filtering policy: cooked Posts from all CDR subscribers & replies to threads go to local CDR subscribers. All posts from other CDRs are forwarded to other CDRs unmodified. Message Modification policy: 1. leading "CDR:" in subject line removed 2. "Reply-to:" removed Privacy policy: private Info: http://www.pro-ns.net/cpunk From ravage at einstein.ssz.com Sun Aug 3 19:28:06 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Sun, 3 Aug 2003 21:28:06 -0500 (CDT) Subject: Slashdot | Florida Citizens' Anti-trust Payout Dwarfed By Lawyers' (fwd) Message-ID: http://slashdot.org/articles/03/08/03/2131256.shtml?tid=109&tid=123&tid=187&tid=98&tid=99 -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From mindfuq at comcast.net Sun Aug 3 22:03:50 2003 From: mindfuq at comcast.net (mindfuq at comcast.net) Date: Sun, 3 Aug 2003 22:03:50 -0700 Subject: [eff-austin] Antispam Bills: Worse Than Spam? In-Reply-To: <20030802171133.H60664-100000@kozubik.com> References: <20030802234507.GC2201@tango.gombos.name> <20030802171133.H60664-100000@kozubik.com> Message-ID: <20030804050350.GD2196@tango.gombos.name> * John Kozubik [2003-08-02 19:27]: > > That is incorrect. AOL owns their network, and they can respond to your > arbitrary communications on their network in any way they see fit. Unfortunately, you're correct. > Maybe they will deliver your email to your AOL subscribing friend. > Maybe they will block that email. Maybe they will translate the > email into French and reverse the word-order and then send it to > your friend. Maybe they will print it out and mail it back to you > for no reason. All of these responses are perfectly legitimate, and > represent a private entity using their property in whatever way they > see fit, Yes, this is the problem I'm trying to address. Normally when Alice tries to transmit information to Bob, if Mallory decides to sabotage the communication, this is a denial of service attack, forbidden by criminal law. However, if the communication passes through Mallory's back yard, we can let the attack happen because it's on Mallory's property. At the same time, if I sabotage the city water line that passes through my property, I can be held accountable. And rightly so. Mallory should also be held accountable for blocking communications. This is what needs to change. > It amazes me how many people on this list only respect private property > when it is convenient for them to do so. (For reference, see the "Tim May > argues (correctly) that people can't protest in his house" and, more > recently, the "Gilmore thinks airlines can't refuse him travel for any > reason they see fit" threads) There's a balance of rights, and obviously private property rights aren't going to always get priority. While they're high on my list in *some* cases, they don't top human rights. Some rights are a little more fundamental and important than private property rights. And when someone abuses their property to damage someone else, I have zero respect for their private property rights. So I'm not at all surprized that someone would perceive an inconsistency on this issue, because there are so many more important rights that have a greater bearing on peoples happiness. AOL isn't even a human, so to put the private property rights of AOL above the well-being of any human is a silly mistake. In my particular case, AOL is blocking me from talking to friends and family. I suppose I could argue that the packets I create and send are created with my private property and resources, so those packets are my property, and AOL is vandalizing my property by destroying these packets. You can argue that how you want, but the bottom line is that AOL is using their property to gain power to control who may talk to who. This is clearly an abusive use of property, and I have no tolarance for it. They need to be removed from power, and the consumers who contributed to the purchasing of their property need to be given some rights. So if you're saying that AOL's private property rights are supporting their effort to stop me from talking to my family, then of course I have very little respect for private property rights. I often see people using their private property to cause damage to others, so it's not real top on my list in these cases. From mindfuq at comcast.net Sun Aug 3 22:05:48 2003 From: mindfuq at comcast.net (mindfuq at comcast.net) Date: Sun, 3 Aug 2003 22:05:48 -0700 Subject: [eff-austin] Antispam Bills: Worse Than Spam? In-Reply-To: <20030802171133.H60664-100000@kozubik.com> References: <20030802234507.GC2201@tango.gombos.name> <20030802171133.H60664-100000@kozubik.com> Message-ID: <20030804050548.GE2196@tango.gombos.name> * John Kozubik [2003-08-02 19:27]: > > That is incorrect. AOL owns their network, and they can respond to your > arbitrary communications on their network in any way they see fit. Unfortunately, you're correct. > Maybe they will deliver your email to your AOL subscribing friend. > Maybe they will block that email. Maybe they will translate the > email into French and reverse the word-order and then send it to > your friend. Maybe they will print it out and mail it back to you > for no reason. All of these responses are perfectly legitimate, and > represent a private entity using their property in whatever way they > see fit, Yes, this is the problem I'm trying to address. Normally when Alice tries to transmit information to Bob, if Mallory decides to sabotage the communication, this is a denial of service attack, forbidden by criminal law. However, if the communication passes through Mallory's back yard, we can let the attack happen because it's on Mallory's property. At the same time, if I sabotage the city water line that passes through my property, I can be held accountable. And rightly so. Mallory should also be held accountable for blocking communications. This is what needs to change. > It amazes me how many people on this list only respect private property > when it is convenient for them to do so. (For reference, see the "Tim May > argues (correctly) that people can't protest in his house" and, more > recently, the "Gilmore thinks airlines can't refuse him travel for any > reason they see fit" threads) There's a balance of rights, and obviously private property rights aren't going to always get priority. While they're high on my list in *some* cases, they don't top human rights. Some rights are a little more fundamental and important than private property rights. And when someone abuses their property to damage someone else, I have zero respect for their private property rights. So I'm not at all surprized that someone would perceive an inconsistency on this issue, because there are so many more important rights that have a greater bearing on peoples happiness. AOL isn't even a human, so to put the private property rights of AOL above the well-being of any human is a silly mistake. In my particular case, AOL is blocking me from talking to friends and family. I suppose I could argue that the packets I create and send are created with my private property and resources, so those packets are my property, and AOL is vandalizing my property by destroying these packets. You can argue that how you want, but the bottom line is that AOL is using their property to gain power to control who may talk to who. This is clearly an abusive use of property, and I have no tolarance for it. They need to be removed from power, and the consumers who contributed to the purchasing of their property need to be given some rights. So if you're saying that AOL's private property rights are supporting their effort to stop me from talking to my family, then of course I have very little respect for private property rights. I often see people using their private property to cause damage to others, so it's not real top on my list in these cases. From jtrjtrjtr2001 at yahoo.com Mon Aug 4 03:45:17 2003 From: jtrjtrjtr2001 at yahoo.com (Sarad AV) Date: Mon, 4 Aug 2003 03:45:17 -0700 (PDT) Subject: Slashdot | There Is No Single Instant In Time (fwd) In-Reply-To: Message-ID: <20030804104517.61942.qmail@web21210.mail.yahoo.com> hi, http://www.eurekalert.org/pub_releases/2003-07/icc-gwi072703.php "Lynds says that the paradoxes arose because people assumed wrongly that objects in motion had determined positions at any instant in time, thus freezing the bodies motion static at that instant and enabling the impossible situation of the paradoxes to be derived. "There's no such thing as an instant in time or present moment in nature. It's something entirely subjective that we project onto the world around us. That is, it's the outcome of brain function and consciousness." Sounds like a purely philosophical debate and a pretty crazy article. Regards Sarath. --- Jim Choate wrote: > > http://science.slashdot.org/science/03/08/03/029213.shtml?tid=134 > > > -- > > ____________________________________________________________________ > > We are all interested in the future for that > is where you and I > are going to spend the rest of our lives. > > Criswell, "Plan 9 from > Outer Space" > > ravage at ssz.com > jchoate at open-forge.org > www.ssz.com > www.open-forge.org > > -------------------------------------------------------------------- > __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com From ravage at einstein.ssz.com Mon Aug 4 04:45:17 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Mon, 4 Aug 2003 06:45:17 -0500 (CDT) Subject: Ethnomathematics-a rich cultural diversity (fwd) Message-ID: http://www.science.org.au/nova/073/073key.htm -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From ravage at einstein.ssz.com Mon Aug 4 04:47:05 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Mon, 4 Aug 2003 06:47:05 -0500 (CDT) Subject: kuro5hin.org || Distributed Denial of Existence (fwd) Message-ID: http://www.kuro5hin.org/story/2003/7/31/16429/1028 -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From ravage at einstein.ssz.com Mon Aug 4 04:50:32 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Mon, 4 Aug 2003 06:50:32 -0500 (CDT) Subject: USATODAY.com - Mapping and honing our interconnections (fwd) Message-ID: http://www.usatoday.com/tech/webguide/internetlife/2003-08-03-connected_x.htm -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From ravage at einstein.ssz.com Mon Aug 4 04:58:43 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Mon, 4 Aug 2003 06:58:43 -0500 (CDT) Subject: ABCNEWS.com : Sultans of Spam Are Flying High (fwd) Message-ID: http://www.abcnews.go.com/sections/scitech/US/spam030801.html -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From ravage at einstein.ssz.com Mon Aug 4 05:04:27 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Mon, 4 Aug 2003 07:04:27 -0500 (CDT) Subject: Slashdot | There Is No Single Instant In Time (fwd) In-Reply-To: <20030804104517.61942.qmail@web21210.mail.yahoo.com> Message-ID: On Mon, 4 Aug 2003, Sarad AV wrote: > Sounds like a purely philosophical debate and a pretty > crazy article. Hardly, it demonstrates a fundamental flaw in the current approach; the confusion of the model with that being modeled. The funny part is that it goes back to Newton. The impact should have some significant long term changes with regard to theories that rely on 'when/where' sorts of arguments. Such things as 'action at a distance' are involved (eg photon entanglement). Hardly 'purely philosophical', remote to any given individuals mundane world view perhaps but not with out some significant impact in the long term. -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From sunder at sunder.net Mon Aug 4 07:45:26 2003 From: sunder at sunder.net (Sunder) Date: Mon, 4 Aug 2003 10:45:26 -0400 (edt) Subject: [eff-austin] Antispam Bills: Worse Than Spam? In-Reply-To: <20030804050548.GE2196@tango.gombos.name> Message-ID: On Sun, 3 Aug 2003 mindfuq at comcast.net wrote: > * John Kozubik [2003-08-02 19:27]: > > > > That is incorrect. AOL owns their network, and they can respond to your > > arbitrary communications on their network in any way they see fit. > > Unfortunately, you're correct. What the fuck do you mean unfortunately? > Yes, this is the problem I'm trying to address. Normally when Alice > tries to transmit information to Bob, if Mallory decides to sabotage > the communication, this is a denial of service attack, forbidden by > criminal law. Why is it forbidden by law? Bob signed a contract with Mallory waiving certain rights in exchange for the service provided by Mallory. Mallory provided full disclosure of it's rights to Bob along with Bob's responsabilities, etc. Bob chose to accept those terms, how is this illegal again? If the service Mallory provides Bob is inadequate, that's between Mallory and Bob, not between Alice and Bob. Alice and Mallory have no contract what-so-ever. It's upto you, Alice, to convince Bob of this fact. If you can't, that's Bob's choice, not yours. And you have no business to interfere between Bob and Mallory. > However, if the communication passes through Mallory's back yard, we > can let the attack happen because it's on Mallory's property. Wrong. Bob agreed to those terms of service, it's not a denial of service, it's part of Bob's agreement with Mallory. > At the > same time, if I sabotage the city water line that passes through my > property, I can be held accountable. And rightly so. No. Either you have agreed to live in said house by purchasing it, and have therefore become a citizen of said city, and by such actions agreed to abide by it's laws, or pre-existing laws allowed the city to run such water services through your propery. This too is by contract. Where, Ms. Alice, is your contract with Mallory again? > Mallory should > also be held accountable for blocking communications. > This is what > needs to change. No, it does not. Please take this to alt.dumb.law.questions.asked.by.clueless.morons. This has nothing to do with cypherpunks. > AOL isn't even a human, so to put the private property rights of AOL > above the well-being of any human is a silly mistake. So, in that case if you need a red stapler, you should be able to break into AOL's offices and steal one????? Since fucking when? > In my particular case, AOL is blocking me from talking to friends and > family. That's the choice of your friends and family, not yours. Take it up with them, not AOL. > I suppose I could argue that the packets I create and send > are created with my private property and resources, so those packets > are my property, This is true - utpto the point where you place said packets on the internet. From that point on, while you may retain copyright (even that is questionable), you have explicity caused an automated action that takes said packets and puts them into the machine that is the internet, for it to do what it does. If some of the members of that machine do things differently than you expect, it sucks to be you, but that's your problem, not theirs. You decided to place those packets on that network, not the members of that network. If you put a book you wrote into a shredder, well, who are you going to sue? The shredder company? Or yourself? > and AOL is vandalizing my property by destroying > these packets. No, dumbass, you placed those packets on said network repeatedly after you have discovered that they will be dropped in the bit bucket, that's too bad for you. You've vandalized your own packets. > You can argue that how you want, but the bottom line > is that AOL is using their property to gain power to control who may > talk to who. And that is their right, as contractually agreed to by their customers - your friends and family members included. You have no stake in this, nor any relationship with AOL. > This is clearly an abusive use of property, and I have > no tolarance for it. No, you abused your own property knowing full well it would be dropped into the bit bucket right after the 1st time you tried it. And since you've got no contractual agreement with AOL, you have no expected reasonable expectation that AOL would forward your packets to your f&f, especially if AOL deems your packets to be harmful to it's network for whatever reason. > They need to be removed from power, and the > consumers who contributed to the purchasing of their property need to > be given some rights. > > So if you're saying that AOL's private property rights are supporting > their effort to stop me from talking to my family, then of course I > have very little respect for private property rights. I often see > people using their private property to cause damage to others, so it's > not real top on my list in these cases. > Your idiocy is showing. ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------ From ravage at einstein.ssz.com Mon Aug 4 16:47:36 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Mon, 4 Aug 2003 18:47:36 -0500 (CDT) Subject: Detention Deficit (fwd) Message-ID: http://www.reason.com/sullum/080103.shtml -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From ravage at einstein.ssz.com Mon Aug 4 16:47:53 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Mon, 4 Aug 2003 18:47:53 -0500 (CDT) Subject: FBI changing counterintelligence tactics (fwd) Message-ID: http://salon.com/news/wire/2003/08/04/fbi/index.html -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From ravage at einstein.ssz.com Mon Aug 4 16:48:45 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Mon, 4 Aug 2003 18:48:45 -0500 (CDT) Subject: Black Hat: Joining Forces to Fight Hacking (fwd) Message-ID: http://www.eweek.com/article2/0,3959,1205941,00.asp -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From observer at westnet.com Mon Aug 4 20:31:49 2003 From: observer at westnet.com (John F. McMullen) Date: Mon, 4 Aug 2003 23:31:49 -0400 (EDT) Subject: [johnmacsgroup] Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Conference Message-ID: Computer Voting Expert Ousted From Elections Conference Lynn Landes freelance journalist www.EcoTalk.org Denver CO Aug 1 - Dr. Rebecca Mercuri, a leading expert in voting machine security, had her conference credentials revoked by the president of the International Association of Clerks, Records, Election Officials, and Treasurers (IACREOT), Marianne Rickenbach. The annual IACREOT Conference and Trade Show, which showcases election systems to elections officials, is being held at the Adam's Mark Hotel in Denver all this week. Mercuri believes that her credentials were revoked because of her position in favor of voter-verified paper ballots for computerized election systems. "I guess in a very troubling way it makes sense that an organization like IACREOT, that supports paperless computerized voting systems, which are secret by their very design, would not want computer experts who disagree with that position at their meetings." Dr. Mercuri said that her credentials were approved for the first three days of the conference. She attended meetings of other groups and visited the exhibitors hall. But it was only on Thursday as she sat down to attend her first meeting at the IACREOT that President Marianne Rickenbach took Mercuri out of the room and told her that her credentials were being revoked. Rickenbach said that Mercuri had not filled out the forms correctly. Mercuri protested, but was refused reinstatement. David Chaum, the inventor of eCash and a member of Mercuri's 'voter-verified paper ballot' group, had his credentials revoked on the first day of the conference. On the second day his credentials were partially restored. Chaum was allowed to visit the exhibitors hall, but not attend the IACREOT meetings. Rickenbach was unavailable for comment as of this report. Mercuri can be reached at the Adam's Mark Hotel through Saturday. --------------------------- "When you come to the fork in the road, take it" - L.P. Berra "Always make new mistakes" -- Esther Dyson "Be precise in the use of words and expect precision from others" - Pierre Abelard "Any sufficiently advanced technology is indistinguishable from magic" -- Arthur C. Clarke "Bobby Layne never lost a game. Time just ran out." -- Doak Walker John F. McMullen johnmac at acm.org ICQ: 4368412 Fax: (603) 288-8440 johnmac at cyberspace.org http://www.westnet.com/~observer NOYFB,P ------------------------ Yahoo! Groups Sponsor ---------------------~--> Buy Ink Cartridges or Refill Kits for Your HP, Epson, Canon or Lexmark Printer at Myinks.com. Free s/h on orders $50 or more to the US & Canada. http://www.c1tracking.com/l.asp?cid=5511 http://us.click.yahoo.com/sO0ANB/LIdGAA/ySSFAA/XgSolB/TM ---------------------------------------------------------------------~-> To unsubscribe from this group, send an email to: johnmacsgroup-unsubscribe at yahoogroups.com Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From mindfuq at comcast.net Mon Aug 4 23:57:04 2003 From: mindfuq at comcast.net (mindfuq at comcast.net) Date: Mon, 4 Aug 2003 23:57:04 -0700 Subject: [eff-austin] Antispam Bills: Worse Than Spam? In-Reply-To: References: <20030804050548.GE2196@tango.gombos.name> Message-ID: <20030805065704.GF2201@tango.gombos.name> * Sunder [2003-08-04 17:00]: > > > Yes, this is the problem I'm trying to address. Normally when Alice > > tries to transmit information to Bob, if Mallory decides to sabotage > > the communication, this is a denial of service attack, forbidden by > > criminal law. > > Why is it forbidden by law? I can think of hundreds of reasons DoS attacks are illegal. Now I'm not sure if it's illegal everywhere; I'm only familar with the way it's written in the California Penal code, which is where Mallory is located in this case. But to answer your question, just look at all the damage that's caused by DoS attacks. Look at the Slammer worm. It would be a seriously neglectful to allow such damaging attacks on people and businesses. > Bob signed a contract with Mallory waiving certain rights in > exchange for the service provided by Mallory. Mallory provided full > disclosure of it's rights to Bob along with Bob's responsabilities, > etc. Bob chose to accept those terms, how is this illegal again? First of all, Bob was coerced into this contract because Bob had no idea that the fine print said there may be cases where he doesn't get the service he thinks he's paying for. Specifically, Mallory didn't tell Bob that she would be filtering his mail for him, and certainly didn't tell Bob that she would take the liberty of blocking some non-spam mail as well. Such a contract is quite questionable, and I'd like to see it put before a court for fair analysis. > If the service Mallory provides Bob is inadequate, that's between Mallory > and Bob, not between Alice and Bob. Alice and Mallory have no contract > what-so-ever. It's upto you, Alice, to convince Bob of this fact. If you > can't, that's Bob's choice, not yours. And you have no business to > interfere between Bob and Mallory. The problem with this argument is that Mallory is not just denying service to Bob, but Alice as well. Furthermore, Alice may not even have the option of explaining the service problem to Bob, because Mallory is preventing Alice from talking to Bob. Mallory is everyone's business, because a malicious attack on the Internet affects everyone. The fact that Bob is paying Mallory money doesn't make it okay- in fact, it worsens the problem, because the perpetrator is being compensated by her own victims. > > However, if the communication passes through Mallory's back yard, we > > can let the attack happen because it's on Mallory's property. > > Wrong. Bob agreed to those terms of service, it's not a denial of > service, it's part of Bob's agreement with Mallory. Such a contract is predatory, and has no business in this country. It prays on ignorant users, and provides a false representation for what the user is signing up for. FYI- you can't put anything you want in fine print, and expect it to be legally enforceable. Even if two parties agree that an illegal activity is okay, this does not legalize the activity. > > At the > > same time, if I sabotage the city water line that passes through my > > property, I can be held accountable. And rightly so. > > No. Either you have agreed to live in said house by purchasing it, and > have therefore become a citizen of said city, and by such actions agreed > to abide by it's laws, or pre-existing laws allowed the city to run such > water services through your propery. This too is by contract. This is just what I said. You're making my point here. Absolutely, I cannot sabotage the city water line that goes through my property. > Where, Ms. Alice, is your contract with Mallory again? No contract necessary; criminal law is enforceable w/out a contract. Even more so, actually, because there is no chance of a contract removing the effect of Alice's claim. > > AOL isn't even a human, so to put the private property rights of AOL > > above the well-being of any human is a silly mistake. > > So, in that case if you need a red stapler, you should be able to break > into AOL's offices and steal one????? Since fucking when? Certainly not- there is no superceding free speech right or anything of the kind that would entail stealing a stapler. Blocking email, OTOH, violates multiple rights: free speech, right to assemble and petition the government, freedom of enterprise.. it could even run into public safety issues. So this stapler analogy doesn't really work here. > > In my particular case, AOL is blocking me from talking to friends and > > family. > > That's the choice of your friends and family, not yours. Take it up with > them, not AOL. While I have gotten all but one friend and all family members to drop their AOL/Earthlink services, this still remains an issue for users whome I don't know personally. > > and AOL is vandalizing my property by destroying > > these packets. > > No, dumbass, you placed those packets on said network repeatedly after you > have discovered that they will be dropped in the bit bucket, that's too > bad for you. You've vandalized your own packets. I didn't do this, I created them- AOL is the one destroying things. I'm the aaahteeest, the creator.. AOL is the destroyer, using their property destructively. > > You can argue that how you want, but the bottom line > > is that AOL is using their property to gain power to control who may > > talk to who. > > And that is their right, as contractually agreed to by their customers - > your friends and family members included. You have no stake in this, nor > any relationship with AOL. Like I said, DoS laws don't require there to be a contract between Alice and Mallory. In fact, it *usually* is the case that Mallory and Alice have no contract. If you do a ping of death attack on victim.com, do you actually think that absense of a contract between you and victim.com gives you the right to do this? Absurd. Contract or not, DoS attacks are illegal. If Bob signs a contract with Mallory allowing Mallory to do a DoS attack on him, he's the only one who may not be able to take action. But the state can still take action, as well as other victims who didn't sign their rights away (Alice, for example). > > This is clearly an abusive use of property, and I have > > no tolarance for it. > > No, you abused your own property knowing full well it would be dropped > into the bit bucket right after the 1st time you tried it. And since > you've got no contractual agreement with AOL, you have no expected > reasonable expectation that AOL would forward your packets to your f&f, > especially if AOL deems your packets to be harmful to it's network for > whatever reason. It's quite reasonable to expect corporations to abide by all laws in their jurisdiction. > > They need to be removed from power, and the > > consumers who contributed to the purchasing of their property need to > > be given some rights. > > > > So if you're saying that AOL's private property rights are supporting > > their effort to stop me from talking to my family, then of course I > > have very little respect for private property rights. I often see > > people using their private property to cause damage to others, so it's > > not real top on my list in these cases. > > > > Your idiocy is showing. Ad hominem. It's natural to get frustrated when your words don't carry much weight, but this only decreases your credibility. You just need to work on better angles, and find better ways to illustrate the points you're trying to support. Even I could come up with a better argument against myself than this worthless argument you present. Need some help? You might argue that AOL's property rights are sacred, and above all other rights. You might challenge me to produce an example of private property being used to damage others. You could argue that it doesn't matter who gave AOL the money to buy their property, it's theirs regardless. Just pick one. The only idiot here is you if you can only produce an ad hominem. You need to work on that. From bill.stewart at pobox.com Tue Aug 5 01:07:10 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Tue, 05 Aug 2003 01:07:10 -0700 Subject: Slow but interesting sender-hiding covert channel program Message-ID: <5.1.1.6.2.20030805003511.02eaee38@idiom.com> Rob Lemos reports on the following presentation at Blackhat by Mark Loveless of Bindview; I've got some comments. ----------------- PROGRAM WOULD HIDE NET COMMUNICATIONS CNET reports about a program called NCovert, which uses spoofing techniques to hide the source of communications and the data that travels over the network. The technique makes it almost impossible to track where the original message came from, because the data holds only the addresses of the recipient and the third-party server. http://news.com.com/2100-1002-5058535.html -------------------------------- The technique works by hiding four bytes of data in the TCP header's ISN field, bouncing packets off one or more innocent third-party machines, setting your destination IP address to the third-party and forging your recipient's IP as the source, so the recipient appears connection accepts or rejects from real, fake, or random locations, and the real message is hidden in the header fields. The connection type can be something credible like email or http. Of course, there _are_ ISPs that do spoof-proofing, so if your ISP does this, you won't be able to forge the recipient's address on your outgoing packets usefully. Spoof-proofing usually limits you to addresses in the subnet used by your internet connection - if you've got a /24, you can impersonate one of 254 locations near yours, but if anybody's seriously trying to track you, you're busted. There's also the problem that, unless it's sending call setups that the recipient is rejecting, there'll be a lot of half-open TCP connections on the recipients, which is a DOS problem. It's cute, though. Also, Bindview's security tools site does have an interesting spoofing-detection program that works by looking at TTL values for packets you receive that are suspected of being spoofed - it traces a connection to/from the purported source IP address and sees whether the time-to-live field on the suspicious packet is close enough to one from the real route to be believable or declares it to be bogus if it's too far off. From shamrock at cypherpunks.to Tue Aug 5 01:34:47 2003 From: shamrock at cypherpunks.to (Lucky Green) Date: Tue, 5 Aug 2003 01:34:47 -0700 Subject: Digicash Patents In-Reply-To: <9B3429B2-C385-11D7-A53B-000A956B4C74@got.net> Message-ID: <001601c35b2c$6e4a7d50$7201a8c0@VAIO650> Tim wrote: > Some people expected a "land rush" when the main RSA patents expired > several years ago. Parties were even thrown. The land rush never > happened. Just a reminder that there will be a Blind Signature Patent Expiry party at my place the Saturday before the blind signature patent expires. (The patent expires on a Tuesday. I called dibs on that party years ago). --Lucky From ghicks at cadence.com Tue Aug 5 02:02:04 2003 From: ghicks at cadence.com (ghicks at cadence.com) Date: Tue, 5 Aug 2003 02:02:04 -0700 (PDT) Subject: What happened to the Cryptography list...? Message-ID: Kind sir: As the subject says... All of a sudden mail just stopped. Figuring that I had, somehow, become unsubscribed from the list, I tried to re-subscribe. This resulted in an "Unknown list" message from majordomo at wasabisystems... Any ideas? could assist please? I know that you are not the list owner, but you, at one time, seemed to be active on the list. Regards, Gregory Hicks --- end forwarded text From ghicks at cadence.com Tue Aug 5 02:02:04 2003 From: ghicks at cadence.com (ghicks at cadence.com) Date: Tue, 5 Aug 2003 02:02:04 -0700 (PDT) Subject: What happened to the Cryptography list...? Message-ID: Kind sir: As the subject says... All of a sudden mail just stopped. Figuring that I had, somehow, become unsubscribed from the list, I tried to re-subscribe. This resulted in an "Unknown list" message from majordomo at wasabisystems... Any ideas? could assist please? I know that you are not the list owner, but you, at one time, seemed to be active on the list. Regards, Gregory Hicks --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From ravage at einstein.ssz.com Tue Aug 5 04:41:50 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Tue, 5 Aug 2003 06:41:50 -0500 (CDT) Subject: Austin Cypherpunks Monthly Meet, Aug. 12. Message-ID: Time: Aug. 12, 2003 Second Tuesday of each month 7:00 - 9:00 pm (or later) Location: Central Market HEB Cafe 38th and N. Lamar Weather permitting we meet in the un-covered tables. If it's inclimate but not overly cold we meet in the outside covered section. Otherwise look for us inside the building proper. Identification: Look for the group with the "Applied Cryptography" book. It will have a red cover and is about 2 in. thick. Contact Info: http://einstein.ssz.com/cdr/index.html#austincpunks -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From ravage at einstein.ssz.com Tue Aug 5 04:57:59 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Tue, 5 Aug 2003 06:57:59 -0500 (CDT) Subject: CNN.com - Linux gets sensitive government use approval - Aug. 5, 2003 (fwd) Message-ID: http://www.cnn.com/2003/TECH/industry/08/05/linux.software.ap/index.html -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From ravage at einstein.ssz.com Tue Aug 5 04:59:15 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Tue, 5 Aug 2003 06:59:15 -0500 (CDT) Subject: The Register - Meet the 'transhumanists' behind the Pentagon terror casino (re Extropian) (fwd) Message-ID: http://www.theregister.co.uk/content/6/32170.html -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From sunder at sunder.net Tue Aug 5 07:12:46 2003 From: sunder at sunder.net (Sunder) Date: Tue, 5 Aug 2003 10:12:46 -0400 (edt) Subject: [eff-austin] Antispam Bills: Worse Than Spam? In-Reply-To: <20030805065704.GF2201@tango.gombos.name> Message-ID: ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------ On Mon, 4 Aug 2003 mindfuq at comcast.net wrote: > * Sunder [2003-08-04 17:00]: > > > > > Yes, this is the problem I'm trying to address. Normally when Alice > > > tries to transmit information to Bob, if Mallory decides to sabotage > > > the communication, this is a denial of service attack, forbidden by > > > criminal law. > > > > Why is it forbidden by law? > > I can think of hundreds of reasons DoS attacks are illegal. Now I'm > not sure if it's illegal everywhere; I'm only familar with the way > it's written in the California Penal code, which is where Mallory is > located in this case. But to answer your question, just look at all > the damage that's caused by DoS attacks. Look at the Slammer worm. > It would be a seriously neglectful to allow such damaging attacks on > people and businesses. No, you're ignoring my whole entire arguement - and that is telling. You realize you're wrong, but just refuse to admit it. I didn't ask why denial of service attacks are forbidden by law. That's obvious. I asked why would AOL's policies in terms of their service agreements be forbidden by law when their customers agreed to them? They're not necessarily considered a common carrier since they decided a long time ago to police the content of their service. > > Bob signed a contract with Mallory waiving certain rights in > > exchange for the service provided by Mallory. Mallory provided full > > disclosure of it's rights to Bob along with Bob's responsabilities, > > etc. Bob chose to accept those terms, how is this illegal again? > > First of all, Bob was coerced into this contract because Bob had no > idea that the fine print said there may be cases where he doesn't get > the service he thinks he's paying for. Specifically, Mallory didn't > tell Bob that she would be filtering his mail for him, and certainly > didn't tell Bob that she would take the liberty of blocking some > non-spam mail as well. Such a contract is quite questionable, and I'd > like to see it put before a court for fair analysis. Not at all. Bob agreed to the terms of service and was asked to both read and acknowledge that he read them. AOL's terms of service are available for anyone to read at any time. Regardless, should Bob not live up to his end of said agreement, the contract would be null and void, as would his access. At the same time Bob is free to sever his contract with AOL by the same rules. Your claim that Bob was coerced is exteremely dubious. There is no proof of this, we do not have Bob here claiming this. We have, only you, a third party uninvolved in Bob's agreement with AOL making such claims because you cannot communicate with Bob. Either way, if Bob is unsure of what he agreed to, he (and you) can check these pages: http://www.aol.com/copyright.adp and http://www.aol.com/copyright/rules.html Some relevant quotes addressing your dumb arguements: ------------ "By using this site, you signify your agreement to all terms, conditions, and notices contained or referenced herein (the "Terms of Use"). If you do not agree to these Terms of Use please do not use this site. We reserve the right, at our discretion, to update or revise these Terms of Use. Please check the Terms periodically for changes. Your continued use of this site following the posting of any changes to the Terms of Use constitutes acceptance of those changes." "ALL MATERIALS, INFORMATION, SOFTWARE, PRODUCTS, AND SERVICES INCLUDED IN OR AVAILABLE THROUGH THIS SITE (THE "CONTENT") ARE PROVIDED "AS IS" AND "AS AVAILABLE" FOR YOUR USE." "America Online reserves the right, in its sole discretion, to terminate your access to all or part of this site, with or without notice." "However, America Online and its agents have the right at their sole discretion to remove any content that, in America Online's judgment, does not comply with the Rules of User Conduct or is otherwise harmful, objectionable, or inaccurate. America Online is not responsible for any failure or delay in removing such content." -------------- These are the terms to which Bob has agreed to. It clearly states that AOL may if it chooses to remove access to content it deems harmful for whatever reason. It does not list what those reasons are, therefore, they are at its discretion - NOT AT YOURS. There is no need for any law to change this. Bob and AOL both voluntarily agreed to these terms. End of story. > > If the service Mallory provides Bob is inadequate, that's between Mallory > > and Bob, not between Alice and Bob. Alice and Mallory have no contract > > what-so-ever. It's upto you, Alice, to convince Bob of this fact. If you > > can't, that's Bob's choice, not yours. And you have no business to > > interfere between Bob and Mallory. > > The problem with this argument is that Mallory is not just denying > service to Bob, but Alice as well. Furthermore, Alice may not even > have the option of explaining the service problem to Bob, because > Mallory is preventing Alice from talking to Bob. Stop right there. AOL's contract is with Bob. NOT WITH you, ALICE. You have no claims to make. You have no contract with AOL, it is under no obligation whatsoever to deal with you. If you don't like that, sign up with AOL, agree to their terms, and file a complaint - if those rules will allow you to do so. Otherwise, you have no way to interfere with the agreement between Bob and AOL. > Mallory is everyone's business, because a malicious attack on the > Internet affects everyone. The fact that Bob is paying Mallory money > doesn't make it okay- in fact, it worsens the problem, because the > perpetrator is being compensated by her own victims. No. There is no such legal entity as "The Internet." AOL, like all other ISP's (I'm stretching the term here) has contractual agreements with other ISP's from which it obtains service. Depending on what those rules allow, AOL may or may not be playing by the rules. That's up to whomever feeds AOL to decide, not you. You are not AOL's ISP. You have no contract with AOL on that level either. AOL is not actively causing any denial of service to anyone other than those who agreed to be subject to AOL's jurisdiction - by contract. Says so in their terms that they reserve the right to do this. > Such a contract is predatory, and has no business in this country. It > prays on ignorant users, and provides a false representation for what > the user is signing up for. FYI- you can't put anything you want in > fine print, and expect it to be legally enforceable. Even if two > parties agree that an illegal activity is okay, this does not legalize > the activity. That is not upto you to decide. That is upto Bob. Since you haven't entered any business agreement with AOL, you cannot make such claims against them. > > No. Either you have agreed to live in said house by purchasing it, and > > have therefore become a citizen of said city, and by such actions agreed > > to abide by it's laws, or pre-existing laws allowed the city to run such > > water services through your propery. This too is by contract. > > This is just what I said. You're making my point here. I am? So, then you understand that you have no claims whatsoever against AOL since you aren't using their service, nor have any contract whatsoever with them? Then why all the BS? > Absolutely, I > cannot sabotage the city water line that goes through my property. Of course, because they're providing you with water service. Therefore, you have agreed to those implict or explicit terms. You have a contract with the city, or the water company. Either because that's what the laws of the city state, or because you've signed a contract with the water company agreeing to their terms. Just like Bob signed a contract with AOL. So what's your beef??? > > Where, Ms. Alice, is your contract with Mallory again? > > No contract necessary; criminal law is enforceable w/out a contract. > Even more so, actually, because there is no chance of a contract > removing the effect of Alice's claim. Where's the crime again? > > So, in that case if you need a red stapler, you should be able to break > > into AOL's offices and steal one????? Since fucking when? > > Certainly not- there is no superceding free speech right or anything > of the kind that would entail stealing a stapler. Hey, you're the one that claimed that the needs of humans outweigh those of a corporation. So by that logic, not that I agree with it, should you need a stapler, you should be able to take one from AOL. Of course it's assinine. That's what I'm trying to show you. That your arguement is full of shit. > Blocking email, > OTOH, violates multiple rights: free speech, right to assemble and > petition the government, freedom of enterprise.. it could even run > into public safety issues. So this stapler analogy doesn't really > work here. The 1st ammended prevents >CONGRESS< from limiting the freedom of speech. More precisely from creating laws that do so. It does not limit private or public companies from doing so. The 1st has nothing to do with this. You're clueless. > While I have gotten all but one friend and all family members to drop > their AOL/Earthlink services, this still remains an issue for users > whome I don't know personally. And you have no contract with either AOL or that friend. Like I said, you have no right to interfere in AOL's business. If you can convince their subscribers that AOL sucks, and they chose to cancel their service, that's fine, that's wonderful - though if AOL finds out, they may sue you for loss of business. > > No, dumbass, you placed those packets on said network repeatedly after you > > have discovered that they will be dropped in the bit bucket, that's too > > bad for you. You've vandalized your own packets. > > I didn't do this, I created them- AOL is the one destroying things. > I'm the aaahteeest, the creator.. AOL is the destroyer, using their > property destructively. Yes, you did. As soon as you hit the send button in your mailer and had a To:, CC:, BCC: header containing @aol.com. Your actions caused your email to be sent to AOL's mail servers, which - as you already expected since you knew, caused them to be deleted. Further, I would urge you read your ISP's terms of service. There's no place in there that they guarantee delivery of email to an end user of another ISP. Because they can't. So you have no such expectation. I'm done with this, you're too clueless to continue. Come back when you get some brains. From ptrei at rsasecurity.com Tue Aug 5 07:14:27 2003 From: ptrei at rsasecurity.com (Trei, Peter) Date: Tue, 5 Aug 2003 10:14:27 -0400 Subject: Trouble at HavenCo? Message-ID: http://rss.com.com/2100-1028_35059676.html?type=pt&part=rss&tag=feed&subj=ne ws Has 'haven' for questionable sites sunk? By Declan McCullagh Staff Writer, CNET News.com August 4, 2003, 1:38 PM PT LAS VEGAS--A widely publicized project to transform a platform in the English Channel into a "safe haven" for controversial Web businesses has failed due to political, technical and management problems, one of the company's founders said. Ryan Lackey, former chief technology officer of HavenCo, said on Sunday afternoon that he left the project because his business partners had become nervous about hosting objectionable material and were leading the company toward financial ruin, with only about six customers remaining. From ptrei at rsasecurity.com Tue Aug 5 08:03:25 2003 From: ptrei at rsasecurity.com (Trei, Peter) Date: Tue, 5 Aug 2003 11:03:25 -0400 Subject: Trouble at HavenCo? Message-ID: Sunder sent me a better link... http://www.businessweek.com/technology/cnet/stories/5059676.htm Peter > ---------- > From: Trei, Peter > Sent: Tuesday, August 05, 2003 10:14 AM > To: 'cypherpunks at lne.com' > Subject: Trouble at HavenCo? > > http://rss.com.com/2100-1028_35059676.html?type=pt&part=rss&tag=feed&subj= > ne > ws > > > Has 'haven' for questionable sites sunk? > > By Declan McCullagh > Staff Writer, CNET News.com > August 4, 2003, 1:38 PM PT > > LAS VEGAS--A widely publicized > project to transform a platform in > the English Channel into a "safe > haven" for controversial Web > businesses has failed due to > political, technical and management > problems, one of the company's > founders said. > > Ryan Lackey, former chief technology > officer of HavenCo, said on Sunday > afternoon that he left the project > because his business partners > had become nervous about > hosting objectionable material > and were leading the company > toward financial ruin, with only > about six customers remaining. From timcmay at got.net Tue Aug 5 11:30:41 2003 From: timcmay at got.net (Tim May) Date: Tue, 5 Aug 2003 11:30:41 -0700 Subject: They never learn: "Omniva Policy Systems" Message-ID: I ran across a reference to this company, which says it has raised $20 M in VC financing and which claims it has a system which implements the digital equivalent of "disappearing ink." (Perhaps distilled from snake oil?) The URL is still called disappearing.com, but the company is now called Omniva Policy Systems. A URL is: http://www.disappearing.com/ I guarantee that anything a human eye can read can be captured for later use, whether by bypassing the probably-weak program, by using other tools to read the mail spool, by capturing the screen buffer, or, if worst comes to worst, simply photographing the screen with an inexpensive digital camera and then either using the captured image as is or by running it through an OCR. It happens that I have met the founder of this company at a couple of parties at my house, so I have no idea what got into him with this late-90s-founded company. Maybe he was just exploiting the suckers. Their system, which makes varius references to being "Outlook"-compatible, may deter the nitwits from easily saving and printing, but it is not the nitwits one wants to deal with. Even the corporate whistleblowers (played by Julia Roberts in that movie "Erin Brockovitch") can very easily learn enough to open their mail with another program, or grep the spool directly, or use the other tools. Again, photographing the screen works perfectly well. And reliance on "Outlook," if this is what their scheme relies on, seems horribly limiting. What of those using Entourage, or Mail, or any of the dozens of platforms and news readers in existence. The site mentions that they are now Blackberry-compliant. Well, does this mean employees of the companies using "Omniva Policy Manager" cannot read their mail on their Palms, or their laptops running other mail programs, and so on? Seems like a fatally-flawed basis for a company. --Tim May "As my father told me long ago, the objective is not to convince someone with your arguments but to provide the arguments with which he later convinces himself." -- David Friedman From timcmay at got.net Tue Aug 5 11:40:09 2003 From: timcmay at got.net (Tim May) Date: Tue, 5 Aug 2003 11:40:09 -0700 Subject: The last detritus of the dot bombs Message-ID: <3D881C0B-C774-11D7-BD95-000A956B4C74@got.net> As I'm feeling chatty this morning, I'll comment on another trend I've been seeing a lot of. While reading the Andrew Orlowski piece on Robin Hanson and the PAM/terror futures thing ( the URL is ) I got to thinking about "What ever happened to Max More?" (the founder of the Extropians group) I did some Googling and found out he and his wife (Natasha Vita-More...the Extropians often change their names to more future-sounding monikers) are some kind of "motivational coaches" or involved in software to do the same. Then while Googling on Omnivora Policy Systems, or whatever that "disappearing ink" company is, I ran across the name Jeff Ubois, the guy who attended some of my parties. His resume is chockfull of references to "motivational' and "coaching" and similar squishy-soft consulting gigs. Way too many people think they can become the next Tony Robbins, that Neanderthal on late night t.v. selling motivational tapes. The good ideas, the good companies, the good technology...it comes from good ideas and good products, not from EST nonsense, not from motivational coaches, not from late night hucksters. Having talked to some of these folks, though not for the past few years, it really bugs me to see them going down this bullshit path. --Tim May "The only purpose for which power can be rightfully exercised over any member of a civilized community, against his will, is to prevent harm to others. His own good, either physical or moral, is not a sufficient warrant." --John Stuart Mill From timcmay at got.net Tue Aug 5 11:47:23 2003 From: timcmay at got.net (Tim May) Date: Tue, 5 Aug 2003 11:47:23 -0700 Subject: Trouble at HavenCo? In-Reply-To: <12.344a76a8.2c61503a@aol.com> Message-ID: <408255F0-C775-11D7-BD95-000A956B4C74@got.net> On Tuesday, August 5, 2003, at 11:23 AM, Freematt357 at aol.com wrote: > HavenCo's error was not initially raising the necessary cash to buy > Sealand > outright from the Bates, or if that didn't work they could have done > it the old > fashioned way by marrying into the family. Not having total control > led to > this outcome. > > As they say it's good to be king. The bigger and more glaring flaw--pointed out by many of us, years ago--was in having an identifiable nexus for pressure to be applied. Cf. the archives for much discussion of what would happen when MI-6 finally got tired of them, or of when Mossad decided to do something about things, or when Hollywood got fed up. Bruce Sterling dealt with this in "Islands in the Net," circa 1988, which predated Cypherpunks by several years and which was coming out just about when I was writing up my first things on crypto anarchy. I though Sterling had placed much too much emphasis on the havens' attempt to be physically secure by owning small countries and not nearly enough (if any) emphasis on using strong cryptography to achieve security inside cypherspace, a la "True Names." The idea of being secure in plain sight within the claimed territorial waters of Britain was just too laughable. --Tim May "We are at war with Oceania. We have always been at war with Oceania." "We are at war with Eurasia. We have always been at war with Eurasia." "We are at war with Iraq. We have always been at war with Iraq. "We are at war with Havenco. We have always been at war with Havenco." From camera_lumina at hotmail.com Tue Aug 5 09:38:38 2003 From: camera_lumina at hotmail.com (Tyler Durden) Date: Tue, 05 Aug 2003 12:38:38 -0400 Subject: IPSec vs SSL Message-ID: Continued proliferation of commercialized technologies. I also saw an add in Business week for a Blacberry-enabled Palm Phone. Mobile security and "Triple DES" were explicitly mentioned. No doubt 'permissionless' approaches ocasionally yield useful fruit, but the IP-->VC$$$-->Startup route is at least as important. -TD AUGUST 04, 2003 PREVIOUS NEWS ANALYSIS SSL Players Get Feature-Happy -------------------------------------------------------------------------------- Aventail Corp. and Neoteris Inc. are upgrading security gear to keep pace with virtual private networking (VPN) rivals that have focused on IPSec technology. Today, the companies made separate announcements regarding new features to their clientless Secure Socket Layer (SSL) VPN solutions (see Neoteris Expands SSL Access and Aventail Upgrades VPN Kit ). In an effort to build products that can eventually replace IPSec VPNs, they've each added broader application support, a key issue for SSL VPNs. The move is important because SSL gear risks becoming somewhat generic; more features will be needed to keep pace with technologies such as IPSec. For Aventail and Netoeris to succeed they need to become a full replacement for IPsec, says Michael Suby, senior research analyst with Stratecast Partners. Theyve got to prove that SSL holds more value, is just as secure, costs less, and is easier to manage than IPSec. IT managers today have two choices when it comes to secure remote access. They can deploy IPSec clients on individual laptops, desktops, and mobile devices, or they can use an SSL solution, which utilizes encryption capabilities built into browsers and does not require a client-side software installation other than the browser. Each solution has its pros and cons. Its a tradeoff between the simplicity of SSL VPNs and the security of IPSec VPNs. Emerging SSL VPN technologies generally deliver secure access to more places at a lower total cost of ownership, because they include less administrative overhead. But these benefits typically come at the cost of important features already available in IPSec solutions, like strong desktop security and broad application support. As a result, most companies use a combination of the technologies, depending on the application. Some IPSec vendors are starting to add SSL technology. To combat this trend, Aventail and Neoteris are taking SSL VPNs to the next level with enhanced support for additional applications. Neoteris has added a new product it calls Network Connect. Instead of creating a secure tunnel for a particular application, Network Connect creates a tunnel for a network connection. Just like an IPSec network tunnel, this allows users access to the entire network, including complex applications like streaming media and voice over IP. But unlike IPSec, the company asserts that a full-fledged client is not required on end-users devices, making it easier to manage and deploy. The company also announced that it has developed application programming interfaces for integration with security products from other companies like InfoExpress, Network Associates Inc. (NYSE: NET - message board), Sygate Technologies Inc., and Zone Labs. And it has fully integrated features from Network Associates and Fortinet Inc. to provide anti-virus support on its appliances. Aventail has also added new capabilities to its OnDemand 3.0 product that will expand the type of applications it can support. For example, it will now support dynamic traffic redirection, which allows it to identify and secure traffic by domain, IP range, or subnet. This eliminates the need for making unnecessary changes to IT infrastructure like the domain name servers, desktops, or applications. OnDemand 3.0 also now includes support for dynamic port assignments. This allows it to support applications that use a complex, changing range of ports, like those from SAP AG (NYSE/Frankfurt: SAP - message board) and Siebel Systems Inc. (Nasdaq: SEBL - message board). But the competition from incumbent equipment providers is heating up. Nortel Networks Corp. (NYSE/Toronto: NT - message board), which also sells an IPSec solution in its Contivity product line, has continued to add new SSL VPN features to its Alteon Web switch (see Nortel Expands Security Portfolio ). Nokia Corp. (NYSE: NOK - message board), a leader in mobile/wireless devices, announced SSL VPN support this summer (see Nokia Sweetens SSL ). Cisco Systems Inc. (Nasdaq: CSCO - message board) is also expected to make an SSL announcement soon. NetScreen Technologies Inc. (Nasdaq: NSCN - message board) is supposedly shopping for a startup to buy (see NetScreen SSL Move Likely ). And Check Point Software Technologies Ltd. (Nasdaq: CHKP - message board) is likely to evolve its current SSL solution. When you have Cisco, Check Point, Nokia, and Nortel all with something in this market and all with channel distributors, its tough competition for a small private company, says Stratecast's Suby. You can be a niche player for SSL, but these small private companies are going to have to tie their wagons to a large IPSec vendor or some other kind of vendor. Consolidation has already started happening. F5 Networks Inc. (Nasdaq: FFIV - message board), a load balancing appliance vendor, announced two weeks ago that it was acquiring SSL startup uRoam (see F5 Buys Into SSL VPNs ). There is still a long list of SSL VPN suppliers out there including: Array Networks Inc., Aspelle Ltd., Netilla Networks Inc., NetScaler Inc., SafeWeb Inc., and Whale Communications Ltd.  Marguerite Reardon, Senior Editor, Light Reading _________________________________________________________________ The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail From bill.stewart at pobox.com Tue Aug 5 13:00:28 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Tue, 05 Aug 2003 13:00:28 -0700 Subject: They never learn: "Omniva Policy Systems" In-Reply-To: Message-ID: <5.1.1.6.2.20030805123823.02e9c340@idiom.com> At 11:30 AM 08/05/2003 -0700, Tim May wrote: >I ran across a reference to this company, which says it has raised $20 M >in VC financing and which claims it has a system which implements the >digital equivalent of "disappearing ink." >(Perhaps distilled from snake oil?) >The URL is still called disappearing.com, but the company is now called >Omniva Policy Systems. A URL is: > >http://www.disappearing.com/ > >I guarantee that anything a human eye can read can be captured for later >use, whether by bypassing the probably-weak program, by using other tools >to read the mail spool, by capturing the screen buffer, or, if worst comes >to worst, simply photographing the screen with an inexpensive digital >camera and then either using the captured image as is or by running it >through an OCR. It's nice to see that they're still around, unlike so many dot.bombs. The founder came and talked to Cypherpunks just after their PR launch (IIRC, Bill Scannell was involved in getting them into US today.) He started off by being very clear about what problems they were and weren't trying to solve. They were trying to solve the problem of making messages expire when all the parties involved are cooperating. He viewed the problem of preventing non-cooperating parties from saving copies to be unsolvable snake oil and he wasn't trying to solve it. They're more concerned with data retention problems, aka the "Ollie North Email Backups" problem or "Embarassing Bill Gates Memo" problem - making sure that when things are supposed to be deleted that they stay deleted, and that if you don't explicitly make sure you keep sensitive material that it'll disappear. ~~~~ In your other message, you mentioned that several Extropians were doing really squishy stuff, and mentioned that Jeff Ubois's resume also appeared to be. Maybe you found a resume that I didn't, but http://www.ubois.com/id24.htm mostly lists working with technology companies plus writing articles for various technical magazines and less-technical newspapers. There was some marketing in there, but I didn't see any "motivational" or "coaching" stuff except other people's material on a website he's got stuff on. Googling for "Ubois" picks up a lot of "Dubois" references, though :-) I may rant separately about Orlowski's hit piece on Robin Hanson... From morlockelloi at yahoo.com Tue Aug 5 13:07:10 2003 From: morlockelloi at yahoo.com (Morlock Elloi) Date: Tue, 5 Aug 2003 13:07:10 -0700 (PDT) Subject: They never learn: "Omniva Policy Systems" In-Reply-To: Message-ID: <20030805200710.34023.qmail@web40609.mail.yahoo.com> > seems horribly limiting. What of those using Entourage, or Mail, or any > of the dozens of platforms and news readers in existence. The site > mentions that they are now Blackberry-compliant. Well, does this mean > employees of the companies using "Omniva Policy Manager" cannot read > their mail on their Palms, or their laptops running other mail > programs, and so on? My experience with ordinary "Joe Six Suits" users is that they are progressively dumber and understand less and less tools they use to powerpoint on. The gap between reality and their understanding of "computers" is widening. Computers have finally adapted to idiots. At this point snake oils as the mentioned one is perfectly fundable and marketable. There is a significant user base that it will work for. Remember all discussions about single DES being good enough only for braindead ? Well, now they are past that. Layer 7 interface obstacles are now good enough. ===== end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com From declan at well.com Tue Aug 5 10:13:20 2003 From: declan at well.com (Declan McCullagh) Date: Tue, 5 Aug 2003 13:13:20 -0400 Subject: Trouble at HavenCo? In-Reply-To: ; from ptrei@rsasecurity.com on Tue, Aug 05, 2003 at 11:03:25AM -0400 References: Message-ID: <20030805131320.A5017@cluebot.com> Actually the best link for my stories is the News.com site: http://news.com.com/2100-1028-5059676.html They include relevant links; they include better formatting; they include photographs; they are updated faster. News.com syndicates may not include those features. -Declan On Tue, Aug 05, 2003 at 11:03:25AM -0400, Trei, Peter wrote: > Sunder sent me a better link... > > http://www.businessweek.com/technology/cnet/stories/5059676.htm > > Peter > > > ---------- > > From: Trei, Peter > > Sent: Tuesday, August 05, 2003 10:14 AM > > To: 'cypherpunks at lne.com' > > Subject: Trouble at HavenCo? > > > > http://rss.com.com/2100-1028_35059676.html?type=pt&part=rss&tag=feed&subj= > > ne > > ws > > > > > > Has 'haven' for questionable sites sunk? > > > > By Declan McCullagh > > Staff Writer, CNET News.com > > August 4, 2003, 1:38 PM PT > > > > LAS VEGAS--A widely publicized > > project to transform a platform in > > the English Channel into a "safe > > haven" for controversial Web > > businesses has failed due to > > political, technical and management > > problems, one of the company's > > founders said. > > > > Ryan Lackey, former chief technology > > officer of HavenCo, said on Sunday > > afternoon that he left the project > > because his business partners > > had become nervous about > > hosting objectionable material > > and were leading the company > > toward financial ruin, with only > > about six customers remaining. From s.schear at comcast.net Tue Aug 5 13:57:05 2003 From: s.schear at comcast.net (Steve Schear) Date: Tue, 05 Aug 2003 13:57:05 -0700 Subject: Others speak out in support of PAM In-Reply-To: <102.332faa5a.2c61556a@aol.com> Message-ID: <5.2.1.1.0.20030805135231.04962b30@mail.comcast.net> The Good Side of the Terror Futures Idea (Yes, There is One) Dr. David M. Pennock http://dpennock.com/pam.html Terror `market' was a creative idea killed by know-nothings By Pat Buchanan http://www.bayarea.com/mld/mercurynews/news/opinion/6460808.htm "Everything that is not forbidden is prohibited" -- Jim Davidson From rah at shipwright.com Tue Aug 5 11:00:53 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 5 Aug 2003 14:00:53 -0400 Subject: What happened to the Cryptography list...? Message-ID: --- begin forwarded text From Freematt357 at aol.com Tue Aug 5 11:23:54 2003 From: Freematt357 at aol.com (Freematt357 at aol.com) Date: Tue, 5 Aug 2003 14:23:54 EDT Subject: Trouble at HavenCo? Message-ID: <12.344a76a8.2c61503a@aol.com> HavenCo's error was not initially raising the necessary cash to buy Sealand outright from the Bates, or if that didn't work they could have done it the old fashioned way by marrying into the family. Not having total control led to this outcome. As they say it's good to be king. Regards, Matt- From Freematt357 at aol.com Tue Aug 5 11:46:02 2003 From: Freematt357 at aol.com (Freematt357 at aol.com) Date: Tue, 5 Aug 2003 14:46:02 EDT Subject: The Independent Institute's take on PAM Message-ID: <102.332faa5a.2c61556a@aol.com> THE LIGHTHOUSE, the weekly e-mail newsletter of The Independent Institute, the non-politicized public-policy research organization. "Enlightening Ideas for Public Policy..." http://www.independent.org/tii/lighthouse/Lighthouse.html. Excerpted via :Vol. 5, Issue 31, August 4, 2003 PENTAGON SCRAPS INFORMATION MARKET Even those who understandably scorned the Pentagon's recently cancelled Policy Analysis Market (PAM) -- a.k.a. the terrorism futures market, as some detractors called it -- should admit that it was innovative in a badly needed way. In proposing a virtual market to help predict contingencies in the Middle East and elsewhere, PAM set out to achieve what years of pseudo-reform of U.S. military and intelligence agencies had failed even to attempt -- to bypass the hierarchical bureaucracy that has led to numerous deadly intelligence failures. By making use of the knowledge of thousands of people willing to put their money on the line (maximum bet: $100), PAM was based on the insight that markets, driven by economic actors with powerful incentives to guess correctly, often know better than a handful of professional prognosticators. This point has been well illustrated by the web-based Iowa Political Stock Market, a virtual market that has consistently predicted election outcomes more accurately than pollsters. Because PAM was controversial for more than one reason, it should not be surprising that it was misrepresented by politicians and the media. "Contrary to impressions in the media, the primary purpose of the PAM was not to predict individual events of terrorism but rather to predict inputs into terrorism such as the economic growth rates of countries in the Middle East, political instability, and military activity," write Alexander Tabarrok, research director of the Independent Institute, and Robin Hanson, the principal architect of the Policy Analysis Market, in a new op-ed. Rather, write Tabarrok and Hanson, PAM was to help answer such questions as "What would happen to unrest in the Middle East if the US withdrew its troops in Saudi Arabia" and "How would Jordan fare politically if the 'roadmap' were successfully implemented?" Recent history suggests that traditional approaches to such questions, even if well-informed, can become ignored or politicized. "The yes-man phenomena means that information doesn't rise from the field to the decision-makers," write Tabarrok and Hanson. "And sometimes the bosses don't want to hear what the field has to say. Remember the CIA and FBI analysts who repeatedly tried to signal their worries about terrorism to their superiors but were rebuffed? In contrast, a PAM would produce a public and easily understood number that would be difficult to ignore." Fortunately, the future of such "information markets," "prediction aggregators," or "idea futures" doesn't rest on government funding and would be managed better without it. A few visionary institutions, such as Hewlett-Packard, have already used them to aid in decision-making, and many more will be adopted. But as with so many innovations, don't expect the government to employ them effectively for a long, long time. See "Another Intelligence Failure," by Alexander Tabarrok and Robin Hanson (8/4/03) http://www.independent.org/tii/news/030804Tabarrok.html Also see, "Decision Markets," by Robin Hanson. Chapter 5 in ENTREPRENEURIAL ECONOMICS: Bright Ideas from the Dismal Science, edited by Alexander Tabarrok. Information on ENTREPRENEURIAL ECONOMICS can be found at http://www.EntrepreneurialEconomics.org. From bill.stewart at pobox.com Tue Aug 5 15:01:01 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Tue, 05 Aug 2003 15:01:01 -0700 Subject: They never learn: "Omniva Policy Systems" In-Reply-To: <5.1.1.6.2.20030805123823.02e9c340@idiom.com> References: Message-ID: <5.1.1.6.2.20030805150004.052316c0@idiom.com> Typo correction: >(IIRC, Bill Scannell was involved in getting them into US today.) That's "USA Today" of course... From loveless at bos.bindview.com Tue Aug 5 13:11:41 2003 From: loveless at bos.bindview.com (Simple Nomad) Date: 05 Aug 2003 15:11:41 -0500 Subject: Slow but interesting sender-hiding covert channel program In-Reply-To: <5.1.1.6.2.20030805003511.02eaee38@idiom.com> References: <5.1.1.6.2.20030805003511.02eaee38@idiom.com> Message-ID: <1060114304.1749.54.camel@hell> On Tue, 2003-08-05 at 03:07, Bill Stewart wrote: > Rob Lemos reports on the following presentation at Blackhat > by Mark Loveless of Bindview; I've got some comments. > ----------------- > PROGRAM WOULD HIDE NET COMMUNICATIONS > CNET reports about a program called NCovert, which uses > spoofing techniques to hide the source of communications and > the data that travels over the network. The technique makes > it almost impossible to track where the original message > came from, because the data holds only the addresses of the > recipient and the third-party server. > http://news.com.com/2100-1002-5058535.html > -------------------------------- > > The technique works by hiding four bytes of data in the > TCP header's ISN field, bouncing packets off one or more > innocent third-party machines, setting your destination IP address > to the third-party and forging your recipient's IP as the source, > so the recipient appears connection accepts or rejects > from real, fake, or random locations, and the real message > is hidden in the header fields. The connection type can be > something credible like email or http. > > Of course, there _are_ ISPs that do spoof-proofing, > so if your ISP does this, you won't be able to forge the > recipient's address on your outgoing packets usefully. > Spoof-proofing usually limits you to addresses in the > subnet used by your internet connection - if you've got a /24, > you can impersonate one of 254 locations near yours, > but if anybody's seriously trying to track you, you're busted. > There's also the problem that, unless it's sending call setups > that the recipient is rejecting, there'll be a lot of half-open > TCP connections on the recipients, which is a DOS problem. > It's cute, though. Well, I was going for cute. Actually, this is simply an expanded version of covert_tcp. The main things I do differently is make sure the file size is loaded into the IP ID field in the first packet, and am using ISNs. This limits your file size to 64K, and sticks out like a sore thumb if your sender's OS doesn't do random IP IDs. If the sender sets the source port to a closed port on the target system, the target system will receive an unsolicited SYN-ACK and (assuming RFC compliance) should send a RST to the system bouncing off of. This assumes firewalls and other network devices are not doing other things. > Also, Bindview's security tools site does have an interesting > spoofing-detection program that works by looking at TTL values > for packets you receive that are suspected of being spoofed - > it traces a connection to/from the purported source IP address > and sees whether the time-to-live field on the suspicious packet > is close enough to one from the real route to be believable > or declares it to be bogus if it's too far off. It would help if you can specify the TTL for ncovert just to avoid this type of detection. Yes, I wrote the despoof tool as well, so I was aware of that possibility. Quite frankly I was truly going for the "idea" of covert communications, to kind of get some of the Black Hat crowd thinking about it. I'm already started on the next version, which should include a checksum signature scheme that allows for better tracking of packets (so the speed can be improved), forging multiple sources and using multiple bounce locations, and randomized timing of the sending of packets -- all ideas brought up during the Q&A as well as over beers afterward. The tool can be retrieved from http://www.nmrc.org/~thegnome/ncovert-1.1.tgz for those interested. Bitches, complaints, but especially patches that address said bitches and complaints are welcome. -SN From sunder at sunder.net Tue Aug 5 12:43:29 2003 From: sunder at sunder.net (Sunder) Date: Tue, 5 Aug 2003 15:43:29 -0400 (edt) Subject: Teen arrested at Logan for alleged sarcasm in his bag Message-ID: http://www.boston.com/dailyglobe2/214/metro/Teen_arrested_at_Logan_for_alleged_bomb_threat_in_his_bag+.shtml Socha was arrested by State Police and his mother, father, and sister, were ordered off United Airlines Flight 171 to Honolulu via San Francisco, which was set to depart at 7:07 a.m. According to the police report, the note, which was placed on top of clothes in a black gym bag read: ''[Expletive] you. Stay the [expletive] out of my bag you [expletive] sucker. Have you found a [expletive] bomb yet? No, just clothes. Am I right? Yea, so [expletive] you.'' I hope to see more and more of these until the public is outraged enough to not put up with this horseshit. ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------ From emc at artifact.psychedelic.net Tue Aug 5 16:03:48 2003 From: emc at artifact.psychedelic.net (Eric Cordian) Date: Tue, 5 Aug 2003 16:03:48 -0700 (PDT) Subject: Year in Jail for Web Links Message-ID: <200308052303.h75N3nWw019939@artifact.psychedelic.net> An anarchist has been sentenced to a year in jail for having links to explosives information on his Web site. AmeriKKKa is further fucking the First Amendment by restricting whom he may associate with in the future, and what views he may espouse. As is usual in most criminal cases today, the defendent was forced to plea bargain to avoid the threat of worse charges if he went to trial. http://www.cnn.com/2003/TECH/internet/08/05/anarchist.prison.ap/index.html ----- LOS ANGELES, California (AP) -- A federal judge sentenced a man to a year in prison Monday for creating an anarchist Web site with links to sites on how to build bombs. U.S. District Judge Stephen Wilson sentenced Sherman Austin to more than the prosecutor had recommended under a plea bargain. Austin, 20, pleaded guilty in February to distributing information related to explosives. ... -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division "Do What Thou Wilt Shall Be The Whole Of The Law" From emc at artifact.psychedelic.net Tue Aug 5 16:24:34 2003 From: emc at artifact.psychedelic.net (Eric Cordian) Date: Tue, 5 Aug 2003 16:24:34 -0700 (PDT) Subject: Teen arrested at Logan for alleged sarcasm in his bag In-Reply-To: Message-ID: <200308052324.h75NOZM4019974@artifact.psychedelic.net> Sunder posts: > http://www.boston.com/dailyglobe2/214/metro/ Teen_arrested_at_Logan_for_alleged_bomb_threat_in_his_bag+.shtml > According to the police report, the note, which was placed on top of > clothes in a black gym bag read: ''[Expletive] you. Stay the [expletive] > out of my bag you [expletive] sucker. Have you found a [expletive] bomb > yet? No, just clothes. Am I right? Yea, so [expletive] you.'' Not every sentence containing the word "bomb" is a bomb threat. Apparently this concept is lost upon the cretins guarding our airports. While this kid is probably screwed for using the B-word, one wonders what the boundary is that one has to cross with a note in ones luggage to get arrested. For instance, which of these sentences, written on a note in ones luggage, would get one arrested and/or booted off a flight. "Don't wrinkle my clothes, you minimum wage douchebag" "Bush lied to start a war" "R.I.P. First Amendment" "There is only one God, and Mohammad is his Prophet" "Hang Israeli War Criminal Ariel Sharon" "The 9/11 Martyrs are in Paradise" "Proud NAMBLA Member since 1979" "John Walsh is an expert on everything, except watching his kid at the mall" "Death to AmeriKKKa" "Free Jim Bell" "What the world really needs is a fifty dollar weapon that sinks aircraft carriers" "Founding Member, Aryan Nations" "Support Strong Crypto" Perhaps John Gilmore, in his copious free time, could place these one by one in his gym bag, and report back on the results. :) -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division "Do What Thou Wilt Shall Be The Whole Of The Law" From timcmay at got.net Tue Aug 5 18:06:10 2003 From: timcmay at got.net (Tim May) Date: Tue, 5 Aug 2003 18:06:10 -0700 Subject: Year in Jail for Web Links In-Reply-To: Message-ID: <2AABAE8B-C7AA-11D7-BD95-000A956B4C74@got.net> On Tuesday, August 5, 2003, at 05:31 PM, Duncan Frissell wrote: > On Tue, 5 Aug 2003, Eric Cordian wrote: > >> An anarchist has been sentenced to a year in jail for having links to >> explosives information on his Web site. AmeriKKKa is further fucking >> the >> First Amendment by restricting whom he may associate with in the >> future, >> and what views he may espouse. > > You can't protect people from cowardice. Jim Bell plead the first > time. > Michael Milkin plead. Bill Gates plead. Various Arabs plead recently. > If you plead you can't be acquitted unless you can convince a judge to > let > you withdraw your plea tough. Courage. > > Prosecutors and cops are allowed to lie to you about their intent. > Know > the law. > > http://technoptimist.blogspot.com/ > 2003_08_03_technoptimist_archive.html#106012921668886203 Sadly, pleading is often the only viable choice. When the cops are liars, when the judges are ignoring the Constitution, when the appeals courts are too busy to hear appeals for many years (unless the appeal is an emergency appeal to halt the recall of Gray Davis, that is), and when sentencing guidelines are fully out of whack with economics and even with that nebulous concept of "justice," pleading is often the best of a bad deal. This is all possible because the plea bargaining system has gotten out of control. The accused face a plea deal of M months and N dollars if they plead, or 10M months and 20N dollars if they go to trial and lose, which is pretty likely when cops lie, when judges ignore the Constitution, and when juries are made up of people who are uncontroversial enough so as to have no opinions to disqualify them. (I was last picked for a jury 30 years ago this summer, back when I registered as a Republican. In the 30 years since, when I have been registered as a Libertarian, I have never been selected for a jury. Meanwhile, some of my know-nothing neighbors tell me about serving every few years on juries.) In a couple of criminal cases I have first-hand knowledge of, the plea deals were made so persuasive and the sentencing guidelines so harsh (had it gone to trial and the accused found guilty) that to not plea would have been irresponsible. You may not like this, and you may have cheered on the fights by the noble fighters who decided not to plea, but the system is stacked in favor of pleas. This is our injustice system. --Tim May, Corralitos, California Quote of the Month: "It is said that there are no atheists in foxholes; perhaps there are no true libertarians in times of terrorist attacks." --Cathy Young, "Reason Magazine," both enemies of liberty. From emc at artifact.psychedelic.net Tue Aug 5 18:17:27 2003 From: emc at artifact.psychedelic.net (Eric Cordian) Date: Tue, 5 Aug 2003 18:17:27 -0700 (PDT) Subject: Year in Jail for Web Links In-Reply-To: Message-ID: <200308060117.h761HRwl020559@artifact.psychedelic.net> Duncan Frissell opines: > You can't protect people from cowardice. Jim Bell plead the first time. > Michael Milkin plead. Bill Gates plead. Various Arabs plead recently. > If you plead you can't be acquitted unless you can convince a judge to let > you withdraw your plea tough. Courage. The problem here is that if you have a family and assets and responsibility and something resembling a future, you cannot afford to be the 1 in 100 who refuses to plea bargain, because the government has the vast amount of money it saved itself not taking the other 99 cases to trial with which to screw you and make an example out of you to anyone else who may stupidly think they can defy the system. Thus, the problem of plea bargains can only be solved by eliminating plea bargaining itself. It cannot be solved by individuals caught in the system demonstrating "courage." It's one of those Prisoner's Dillema-ish situations. The demonstration to the Sheeple that one cannot break the system, one can only break oneself against the system. -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division "Do What Thou Wilt Shall Be The Whole Of The Law" From timcmay at got.net Tue Aug 5 18:52:52 2003 From: timcmay at got.net (Tim May) Date: Tue, 5 Aug 2003 18:52:52 -0700 Subject: They never learn: "Omniva Policy Systems" In-Reply-To: <5.1.1.6.2.20030805123823.02e9c340@idiom.com> Message-ID: On Tuesday, August 5, 2003, at 01:00 PM, Bill Stewart wrote: > At 11:30 AM 08/05/2003 -0700, Tim May wrote: >> I ran across a reference to this company, which says it has raised >> $20 M in VC financing and which claims it has a system which >> implements the digital equivalent of "disappearing ink." >> (Perhaps distilled from snake oil?) >> The URL is still called disappearing.com, but the company is now >> called Omniva Policy Systems. A URL is: >> >> http://www.disappearing.com/ >> >> I guarantee that anything a human eye can read can be captured for >> later use, whether by bypassing the probably-weak program, by using >> other tools to read the mail spool, by capturing the screen buffer, >> or, if worst comes to worst, simply photographing the screen with an >> inexpensive digital camera and then either using the captured image >> as is or by running it through an OCR. > > It's nice to see that they're still around, unlike so many dot.bombs. Why is it "nice"? > The founder came and talked to Cypherpunks just after their PR launch > (IIRC, Bill Scannell was involved in getting them into US today.) No comment. > > He started off by being very clear about what problems they were > and weren't trying to solve. They were trying to solve the problem of > making messages expire when all the parties involved are cooperating. > He viewed the problem of preventing non-cooperating parties from > saving copies to be unsolvable snake oil and he wasn't trying to solve > it. This may or may not have been what Jeff believed, or wanted to believe, or told you was the case, but I don't buy that this is their business model.. Their Web site is filled with stuff about how "Save" menus are subverted, so as to, they claim, make it impossible for copies to be saved, blah blah. This hardly fits with your view of a bunch of benign little bears all sitting around cooperating. Further, the site natters about how Omnivora will support government requirements about unauthorized persons seeing mail (how? how will even their crude expiry approach stop unauthorized viewings of mail?). This is again inconsistent with the picture of friendly little bears all cooperating. Friendly little bears don't need to have their "Save As" buttons elided (not that this will stop screen grabs and photos, as I mentioned). Nor would friendly little cooperating bears show their messages to "unauthorized viewers," now would they? (Speculatively, I would not be even slightly surprised if Omnivora is doing more than just nominally erasing some messages. To wit, storing copies for later examination by Authorities with Ministerial Warrants. As Jeff Ubois no longer seems to be attached to Omnivora, perhaps his vision was rejected.) > > ~~~~ > In your other message, you mentioned that several Extropians were > doing really > squishy stuff, and mentioned that Jeff Ubois's resume also appeared to > be. Something called "Ryze" and something else called "Minciu Sodas." "Minciu Sodas is an open laboratory for serving and organizing independent thinkers. We bring together our individual projects around shared endeavors. We remake our lives and our world by caring about thinking. "Minciu Sodas helps your enterprise work openly to integrate constructive people around your purposes." Plus several other "advisory panels" and "boards" of, as you put it, "squishy" topics. But not as bad as the squishiness poor Max has gotten himself into, granted. There's a whole subculture of bottom feeders who think high tech needs some new version of Werner Erhard (originally born Nathan Goldfarb, or somesuch...there was a Jew with major self-doubt). From mindfuq at comcast.net Tue Aug 5 19:06:46 2003 From: mindfuq at comcast.net (mindfuq at comcast.net) Date: Tue, 5 Aug 2003 19:06:46 -0700 Subject: [eff-austin] Antispam Bills: Worse Than Spam? In-Reply-To: References: <20030805065704.GF2201@tango.gombos.name> Message-ID: <20030806020646.GA2611@tango.gombos.name> * Sunder [2003-08-05 17:29]: > > > > Why is it forbidden by law? > > > > I can think of hundreds of reasons DoS attacks are illegal. Now I'm > > not sure if it's illegal everywhere; I'm only familar with the way > > it's written in the California Penal code, which is where Mallory is > > located in this case. But to answer your question, just look at all > > the damage that's caused by DoS attacks. Look at the Slammer worm. > > It would be a seriously neglectful to allow such damaging attacks on > > people and businesses. > > No, you're ignoring my whole entire arguement - and that is telling. You > realize you're wrong, but just refuse to admit it. I didn't ask why > denial of service attacks are forbidden by law. That's obvious. This is exactly what you asked- just read the quote. > I asked why would AOL's policies in terms of their service > agreements be forbidden by law when their customers agreed to them? I answered this several times already. Listen up. Getting people to sign a contract excusing illegal activity does not make that activity legal. If it did, you would see drug dealers asking their customers to sign contracts stating that they're not to be held accountable. People cannot agree via contract to violate a law, then expect to be able to enforce such a contract. This is a concept you need to acquire. Contracts are not enforceable simply because there was an agreement. There is other criteria that must be adhered to, one of which is law. > They're not necessarily considered a common carrier since they > decided a long time ago to police the content of their service. And? It certainly doesn't matter to me whether we define these bozos as a "common carrier." What does matter is that they have a large piece of the market share, and their illegal practices have a significant impact on the internet community. > > > Bob signed a contract with Mallory waiving certain rights in > > > exchange for the service provided by Mallory. Mallory provided full > > > disclosure of it's rights to Bob along with Bob's responsabilities, > > > etc. Bob chose to accept those terms, how is this illegal again? > > > > First of all, Bob was coerced into this contract because Bob had no > > idea that the fine print said there may be cases where he doesn't get > > the service he thinks he's paying for. Specifically, Mallory didn't > > tell Bob that she would be filtering his mail for him, and certainly > > didn't tell Bob that she would take the liberty of blocking some > > non-spam mail as well. Such a contract is quite questionable, and I'd > > like to see it put before a court for fair analysis. > > Not at all. Bob agreed to the terms of service and was asked to both read > and acknowledge that he read them. AOL's terms of service are available > for anyone to read at any time. Regardless, should Bob not live up to his > end of said agreement, the contract would be null and void, as would his > access. This is just a restatement. I already explained that this is a predatory and misleading contract. If you don't accept this, then you must make an argument to the contrary. You would have a difficult time arguing that AOL users are aware of the TOS. Not a single AOLer who I convinced to leave AOL was aware of the AOL TOS. > Your claim that Bob was coerced is exteremely dubious. Care to support that statement with anything? > There is no proof of this, we do not have Bob here claiming this. We > have, only you, a third party uninvolved in Bob's agreement with AOL > making such claims because you cannot communicate with Bob. This is because Bob isn't a real person. Bob is a hypothetical character used to analyze security threats and activities, and Bob lives in a hypothetical world. So to summons Bob to this forum is quite a silly idea. You'll have for find a better way of making your point. > Either way, if Bob is unsure of what he agreed to, he (and you) can check > these pages: http://www.aol.com/copyright.adp and > http://www.aol.com/copyright/rules.html Why would Bob be motivated to check these pages, when Bob doesn't even know there's a problem? Remember, Bob is ignorant here; as Bob is not informed that legitimate mail with his name on it is being trashed. > Some relevant quotes addressing your dumb arguements: These quotes only prove my point that the contract is predatory. Again, you made my point for me. > These are the terms to which Bob has agreed to. It clearly states that > AOL may if it chooses to remove access to content it deems harmful for > whatever reason. It does not list what those reasons are, therefore, they > are at its discretion - NOT AT YOURS. Predatory- my point exactly. Again, you have made my case. > There is no need for any law to change this. Bob and AOL both voluntarily > agreed to these terms. End of story. Bob did not give his *informed* consent to these terms, only his consent. > > > If the service Mallory provides Bob is inadequate, that's between Mallory > > > and Bob, not between Alice and Bob. Alice and Mallory have no contract > > > what-so-ever. It's upto you, Alice, to convince Bob of this fact. If you > > > can't, that's Bob's choice, not yours. And you have no business to > > > interfere between Bob and Mallory. > > > > The problem with this argument is that Mallory is not just denying > > service to Bob, but Alice as well. Furthermore, Alice may not even > > have the option of explaining the service problem to Bob, because > > Mallory is preventing Alice from talking to Bob. > > Stop right there. AOL's contract is with Bob. NOT WITH you, ALICE. You > have no claims to make. You have no contract with AOL, it is under no > obligation whatsoever to deal with you. Again, this is just a restatement of what you already said, and it does not address my statement. Companies do not exist in an isolated vacuum with their customers. They affect others- people who have absolutely no contract with them. Does this lack of contract make the company immune to legal liabilities? Not at all. I sue telemarketers on a regular basis, and I win, and collect. I have absolutely no contract or business relationship with these companies, but they still manage to cause me damage, and they must deal with me when I serve them with court papers. In fact, if I did have a business relationship with these companies, it would weaken my case, because the law allows companies to telemarket their own customers. So this argument that I must be paying them money in order for them to be able to damage me is absurd. > If you don't like that, sign up with AOL, agree to their terms, and > file a complaint - if those rules will allow you to do so. This isn't necessary. > Otherwise, you have no way to interfere with the agreement between > Bob and AOL. Correct, Bob's contract with AOL does not involve me. What I'm talking about is AOL committing a DoS attack on me, which is actionable regardless of Bob's contract. > > Mallory is everyone's business, because a malicious attack on the > > Internet affects everyone. The fact that Bob is paying Mallory money > > doesn't make it okay- in fact, it worsens the problem, because the > > perpetrator is being compensated by her own victims. > > No. There is no such legal entity as "The Internet." The Internet doesn't have to be a "legal entity" for it to be attacked, and have an impact on society. Take the Slammer worm, for example. This thing attacked the Internet and had a huge impact on Internet users. If you try to explain to these users that they don't have a claim against the attacker because the Internet is not a "legal entity" by your terms, you'll have a very unconvincing point. The internet can be attacked, we've seen this. > AOL, like all other ISP's (I'm stretching the term here) has > contractual agreements with other ISP's from which it obtains > service. Depending on what those rules allow, AOL may or may not be > playing by the rules. That's up to whomever feeds AOL to decide, > not you. You are not AOL's ISP. You have no contract with AOL on > that level either. Again, no one is arguing that AOL isn't playing by these rules that they created. However, AOL must still abide by the law. And yes, I see your restatement that I don't have a contract with AOL. This statement isn't effective. It doesn't matter that I don't have a contract with AOL. > > Such a contract is predatory, and has no business in this country. It > > prays on ignorant users, and provides a false representation for what > > the user is signing up for. FYI- you can't put anything you want in > > fine print, and expect it to be legally enforceable. Even if two > > parties agree that an illegal activity is okay, this does not legalize > > the activity. > > That is not upto you to decide. That is upto Bob. Since you haven't > entered any business agreement with AOL, you cannot make such claims > against them. Again, there's this constant ineffective restatement that you make. I don't need to have a contract with AOL to press charges against them. > > > No. Either you have agreed to live in said house by purchasing it, and > > > have therefore become a citizen of said city, and by such actions agreed > > > to abide by it's laws, or pre-existing laws allowed the city to run such > > > water services through your propery. This too is by contract. > > > > This is just what I said. You're making my point here. > > > I am? So, then you understand that you have no claims whatsoever against > AOL since you aren't using their service, nor have any contract whatsoever > with them? Then why all the BS? This argument suffers from the Straw Man fallacy. You're misrepresenting my argument, then attacking the misrepresentation. > > Absolutely, I > > cannot sabotage the city water line that goes through my property. > > Of course, because they're providing you with water service. Therefore, > you have agreed to those implict or explicit terms. You have a contract > with the city, or the water company. Either because that's what the laws > of the city state, or because you've signed a contract with the water > company agreeing to their terms. Just like Bob signed a contract with > AOL. So what's your beef??? Again, I agree with the fact that I cannot sabotage the city water line. But here inlies a flaw in the way you approach these problems. You then state that I can't sabotage the water line because I have some kind of contract with the city or water company. This is not the reason. This idea that you can only make a claim against someone you have a contract with is bogus. What if someone who has no contract with anyone in my state enters my property and destroys the water main- they can still be held accountable, even without a contract. This is the concept you are missing. > > > Where, Ms. Alice, is your contract with Mallory again? > > > > No contract necessary; criminal law is enforceable w/out a contract. > > Even more so, actually, because there is no chance of a contract > > removing the effect of Alice's claim. > > Where's the crime again? Denial of service crime, located where the servers are. > > > So, in that case if you need a red stapler, you should be able to break > > > into AOL's offices and steal one????? Since fucking when? > > > > Certainly not- there is no superceding free speech right or anything > > of the kind that would entail stealing a stapler. > > Hey, you're the one that claimed that the needs of humans outweigh those > of a corporation. So by that logic, not that I agree with it, should you > need a stapler, you should be able to take one from AOL. Of course it's > assinine. That's what I'm trying to show you. That your arguement is > full of shit. Straw man fallacy. Attack my statements, not your distorted re-presented versions of them. > > Blocking email, > > OTOH, violates multiple rights: free speech, right to assemble and > > petition the government, freedom of enterprise.. it could even run > > into public safety issues. So this stapler analogy doesn't really > > work here. > > The 1st ammended prevents >CONGRESS< from limiting the freedom of > speech. More precisely from creating laws that do so. It does not limit > private or public companies from doing so. The 1st has nothing to do with > this. You're clueless. The state must protect my freedom of speech. So when I make a claim against AOL for conducting a DoS attack against me, the state must rule in my favor, or else they are failing to protect my free speech rights. > > While I have gotten all but one friend and all family members to drop > > their AOL/Earthlink services, this still remains an issue for users > > whome I don't know personally. > > And you have no contract with either AOL or that friend. Like I said, you > have no right to interfere in AOL's business. There's your repeated ineffictive argument we keep seeing. I've shown that I do have a valid claim against AOL, and it seems you can't argue this without the restatement fallacy. > If you can convince their subscribers that AOL sucks, and they chose > to cancel their service, that's fine, that's wonderful - though if > AOL finds out, they may sue you for loss of business. They can only do this if they can show libel. However, showing AOL users the very contract they agreed to can't really be considered libel. > > > No, dumbass, you placed those packets on said network repeatedly after you > > > have discovered that they will be dropped in the bit bucket, that's too > > > bad for you. You've vandalized your own packets. > > > > I didn't do this, I created them- AOL is the one destroying things. > > I'm the aaahteeest, the creator.. AOL is the destroyer, using their > > property destructively. > > Yes, you did. As soon as you hit the send button in your mailer and had a > To:, CC:, BCC: header containing @aol.com. Your actions caused your email > to be sent to AOL's mail servers, which - as you already expected since > you knew, caused them to be deleted. I did not know AOL would destroy my packets. I sent them fully expecting them to arrive in the recipients inbox, and found that AOL took an action against it. This is how I discovered the problem to begin with. > Further, I would urge you read your ISP's terms of service. There's no > place in there that they guarantee delivery of email to an end user of > another ISP. Because they can't. So you have no such expectation. My ISPs contract does not state that they would blacklist my IP address, so I have a claim there as well, but that wasn't the point of this thread. > I'm done with this, you're too clueless to continue. Come back when you > get some brains. What I suggest to you is that you take a class in your local university on argumentation theory 101. Most of what you say has no effect because it has one logical fallacy or another. Study these fallacies before posting; you'll find that you have to scrap most of what you say before hitting send. From RERayburn at columbus.gov Tue Aug 5 16:20:20 2003 From: RERayburn at columbus.gov (Rayburn, Russell E.) Date: Tue, 5 Aug 2003 19:20:20 -0400 Subject: What happened to the Cryptography list...? Message-ID: <9C4BDF07B92BD7119E39000347ACC5CBE694E1@DOTEXCHANGE> For what it's worth, I had the same experience and would like to know what happened to the wasabisystems list... Anyone out there know? -----Original Message----- From: R. A. Hettinga [mailto:rah at shipwright.com] Sent: Tuesday, August 05, 2003 2:01 PM To: cypherpunks at lne.com Subject: What happened to the Cryptography list...? --- begin forwarded text From frissell at panix.com Tue Aug 5 17:31:12 2003 From: frissell at panix.com (Duncan Frissell) Date: Tue, 5 Aug 2003 20:31:12 -0400 (EDT) Subject: Year in Jail for Web Links In-Reply-To: <200308052303.h75N3nWw019939@artifact.psychedelic.net> References: <200308052303.h75N3nWw019939@artifact.psychedelic.net> Message-ID: On Tue, 5 Aug 2003, Eric Cordian wrote: > An anarchist has been sentenced to a year in jail for having links to > explosives information on his Web site. AmeriKKKa is further fucking the > First Amendment by restricting whom he may associate with in the future, > and what views he may espouse. You can't protect people from cowardice. Jim Bell plead the first time. Michael Milkin plead. Bill Gates plead. Various Arabs plead recently. If you plead you can't be acquitted unless you can convince a judge to let you withdraw your plea tough. Courage. Prosecutors and cops are allowed to lie to you about their intent. Know the law. http://technoptimist.blogspot.com/2003_08_03_technoptimist_archive.html#106012921668886203 DCF From s.schear at comcast.net Tue Aug 5 22:25:19 2003 From: s.schear at comcast.net (Steve Schear) Date: Tue, 05 Aug 2003 22:25:19 -0700 Subject: Year in Jail for Web Links In-Reply-To: <2AABAE8B-C7AA-11D7-BD95-000A956B4C74@got.net> References: Message-ID: <5.2.1.1.0.20030805222145.04962b30@mail.comcast.net> At 18:06 2003-08-05 -0700, Tim May wrote: (I was last picked for a jury 30 years ago this summer, back when I >registered as a Republican. In the 30 years since, when I have been >registered as a Libertarian, I have never been selected for a jury. >Meanwhile, some of my know-nothing neighbors tell me about serving >every few years on juries.) I was also last registered as a Libertarian. Last year I was invited to interview for a Grand Jury seat. Admittedly, this was in Clark County, Nevada a very conservative/libertarian area. steve "The contest is not between Democrats and Republicans, it's between government and the governed." -- anonimo arancio From jal at jal.org Tue Aug 5 20:38:59 2003 From: jal at jal.org (Jamie Lawrence) Date: Tue, 5 Aug 2003 22:38:59 -0500 Subject: [eff-austin] Antispam Bills: Worse Than Spam? In-Reply-To: <20030806020646.GA2611@tango.gombos.name> References: <20030805065704.GF2201@tango.gombos.name> <20030806020646.GA2611@tango.gombos.name> Message-ID: <20030806033859.GK1054@jal.clueinc.net> On Tue, 05 Aug 2003, mindfuq at comcast.net wrote: > [...] I'm > talking about is AOL committing a DoS attack on me, which is > actionable regardless of Bob's contract. Dear honorable Mr. Mindfuq, I am from this point forward blocking all mail traffic from you to the networks I control. None of your carefully constructed communicative, copyrighted packets will be delivered on to my networks. I promise. I choose not to expend my resources forwarding your data beyond my router. I assume you consider this a DoS, through some muffinhead logic that you've devised. If that logic is well formed, I assume it also explains the presence of fluoride in our water rather well. It is unclear to me what service I am legally obligated to be providing you, and what exactly I'm denying you. I'm also sure you'd love to explain it, however, you can't. You also can't explain it to any of the people to whom I provide internet related services, at least via email from your present address. Similarly, I deny you the privilege of retransmitting your voice over my loudspeakers. I have no automated method for enforcing that, but I'll do my best. You also may not speak your mind on my couch. Bye bye. -j -- Jamie Lawrence jal at jal.org "For every fatal shooting, there were roughly three non-fatal shootings. And folks, this is unacceptable in America. It's just unacceptable. And we're going to do something about it." - George W. Bush From mnorton at wlj.com Tue Aug 5 20:39:41 2003 From: mnorton at wlj.com (Mac Norton) Date: Tue, 5 Aug 2003 22:39:41 -0500 Subject: Year in Jail for Web Links Message-ID: <08CBC76751B32946BC0E3E1DEF5415E50672A9@server04.firm.wlj.com> There was a weapons charge as well, which will always complicate matters considerably. The unconventional life is a more or less fine thing until it gets perpendicular to the conventional life, usually in the form of law enforcement agents. When that happens, and it almost surely will, what is necessary is a relatively big bunch of money, or a plea bargain. What happened here is happening to young men (yes, usually men, and as in this case, of color) all over this country all day long every day who are found in possession of light amounts of controlled substances. You people think being an anarchist makes you special? Sheesh, gimme a break. MacN -----Original Message----- From: Eric Cordian [mailto:emc at artifact.psychedelic.net] Sent: Tuesday, August 05, 2003 6:04 PM To: cypherpunks at minder.net Subject: Year in Jail for Web Links An anarchist has been sentenced to a year in jail for having links to explosives information on his Web site. AmeriKKKa is further fucking the First Amendment by restricting whom he may associate with in the future, and what views he may espouse. As is usual in most criminal cases today, the defendent was forced to plea bargain to avoid the threat of worse charges if he went to trial. http://www.cnn.com/2003/TECH/internet/08/05/anarchist.prison.ap/index.html ----- LOS ANGELES, California (AP) -- A federal judge sentenced a man to a year in prison Monday for creating an anarchist Web site with links to sites on how to build bombs. U.S. District Judge Stephen Wilson sentenced Sherman Austin to more than the prosecutor had recommended under a plea bargain. Austin, 20, pleaded guilty in February to distributing information related to explosives. ... -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division "Do What Thou Wilt Shall Be The Whole Of The Law" From jya at pipeline.com Tue Aug 5 22:54:53 2003 From: jya at pipeline.com (John Young) Date: Tue, 05 Aug 2003 22:54:53 -0700 Subject: Year in Jail for Web Links In-Reply-To: <200308060117.h761HRwl020559@artifact.psychedelic.net> References: Message-ID: Sherman Austin was arrested in New York but not charged and held in prison there to await an indictment in California. New York said it had no legitimate charges to make against him and merely did a favor for California to nab Sherman during a street demonstration -- the only arrest of the day. Grounds for arrest were faults in Sherman's jalopy he'd driven to NY for the demo. Ordered transferred to California while an attorney tried to arrange his release to a family member, he was shuttled around federal prisons for more days, his family and attorney not sure where he was. He was finally released when a judge determined he was being unfairly punished by prison procedure. He was released at the Oklahoma City federal transfer station, to find his way home on his own, the family had not been told he was being released. Not long after his return to California, the prosecutor announced there would be no prosecution. (During this time some of us mirrored the bomb making material Sherman had on his RaisetheFist.com site -- the forbidden material is still up, see below.) After some weeks the prosecutor reinstated the indictment and initiated plea negotiations. Sherman rejected the initial comparatively mild plea offer. More time passed with not much happening. Then the feds went on the attack again and issued harsher plea demands and threats. This new attack led Sherman's attorney to recommend a bargain. Sherman considered fighting but he was advised what he legal fee would be and the maximum penalty if he lost. He agreed to a four month sentence. The judge upped that to a year. Sherman was eighteen when this shit began. Sherman Austin case files: http://cryptome.org/usa-v-rtf-swa.htm http://cryptome.org/usa-v-sma-aca.htm http://cryptome.org/usa-v-sma-dht.htm http://cryptome.org/usa-v-sma-dkt.htm http://cryptome.org/usa-v-sma-x1a.htm What the FBI Doesn't Want You to See at RaisetheFist.com http://www-2.cs.cmu.edu/~dst/raisethefist/ The free speech contents of Raisethefist.com: http://cryptome.org/raisethefist.zip From shaddack at ns.arachne.cz Tue Aug 5 14:03:49 2003 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Tue, 5 Aug 2003 23:03:49 +0200 (CEST) Subject: [eff-austin] Antispam Bills: Worse Than Spam? In-Reply-To: Message-ID: On Tue, 5 Aug 2003, Sunder wrote: > That is not upto you to decide. That is upto Bob. Since you haven't > entered any business agreement with AOL, you cannot make such claims > against them. Sometimes you don't have an effective choice. According to a friend, there are still areas (especially rural) in the US where AOL is the virtually only game in town. > The 1st ammended prevents >CONGRESS< from limiting the freedom of > speech. More precisely from creating laws that do so. It does not limit > private or public companies from doing so. The 1st has nothing to do with > this. You're clueless. There is an emerging potential problem linked to continuing privatization of virtually everything, and - the most important - to consolidation of owners. You can easily end up with the situation when everything around is owned by one of a handful of Big Corps, all with virtually the same restrictions, if the Market allows them that (eg, there will be enough consumers that won't care, and the rest will be the commercially uninteresting fringe). Then - tough luck. > > While I have gotten all but one friend and all family members to drop > > their AOL/Earthlink services, this still remains an issue for users > > whome I don't know personally. > > And you have no contract with either AOL or that friend. Like I said, you > have no right to interfere in AOL's business. If you can convince their > subscribers that AOL sucks, and they chose to cancel their service, that's > fine, that's wonderful - though if AOL finds out, they may sue you for > loss of business. Now this is an interesting question. Can AOL really sue the one who tells their customers the truth about the drawbacks of AOL's service? Isn't the existence of those drawbacks - including their refusal to correct them - ultimately THEIR OWN fault? From fm-lists at st-kilda.org Tue Aug 5 15:16:57 2003 From: fm-lists at st-kilda.org (Fearghas McKay) Date: Tue, 5 Aug 2003 23:16:57 +0100 Subject: [eff-austin] Antispam Bills: Worse Than Spam? In-Reply-To: References: Message-ID: At 23:03 +0200 5/8/03, Thomas Shaddack wrote: >Sometimes you don't have an effective choice. According to a friend, there >are still areas (especially rural) in the US where AOL is the virtually >only game in town. but AOL being the only access provider in town just means that you buy a TCP/IP feed off of them, ie use them as your PPP connection. You then run your mail off a.n.other service provider. AOL has great connectivity worldwide - all the people I know that use AOL just use it for IP not mail... f From shields at msrl.com Tue Aug 5 16:37:27 2003 From: shields at msrl.com (Michael Shields) Date: Tue, 05 Aug 2003 23:37:27 +0000 Subject: Secure IDE? In-Reply-To: <200307311523.h6VFNdB25085@medusa01.cs.auckland.ac.nz> (Peter Gutmann's message of "Fri, 1 Aug 2003 03:23:39 +1200") References: <200307311523.h6VFNdB25085@medusa01.cs.auckland.ac.nz> Message-ID: <877k5rfzgo.fsf@mulligatwani.msrl.com> In message <200307311523.h6VFNdB25085 at medusa01.cs.auckland.ac.nz>, pgut001 at cs.auckland.ac.nz (Peter Gutmann) wrote: > If you're worried about Joe Burglar grabbing your laptop (for the value of the > laptop) and your business data being leaked as collateral damage, or someone > stumbling across your warez or pr0n, then it's probably adequate. Only because Joe Burglar doesn't yet have the tools to crack the weak encryption on this device. Joe Burglar now has tools to break the "password protection" on word processor and other files, and if this new device becomes at all popular, then tools to crack it will become readily available. It's only a matter of time. -- Shields. From rah at shipwright.com Tue Aug 5 20:51:09 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 5 Aug 2003 23:51:09 -0400 Subject: Friendly little bears In-Reply-To: References: Message-ID: >This is again inconsistent with the picture of friendly little bears >all cooperating. Just for the record, the *only* time bears "cooperate" is when, say, the salmon are running, there's too much for any one bear to eat, every bear has his own turf on the side of the river, and the power hierarchy is *completely* sorted out. The rest of the time they fight each other and kill, and sometimes eat, each other's offspring. Heck, even when they're on the side of the river and bored, they kill each other's offspring just for sport. We did the same thing with trade-route intersections, even when we were trading raw rocks for finished hand-axes millions of years ago. Sedentary food-gathering and year-long storage, and then agriculture, made those intersections into cities. Food is an attractive nuisance. Even with carnivores (eagles do the same kinds of things on a running salmon stream) population concentrations create property, and then culture, for lack of better words. Brains just make the same fight more complicated, is all... Cheers, RAH -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Tue Aug 5 20:53:56 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 5 Aug 2003 23:53:56 -0400 Subject: Teen arrested at Logan for alleged sarcasm in his bag In-Reply-To: <200308052324.h75NOZM4019974@artifact.psychedelic.net> References: <200308052324.h75NOZM4019974@artifact.psychedelic.net> Message-ID: At 4:24 PM -0700 8/5/03, Eric Cordian wrote: >While this kid is probably screwed for using the B-word He got screwed for saying "yet". Read the note again. Cheers, RAH -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From mindfuq at comcast.net Wed Aug 6 00:35:25 2003 From: mindfuq at comcast.net (mindfuq at comcast.net) Date: Wed, 6 Aug 2003 00:35:25 -0700 Subject: What happened to the Cryptography list...? In-Reply-To: <9C4BDF07B92BD7119E39000347ACC5CBE694E1@DOTEXCHANGE> References: <9C4BDF07B92BD7119E39000347ACC5CBE694E1@DOTEXCHANGE> Message-ID: <20030806073525.GB2611@tango.gombos.name> * Rayburn, Russell E. [2003-08-05 19:07]: > For what it's worth, I had the same experience and would like to know what > happened to the wasabisystems list... > > Anyone out there know? No clue.. the last messages I have go to July 16th. From bill.stewart at pobox.com Wed Aug 6 00:43:49 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Wed, 06 Aug 2003 00:43:49 -0700 Subject: Teen arrested at Logan for alleged sarcasm in his bag In-Reply-To: <200308052324.h75NOZM4019974@artifact.psychedelic.net> References: Message-ID: <5.1.1.6.2.20030806004007.02e5e720@idiom.com> At 04:24 PM 08/05/2003 -0700, Eric Cordian wrote: >Perhaps John Gilmore, in his copious free time, could place these one by >one in his gym bag, and report back on the results. :) Aside from John's "Suspected Terrorist" pin, I think he's been one of the people who carries around a nice metal engraved copy of the Bill of Rights in his hand luggage. From john at kozubik.com Wed Aug 6 00:44:39 2003 From: john at kozubik.com (John Kozubik) Date: Wed, 6 Aug 2003 00:44:39 -0700 (PDT) Subject: [eff-austin] Antispam Bills: Worse Than Spam? In-Reply-To: <20030804050548.GE2196@tango.gombos.name> Message-ID: <20030806003201.F60664-100000@kozubik.com> On Sun, 3 Aug 2003 mindfuq at comcast.net wrote: > * John Kozubik [2003-08-02 19:27]: > > > > That is incorrect. AOL owns their network, and they can respond to your > > arbitrary communications on their network in any way they see fit. > > Unfortunately, you're correct. > > > Maybe they will deliver your email to your AOL subscribing friend. > > Maybe they will block that email. Maybe they will translate the > > email into French and reverse the word-order and then send it to > > your friend. Maybe they will print it out and mail it back to you > > for no reason. All of these responses are perfectly legitimate, and > > represent a private entity using their property in whatever way they > > see fit, > > Yes, this is the problem I'm trying to address. Normally when Alice > tries to transmit information to Bob, if Mallory decides to sabotage > the communication, this is a denial of service attack, forbidden by > criminal law. > > However, if the communication passes through Mallory's back yard, we > can let the attack happen because it's on Mallory's property. At the > same time, if I sabotage the city water line that passes through my > property, I can be held accountable. And rightly so. Mallory should > also be held accountable for blocking communications. This is what > needs to change. This comparison is invalid. You are correct that your private property is ... well ... your private property, but if you look closely you will find that you have a contract (of some kind, be it an agreement, etc.) with your city - most likely in the form of an easement. So, by interrupting their water line, you would be breaking your contract. Make no mistake, if you hold a contract that AOL entered in with you that stipulates that they must send your email that you place onto their property to your friend, then by all means prosecute them to your fullest ability. Further, if the AUP/TOS ("contract") that your friend, as a subscriber, has with AOL stipulates something similar, then again, go forward with my best wishes. We all know, however, that AOL has no such contract with you, and that their contract with your friend most likely boils down to "we will do as we see fit and you will like it", and further, that even the peering agreements that AOL has with other service providers, common carrier laws, etc. most likely do not come anywhere near to stipulating this. As well they shouldn't. So once again, we are back to: AOL can do whatever they want with the bits you place on their private property. > > It amazes me how many people on this list only respect private property > > when it is convenient for them to do so. (For reference, see the "Tim May > > argues (correctly) that people can't protest in his house" and, more > > recently, the "Gilmore thinks airlines can't refuse him travel for any > > reason they see fit" threads) > > There's a balance of rights, and obviously private property rights > aren't going to always get priority. While they're high on my list in > *some* cases, they don't top human rights. Some rights are a little > more fundamental and important than private property rights. And when > someone abuses their property to damage someone else, I have zero > respect for their private property rights. So I'm not at all > surprized that someone would perceive an inconsistency on this issue, > because there are so many more important rights that have a greater > bearing on peoples happiness. > > AOL isn't even a human, so to put the private property rights of AOL > above the well-being of any human is a silly mistake. > > In my particular case, AOL is blocking me from talking to friends and > family. I suppose I could argue that the packets I create and send > are created with my private property and resources, so those packets > are my property, and AOL is vandalizing my property by destroying > these packets. You can argue that how you want, but the bottom line > is that AOL is using their property to gain power to control who may > talk to who. This is clearly an abusive use of property, and I have > no tolarance for it. They need to be removed from power, and the > consumers who contributed to the purchasing of their property need to > be given some rights. This will be my last response to this thread. Your comments boil down to: a) You have forgotten that communication existed before the Internet, and further, that Internet communication exists just fine without AOL. The obvious conclusion that using AOL is an act of terminal stupidity is left as an exercise for the reader. b) You invoke the tired, meaningless appeal to the big bad corporation stomping on the little guy. In reality, AOL can do whatever it pleases with your bits when you place them on their property, barring any prior contract to the contrary. Any legislation that stipulates otherwise is misguided. And I think both of those are absurd. ----- John Kozubik - john at kozubik.com - http://www.kozubik.com From bill.stewart at pobox.com Wed Aug 6 01:17:15 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Wed, 06 Aug 2003 01:17:15 -0700 Subject: Year in Jail for Web Links In-Reply-To: <200308060117.h761HRwl020559@artifact.psychedelic.net> References: Message-ID: <5.1.1.6.2.20030806004713.02e5b6e8@idiom.com> At 06:17 PM 08/05/2003 -0700, Eric Cordian wrote: >The problem here is that if you have a family and assets and >responsibility and something resembling a future, you cannot afford to be >the 1 in 100 who refuses to plea bargain, It's a rigged game, and the "20 years extra for terrorism" raises the stakes substantially from the usual "1 year if you plead, or 3-4 years if you fight and lose" deal. (In my case, the plea bargain was "We'll drop the obviously bogus charge if you stipulate that you don't have grounds to sue us", and given how the judge treated the other cops in his court, chickening out and taking it was probably the correct decision.) >It's one of those Prisoner's Dillema-ish situations. >The demonstration to the Sheeple that one cannot break the system No, it's *not* Prisoner's Dilemma. The cops almost never have anything to lose by accepting a shorter sentence, except in highly publicized politically important cases, or by losing an occasional case, and their costs for going to trial are low enough that, while they save money by pleading out most cases, it's basically a minimal cost compared to the accused's costs. (The Prison Guards Union makes a bit less money on it, but it leaves them room to keep some drug user in jail a bit longer, and in any case it's not enough money to turn the game into the classic Prisoner's Dilemma.) Sometimes there's a case like OJ which creates really bad publicity for them if they lose, and sometimes they've got a Johnny Walker Lindh who could give them serious constitutional problems if they have a trial, but all of those are pretty rare, though they _are_ Prisoner's Dilemma cases. Most people they try are either guilty of something, and the real issue is exactly how many counts of what they're guilty of and how much they ought to be punished. Most of the rest of them are the wrong person accused by mistake, in which case if they lose they can be really sorry and announce how glad they are that their mistake was noticed, or they're some quality-of-life crime where dragging the accused through the process and keeping him in jail for a few nights or a few months keeps the sheeple in line even if they lose. (That's especially appropriate for most political-protest cases - you block traffic for the afternoon, they beat you and throw you in jail for the weekend, and maybe keep you in a couple extra days.) From emc at artifact.psychedelic.net Wed Aug 6 01:18:13 2003 From: emc at artifact.psychedelic.net (Eric Cordian) Date: Wed, 6 Aug 2003 01:18:13 -0700 (PDT) Subject: Trouble at HavenCo? In-Reply-To: <6bdf631d00e563588af9aa6a3df601c6@remailer.metacolo.com> Message-ID: <200308060818.h768IE1p022156@artifact.psychedelic.net> An anonymous sender writes: > Rely on math, not humans. What if all things computable are computable in polynomial time? -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division "Do What Thou Wilt Shall Be The Whole Of The Law" From bill.stewart at pobox.com Wed Aug 6 01:28:16 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Wed, 06 Aug 2003 01:28:16 -0700 Subject: What happened to the Cryptography list...? In-Reply-To: Message-ID: <5.1.1.6.2.20030806012119.02dd0e20@idiom.com> Bob - Perry's cryptography list moved from wasabisystems to cryptography at metzdowd.com a few months ago. Majordomo at metzdowd.com says: ----------------------------------------------------- >>>> lists majordomo at metzdowd.com serves the following lists: bsd-api-announce The BSD APIs Announcement Mailing List bsd-api-discuss The BSD APIs Discussion Mailing List cryptography The Cryptography and Cryptography Policy Mailing List spki The Simple PKI Mailing List Use the 'info ' command to get more information about a specific list. >>>> info cryptography "Cryptography" is a low-noise moderated mailing list devoted to cryptographic technology and its political impact. Occasionally, the moderator allows the topic to veer more generally into security and privacy technology and its impact, but this is rare. WHAT TOPICS ARE APPROPRIATE: "On topic" discussion includes technical aspects of cryptosystems, social repercussions of cryptosystems, and the politics of cryptography such as export controls or laws restricting cryptography. Discussions unrelated to cryptography are considered off topic. Please try to keep your postings on topic. MODERATION POLICY: In order to keep the signal to noise ratio high, the mailing list is moderated. The moderator does not forward off topic messages, messages that have substantially the same content as earlier messages, etc. Please not that the moderator does not always have the time to send an explanation of why a message was not forwarded. TO POST: send mail with your message to cryptography at metzdowd.com TO UNSUBSCRIBE: send mail to majordomo at metzdowd.com with the line unsubscribe cryptography in the body of your mail. >>>> info spki #### No info available for spki. >>>> end END OF COMMANDS -------------------------------------------------- From bill.stewart at pobox.com Wed Aug 6 01:52:40 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Wed, 06 Aug 2003 01:52:40 -0700 Subject: Others speak out in support of PAM In-Reply-To: <5.2.1.1.0.20030805135231.04962b30@mail.comcast.net> References: <102.332faa5a.2c61556a@aol.com> Message-ID: <5.1.1.6.2.20030805143419.02dce840@idiom.com> At 01:57 PM 08/05/2003 -0700, Steve Schear wrote: >Terror `market' was a creative idea killed by know-nothings >By Pat Buchanan >http://www.bayarea.com/mld/mercurynews/news/opinion/6460808.htm Nobody knows know-nothings like Pat Buchanan. But as occasionally happens, I have to say that he's written a really excellent article, knowing how to talk to a layperson about something that's obscure and technical (and probably not something he personally understands technically, but he's got the policy issues down pretty solidly.) He explains why it's important, and why it would have been a good thing to do, and some interesting speculation and facts about the Pearl Harbor attack I hadn't known, which he ties into the PAM issue well. Read it - it's good stuff. Then, of course, he reminds us that in spite of being intelligent, he's still good old offensive Pat Buchanan, by talking about how John Poindexter was first in his class at Annapolis and is being hounded out of Congress (without mentioning that Poindexter is also a convicted liar who's got no business in America's government though perhaps he ought to be out of jail by now), but even in doing that, he gets in a few well-deserved jabs at Congress. From bill.stewart at pobox.com Wed Aug 6 02:42:52 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Wed, 06 Aug 2003 02:42:52 -0700 Subject: They never learn: "Omniva Policy Systems" In-Reply-To: References: <5.1.1.6.2.20030805123823.02e9c340@idiom.com> Message-ID: <5.1.1.6.2.20030806020555.02ebb790@idiom.com> At 06:52 PM 08/05/2003 -0700, Tim May wrote: >On Tuesday, August 5, 2003, at 01:00 PM, Bill Stewart wrote: > >>It's nice to see that they're still around, unlike so many dot.bombs. > >Why is it "nice"? They had what looked like a legitimate security / privacy product, and were upfront about the threat models being regulators and anti-trust cops. >>He started off by being very clear about what problems they were >>and weren't trying to solve. They were trying to solve the problem of >>making messages expire when all the parties involved are cooperating. >>He viewed the problem of preventing non-cooperating parties from >>saving copies to be unsolvable snake oil and he wasn't trying to solve it. > >This may or may not have been what Jeff believed, or wanted to believe, or >told you was the case, but I don't buy that this is their business model.. >Their Web site is filled with stuff about how "Save" menus are subverted, >so as to, they claim, make it impossible for copies to be saved, blah >blah. This hardly fits with your view of a bunch of benign little bears >all sitting around cooperating. While it's hard to tell from the web site, it looks like they've still got the same basic technical model - instead of sending raw text, you're sending text encrypted using a key that you fetch from a key server, and when the recipient wants to view it, the recipient runs a viewer that fetches a decryption key. The policy enforcement runs on the key server, which deletes keys when the policy says the document should expire, and apparently places some controls on who it's willing to hand keys to. People save stuff all the time, and forget it, and backup systems often save it even if they didn't explicitly try to save it themselves. By shipping the sensitive messages as encrypted files, the Save functions are only saving the encrypted version, not the cleartext. On the other hand, I don't know how much their integration with Outlook breaks it. >Further, the site natters about how Omnivora will support government >requirements about unauthorized persons seeing mail (how? how will even >their crude expiry approach stop unauthorized viewings of mail?). You can set up your policy servers to set who's allowed to fetch keys. There's no indication on the web site about how much granularity this has, or how much protection or authentication they really do. >This is again inconsistent with the picture of friendly little bears all >cooperating. Friendly little bears don't need to have their "Save As" >buttons elided (not that this will stop screen grabs and photos, as I >mentioned). Nor would friendly little cooperating bears show their >messages to "unauthorized viewers," now would they? > >(Speculatively, I would not be even slightly surprised if Omnivora is >doing more than just nominally erasing some messages. To wit, storing >copies for later examination by Authorities with Ministerial Warrants. As >Jeff Ubois no longer seems to be attached to Omnivora, perhaps his vision >was rejected.) Policy servers are run by the company using the system, not by Omniva, so you're still dependent on their competence as well as their honesty, and if they want to ship a broken system, it's not hard to hide it (e.g. use a compromised random number generator for the keys.) >>~~~~ >>In your other message, you mentioned that several Extropians were doing >>really >>squishy stuff, and mentioned that Jeff Ubois's resume also appeared to be. > >Something called "Ryze" and something else called "Minciu Sodas." I didn't see Ryze. Looks like some kind of job-hunting thing. Minciu Sodas does look like a weird site - I'm not sure how much it's just a self-hyping conference board and how many people agree with each other like bloggers, but I didn't see anything on there that was actual content by Jeff, but it was too cluttery to spend much time hunting through. >But not as bad as the squishiness poor Max has gotten himself into, granted. >There's a whole subculture of bottom feeders who think high tech needs >some new version of Werner Erhard (originally born Nathan Goldfarb, or >somesuch...there was a Jew with major self-doubt). Jack Rosenberg, actually. Car salesman, with no self-doubt at all. While I thought Andrew Orlowski's Register article was pretty shoddy reporting, the Extropians Secret Handshake bit was funny. From ravage at einstein.ssz.com Wed Aug 6 04:29:18 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Wed, 6 Aug 2003 06:29:18 -0500 (CDT) Subject: nCipher edges closer to break even (fwd) Message-ID: http://theregister.co.uk/content/7/32178.html -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From roy at rant-central.com Wed Aug 6 03:34:00 2003 From: roy at rant-central.com (Roy M. Silvernail) Date: Wed, 6 Aug 2003 06:34:00 -0400 Subject: In the matter of Mr. Fuq Message-ID: <200308060634.00936.roy@rant-central.com> When I suggested a few weeks ago that someone would eventually argue for a constitutionally guaranteed right to be heard, members of the list both reminded me (quite correctly) that no such right does or can exist, and opined that because of the obvious fallacy of the claim, no one would make that argument. It would seem that Mencken [1] was correct, as well as Costello [2]. [1] http://www.bartleby.com/59/3/nooneeverwen.html [2] http://www.brainyquote.com/quotes/quotes/e/q108965.html From anonymous at remailer.metacolo.com Tue Aug 5 23:36:50 2003 From: anonymous at remailer.metacolo.com (Anonymous Sender) Date: Wed, 6 Aug 2003 06:36:50 +0000 (UTC) Subject: Trouble at HavenCo? In-Reply-To: > Has 'haven' for questionable sites sunk? > > By Declan McCullagh > Staff Writer, CNET News.com > August 4, 2003, 1:38 PM PT > > LAS VEGAS--A widely publicized > project to transform a platform in > the English Channel into a "safe > haven" for controversial Web > businesses has failed due to > political, technical and management > problems, one of the company's > founders said. Rely on math, not humans. From jya at pipeline.com Wed Aug 6 07:13:02 2003 From: jya at pipeline.com (John Young) Date: Wed, 06 Aug 2003 07:13:02 -0700 Subject: Year in Jail for Web Links In-Reply-To: <08CBC76751B32946BC0E3E1DEF5415E50672A9@server04.firm.wlj.c om> Message-ID: Mac Norton wrote: >There was a weapons charge as well, which will always complicate >matters considerably. There was a weapons charge -- Molotov cocktail -- in the first indictment which was dropped. The second indictment was for the single charge of distribution of information, to wit: 18:842(p)(2)(A) Distribution of Information Relating to Explosives, Destructive Devices and Weapons of Mass Destruction http://cryptome.org/usa-v-sma-dkt2.htm Mac's right that this kind of information is idiot cousin of controlled substances. Law is an prejudiced ass. That is why Sherman, a minority youngster, took a hit in cracker Southern California while two old honkies on the Left Coast addicted to 1A who offer the same information get no re-education sentence at all -- well, as the Boston youngster wrote "yet." From timcmay at got.net Wed Aug 6 09:24:23 2003 From: timcmay at got.net (Tim May) Date: Wed, 6 Aug 2003 09:24:23 -0700 Subject: Year in Jail for Web Links In-Reply-To: <5.1.1.6.2.20030806004713.02e5b6e8@idiom.com> Message-ID: <70C7FDDE-C82A-11D7-BD95-000A956B4C74@got.net> On Wednesday, August 6, 2003, at 01:17 AM, Bill Stewart wrote: > At 06:17 PM 08/05/2003 -0700, Eric Cordian wrote: >> The problem here is that if you have a family and assets and >> responsibility and something resembling a future, you cannot afford >> to be >> the 1 in 100 who refuses to plea bargain, > > It's a rigged game, and the "20 years extra for terrorism" > raises the stakes substantially from the usual > "1 year if you plead, or 3-4 years if you fight and lose" deal. They're also throwing sentencing enhancements in if guns are found. "Use your Second Amendment rights and get an extra 20 years added to your sentence." (Seems to be a pattern. Using either First or Second Amendment rights triggers a harsh sentence.) The whole U.S. prison system is out of whack, economically. If a local community is responsible for imprisoning a convict, and had to feed and house him, there are some economic constraints that shine through. To wit, my little town of Corralitos isn't going to spend $40,000 a year to imprison a pot smoker. Nor is the larger city of Santa Cruz going to build a SuperMax prison to house a thousand people who have used drugs, talked about bombs, or sent spam mail. But since local communities don't pay for imprisoning their own people, it's a classic game theory situation where costs are delinked from choices. It doesn't cause lawmakers anything to "get tough on crime" by adding "sentencing enhancements." In fact, they get to tell their constituents they have made the streets safer by taking those dangerous First Amendment radicals off the streets. > (In my case, the plea bargain was "We'll drop the obviously bogus > charge > if you stipulate that you don't have grounds to sue us", > and given how the judge treated the other cops in his court, > chickening out and taking it was probably the correct decision.) > >> It's one of those Prisoner's Dillema-ish situations. >> The demonstration to the Sheeple that one cannot break the system > > No, it's *not* Prisoner's Dilemma. The cops almost never have > anything to lose by accepting a shorter sentence, > except in highly publicized politically important cases, > or by losing an occasional case, and their costs for going to trial > are low enough that, while they save money by pleading out most cases, > it's basically a minimal cost compared to the accused's costs. > (The Prison Guards Union makes a bit less money on it, > but it leaves them room to keep some drug user in jail a bit longer, > and in any case it's not enough money to turn the game into > the classic Prisoner's Dilemma.) I was reading someplace that one of the main lobbying forces for "more laws" are some of the small towns in California, for example, which are suffering economically and think that having a big prison located near their town will "generate jobs." They lobby their local politicians for both more laws, tougher sentences, and a prison in their town. The politicians put forward bills, recruit supporters ("you scratch my back and..."), and more spending happens. And more laws. And tougher sentences. And more prisoners. And more prisons. And more jobs. Everybody's happy, except California and the U.S. are deeply in debt, an historically high percentage of people are in "gladiator schools" in the state and country, taxes are way too high, and the Constitution has been shredded. Whichever game theory theories apply, it's a mess. And a tragedy. And a common tragedy, even a tragedy of the commons. --Tim May From kvanhorn at ksvanhorn.com Wed Aug 6 08:26:33 2003 From: kvanhorn at ksvanhorn.com (Kevin S. Van Horn) Date: Wed, 06 Aug 2003 09:26:33 -0600 Subject: Year in Jail for Web Links In-Reply-To: <5.1.1.6.2.20030806004713.02e5b6e8@idiom.com> References: <5.1.1.6.2.20030806004713.02e5b6e8@idiom.com> Message-ID: <3F311E29.4050306@ksvanhorn.com> Bill Stewart wrote: > No, it's *not* Prisoner's Dilemma. Think more literally here. The prisoners are the entire population of accused persons. If all the accused (in all cases in the Injustice System) were to reject plea bargaining and insist on a jury trial, then prosecutors would be spread more thin, and would not be able to extort confessions as they do now. > Most people they try are either guilty of something, > and the real issue is exactly how many counts of what they're guilty of > and how much they ought to be punished. Do you have any evidence at all for this assertion? It seems to me that you've been taken in by Big Brother's propaganda. On a regular basis I hear about corrupt judges who act as a second prosecutor, and actively prevent the accused from presenting any effective defense by disallowing crucial evidence and even telling them what arguments they can make. Too often, the prosecution just needs to convict somebody to keep their numbers high, or police need to make arrests because they've allocated a certain portion of the departmental budget to come from forfeitures. From timcmay at got.net Wed Aug 6 09:46:55 2003 From: timcmay at got.net (Tim May) Date: Wed, 6 Aug 2003 09:46:55 -0700 Subject: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Conference In-Reply-To: <20030806155410.GA87892@lightship.internal.homeport.org> Message-ID: <96602AD8-C82D-11D7-BD95-000A956B4C74@got.net> On Wednesday, August 6, 2003, at 08:54 AM, Adam Shostack wrote: > Well, if you can't win on the truth, win on the procedures. > > At least Dr. Mercuri is in fine company there, ranging all the way > back to Socrates and Galileo. Little consolation, I know, as our > democracy gets replaced by a kleptocracy, but what can you do? > > Maybe she should set up stealdemocracy.com, a new voting machine > company. Sell machines that explicitly let you steal elections. Get > some press. > It's a meme we might want to spread: "They stole the election." ("They") I was intensely opposed to the gibberish about how the Republicans "stole" the Florida vote, for multiple reasons. First, the Dems wanted to change the rules after the outcome went against them...they wanted "hanging chads" counted in their favor (ultimately, of course, this wouldn't have even swayed the outcome, as careful studies by newspapers showed). Second, they wanted the Elections Commission to somehow adjust the outcome based on exit interviews with little old Jewish ladies who claimed they wanted to vote for Algore but who actually voted for Pat Buchanan or Jeffery Dahmer or whomever it was that was opposite Chad Gore on the ballot (note that Democrats designed the ballot). Third, they wanted only precincts known to be leaning toward Chad Gore recounted from scratch. (I would have _opposed_ a statewide recount on general common sense and legal grounds, too, but for sure I was aghast at the proposal to only recount selected precincts: "We'll keep recounting until the outcome fluctuates in our favor!") But I now see that spreading fear, uncertainty, and doubt about the outcome of elections serves to undermine confidence in government and make more people skeptical of the whole process. The meme that is commonly heard today is "Bush and the Supreme Court stole the election." This is good. Shenanigans like the above story, with respected experts like Mercuri and Chaum excluded from a conference after they duly registered, will be good fodder for conspiracy stories about the 2004 election. (Actually, the recall vote on the governor of California is coming up on October 7th. Election officials are already claiming the ballots can't be ready in time, the machines will have to be brought out of mothballs and somehow made to work, and so on. I see many opportunities for spreading FUD about whatever outcome happens. Having Mercuri and Chaum ejected is the best thing that could have happened. --Tim May From mv at cdc.gov Wed Aug 6 09:49:36 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Wed, 06 Aug 2003 09:49:36 -0700 Subject: What if all things computable are computable in polynomial time? Message-ID: <3F3131A0.A2B02AC2@cdc.gov> At 01:18 AM 8/6/03 -0700, Eric Cordian wrote: >An anonymous sender writes: >> Rely on math, not humans. >What if all things computable are computable in polynomial time? RSA, Inc. stock would go down. We would have to go back to paper and OTP, but we would also get to enjoy the excellent graphics, AI, number theory, etc, that we would win. From rah at shipwright.com Wed Aug 6 06:55:21 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Wed, 6 Aug 2003 09:55:21 -0400 Subject: What happened to the Cryptography list...? In-Reply-To: <5.1.1.6.2.20030806012119.02dd0e20@idiom.com> References: <5.1.1.6.2.20030806012119.02dd0e20@idiom.com> Message-ID: At 1:28 AM -0700 8/6/03, Bill Stewart wrote: >Bob - Perry's cryptography list moved from wasabisystems to > cryptography at metzdowd.com I haven't gotten anything from there, either. Perry got sick a while back, and, if he's not in jail or something, :-), I bet that's it. Cheers, RAH -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From bill.stewart at pobox.com Wed Aug 6 10:19:32 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Wed, 06 Aug 2003 10:19:32 -0700 Subject: In the matter of Mr. Fuq In-Reply-To: <200308060634.00936.roy@rant-central.com> Message-ID: <5.1.1.6.2.20030806094518.02eb42c8@idiom.com> At 06:34 AM 08/06/2003 -0400, Roy M. Silvernail wrote: >It would seem that Mencken [1] was correct, as well as Costello [2]. >[1] http://www.bartleby.com/59/3/nooneeverwen.html >[2] http://www.brainyquote.com/quotes/quotes/e/q108965.html Yup. Mr. Fuq is arguing at least two things: - If Bob sends a message to Alice that Alice thinks is Spam, Alice has a right to sue Bob for spamming. - If Bob sends a message to Alice the Bob thinks is legitimate, and Alice's ISP doesn't think so and discards it, this is a criminal denial of service activity. Now, every spammer out there says that his or her mail is legitimate, so if Alice hires her ISP to detect and discard obvious spam for her, she's obviously hiring them to conduct a criminal act so she's Guilty Guilty Guilty! She can still sue Bob, but only from jail. So remember, never Fuq with a troll. Now, there are other people, such as the EFF, who will discuss the problems with ISPs that are too enthusiastic about dropping or rejecting mail, or (much worse from an internet engineering business) silently drop the mail without providing a proper reject message, which is a badly broken evil nasty thing to do. Dropping mail noisily is not so bad - market solutions let customers tell their ISPs to be more or less aggressive, but people who send mail at least know it's been rejected. Things like rejecting mail from Linux users who are rude enough to actually run Sendmail themselves instead of being dumb consumers also bug them. From timcmay at got.net Wed Aug 6 10:39:16 2003 From: timcmay at got.net (Tim May) Date: Wed, 6 Aug 2003 10:39:16 -0700 Subject: Colored people In-Reply-To: <08CBC76751B32946BC0E3E1DEF5415E50672A9@server04.firm.wlj.c om> Message-ID: On Tuesday, August 5, 2003, at 08:39 PM, Mac Norton wrote: > There was a weapons charge as well, which will always complicate > matters considerably. The unconventional life is a more or less fine > thing until it gets perpendicular to the conventional life, usually in > the form of law enforcement agents. When that happens, and it almost > surely will, what is necessary is a relatively big bunch of money, or > a plea bargain. > > What happened here is happening to young men (yes, usually men, and as > in this case, of color) Where did this "of color" nonsense get started? I thought colored people wanted to be called by other names, now they and their whiteliberal supporters are routinely using the silly name "people of color." (Of course, we live in an age where homosexuals call themselves "queers" and propagate the name--Queer Nation, Queers of Color, Queer Eye for the Pervert Guy, etc.--and yet file lawsuits when others call them queers. And we live in an age where negroes call themselves and other negroes "niggers" and name their minstrel acts "Niggaz with Attitude" but then insist that persons of whiteness call them "NWA" so as not to use the "offensive" "N-word.") If the coloreds want to be called that, fine with me. --Tim May From sunder at sunder.net Wed Aug 6 07:51:05 2003 From: sunder at sunder.net (Sunder) Date: Wed, 6 Aug 2003 10:51:05 -0400 (edt) Subject: Trouble at HavenCo? In-Reply-To: <200308060818.h768IE1p022156@artifact.psychedelic.net> Message-ID: Then we switch back to one time pads. ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------ On Wed, 6 Aug 2003, Eric Cordian wrote: > An anonymous sender writes: > > > Rely on math, not humans. > > What if all things computable are computable in polynomial time? From rah at shipwright.com Wed Aug 6 08:08:38 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Wed, 6 Aug 2003 11:08:38 -0400 Subject: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Conference Message-ID: Notice they did this to Chaum, too... Cheers, RAH --- begin forwarded text From rah at shipwright.com Wed Aug 6 08:18:32 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Wed, 6 Aug 2003 11:18:32 -0400 Subject: What happened to the Cryptography list...? In-Reply-To: References: <5.1.1.6.2.20030806012119.02dd0e20@idiom.com> Message-ID: At 9:55 AM -0400 8/6/03, R. A. Hettinga wrote: >Perry got sick a while back, and, if he's not in jail or something, :-), I bet that's it. Let me clarify that. A while ago, Perry got sick. The list was down for quite a while. Then he got better, and the list came back. I bet that's what's happening now. If he's not in jail. :-). Cheers, RAH But, seriously, folks... -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From Freematt357 at aol.com Wed Aug 6 08:35:32 2003 From: Freematt357 at aol.com (Freematt357 at aol.com) Date: Wed, 6 Aug 2003 11:35:32 EDT Subject: Trouble at HavenCo? Message-ID: <177.1e56bf1d.2c627a44@aol.com> In a message dated 8/5/2003 2:51:57 PM Eastern Daylight Time, timcmay at got.net writes: Sterling had placed much too much emphasis on the havens' attempt to be physically secure by owning small countries and not nearly enough (if any) emphasis on using strong cryptography to achieve security inside cypherspace I agree except to say that there must be a minimal level of freedom and security in which to operate. You'd have to be not in a place like Rwanda where the Hutu might literally hack you and your hardware with their machetes. Or be in another similar condition where the network lines are pounded into pretty jewelry. Communities like the Amish can only flourish in communities such as the US which largely leaves them alone (This is changing unfortunately.) I do remember we discussed the ridiculous notion of placing machine guns on Haven-Co's platform- As if the Brits would allow such a thing in their territorial waters. Regards, Matt- From timcmay at got.net Wed Aug 6 11:49:37 2003 From: timcmay at got.net (Tim May) Date: Wed, 6 Aug 2003 11:49:37 -0700 Subject: What happened to the Cryptography list...? In-Reply-To: <20030806180527.GA11176348@exeter.ac.uk> Message-ID: On Wednesday, August 6, 2003, at 11:05 AM, Adam Back wrote: > The problems with closed lists relying on a single human for > forwarding and filtering... > > Couldn't he just let people post in his absence? It kind of detracts > from a list if it disappears for weeks at a time on a regular basis. > > Also there are delays, and then there's Perry decisions that a > discussion is no longer worth persuing when contributors are still > interested to discuss. > > Adam I enjoyed interacting with Perry about 10-11 years ago, mostly on the Extropians list. Perry was a major political ranter (even if it is not true that he coined the phrase "Utopia is not an option"). (Extropians was a privately-owned list, and what eventually drove me away was the silliness involving "trials" for those accused of insulting others, or violating some rules, or disrespecting the Official Beliefs. I attribute this silliness not to malice by the Extropian Maximum Leaders, but by the very nature of private lists and the almost unavoidable tendency to try to "perfect" lists by tweaking what people can and can't say.) I despise people's private fiefdoms, whether Dave Farber's "Interesting People" list or Lewis McCarthy's "Coderpunks" list or any of Bob Hettinga's various "BearerBunks" and "Phisodex" lists. And Perrypunks, with its quixotic policy about politics (politics banned, except when Perry wanted to rant), was just another private fiefdom. I don't dispute their property right to do with their machines as they wish, absent contracts, but being in their fiefdoms chafes very quickly. The distributed CP list may end up being the last list left standing, at least in this niche. Part of the reason Usenet continues to thrive, despite its flaws. --Tim May "That the said Constitution shall never be construed to authorize Congress to infringe the just liberty of the press or the rights of conscience; or to prevent the people of the United States who are peaceable citizens from keeping their own arms." --Samuel Adams From adam at homeport.org Wed Aug 6 08:54:10 2003 From: adam at homeport.org (Adam Shostack) Date: Wed, 6 Aug 2003 11:54:10 -0400 Subject: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Conference In-Reply-To: References: Message-ID: <20030806155410.GA87892@lightship.internal.homeport.org> Well, if you can't win on the truth, win on the procedures. At least Dr. Mercuri is in fine company there, ranging all the way back to Socrates and Galileo. Little consolation, I know, as our democracy gets replaced by a kleptocracy, but what can you do? Maybe she should set up stealdemocracy.com, a new voting machine company. Sell machines that explicitly let you steal elections. Get some press. Adam On Wed, Aug 06, 2003 at 11:08:38AM -0400, R. A. Hettinga wrote: | Notice they did this to Chaum, too... | | Cheers, | RAH | | --- begin forwarded text | | | Status: U | To: "johnmac's living room" | Cc: Dave Farber | From: "John F. McMullen" | Mailing-List: list johnmacsgroup at yahoogroups.com; contact johnmacsgroup-owner at yahoogroups.com | Delivered-To: mailing list johnmacsgroup at yahoogroups.com | Date: Mon, 4 Aug 2003 23:31:49 -0400 (EDT) | Subject: [johnmacsgroup] Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections | Conference | | Computer Voting Expert Ousted From Elections Conference | | Lynn Landes | freelance journalist | www.EcoTalk.org | | Denver CO Aug 1 - Dr. Rebecca Mercuri, a leading expert in voting machine | security, had her conference credentials revoked by the president of the | International Association of Clerks, Records, Election Officials, and | Treasurers (IACREOT), Marianne Rickenbach. The annual IACREOT Conference | and Trade Show, which showcases election systems to elections officials, | is being held at the Adam's Mark Hotel in Denver all this week. | | Mercuri believes that her credentials were revoked because of her position | in favor of voter-verified paper ballots for computerized election | systems. "I guess in a very troubling way it makes sense that an | organization like IACREOT, that supports paperless computerized voting | systems, which are secret by their very design, would not want computer | experts who disagree with that position at their meetings." | | Dr. Mercuri said that her credentials were approved for the first three | days of the conference. She attended meetings of other groups and visited | the exhibitors hall. But it was only on Thursday as she sat down to attend | her first meeting at the IACREOT that President Marianne Rickenbach took | Mercuri out of the room and told her that her credentials were being | revoked. Rickenbach said that Mercuri had not filled out the forms | correctly. Mercuri protested, but was refused reinstatement. | | David Chaum, the inventor of eCash and a member of Mercuri's | 'voter-verified paper ballot' group, had his credentials revoked on the | first day of the conference. On the second day his credentials were | partially restored. Chaum was allowed to visit the exhibitors hall, but | not attend the IACREOT meetings. | | Rickenbach was unavailable for comment as of this report. Mercuri can be | reached at the Adam's Mark Hotel through Saturday. | | --------------------------- | | | "When you come to the fork in the road, take it" - L.P. Berra | "Always make new mistakes" -- Esther Dyson | "Be precise in the use of words and expect precision from others" - | Pierre Abelard | "Any sufficiently advanced technology is indistinguishable from magic" | -- Arthur C. Clarke | "Bobby Layne never lost a game. Time just ran out." -- Doak Walker | | John F. McMullen | johnmac at acm.org ICQ: 4368412 Fax: (603) 288-8440 johnmac at cyberspace.org | http://www.westnet.com/~observer | NOYFB,P | | | | | | | ------------------------ Yahoo! Groups Sponsor ---------------------~--> | Buy Ink Cartridges or Refill Kits for Your HP, Epson, Canon or Lexmark | Printer at Myinks.com. Free s/h on orders $50 or more to the US & Canada. http://www.c1tracking.com/l.asp?cid=5511 | http://us.click.yahoo.com/sO0ANB/LIdGAA/ySSFAA/XgSolB/TM | ---------------------------------------------------------------------~-> | | To unsubscribe from this group, send an email to: | johnmacsgroup-unsubscribe at yahoogroups.com | | | | Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ | | --- end forwarded text | | | -- | ----------------- | R. A. Hettinga | The Internet Bearer Underwriting Corporation | 44 Farquhar Street, Boston, MA 02131 USA | "... however it may deserve respect for its usefulness and antiquity, | [predicting the end of the world] has not been found agreeable to | experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' -- "It is seldom that liberty of any kind is lost all at once." -Hume --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com From mv at cdc.gov Wed Aug 6 11:57:38 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Wed, 06 Aug 2003 11:57:38 -0700 Subject: What if all things computable are computable in polynomial time Message-ID: <3F314FA1.75248242@cdc.gov> At 01:28 PM 8/6/03 -0400, Billy wrote: >> At 01:18 AM 8/6/03 -0700, Eric Cordian wrote: >> >What if all things computable are computable in polynomial time? > >You mean polynomials like O(n^10^10^10) ? > > subset{P} !=> easy There could still be some protection with some crypto schemes, in such a world, BUT the adversary is assumed to be much better funded, and poly work gives the adversary's algorithmicists (who can be rented cheaply when young) hope that much faster algorithms can be found, if not published :-) You really want the assurance of exponential work to break it, not just big constants. The problem is that, for public key crypto, we want functions which are easy "one way" (if you know the secret) and exponentionally tough in the length of the public key the other. If there is a "quick" (*non-expon*.) solution to your trap-door function then the adversary can reasonably do the extra work and your scheme is toast. For symmetric crypto, the same applies. You can always make *your* key longer, but the "leverage" you get --the extra work the adversary must do-- is much less if you can't demand exponential work by them (because as was suggested, presumably tongue-in-cheek, by EC, there might not be any exponential work problems) --- "The tragedy of Galois is that he could have contributed so much more to mathematics if he'd only spent more time on his marksmanship." From bill.stewart at pobox.com Wed Aug 6 11:59:38 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Wed, 06 Aug 2003 11:59:38 -0700 Subject: What happened to the Cryptography list...? In-Reply-To: <20030806180527.GA11176348@exeter.ac.uk> References: <5.1.1.6.2.20030806012119.02dd0e20@idiom.com> Message-ID: <5.1.1.6.2.20030806115758.02eb33d0@idiom.com> At 07:05 PM 08/06/2003 +0100, Adam Back wrote: >The problems with closed lists relying on a single human for >forwarding and filtering... > >Couldn't he just let people post in his absence? It kind of detracts >from a list if it disappears for weeks at a time on a regular basis. > >Also there are delays, and then there's Perry decisions that a >discussion is no longer worth persuing when contributors are still >interested to discuss. If it's too quiet on Perry's list, you can always overflow discussions back to the Cypherpunks list or sci.crypt. From timcmay at got.net Wed Aug 6 12:01:48 2003 From: timcmay at got.net (Tim May) Date: Wed, 6 Aug 2003 12:01:48 -0700 Subject: Colored people and cripples In-Reply-To: Message-ID: <6E0FFDF7-C840-11D7-BD95-000A956B4C74@got.net> On Wednesday, August 6, 2003, at 10:59 AM, Tyler Durden wrote: > Tim May wrote... > > "Where did this "of color" nonsense get started?" > > Like a lot of PC terms...from guilt-ridden white liberals. Black folks > never use this term, as far as I've ever heard. I hear them using this _frequently_. Just about any time I see a fat negro chick on one of the talk shows (CNN, MSNBC, etc.) I can count on her using the phrase "blahblah of color" several times. > Likewise with "physically challenged". My black karate Sensei used to > periodically laugh at the shame and embarassment associated with any > speech "coloration"...to the point where some people won't even > mention skin color when describing another person. > Again, I hear the cripples using the phrases "physically challenged" _frequently_. It's not enough that cripples always get the best parking places, by law, but they want all "Handicapped" signs replaced with more PC terms. (I may start pulling cores on their tires after seeing so many apparently-fully-mobile persons getting out of their cars and vans with the "Handicapped" placards. Here in California, an entire industry of scammers and willing doctors has emerged to get more and more people declared "Disabled" and thus eligible for the special placards and, of course, taxpayer-paid-for free stuff.) --Tim May From mv at cdc.gov Wed Aug 6 12:14:43 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Wed, 06 Aug 2003 12:14:43 -0700 Subject: What happened to the Cryptography list...? Message-ID: <3F3153A2.DEC5774C@cdc.gov> At 11:49 AM 8/6/03 -0700, Tim May wrote: >On Wednesday, August 6, 2003, at 11:05 AM, Adam Back wrote: >> Couldn't he just let people post in his absence? It kind of detracts >> from a list if it disappears for weeks at a time on a regular basis. He moderates it. His choice. Single point of failure, regrettable. >I enjoyed interacting with Perry about 10-11 years ago, mostly on the >Extropians list. Perry was a major political ranter (even if it is not >true that he coined the phrase "Utopia is not an option"). Amusing! Because he keeps cryptography@ politics free, for the most part. Which seems to be why some knowledgable people post there and do not bother with this group. Specialization is fine. I find it useful that both tech and techsocially clueful folks post here. >I despise people's private fiefdoms, whether Dave Farber's "Interesting >People" list or Lewis McCarthy's "Coderpunks" list or any of Bob >Hettinga's various "BearerBunks" and "Phisodex" lists. And Perrypunks, >with its quixotic policy about politics (politics banned, except when >Perry wanted to rant), was just another private fiefdom. A problem with editors in a free market? That's a bit reflexively-anarchic, no? One man's "chafing" is another's "straying off topic" I guess. >I don't dispute their property right to do with their machines as they >wish, absent contracts, but being in their fiefdoms chafes very quickly. Reputation/editing is useful for keeping S/N high, not that one can't invest personally (eg in kill files) to do this. The distributed-CP remailing architecture is interesting, and enforces an anarchic (editor-free) forum, which is a good thing, but as a result has a S/N that deters some folks who are worth listening to, who do post in the other, moderated forum. ---- "Thus ends, at least in Italy, the absurd anarchy that permits anyone to publish online without standards and without restrictions, and guarantees to the consumer minimum standards of quality in all information content, for the first time including electronic media." -Italian govt From s.schear at comcast.net Wed Aug 6 12:20:30 2003 From: s.schear at comcast.net (Steve Schear) Date: Wed, 06 Aug 2003 12:20:30 -0700 Subject: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Conference In-Reply-To: <96602AD8-C82D-11D7-BD95-000A956B4C74@got.net> References: <20030806155410.GA87892@lightship.internal.homeport.org> Message-ID: <5.2.1.1.0.20030806121758.0497a428@mail.comcast.net> At 09:46 2003-08-06 -0700, Tim May wrote: I was intensely opposed to the gibberish about how the Republicans "stole" the Florida vote, for multiple reasons. First, the Dems wanted to change the rules after the outcome went against them...they wanted "hanging chads" counted in their favor (ultimately, of course, this wouldn't have even swayed the outcome, as careful studies by newspapers showed). Second, they wanted the Elections Commission to somehow adjust the outcome based on exit interviews with little old Jewish ladies who claimed they wanted to vote for Algore but who actually voted for Pat Buchanan or Jeffery Dahmer or whomever it was that was opposite Chad Gore on the ballot (note that Democrats designed the ballot). Third, they wanted only precincts known to be leaning toward Chad Gore recounted from scratch. (I would have _opposed_ a statewide recount on general common sense and legal grounds, too, but for sure I was aghast at the proposal to only recount selected precincts: "We'll keep recounting until the outcome fluctuates in our favor!") This was certainly a farce, but the decision by the SC to intervene was worse. The matter should have been thrown into the House of Representative where the Constitution has provisions for its resolution (or lack thereof). steve "Remember, democracy never lasts long. It soon wastes, exhausts and murders itself. There never was a democracy yet that did not commit suicide." John Adams From mbc at debian.org Wed Aug 6 12:23:23 2003 From: mbc at debian.org (Cardenas) Date: Wed, 6 Aug 2003 12:23:23 -0700 Subject: Colored people and cripples In-Reply-To: <6E0FFDF7-C840-11D7-BD95-000A956B4C74@got.net> References: <6E0FFDF7-C840-11D7-BD95-000A956B4C74@got.net> Message-ID: <20030806192323.GC1296@rilke.lindows.com> once again, we can count on Tim May to contribute the least productive comment to this thread. On Wed, Aug 06, 2003 at 12:01:48PM -0700, Tim May wrote: > On Wednesday, August 6, 2003, at 10:59 AM, Tyler Durden wrote: > > >Tim May wrote... > > > >"Where did this "of color" nonsense get started?" > > > >Like a lot of PC terms...from guilt-ridden white liberals. Black folks > >never use this term, as far as I've ever heard. > > I hear them using this _frequently_. Just about any time I see a fat > negro chick on one of the talk shows (CNN, MSNBC, etc.) I can count on > her using the phrase "blahblah of color" several times. > > > >Likewise with "physically challenged". My black karate Sensei used to > >periodically laugh at the shame and embarassment associated with any > >speech "coloration"...to the point where some people won't even > >mention skin color when describing another person. > > > > Again, I hear the cripples using the phrases "physically challenged" > _frequently_. > > It's not enough that cripples always get the best parking places, by > law, but they want all "Handicapped" signs replaced with more PC terms. > > (I may start pulling cores on their tires after seeing so many > apparently-fully-mobile persons getting out of their cars and vans with > the "Handicapped" placards. Here in California, an entire industry of > scammers and willing doctors has emerged to get more and more people > declared "Disabled" and thus eligible for the special placards and, of > course, taxpayer-paid-for free stuff.) > -- http://www.sdtjmobilization.org The World Says No to the WTO From Freematt357 at aol.com Wed Aug 6 09:26:33 2003 From: Freematt357 at aol.com (Freematt357 at aol.com) Date: Wed, 6 Aug 2003 12:26:33 EDT Subject: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Confer... Message-ID: <171.223e2cbb.2c628639@aol.com> Some effort should be made to communicate the danger of e-ballots to the various grassroots, political organizations interested in voting issues. We really have to get a wider audience made aware of the tremendous danger. And somebody should work on producing an alternative hybrid voting machine that is hard copy paper verifiable. I think we have to give these local governments a viable alternative, a machine that can't be used for Machiavellian machinations. Regards, Matt Gaylor- From Freematt357 at aol.com Wed Aug 6 09:58:06 2003 From: Freematt357 at aol.com (Freematt357 at aol.com) Date: Wed, 6 Aug 2003 12:58:06 EDT Subject: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Confer... Message-ID: <95.3100fd50.2c628d9e@aol.com> In a message dated 8/6/2003 12:51:29 PM Eastern Daylight Time, timcmay at got.net writes: Having Mercuri and Chaum ejected is the best thing that could have happened. Absolutely correct..You should try to think up ways to get them to be even more hostile to them. Regards, Matt- From rah at shipwright.com Wed Aug 6 10:24:32 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Wed, 6 Aug 2003 13:24:32 -0400 Subject: "Anarchy" gene in bees Message-ID: -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From billy at dadadada.net Wed Aug 6 10:28:57 2003 From: billy at dadadada.net (Billy) Date: Wed, 6 Aug 2003 13:28:57 -0400 Subject: What if all things computable are computable in polynomial time? In-Reply-To: <3F3131A0.A2B02AC2@cdc.gov> References: <3F3131A0.A2B02AC2@cdc.gov> Message-ID: <20030806172857.GB9938@mail.dadadada.net> On Wed, Aug 06, 2003 at 09:49:36AM -0700, Major Variola (ret) wrote: > At 01:18 AM 8/6/03 -0700, Eric Cordian wrote: > >An anonymous sender writes: > >> Rely on math, not humans. > >What if all things computable are computable in polynomial time? You mean polynomials like O(n^10^10^10) ? subset{P} !=> easy From s.schear at comcast.net Wed Aug 6 13:49:26 2003 From: s.schear at comcast.net (Steve Schear) Date: Wed, 06 Aug 2003 13:49:26 -0700 Subject: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Conference In-Reply-To: <20030806155410.GA87892@lightship.internal.homeport.org> References: Message-ID: <5.2.1.1.0.20030806134344.049ad038@mail.comcast.net> At 11:54 2003-08-06 -0400, Adam Shostack wrote: >Well, if you can't win on the truth, win on the procedures. > >At least Dr. Mercuri is in fine company there, ranging all the way >back to Socrates and Galileo. Little consolation, I know, as our >democracy gets replaced by a kleptocracy, but what can you do? > >Maybe she should set up stealdemocracy.com, a new voting machine >company. Sell machines that explicitly let you steal elections. Get >some press. A better solution, already available to voters, is to request an absentee voter form. If a substantial number of voters asked to vote this way it would overwhelm the voting machinery and completely negate any cost savings expected from the distrusted automated systems. steve "The most dangerous man to any government is the man who is able to think things out for himself, without regard to the prevailing superstitions and taboos. Almost inevitably he comes to the conclusion that the government he lives under is dishonest, insane, and intolerable." --H. L. Mencken From camera_lumina at hotmail.com Wed Aug 6 10:54:40 2003 From: camera_lumina at hotmail.com (Tyler Durden) Date: Wed, 06 Aug 2003 13:54:40 -0400 Subject: The last detritus of the dot bombs Message-ID: Tim May wrote... "Way too many people think they can become the next Tony Robbins, that Neanderthal on late night t.v. selling motivational tapes" Well, I think a lot of people actually get some real $$$ doing this kind of stuff. And as an engineer/physicist by training, I can't help thinking this is bulsshit as well at best, and a real danger at worst...I can't imagine how much damage George Guilder caused in Telecom. Nevertheless, if people are wiling to regularly pay for "motivational speakers" (I'm thinking of Chris Farley), perhaps they are providing some kind of value that is not so easily assessed...a lot of folks probably grew up in Church-going homes and they are used to be Preached at. So...companies pay for oporae preachers to give their sales folks (for instance) a warm-and-fuzzy. BUT...it's clear to me that there's a lot of money going to sheisters like this. -TD >From: Tim May >To: cypherpunks at lne.com >Subject: The last detritus of the dot bombs >Date: Tue, 5 Aug 2003 11:40:09 -0700 > >As I'm feeling chatty this morning, I'll comment on another trend I've been >seeing a lot of. While reading the Andrew Orlowski piece on Robin Hanson >and the PAM/terror futures thing > >( the URL is ) > >I got to thinking about "What ever happened to Max More?" (the founder of >the Extropians group) > >I did some Googling and found out he and his wife (Natasha Vita-More...the >Extropians often change their names to more future-sounding monikers) are >some kind of "motivational coaches" or involved in software to do the same. > >Then while Googling on Omnivora Policy Systems, or whatever that >"disappearing ink" company is, I ran across the name Jeff Ubois, the guy >who attended some of my parties. His resume is chockfull of references to >"motivational' and "coaching" and similar squishy-soft consulting gigs. > >Way too many people think they can become the next Tony Robbins, that >Neanderthal on late night t.v. selling motivational tapes. > >The good ideas, the good companies, the good technology...it comes from >good ideas and good products, not from EST nonsense, not from motivational >coaches, not from late night hucksters. > >Having talked to some of these folks, though not for the past few years, it >really bugs me to see them going down this bullshit path. > > >--Tim May >"The only purpose for which power can be rightfully exercised over any >member of a civilized community, against his will, is to prevent harm to >others. His own good, either physical or moral, is not a sufficient >warrant." --John Stuart Mill _________________________________________________________________ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus From rah at shipwright.com Wed Aug 6 10:56:25 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Wed, 6 Aug 2003 13:56:25 -0400 Subject: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Conference In-Reply-To: <96602AD8-C82D-11D7-BD95-000A956B4C74@got.net> References: <96602AD8-C82D-11D7-BD95-000A956B4C74@got.net> Message-ID: We should also remember in all of this no purely electronic voting scheme, without the most asinine, if not draconian, is-a-person identity methods, cannot prevent the *selling* of votes. Essentially, if the right to vote is defined by an electronic credential, or, more properly a zero-knowledge proof-of-knowledge of an electronic credential, that credential is instantly fungible -- and transferrable. Of course, that's what we want in the long run, I suppose: demonopololized force markets. That is, people who buy and sell their votes are called "shareholders", right? To mix a paraphrase like a dead horse, in the long run, l' etat c'est merde. Cheers, RAH Parlez vous franglais? -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From bill.stewart at pobox.com Wed Aug 6 13:58:01 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Wed, 06 Aug 2003 13:58:01 -0700 Subject: politically corrent terms of color In-Reply-To: Message-ID: <5.1.1.6.2.20030806120133.02e6d688@idiom.com> At 01:59 PM 08/06/2003 -0400, Tyler Durden wrote: >Tim May wrote... > > "Where did this "of color" nonsense get started?" > >Like a lot of PC terms...from guilt-ridden white liberals. Black folks >never use this term, as far as I've ever heard. Likewise with "physically >challenged". My black karate Sensei used to periodically laugh at the >shame and embarassment associated with any speech "coloration"...to the >point where some people won't even mention skin color when describing >another person. "Of color" isn't just blacks - it's also Mexicans and other non-whities. I think some of the whiny liberal politicians I've heard use it have been African-Americans of color (as opposed to white immigrants from South Africa or Rhodesia.) From camera_lumina at hotmail.com Wed Aug 6 10:59:14 2003 From: camera_lumina at hotmail.com (Tyler Durden) Date: Wed, 06 Aug 2003 13:59:14 -0400 Subject: Black folks. Message-ID: Tim May wrote... "Where did this "of color" nonsense get started?" Like a lot of PC terms...from guilt-ridden white liberals. Black folks never use this term, as far as I've ever heard. Likewise with "physically challenged". My black karate Sensei used to periodically laugh at the shame and embarassment associated with any speech "coloration"...to the point where some people won't even mention skin color when describing another person. -TD >From: Tim May >To: cypherpunks at lne.com >Subject: Colored people >Date: Wed, 6 Aug 2003 10:39:16 -0700 > >On Tuesday, August 5, 2003, at 08:39 PM, Mac Norton wrote: > >>There was a weapons charge as well, which will always complicate matters >>considerably. The unconventional life is a more or less fine thing until >>it gets perpendicular to the conventional life, usually in the form of law >>enforcement agents. When that happens, and it almost surely will, what is >>necessary is a relatively big bunch of money, or a plea bargain. >> >>What happened here is happening to young men (yes, usually men, and as in >>this case, of color) > >Where did this "of color" nonsense get started? > >I thought colored people wanted to be called by other names, now they and >their whiteliberal supporters are routinely using the silly name "people of >color." > >(Of course, we live in an age where homosexuals call themselves "queers" >and propagate the name--Queer Nation, Queers of Color, Queer Eye for the >Pervert Guy, etc.--and yet file lawsuits when others call them queers. And >we live in an age where negroes call themselves and other negroes "niggers" >and name their minstrel acts "Niggaz with Attitude" but then insist that >persons of whiteness call them "NWA" so as not to use the "offensive" >"N-word.") > >If the coloreds want to be called that, fine with me. > > >--Tim May _________________________________________________________________ The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail From bill.stewart at pobox.com Wed Aug 6 14:16:14 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Wed, 06 Aug 2003 14:16:14 -0700 Subject: What if all things computable are computable in polynomial time? In-Reply-To: <3F3131A0.A2B02AC2@cdc.gov> Message-ID: <5.1.1.6.2.20030806140449.08ac6100@idiom.com> > >What if all things computable are computable in polynomial time? Lots of problems are only computable in exponential time, or at least superpolynomial time. The closest we'd get to your suggestion is that P might equal NP, or (for crypto) factoring might be in P. Sufficiently large polynomials are easier in theory than in practice - Karmarkar's polynomial solution to Linear Programming was something like N**12 or L*N**6 where L was a very large number. >We would have to go back to paper and OTP, but we would also get to >enjoy the excellent graphics, AI, number theory, etc, that we would win. We wouldn't have to go back to OTP, just symmetric-key keyservers which people used before public-key became well-known. While the public-key algorithms are based on math problems like factoring or discrete log, most of the symmetric-key algorithms are based on intractable ugliness, and on doing enough analysis to find out which kinds of ugliness and bit-twiddling are really intractable and which can be cracked. If the polynomial computability comes from quantum computers, some of the symmetric stuff seems to reduce from 2**N time to 2**(N/2) time, so we might need to upgrade from 3DES to 5DES or 7DES, but it's not big deal. From rah at shipwright.com Wed Aug 6 11:44:33 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Wed, 6 Aug 2003 14:44:33 -0400 Subject: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Conference In-Reply-To: References: <96602AD8-C82D-11D7-BD95-000A956B4C74@got.net> Message-ID: At 1:56 PM -0400 8/6/03, R. A. Hettinga wrote: >cannot prevent -3 negative miscount "can prevent" of course. Maybe I should apply for a job as a school superintendent... Cheers, RAH -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From hseaver at cybershamanix.com Wed Aug 6 12:48:55 2003 From: hseaver at cybershamanix.com (Harmon Seaver) Date: Wed, 6 Aug 2003 14:48:55 -0500 Subject: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Confer... In-Reply-To: <95.3100fd50.2c628d9e@aol.com> References: <95.3100fd50.2c628d9e@aol.com> Message-ID: <20030806194855.GA19890@cybershamanix.com> Why is it people are not using normal quoting procedure lately? This is at least the third message today I've seen like this -- no way to tell who said what. On Wed, Aug 06, 2003 at 12:58:06PM -0400, Freematt357 at aol.com wrote: > In a message dated 8/6/2003 12:51:29 PM Eastern Daylight Time, > timcmay at got.net writes: > Having Mercuri and Chaum ejected is the best thing that could have > happened. > Absolutely correct..You should try to think up ways to get them to be even > more hostile to them. > > Regards, Matt- -- Harmon Seaver CyberShamanix http://www.cybershamanix.com From hseaver at cybershamanix.com Wed Aug 6 12:49:34 2003 From: hseaver at cybershamanix.com (Harmon Seaver) Date: Wed, 6 Aug 2003 14:49:34 -0500 Subject: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Conference In-Reply-To: <5.2.1.1.0.20030806121758.0497a428@mail.comcast.net> References: <20030806155410.GA87892@lightship.internal.homeport.org> <5.2.1.1.0.20030806121758.0497a428@mail.comcast.net> Message-ID: <20030806194934.GB19890@cybershamanix.com> Here's another one. On Wed, Aug 06, 2003 at 12:20:30PM -0700, Steve Schear wrote: > At 09:46 2003-08-06 -0700, Tim May wrote: > I was intensely opposed to the gibberish about how the Republicans "stole" > the Florida vote, for multiple reasons. First, the Dems wanted to change > the rules after the outcome went against them...they wanted "hanging chads" > counted in their favor (ultimately, of course, this wouldn't have even > swayed the outcome, as careful studies by newspapers showed). Second, they > wanted the Elections Commission to somehow adjust the outcome based on exit > interviews with little old Jewish ladies who claimed they wanted to vote > for Algore but who actually voted for Pat Buchanan or Jeffery Dahmer or > whomever it was that was opposite Chad Gore on the ballot (note that > Democrats designed the ballot). Third, they wanted only precincts known to > be leaning toward Chad Gore recounted from scratch. (I would have _opposed_ > a statewide recount on general common sense and legal grounds, too, but for > sure I was aghast at the proposal to only recount selected precincts: > "We'll keep recounting until the outcome fluctuates in our favor!") > > This was certainly a farce, but the decision by the SC to intervene was > worse. The matter should have been thrown into the House of Representative > where the Constitution has provisions for its resolution (or lack thereof). > > steve > > > "Remember, democracy never lasts long. It soon wastes, exhausts and murders > itself. There never was a democracy yet that did not commit suicide." John > Adams -- Harmon Seaver CyberShamanix http://www.cybershamanix.com From mv at cdc.gov Wed Aug 6 15:50:35 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Wed, 06 Aug 2003 15:50:35 -0700 Subject: What if all things computable are computable in polynomial time? Message-ID: <3F31863B.BCF35247@cdc.gov> At 02:16 PM 8/6/03 -0700, Bill Stewart wrote: >> >What if all things computable are computable in polynomial time? > >We wouldn't have to go back to OTP, just symmetric-key keyservers >which people used before public-key became well-known. > >While the public-key algorithms are based on math problems like >factoring or discrete log, most of the symmetric-key algorithms >are based on intractable ugliness, and on doing enough analysis >to find out which kinds of ugliness and bit-twiddling are really >intractable and which can be cracked. Yes, but the cryptanalysis of symmetric ciphers involves exponentially-expanding "back trees". That is the whole point of "avalanche". If, somehow, "for any NP algorithm there were an equivalent P algorithm", then the block-cipher backtracking would be solvable in poly time. You could find the plaintext ASCII needle in the haystack of possibilities in poly time, no? .... Rambling Aside: RSA encryption is equivalent to spinning a marker on a modulus-sized wheel until it wraps, and decryption is equivalent to spinning the marker more until it points to the original message. "Spinning" is actually exponentiating, ie, advancing the marker some number of positions which depends on its current value. Beautiful stuff, only glimpses visible to this knave. Like IDEA, multiplication is avalanche. ------ "The generation of random numbers is too important to be left to chance." -Robert R. Coveyou ORNL mathematician From mv at cdc.gov Wed Aug 6 16:03:40 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Wed, 06 Aug 2003 16:03:40 -0700 Subject: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Conference Message-ID: <3F31894C.C2EF6BD3@cdc.gov> At 05:48 PM 8/6/03 -0400, Adam Shostack wrote: >Huh? Voters don't control the security of the voting system any more >than we control the security of the credit rating/id theft system. The only way to show vote fraud would be to get enough voters to document that the State lied. That would depend on getting enough voters to document their votes such that the non-participants' share in the survey is insignificant to the outcome, as is other noise. Documenting might involve cameras. But cameras might be disallowed because admitting them admits a "vote buying" attack, since votes can then be demonstrated to the payer, much like paper receipts. The current system works, to the extent it does, because of the adversarial and open nature of the supervisory parties. Paper, absentee ballots could be xeroxed as "proof". All fakable of course. Absentee ballots increase participation, and leave a better paper trail than computers, if anyone trustable cares to look. .... One question in voting threat analysis is how many conspirators are involved. Electronics lets you decrease that number. From sfurlong at acmenet.net Wed Aug 6 13:53:31 2003 From: sfurlong at acmenet.net (Steve Furlong) Date: Wed, 6 Aug 2003 16:53:31 -0400 Subject: Colored people and cripples In-Reply-To: <20030806192323.GC1296@rilke.lindows.com> References: <6E0FFDF7-C840-11D7-BD95-000A956B4C74@got.net> <20030806192323.GC1296@rilke.lindows.com> Message-ID: <200308061653.31830.sfurlong@acmenet.net> On Wednesday 06 August 2003 15:23, Cardenas wrote: > once again, we can count on Tim May to contribute the least > productive comment to this thread. I'm peeved with Tim, too. He's moving in on my turf! Tim wrote: >> (I may start pulling cores on their tires after seeing so many >> apparently-fully-mobile persons getting out of their cars and vans with >> the "Handicapped" placards. Nah, kneecap the fake crips instead. Let them deserve their special license plates. -- Steve Furlong Computer Condottiere Have GNU, Will Travel "If someone is so fearful that, that they're going to start using their weapons to protect their rights, makes me very nervous that these people have these weapons at all!" -- Rep. Henry Waxman From billy at dadadada.net Wed Aug 6 14:09:47 2003 From: billy at dadadada.net (Billy Goto) Date: Wed, 6 Aug 2003 17:09:47 -0400 Subject: politically corrent terms of color In-Reply-To: <5.1.1.6.2.20030806120133.02e6d688@idiom.com> References: <5.1.1.6.2.20030806120133.02e6d688@idiom.com> Message-ID: <20030806210947.GA12457@mail.dadadada.net> On Wed, Aug 06, 2003 at 01:58:01PM -0700, Bill Stewart wrote: > "Of color" isn't just blacks - it's also Mexicans and other non-whities. > I think some of the whiny liberal politicians I've heard use it > have been African-Americans of color (as opposed to white immigrants > from South Africa or Rhodesia.) As a white man, I find the implication that I'm lacking some "color" based on my race to be offensive. I often hear "of color" used (Pacifica radio is quite guilty) as a term of exclusion and division, implying that white people are soulless: they can't jump, can't dance, can't fuck, and can't understand social justice. Frankly, as a racist term. From mfidelman at ntcorp.com Wed Aug 6 14:29:46 2003 From: mfidelman at ntcorp.com (mfidelman at ntcorp.com) Date: Wed, 6 Aug 2003 17:29:46 -0400 (EDT) Subject: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Confer... In-Reply-To: <171.223e2cbb.2c628639@aol.com> Message-ID: On Wed, 6 Aug 2003 Freematt357 at aol.com wrote: > And somebody should work on producing an alternative hybrid voting > machine that is hard copy paper verifiable. I think we have to give > these local governments a viable alternative, a machine that can't be > used for Machiavellian machinations. I think it's called an OCR reader. Not only is the audit trail created as part of voting, but it's easy to do an audit/recount - ideally different software than used for the initial count. From bill.stewart at pobox.com Wed Aug 6 17:36:59 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Wed, 06 Aug 2003 17:36:59 -0700 Subject: What if all things computable are computable in polynomial time? In-Reply-To: <3F31863B.BCF35247@cdc.gov> Message-ID: <5.1.1.6.2.20030806173042.08ab4830@idiom.com> At 03:50 PM 08/06/2003 -0700, Major Variola (ret) wrote: >Yes, but the cryptanalysis of symmetric ciphers involves >exponentially-expanding "back trees". >That is the whole point of "avalanche". If, somehow, "for any NP >algorithm there were an equivalent P algorithm", >then the block-cipher backtracking would be solvable in poly time. >You could find the plaintext ASCII needle in the haystack >of possibilities in poly time, no? No. NP is the set of problems which can be solved in poly time on a non-deterministic Turing machine, i.e. which can be solved in poly time if the magic oracle correctly tells them a poly number of answer bits. Not all exponential problems fit this model. From ravage at einstein.ssz.com Wed Aug 6 15:46:10 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Wed, 6 Aug 2003 17:46:10 -0500 (CDT) Subject: Trouble at HavenCo? In-Reply-To: <6bdf631d00e563588af9aa6a3df601c6@remailer.metacolo.com> Message-ID: On Wed, 6 Aug 2003, Anonymous Sender wrote: > Rely on math, not humans. And who does the math? -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From adam at homeport.org Wed Aug 6 14:48:29 2003 From: adam at homeport.org (Adam Shostack) Date: Wed, 6 Aug 2003 17:48:29 -0400 Subject: Computer Voting Expert, Dr. Rebecca Mercuri, Ousted From Elections Conference In-Reply-To: <5.2.1.1.0.20030806134344.049ad038@mail.comcast.net> References: <5.2.1.1.0.20030806134344.049ad038@mail.comcast.net> Message-ID: <20030806214829.GA93618@lightship.internal.homeport.org> On Wed, Aug 06, 2003 at 01:49:26PM -0700, Steve Schear wrote: | At 11:54 2003-08-06 -0400, Adam Shostack wrote: | >Well, if you can't win on the truth, win on the procedures. | > | >At least Dr. Mercuri is in fine company there, ranging all the way | >back to Socrates and Galileo. Little consolation, I know, as our | >democracy gets replaced by a kleptocracy, but what can you do? | > | >Maybe she should set up stealdemocracy.com, a new voting machine | >company. Sell machines that explicitly let you steal elections. Get | >some press. | | A better solution, already available to voters, is to request an absentee | voter form. If a substantial number of voters asked to vote this way it | would overwhelm the voting machinery and completely negate any cost savings | expected from the distrusted automated systems. Huh? Voters don't control the security of the voting system any more than we control the security of the credit rating/id theft system. And similarly, your choice to not play doesn't protect you. Tim's idea of using the voting system's security to accelerate the de-legitimization of the system is a fine one, although it has the risk that the statists will get awfully violent as we try to ignore them out of existance. I don't see how an absentee ballot is going to make anything any better. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume From adam at cypherspace.org Wed Aug 6 11:05:27 2003 From: adam at cypherspace.org (Adam Back) Date: Wed, 6 Aug 2003 19:05:27 +0100 Subject: What happened to the Cryptography list...? In-Reply-To: References: <5.1.1.6.2.20030806012119.02dd0e20@idiom.com> Message-ID: <20030806180527.GA11176348@exeter.ac.uk> The problems with closed lists relying on a single human for forwarding and filtering... Couldn't he just let people post in his absence? It kind of detracts from a list if it disappears for weeks at a time on a regular basis. Also there are delays, and then there's Perry decisions that a discussion is no longer worth persuing when contributors are still interested to discuss. Adam On Wed, Aug 06, 2003 at 11:18:32AM -0400, R. A. Hettinga wrote: > At 9:55 AM -0400 8/6/03, R. A. Hettinga wrote: > >Perry got sick a while back, and, if he's not in jail or something, :-), I bet that's it. > > Let me clarify that. A while ago, Perry got sick. The list was down for quite a while. Then he got better, and the list came back. I bet that's what's happening now. If he's not in jail. :-). > > Cheers, > RAH > But, seriously, folks... > -- > ----------------- > R. A. Hettinga > The Internet Bearer Underwriting Corporation > 44 Farquhar Street, Boston, MA 02131 USA > "... however it may deserve respect for its usefulness and antiquity, > [predicting the end of the world] has not been found agreeable to > experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From ravage at einstein.ssz.com Wed Aug 6 19:58:14 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Wed, 6 Aug 2003 21:58:14 -0500 (CDT) Subject: Slashdot | Bent Fibers Put Networks At Risk (fwd) Message-ID: Duh!... http://slashdot.org/articles/03/08/06/138230.shtml?tid=126&tid=137&tid=95 -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From nobody at dizum.com Wed Aug 6 15:50:04 2003 From: nobody at dizum.com (Nomen Nescio) Date: Thu, 7 Aug 2003 00:50:04 +0200 (CEST) Subject: Colored people and cripples In-Reply-To: <6E0FFDF7-C840-11D7-BD95- <20030806192323.GC1296@rilke.lindows.com> References: <6E0FFDF7-C840-11D7-BD95-0 <20030806192323.GC1296@rilke.lindows.com> Message-ID: <988d54628f48c5bc893afd0b0adc9d37@dizum.com> On Wed, 6 Aug 2003 12:23:23 -0700, Cardenas wrote: >once again, we can count on Tim May to contribute the least productive >comment to this thread. Until you opened your trap of course. From ravage at einstein.ssz.com Thu Aug 7 04:08:01 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Thu, 7 Aug 2003 06:08:01 -0500 (CDT) Subject: [eff-austin] UTSA sponsoring Texas Security Symposium (fwd) Message-ID: ---------- Forwarded message ---------- Date: Thu, 07 Aug 2003 06:14:53 +0000 Subject: [eff-austin] UTSA sponsoring Texas Security Symposium UTSA sponsoring Texas Security Symposium The University of Texas at San Antonio Center for Infrastructure Assurance and Security (CIAS) is sponsoring a Texas Security Symposium on Aug. 8 in the Laurel Room of the University Center at the school's Loop 1604 campus. Speaking at the symposium will be Robert Weaver, deputy special agent in charge of the New York Electronic Crimes Task Force for the United State Secret Service. At the symposium topics covered include reports on the state of Texas' infrastructure protection, security exercises and the "Dark Screen" project. Breakout sessions will be offered in both executive and technical tracks. In 2001 CIAS was established to leverage San Antonio's infrastructure assurance strengths and to bolster research and educational initiatives in this field. The multidisciplinary research center partners with the San Antonio community to address the technical and policy issues of information assurance. The registration cost of the daylong conference is $100. For more information and to register for symposium, visit the CIAS web site at http://www.utsa.edu/cias. _________________________________________________________________ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail From ravage at einstein.ssz.com Thu Aug 7 04:13:37 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Thu, 7 Aug 2003 06:13:37 -0500 (CDT) Subject: Inferno: Onion: Former President Carter To Be Tried For Peace Crimes (fwd) Message-ID: ---------- Forwarded message ---------- Date: Wed, 6 Aug 2003 15:11:44 -0500 (CDT) Subject: Inferno: Onion: Former President Carter To Be Tried For Peace Crimes from cj, http://www.theonion.com/onion3930/former_president.html From ravage at einstein.ssz.com Thu Aug 7 04:28:50 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Thu, 7 Aug 2003 06:28:50 -0500 (CDT) Subject: Boston Globe Online / Much ado about data (fwd) (Linguistic Analysis) Message-ID: http://www.boston.com/dailyglobe2/217/science/Much_ado_about_data+.shtml -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From ravage at einstein.ssz.com Thu Aug 7 04:29:14 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Thu, 7 Aug 2003 06:29:14 -0500 (CDT) Subject: BYU News: Death of writing systems linked to viability of civilizations (fwd) Message-ID: http://byunews.byu.edu/releases/release.aspx?y=archive03&m=Aug&f=Houstonphoto -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From sunder at sunder.net Thu Aug 7 06:39:38 2003 From: sunder at sunder.net (Sunder) Date: Thu, 7 Aug 2003 09:39:38 -0400 (edt) Subject: politically corrent terms of color In-Reply-To: <20030806210947.GA12457@mail.dadadada.net> Message-ID: Or you can flip that arguement on its head and say it's the politially correct hidden racist honkey's way of saying non-white in the usual nasty way, opressing the brothers. ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------ On Wed, 6 Aug 2003, Billy Goto wrote: > As a white man, I find the implication that I'm lacking some "color" > based on my race to be offensive. I often hear "of color" used > (Pacifica radio is quite guilty) as a term of exclusion and division, > implying that white people are soulless: they can't jump, can't dance, > can't fuck, and can't understand social justice. Frankly, as a racist > term. From sunder at sunder.net Thu Aug 7 09:05:30 2003 From: sunder at sunder.net (Sunder) Date: Thu, 7 Aug 2003 12:05:30 -0400 (edt) Subject: Can't free "Mike" anymore. He copped a plea Message-ID: http://www.foxnews.com/story/0,2933,93944,00.html 7 years instead of over 20. http://www.freemikehawash.org/ ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------ From s.schear at comcast.net Thu Aug 7 13:49:51 2003 From: s.schear at comcast.net (Steve Schear) Date: Thu, 07 Aug 2003 13:49:51 -0700 Subject: So, if Arnold wins can he claim Total Recall ;-) In-Reply-To: Message-ID: <5.2.1.1.0.20030807134911.047df8d0@mail.comcast.net> "A democracy cannot exist as a permanent form of government. It can only exist until the voters discover that they can vote themselves money from the Public Treasury. From that moment on, the majority always votes for the candidate promising the most benefits from the Public Treasury with the result that a democracy always collapses over loose fiscal policy always followed by dictatorship." --Alexander Fraser Tyler From zenadsl6186 at zen.co.uk Thu Aug 7 06:00:52 2003 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Thu, 07 Aug 2003 14:00:52 +0100 Subject: [eff-austin] Antispam Bills: Worse Than Spam? In-Reply-To: <20030806215244.GA4200@malaprop.org> Message-ID: Peter Harkins wrote: > On Tue, Aug 05, 2003 at 07:06:46PM -0700, mindfuq at comcast.net wrote: >> The state must protect my freedom of speech. So when I make a claim >> against AOL for conducting a DoS attack against me, the state must >> rule in my favor, or else they are failing to protect my free speech >> rights. > > OK, for anyone who wasn't sure, it's time to stop feeding the trolls. > Troll or not, if AOL censored email in the UK* it would be illegal interception. 2 years for every interception. IMO, that's the only good thing to come from the RIP Act (the one with not-(yet)-implemented GAK). Freedom to do your own thing is great, but what if the baby bells refused to connect you to another baby bell? The benefits of a unified 'phone service are such that legislation prevents baby bells doing that, and most of us would agree with that legislation. IMO, email should be similar. But it don't solve the spam problem :-( -- Peter Fairbrother *They do censor UK email, but they do it in the US. The relevant legal phrase is "public telecommunications service provider", not "common carrier". If you offer a telecomms service (eg email) to the public in the UK then you are a PTSP, and RIPA applies to you. No choice. From s.schear at comcast.net Thu Aug 7 14:10:51 2003 From: s.schear at comcast.net (Steve Schear) Date: Thu, 07 Aug 2003 14:10:51 -0700 Subject: Someone at the Pentagon read Shockwave Rider over the weekend In-Reply-To: References: Message-ID: <5.2.1.1.0.20030807140915.05c9a0a8@mail.comcast.net> At 12:21 2003-07-29 -0700, Tim May wrote: >The problem is not with the idea of using markets and bets and Bayesian >logic to help do "price discovery" on things like when the Athlon-64 will >actually reach consumers, or when the new King of Jordan will be whacked, >and so on. The problem is, rather, with _government_ establishing a >monopoly on such things while putting suckers like Jim Bell in jail >basically for espousing such ideas. > >And, as I noted, there are significant problems with government employees >in a betting pool (gee, aren't even office baseball pools technically >illegal? Haven't they prosecuted some people for this? Yep, they have) >where they also have control over the outcome. Jim Bell used this as a >payoff mechanism for assassinations ("Alice bets $1000 that Paul Wolfowitz >will be murdered with his family on August 10, 2003")...the same logic >applies to the government's dead pool. The ideal securities market is one which does a good job of allocating capital in the economy. This function is enabled by "market efficiency", the situation where the market price of each security accurately reflects the risk and return in its future. The primary function of regulation and policy is to foster market efficiency, hence we must evaluate the impact of insider trading upon market efficiency. Insider trading is often equated with market manipulation, yet the two phenomena are completely different. Manipulation is intrinsically about making market prices move away from their fair values; manipulators reduce market efficiency. Insider trading brings prices closer to their fair values; insiders enhance market efficiency. In traditional markets, insider trading appears unfair, especially to speculators outside a company who face difficult competition in the form of inside traders. Individual speculators and fund managers alike face inferior returns when markets are more efficient owing to the actions of inside traders. This does not, in itself, imply that insider trading is harmful. Insider trading clearly hurts individual and institutional speculators, but the interests of the economy and the interests of these professional traders are not congruent. Indeed, inside traders competing with professional traders is not unlike foreign goods competing on the domestic market -- the economy at large benefits even though one class of economic agents suffers. steve "A democracy cannot exist as a permanent form of government. It can only exist until the voters discover that they can vote themselves money from the Public Treasury. From that moment on, the majority always votes for the candidate promising the most benefits from the Public Treasury with the result that a democracy always collapses over loose fiscal policy always followed by dictatorship." --Alexander Fraser Tyler From mv at cdc.gov Thu Aug 7 14:18:38 2003 From: mv at cdc.gov (Major Variola (ret.)) Date: Thu, 07 Aug 2003 14:18:38 -0700 Subject: Ashcroft snuffs free speech, film at 11 Message-ID: <3F32C22D.DEDFC2F1@cdc.gov> Film Wholesaler Charged With Obscenity The U.S. Justice Department said that its 10-count indictment against Extreme Associates and its owners is part of a renewed enforcement of federal obscenity laws. Federal prosecutors said today they have charged a North Hollywood wholesaler of adult films with violating federal obscenity laws as the government steps up a campaign against the major distributors of adult entertainment. http://www.latimes.com/news/local/la-080703obscene_lat,1,708205.story?coll=la-headlines-california Of course there are limits in regards to freedom of speech. They are as follows: "Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances." Everything else is, of course, allowed. -Sunder From ptrei at rsasecurity.com Thu Aug 7 14:07:05 2003 From: ptrei at rsasecurity.com (Trei, Peter) Date: Thu, 7 Aug 2003 17:07:05 -0400 Subject: So, if Arnold wins can he claim Total Recall ;-) Message-ID: I'm trying to envisage the candidate's debate lineup. So far, among others, we have Ahhhnold Gary Coleman (yes! really!) Larry Flynt -------------- Peter (not a candidate) From timcmay at got.net Thu Aug 7 17:52:44 2003 From: timcmay at got.net (Tim May) Date: Thu, 7 Aug 2003 17:52:44 -0700 Subject: Superpowers distribute 750,000 shoulder-fired missiles, cook their own gooses Message-ID: <9F0C9372-C93A-11D7-BD95-000A956B4C74@got.net> Reports today that commercial aviation is in dire danger of being grounded as freedom fighters deploy even a small fraction of the (estimated) 750,000 shoulder-fired missiles to down commercial airliners. (Having sat on Pacific Coast Highway below the takeoff path of LAX jumbo jets, I can attest to the fact that they are literally just a few hundred feet above. Any van with a moonroof could trivially be set up to allow a pop shot at one of these 747s or 767s, leaving every couple of minutes.) The U.S. and U.S.S.R. were handing these SFMs to any freedom fighter group that would temporarily swear allegiance to the CIA or KGB. Now the chickens are coming home to roost. I stopped flying in 2000. --Tim May "That the said Constitution shall never be construed to authorize Congress to infringe the just liberty of the press or the rights of conscience; or to prevent the people of the United States who are peaceable citizens from keeping their own arms." --Samuel Adams From ravage at einstein.ssz.com Thu Aug 7 16:17:47 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Thu, 7 Aug 2003 18:17:47 -0500 (CDT) Subject: The Declan McCullagh Fatwa. In-Reply-To: <5.2.0.9.0.20030808023403.01f72460@mail.nex.com.au> Message-ID: > "Fascism should more appropriately be called corporatism because it is a > merger of state and corporate power." > > -- Benito Mussolini What a person to agree with...the epitome of God $$$ Fascism. Them trains, they do run on time. Or is that 'spam'... -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From ravage at einstein.ssz.com Thu Aug 7 16:26:15 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Thu, 7 Aug 2003 18:26:15 -0500 (CDT) Subject: Judge Tightens Oversight of NYPD After Anti-War Interrogations (fwd) Message-ID: I think the judges commentary is most revealing ;) http://ap.tbo.com/ap/breaking/MGAJQE883JD.html -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From timcmay at got.net Thu Aug 7 19:50:24 2003 From: timcmay at got.net (Tim May) Date: Thu, 7 Aug 2003 19:50:24 -0700 Subject: Superpowers distribute 750,000 shoulder-fired missiles, cook their own gooses In-Reply-To: <200308072215.27411.sfurlong@acmenet.net> Message-ID: <0F504A1C-C94B-11D7-BD95-000A956B4C74@got.net> On Thursday, August 7, 2003, at 07:15 PM, Steve Furlong wrote: > On Thursday 07 August 2003 20:52, Tim May wrote: > >> Any van with a moonroof could trivially be >> set up to allow a pop shot > > Backblast. A suicide shooter could do it, but it would be non-trivial > to > pop out, shoot, survive it, and keep your van's paint good enough to > avoid notice. > Whatever. A trivial concern, evidence shows. Hell, they blow themselves up just to kill a Jew or three. --Tim May From sfurlong at acmenet.net Thu Aug 7 19:15:27 2003 From: sfurlong at acmenet.net (Steve Furlong) Date: Thu, 7 Aug 2003 22:15:27 -0400 Subject: Superpowers distribute 750,000 shoulder-fired missiles, cook their own gooses In-Reply-To: <9F0C9372-C93A-11D7-BD95-000A956B4C74@got.net> References: <9F0C9372-C93A-11D7-BD95-000A956B4C74@got.net> Message-ID: <200308072215.27411.sfurlong@acmenet.net> On Thursday 07 August 2003 20:52, Tim May wrote: > Any van with a moonroof could trivially be > set up to allow a pop shot Backblast. A suicide shooter could do it, but it would be non-trivial to pop out, shoot, survive it, and keep your van's paint good enough to avoid notice. -- Steve Furlong Computer Condottiere Have GNU, Will Travel "If someone is so fearful that, that they're going to start using their weapons to protect their rights, makes me very nervous that these people have these weapons at all!" -- Rep. Henry Waxman From rsw at jfet.org Thu Aug 7 20:11:39 2003 From: rsw at jfet.org (Riad S. Wahby) Date: Thu, 7 Aug 2003 23:11:39 -0400 Subject: Superpowers distribute 750,000 shoulder-fired missiles, cook their own gooses In-Reply-To: <200308072215.27411.sfurlong@acmenet.net>; from sfurlong@acmenet.net on Thu, Aug 07, 2003 at 10:15:27PM -0400 References: <9F0C9372-C93A-11D7-BD95-000A956B4C74@got.net> <200308072215.27411.sfurlong@acmenet.net> Message-ID: <20030807231139.D20923@positron.mit.edu> Steve Furlong wrote: > Backblast. A suicide shooter could do it, but it would be non-trivial to > pop out, shoot, survive it, and keep your van's paint good enough to > avoid notice. This is why "soft launch" systems were created. http://web.jfet.org/video/JavelLiveFireVsT72.avi Javelin is also surface-to-air capable. See http://www.geocities.com/morteza69ca/canadarmy/javelin.html -- Riad Wahby rsw at jfet.org MIT VI-2 M.Eng From kelsey.j at ix.netcom.com Thu Aug 7 21:02:43 2003 From: kelsey.j at ix.netcom.com (John Kelsey) Date: Fri, 08 Aug 2003 00:02:43 -0400 Subject: What if all things computable are computable in polynomial time? In-Reply-To: <3F31863B.BCF35247@cdc.gov> Message-ID: <5.2.0.9.0.20030807235608.045d3e60@pop.ix.netcom.com> At 03:50 PM 8/6/03 -0700, Major Variola (ret) wrote: >At 02:16 PM 8/6/03 -0700, Bill Stewart wrote: ... > >While the public-key algorithms are based on math problems like > >factoring or discrete log, most of the symmetric-key algorithms > >are based on intractable ugliness, and on doing enough analysis > >to find out which kinds of ugliness and bit-twiddling are really > >intractable and which can be cracked. > >Yes, but the cryptanalysis of symmetric ciphers involves >exponentially-expanding "back trees". >That is the whole point of "avalanche". If, somehow, "for any NP >algorithm there were an equivalent P algorithm", then the block-cipher >backtracking >would be solvable in poly time. You could find the plaintext ASCII needle in >the haystack of possibilities in poly time, no? There's no reason to think those backtrees wouldn't get too hard to follow even without superpolynomial problems to solve. After all, finding a collision in SHA-512 is O(1), as is brute-forcing a 256-bit AES key. There's just a really big constant term. Honestly, I think for real-world cryptography, we need about an N^3 advantage or so between defenders and attackers--the defenders do 2^{25} work, and the attackers have to do 2^{75}, say, to break it. Merkle's puzzles and all the related schemes give you N^2, and that's not *quite* enough to be useful. ... --John Kelsey, kelsey.j at ix.netcom.com PGP: FA48 3237 9AD5 30AC EEDD BBC8 2A80 6948 4CAA F259 From bill.stewart at pobox.com Fri Aug 8 00:32:55 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Fri, 08 Aug 2003 00:32:55 -0700 Subject: Superpowers distribute 750,000 shoulder-fired missiles, cook their own gooses In-Reply-To: <200308072215.27411.sfurlong@acmenet.net> References: <9F0C9372-C93A-11D7-BD95-000A956B4C74@got.net> <9F0C9372-C93A-11D7-BD95-000A956B4C74@got.net> Message-ID: <5.1.1.6.2.20030808003026.02e31680@idiom.com> At 10:15 PM 08/07/2003 -0400, Steve Furlong wrote: >On Thursday 07 August 2003 20:52, Tim May wrote: > > > Any van with a moonroof could trivially be > > set up to allow a pop shot > >Backblast. A suicide shooter could do it, but it would be non-trivial to >pop out, shoot, survive it, and keep your van's paint good enough to >avoid notice. You just need an ugly enough van that a bit of extra paint damage on the roof doesn't show. It's much easier than trying to keep good paint from becoming bad looking. Or open and shoot out the back door. From bill.stewart at pobox.com Fri Aug 8 00:40:21 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Fri, 08 Aug 2003 00:40:21 -0700 Subject: The Declan McCullagh Fatwa. In-Reply-To: References: <5.2.0.9.0.20030808023403.01f72460@mail.nex.com.au> Message-ID: <5.1.1.6.2.20030808003619.02e30530@idiom.com> At 06:17 PM 08/07/2003 -0500, Jim Choate wrote: > > "Fascism should more appropriately be called corporatism because it is a > > merger of state and corporate power." > > -- Benito Mussolini > >What a person to agree with...the epitome of God $$$ Fascism. >Them trains, they do run on time. >Or is that 'spam'... The general comment I've heard about Italian Fascism's effectiveness was that they never did actually get the trains to run on time - it was just political promises, any more than the Elder Bush's "No New Taxes" meant that the US actually wouldn't have any new taxes. From decoy at iki.fi Thu Aug 7 16:38:07 2003 From: decoy at iki.fi (Sampo Syreeni) Date: Fri, 8 Aug 2003 02:38:07 +0300 (EEST) Subject: Someone at the Pentagon read Shockwave Rider over the weekend In-Reply-To: <5.2.1.1.0.20030807140915.05c9a0a8@mail.comcast.net> References: <5.2.1.1.0.20030807140915.05c9a0a8@mail.comcast.net> Message-ID: On 2003-08-07, Steve Schear uttered: >Insider trading brings prices closer to their fair values; insiders >enhance market efficiency. Precisely. In terms of the efficient market hypothesis, all arbitrage possibilities will usually have been exploited by others, so the only consistent way to get a net win is to bring new information into the market. Nowadays insiders can do that, so they win. But the only reason they have their fresh information is that corporations do not give out the details of their work as they unveil, before individual decision makers can easily interfere with their knowledge of the aggregates. Hence, the free market actually encourages full disclosure, in the exact form the No Logo -- or whathaveyou -- anti-globalisation folks want. In the free market, full disclosure boils down to shareholders disliking insider trading, which ought to be a powerful incentive to any management. What the anti-capitalist people do not seem to get is that the *real* problem originates with SEC oversight and its international counterparts, and not with the private market. It's tragic, really. The market usually tends to more democracy and openness than democracy itself, yet the people raving about the necessity of democratic decision making always push for more oversight. While doing so, they hurt their own interests, and ours too. That's just stupid, plain and simple. -- Sampo Syreeni, aka decoy - mailto:decoy at iki.fi, tel:+358-50-5756111 student/math+cs/helsinki university, http://www.iki.fi/~decoy/front openpgp: 050985C2/025E D175 ABE5 027C 9494 EEB0 E090 8BA9 0509 85C2 From sunder at sunder.net Fri Aug 8 07:20:29 2003 From: sunder at sunder.net (Sunder) Date: Fri, 8 Aug 2003 10:20:29 -0400 (edt) Subject: Superpowers distribute 750,000 shoulder-fired missiles, cook their own gooses In-Reply-To: <9F0C9372-C93A-11D7-BD95-000A956B4C74@got.net> Message-ID: No, no, no. This is all planned. After all, how can you have a war on terrorism in order to clamp down on freedoms, if there is no terror? How can you incite patriotism and support of the government? How else can you bring about the police state? And while you're at it, you can make most people far more maleable if it happens during an economically shaky time. And having a war that costs nearly a trillion dollars plus another billion every two weeks or so might just do the trick. Of course the above is all hypothetical, nothing like this could happen in real life. ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------ On Thu, 7 Aug 2003, Tim May wrote: > Reports today that commercial aviation is in dire danger of being > grounded as freedom fighters deploy even a small fraction of the > (estimated) 750,000 shoulder-fired missiles to down commercial > airliners. From emc at artifact.psychedelic.net Fri Aug 8 19:42:32 2003 From: emc at artifact.psychedelic.net (Eric Cordian) Date: Fri, 8 Aug 2003 19:42:32 -0700 (PDT) Subject: President Terminator Message-ID: <200308090242.h792gW8r010646@artifact.psychedelic.net> In response to a question about whether she would favor a Constitutional amendment defining marriage as between a man and a woman, a Fox Fake News Channel bimbo responded, "I want a Constitutional amendment so Arnold can be President." Rabbi Marvin Hier of the Simon Wiesenthal Center has characterized Arnold as having "done more to further the cause of Holocaust awareness than almost any other Hollywood star." Rabbi Hier also points out that Arnold makes regular substantial constributions to the Wiesenthal Center, and has raised millions for the Holocaust Memorial Trust in Los Angeles. So how exactly, one might ask, does Arnold's view of America's Manifest Destiny to rule the world and his unconditional love of the Jewish people and Israel differ from Bush's view of America's Manifest Destiny to rule the world and his unconditional love of the Jewish people and Israel. Or the view of any other major Neocon? Watch for this President Arnold movement to gather steam. Who knows, once the naturally born restriction on Presidents is removed, Ariel Sharon could be the US President after Arnold, bringing the Neoconservative nonsense full circle. -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division "Do What Thou Wilt Shall Be The Whole Of The Law" From s.schear at comcast.net Fri Aug 8 20:57:19 2003 From: s.schear at comcast.net (Steve Schear) Date: Fri, 08 Aug 2003 20:57:19 -0700 Subject: Distributed Denial of Existence, the makings of an AP opportunity? Message-ID: <5.2.1.1.0.20030808205458.04aa0c88@mail.comcast.net> One of the most frequent sights on kuro5hin is that of one user or group of users complaining, often loudly and viciously, about another. One need not look very hard in order to find scores upon scores of users who absolutely loathe each other. Thanks to this pre-existing community of people who hate each other passionately, I believe that we stand on a potentially lucrative and far-reaching social experiment: the Distributed Denial of Existence. http://www.kuro5hin.org/story/2003/7/31/16429/1028 A foolish Constitutional inconsistency is the hobgoblin of freedom, adored by judges and demagogue statesmen. - Steve Schear From camera_lumina at hotmail.com Fri Aug 8 18:53:11 2003 From: camera_lumina at hotmail.com (Tyler Durden) Date: Fri, 08 Aug 2003 21:53:11 -0400 Subject: Superpowers distribute 750,000 shoulder-fired missiles, cook their own gooses Message-ID: "Having sat on Pacific Coast Highway below the takeoff path of LAX jumbo jets, I can attest to the fact that they are literally just a few hundred feet above. Any van with a moonroof could trivially be set up to allow a pop shot at one of these 747s or 767s, leaving every couple of minutes.)" Most people in this neck of the woods continue to believe that that flight that went down over Long Island a few years ago was actually shot down...many witnesses saw a rocket go up and hit the plane. The government, of course, denies it. God forbid the airlines collapse. Meanwhile, that flight that went down over the Rockaways on 10/11/01 was obviously sabotaged...nobody wanted to question the paper-thin myth of both engines and the tail all falling off simultaneously..."that was a mean headwind!" The chickens have been coming home to roost for a while now. -TD >From: Tim May >To: cypherpunks at lne.com >Subject: Superpowers distribute 750,000 shoulder-fired missiles, cook >their own gooses >Date: Thu, 7 Aug 2003 17:52:44 -0700 > >Reports today that commercial aviation is in dire danger of being grounded >as freedom fighters deploy even a small fraction of the (estimated) 750,000 >shoulder-fired missiles to down commercial airliners. > >(Having sat on Pacific Coast Highway below the takeoff path of LAX jumbo >jets, I can attest to the fact that they are literally just a few hundred >feet above. Any van with a moonroof could trivially be set up to allow a >pop shot at one of these 747s or 767s, leaving every couple of minutes.) > >The U.S. and U.S.S.R. were handing these SFMs to any freedom fighter group >that would temporarily swear allegiance to the CIA or KGB. > >Now the chickens are coming home to roost. > >I stopped flying in 2000. > > >--Tim May >"That the said Constitution shall never be construed to authorize Congress >to infringe the just liberty of the press or the rights of conscience; or >to prevent the people of the United States who are peaceable citizens from >keeping their own arms." --Samuel Adams _________________________________________________________________ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus From camera_lumina at hotmail.com Fri Aug 8 19:05:50 2003 From: camera_lumina at hotmail.com (Tyler Durden) Date: Fri, 08 Aug 2003 22:05:50 -0400 Subject: How can you tell if your alarm company's... Message-ID: ...in cahoots with the "authorities"? In other words, lets say I leave my house for an extended period of time, and "they" tell the Alarm Monitoring company to shut down for a while so they can protect our freedoms. (I assume this is the way they would go about installing various things in one's house while away...wrong?) How can I tell if my alarm has been "down" for a period of time, assuming I don't believe the records of the alarm company in such cases? -TD _________________________________________________________________ The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail From john at kozubik.com Fri Aug 8 23:01:41 2003 From: john at kozubik.com (John Kozubik) Date: Fri, 8 Aug 2003 23:01:41 -0700 (PDT) Subject: How can you tell if your alarm company's... In-Reply-To: Message-ID: <20030808225907.D60664-100000@kozubik.com> On Fri, 8 Aug 2003, Tyler Durden wrote: > ...in cahoots with the "authorities"? Most intelligent and savvy people I know "roll their own" Tivo (PVR, etc.) - I think the answer to your question is that it would be reasonable (and trivial) to roll your own alarm system. ----- John Kozubik -john at kozubik.com - http://www.kozubik.com From roy at rant-central.com Sat Aug 9 05:52:32 2003 From: roy at rant-central.com (Roy M. Silvernail) Date: Sat, 9 Aug 2003 08:52:32 -0400 Subject: How can you tell if your alarm company's... In-Reply-To: <20030808225907.D60664-100000@kozubik.com> References: <20030808225907.D60664-100000@kozubik.com> Message-ID: <200308090852.32161.roy@rant-central.com> On Saturday 09 August 2003 02:01, John Kozubik wrote: > On Fri, 8 Aug 2003, Tyler Durden wrote: > > ...in cahoots with the "authorities"? > > Most intelligent and savvy people I know "roll their own" Tivo (PVR, etc.) > - I think the answer to your question is that it would be reasonable (and > trivial) to roll your own alarm system. But it's not trivial to roll your own 24/7 monitoring company with the ability to call in the cops. If the monitoring company is compromised, you're \033653337357 anyway, but without them, all you have is one of those car alarms that everyone ignores. The multi-layered approach is the way to go. Your home-rolled layer probably wouldn't be able to call 911 for you, at least not without tipping your hand. Most places, the police require a formal agreement before they will respond to automated alarms, and some departments simply won't. But it could notify you of an invasion and archive the surveillance videos to a remote site. At least you'd know you'd been compromised and could take appropriate steps. From sunder at sunder.net Sat Aug 9 07:23:03 2003 From: sunder at sunder.net (Sunder) Date: Sat, 9 Aug 2003 10:23:03 -0400 (edt) Subject: How can you tell if your alarm company's... In-Reply-To: Message-ID: Add your own 2nd alarm system. You can even use the sensors of your existing one to interface with a computer (just the sensors, mind you, not the actual controllers.) Got a DSL line? Got a modem? Got a cell phone? Got a pager? Got network capable cameras? Got access to another computer outside your house that can also watch when your DSL line is down and notify you? Got a small computer you could hide somewhere non obvious? Like inside a wall? Maybe a still useable old laptop with a broken screen that you could pick up off ebay for cheap? Got an imagination and some wiring/programming skills? ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------ On Fri, 8 Aug 2003, Tyler Durden wrote: > ...in cahoots with the "authorities"? > > In other words, lets say I leave my house for an extended period of time, > and "they" tell the Alarm Monitoring company to shut down for a while so > they can protect our freedoms. (I assume this is the way they would go about > installing various things in one's house while away...wrong?) > > How can I tell if my alarm has been "down" for a period of time, assuming I > don't believe the records of the alarm company in such cases? From mindfuq at comcast.net Sat Aug 9 11:26:00 2003 From: mindfuq at comcast.net (mindfuq at comcast.net) Date: Sat, 9 Aug 2003 11:26:00 -0700 Subject: In the matter of Mr. Fuq In-Reply-To: <5.1.1.6.2.20030806094518.02eb42c8@idiom.com> References: <200308060634.00936.roy@rant-central.com> <5.1.1.6.2.20030806094518.02eb42c8@idiom.com> Message-ID: <20030809182600.GB2382@tango.gombos.name> * Bill Stewart [2003-08-06 21:24]: > > Yup. Mr. Fuq is arguing at least two things: > - If Bob sends a message to Alice that Alice thinks is Spam, You're close.. If Bob sends a message that meets the (yet to be created) legal criteria for spam AND Alice thinks it is spam... > Alice has a right to sue Bob for spamming. I'm not saying she has this right, I'm saying she *should*. > - If Bob sends a message to Alice the Bob thinks is legitimate, > and Alice's ISP doesn't think so and discards it, > this is a criminal denial of service activity. Correct. However, the intent of denial of service laws is arguable and not concrete, so I would add a clause to the law which specifically includes denial of service on the part of the carrier to remove any doubt. This needs to happen because ISPs are not being held accountable for their denial of service actions. > Now, every spammer out there says that his or her mail is legitimate, > so if Alice hires her ISP to detect and discard obvious spam for her, > she's obviously hiring them to conduct a criminal act so > she's Guilty Guilty Guilty! The problem with this argument is that Alice unwittingly hires her ISP not knowing that her ISP will deny service. Because she is not fully informed, she cannot be held accountable. Example- You hire a professional moving crew to move a warehouse full of cocain, but you don't disclose to them the contents of the crates. It would be unreasonable to press charges against the moving company who didn't know what they were moving. Also, this argument you make is somewhat of a straw man, because I really wouldn't have a problem with an ISP discarding "obvious spam." The reason I would be okay with that is that when I email a friend with a personal message, the ISP would have a difficult time showing that such an email is "obvious spam." You have to take a step back and look at the EFF's philosophy, which I hold in high esteem. That is, spam blocking is okay if and only if legitimate mail is not denied. > Now, there are other people, such as the EFF, > who will discuss the problems with ISPs that are too > enthusiastic about dropping or rejecting mail, > or (much worse from an internet engineering business) > silently drop the mail without providing a proper reject message, > which is a badly broken evil nasty thing to do. First of all, my philosophy is completely aligned with that of the EFF. The only difference from your post would be the presence of a "proper reject message". The EFF does not agree with blocking legitimate email EVEN WITH A PROPER REJECT MESSAGE, nor do I. Now I would argue that without a proper reject message damages are substantially higher, and so the ISPs liability should also be higher, but reject message or not, blocking legit email is a problem. > Dropping mail noisily is not so bad - market solutions let customers > tell their ISPs to be more or less aggressive, > but people who send mail at least know it's been rejected. Market solutions are failing in this case, and that is the very problem we're discussing. These ISPs don't empower the user with the spam blocking control. What's worse than that- they don't tell the user what they are doing, and the user is not fully informed of the consequences. Even worse, when my mother did become fully informed, she told Earthlink to stop blocking my email, and they refused. I can understand being attached to this 'free market' concept, it's American to be that way. But to embrace it as a perfect self-regulating model is giving it far too much credit. There are imperfections, some of which are gross imperfections, and there needs to be government influence in these areas. > Things like rejecting mail from Linux users who are rude enough > to actually run Sendmail themselves instead of being dumb consumers also > bug them. You're confused about who's bugging who. It starts with the spammers. The spammers bug the ISPs, and their customers, who in turn bug their ISP. Then the ISP responds by implementing a poor spam blocking scheme because it's cheap and the best thing for profits. This bugs the civil libertarian Linux/sendmail users, because now their mail is bouncing. At this point, the linux/sendmail users are at the receiving end. The ISP is not bugged by this group because it's a small group and so their profit driven approach says that these users can be ignored. So the best way to fix this in a free market is to create a new right that gives users who are unreasonably denied service a right to claim $500 per denial (unreasonable in this case means blocking of obvious non-spam). Then it's still a free market, and ISPs are still free to block whatever they want, but it will get too expensive for them if they don't adopt smarter filters. However, that would be their choice, and it wouldn't matter to me which they choose, because even if they block my email, I would be compensated sufficiently enough to justify the loss. From sunder at sunder.net Sat Aug 9 09:13:14 2003 From: sunder at sunder.net (Sunder) Date: Sat, 9 Aug 2003 12:13:14 -0400 (edt) Subject: President Terminator In-Reply-To: <200308090242.h792gW8r010646@artifact.psychedelic.net> Message-ID: Hey, don't knock it! Arnold is perfect as President. As Reagan prooved, actors are perfect as presidents. They're maleable, they act their part on demand, and do as their told, or the lone nut assasin will make a visit if he doesn't listen to his ex-CIA VP's orders. ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------ On Fri, 8 Aug 2003, Eric Cordian wrote: > In response to a question about whether she would favor a Constitutional > amendment defining marriage as between a man and a woman, a Fox Fake News > Channel bimbo responded, "I want a Constitutional amendment so Arnold can > be President." From timcmay at got.net Sat Aug 9 17:29:20 2003 From: timcmay at got.net (Tim May) Date: Sat, 9 Aug 2003 17:29:20 -0700 Subject: How can you tell if your alarm company's... In-Reply-To: <20030809232339.GA27395@cybershamanix.com> Message-ID: On Saturday, August 9, 2003, at 04:23 PM, Harmon Seaver wrote: > On Sat, Aug 09, 2003 at 08:52:32AM -0400, Roy M. Silvernail wrote: >> On Saturday 09 August 2003 02:01, John Kozubik wrote: >>> On Fri, 8 Aug 2003, Tyler Durden wrote: >>>> ...in cahoots with the "authorities"? >>> >>> Most intelligent and savvy people I know "roll their own" Tivo (PVR, >>> etc.) >>> - I think the answer to your question is that it would be reasonable >>> (and >>> trivial) to roll your own alarm system. >> >> But it's not trivial to roll your own 24/7 monitoring company with >> the ability >> to call in the cops. If the monitoring company is compromised, you're >> \033653337357 anyway, but without them, all you have is one of those >> car >> alarms that everyone ignores. > > But how important is that anyway? Most any half competent burglar > knows > enough to cut the phone wire before the B&E, so they don't get called. > That > means that, yes, if some dimwit middleschool kid is doing the job, the > cops get > called, otherwise no. > Cellphones are cheap enough, and monthly charges are small enough when N machines share the same monthly account charge (Dad, Mom, Johnnie, Suzy, and Alarm). I would be surprised if today's alarm companies already aren't making good use of cellphones. I have a couple of perimeter lights and alarms on solar panels. Nothing to cut without either first using a ladder or, possibly, an accurate pellet gun to somehow disable the electronics. (One is mounted under the eaves of my roof, very high up. I may put another one in a tall oak.) I've also considered installing a full system with a beeper, with 802.11b cameras wirelessly sending to a laptop on a large battery. (If invaders/thieves/government agents find the laptop, in a closet devoted to this, they may not find the second such receiver, possibly hidden quite well. Or, for those who live near others, kept in a closet in the home of a friend. And even if they find it, I'll presumably still know I was invaded.) I figure that for a few thousand dollars and a spare laptop or two I could have a system very resistant to cutting phone or power lines, and something which would make surreptitious entry teams think twice. (Leave a couple of the 802.11b cameras visible, put another behind a Lexan plate, etc.) --Tim May "The only purpose for which power can be rightfully exercised over any member of a civilized community, against his will, is to prevent harm to others. His own good, either physical or moral, is not a sufficient warrant." --John Stuart Mill From declan at well.com Sat Aug 9 15:11:15 2003 From: declan at well.com (Declan McCullagh) Date: Sat, 9 Aug 2003 18:11:15 -0400 Subject: R.I.P. (was: Re: A 'Funky A.T.M.' Lets You Pay for Purchases Made Online) In-Reply-To: <5.2.1.1.0.20030725081344.048dac40@mail.comcast.net>; from s.schear@comcast.net on Fri, Jul 25, 2003 at 08:40:33AM -0700 References: <20030725001110.GC9659@dreams.soze.net> <523133AB-BE43-11D7-8D66-0003930F2360@got.net> <5.2.1.1.0.20030725081344.048dac40@mail.comcast.net> Message-ID: <20030809181114.A6780@cluebot.com> On Fri, Jul 25, 2003 at 08:40:33AM -0700, Steve Schear wrote: > time for such pipe dreams. Now that many are un- or under-employed there > still doesn't seem to be any activity by those active on this list in this > critical infrastructure area. All the recent work that is being done > (e.g., Orlin Grabbe's ALTA/DMT http://orlingrabbe.com/redirect.htm, Patrick > McCuller's Lucrative http://lucrative.thirdhost.com, YodelBank > http://yodelbank.com/, InvisibelNet http://invisiblenet.net) has been > undertaken by real cypherpunks, a few monitor this list but rarely if ever That's a useful roundup, thanks. I think the cypherpunk goal of anonymity is still alive and well -- it's just that the folks involved in efforts like Freenet don't necessary consider themselves cypherpunks or subscribe to this list. Defcon featured a good number of anon projects; most dealing with publishing/web browsing/email than anon digital cash, unfortunately (though the interest is there). -Declan From mindfuq at comcast.net Sat Aug 9 18:15:05 2003 From: mindfuq at comcast.net (mindfuq at comcast.net) Date: Sat, 9 Aug 2003 18:15:05 -0700 Subject: [eff-austin] Antispam Bills: Worse Than Spam? In-Reply-To: References: <20030806215244.GA4200@malaprop.org> Message-ID: <20030810011505.GA8619@tango.gombos.name> * Peter Fairbrother [2003-08-07 20:09]: > Peter Harkins wrote: > > > On Tue, Aug 05, 2003 at 07:06:46PM -0700, mindfuq at comcast.net wrote: > >> The state must protect my freedom of speech. So when I make a claim > >> against AOL for conducting a DoS attack against me, the state must > >> rule in my favor, or else they are failing to protect my free speech > >> rights. > > > > OK, for anyone who wasn't sure, it's time to stop feeding the trolls. > > > > Troll or not, if AOL censored email in the UK* it would be illegal > interception. 2 years for every interception. Nice! I've been thinking I should move there for a while. I also heard that by 2006 London and all the major cities will have seemless wifi coverage. The reason Europe is on the ball with this is the EU just passed five laws to deregulate emerging telecom companies so they can compete with the monopolists. In the U.S., the monopolistic heavyweights are eating our lunch. Telecom policy in the U.S. is warped by huge campaign contributions. Consumers are getting butt reamed on high broadband costs, and censorship is becoming a problem. > IMO, that's the only good thing to come from the RIP Act (the one with > not-(yet)-implemented GAK). > > Freedom to do your own thing is great, but what if the baby bells refused to > connect you to another baby bell? The benefits of a unified 'phone service > are such that legislation prevents baby bells doing that, and most of us > would agree with that legislation. IMO, email should be similar. With this republican absolute "free market" philosophy, the U.S. is going to end up eating it. As soon as Europe is fully wired (and unwired) I'll have one way plane ticket in hand. > But it don't solve the spam problem :-( That's okay- the antispammers are a bigger problem, and this needs to be attacked first. Europe is already a step ahead of the U.S. on that. I've got spamassassin to control spam. From hseaver at cybershamanix.com Sat Aug 9 16:23:39 2003 From: hseaver at cybershamanix.com (Harmon Seaver) Date: Sat, 9 Aug 2003 18:23:39 -0500 Subject: How can you tell if your alarm company's... In-Reply-To: <200308090852.32161.roy@rant-central.com> References: <20030808225907.D60664-100000@kozubik.com> <200308090852.32161.roy@rant-central.com> Message-ID: <20030809232339.GA27395@cybershamanix.com> On Sat, Aug 09, 2003 at 08:52:32AM -0400, Roy M. Silvernail wrote: > On Saturday 09 August 2003 02:01, John Kozubik wrote: > > On Fri, 8 Aug 2003, Tyler Durden wrote: > > > ...in cahoots with the "authorities"? > > > > Most intelligent and savvy people I know "roll their own" Tivo (PVR, etc.) > > - I think the answer to your question is that it would be reasonable (and > > trivial) to roll your own alarm system. > > But it's not trivial to roll your own 24/7 monitoring company with the ability > to call in the cops. If the monitoring company is compromised, you're > \033653337357 anyway, but without them, all you have is one of those car > alarms that everyone ignores. But how important is that anyway? Most any half competent burglar knows enough to cut the phone wire before the B&E, so they don't get called. That means that, yes, if some dimwit middleschool kid is doing the job, the cops get called, otherwise no. -- Harmon Seaver CyberShamanix http://www.cybershamanix.com From pelcak at earthlink.net Sat Aug 9 18:30:36 2003 From: pelcak at earthlink.net (Greg Pelcak) Date: Sat, 9 Aug 2003 20:30:36 -0500 Subject: How can you tell if your alarm company's... In-Reply-To: Message-ID: <3E0A8D0A-CAD2-11D7-AF40-000393B92858@earthlink.net> On Saturday, Aug 9, 2003, at 19:29 US/Central, Tim May wrote: > I figure that for a few thousand dollars and a spare laptop or two I > could have a system very resistant to cutting phone or power lines, > and something which would make surreptitious entry teams think twice. > (Leave a couple of the 802.11b cameras visible, put another behind a > Lexan plate, etc.) > 802.11b can be jammed very easily; simply by having an 802.11b card with a really powerful amplifier (just sniff the traffic and find which channel it's transmitting on, then transmit garbage at 50w). Best to have regular ethernet backup channels in at least the most important cameras. Of course someone would need prior knowledge of your system, but I think with the level of professionalism you're talking about we can assume a decent amount of time/effort put toward surveillance. From njohnsn at njohnsn.com Sat Aug 9 21:54:21 2003 From: njohnsn at njohnsn.com (Neil Johnson) Date: Sat, 9 Aug 2003 23:54:21 -0500 Subject: How can you tell if your alarm company's... In-Reply-To: References: Message-ID: <200308092354.21658.njohnsn@njohnsn.com> On Saturday 09 August 2003 07:29 pm, Tim May wrote: > > Cellphones are cheap enough, and monthly charges are small enough when > N machines share the same monthly account charge (Dad, Mom, Johnnie, > Suzy, and Alarm). I would be surprised if today's alarm companies > already aren't making good use of cellphones. The building where I work has a cellular interface to it's alarm system (Small white box with a 800MHz Antenna sticking out of it next to the central alarm panel). I think the name on the box is something like "CellSentry". It's fed off the batteries for the alarm system so cutting off power won't shut it off either. I have always wondered how the arm/disarm keypad works in most alarm systems. I would hope it would send a reasonably secure code to the controller to disable the alarm system, but I fear that it just a nothing more than a fancy remote relay and can be easily bypassed. They recently added security camers to our system. Instead of using video tape they installed a box that records 30 second snap shots continuoulsy to it's hard drive. Security people can access the system over the network (with a dedicated application, no idea how secure it is) and examine the captured images. -- Neil Johnson http://www.njohnsn.com PGP key available on request. From rah at shipwright.com Sun Aug 10 02:35:00 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Sun, 10 Aug 2003 05:35:00 -0400 Subject: President Terminator In-Reply-To: References: Message-ID: At 12:13 PM -0400 8/9/03, Sunder wrote: >As Reagan prooved, Or George Washington... Cheers, RAH -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From ravage at einstein.ssz.com Sun Aug 10 05:54:01 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Sun, 10 Aug 2003 07:54:01 -0500 (CDT) Subject: On our oncoming future dystopia (fwd) Message-ID: I'd say it pretty much hits the nail on the head, one of my favorite poems to boot. http://www.theinquirer.net/?article=10953 -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From shaddack at ns.arachne.cz Sat Aug 9 23:41:30 2003 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Sun, 10 Aug 2003 08:41:30 +0200 (CEST) Subject: How can you tell if your alarm company's... In-Reply-To: Message-ID: > How can I tell if my alarm has been "down" for a period of time, assuming I > don't believe the records of the alarm company in such cases? There is a plethora of various devices suitable for an alarm system, both off-the-shelf and homemadeable. You can cheaply roll out a camera system with a cheap PC with Linux and a TV-input card with a 4051 analog-multiplexer-based parallel-port-controlled switch for selecting cameras for slow-motion video. Frame rate sucks as there is no means of syncing the cams, so you have to give the card couple frames to lock after every cam change, but you should be able to get about four switches per second (which gives you one frame every 2 seconds for all 8-cams cycle). You can also switch them irregularly, so you get better framerate on the cams whose signal indicates something's happening. The photos may be recorded to a suitably big hard drive in a circular buffer, with suspicious frames optimally flagged for more permanent storage. This, together with a Net connection (and a backup phone line and eventually a cellphone) gives you a relatively very cheap system. Don't forget the UPS. Don't have this system as the only one; the adversary can switch off the power to the house and starve the computer. A new standard for GSM phones is appearing here: MMS - multimedia SMS messages. With suitably equipped phone you can send/receive short sound and video clips, and - which is important for us now - pictures. The alarm system then can send you a picture of the neighbor's cat getting into the house and tripping the sensors instead of just a panic-inducing generic message about activated PIRs and IR gates. I'd advise against relying on 802.11 cameras; they are too easy to both detect and jam. They can add some finishing touch though, and an attempt to jam the cams can be a possible alarm (or at least suspicion) source on its own. A powerful and reliable device may be a door/window-opening logger. A small chip with a little switch (or a reed-relay magnetic switch, which allows it to get completely sealed in the doorframe, or an IR beam gate, or just about anything). A microcontroller running with slow clock in low-power mode, a serial EEPROM for storing the circular-buffer log of the times when the contact was opened/closed, a RTC chip with I2C bus, a small battery for making the device independent on the power. (It can even log the times of power blackouts; a sequence of blackout - door open - door close - power-up when nobody is home is VERY suspicious.) If you use a wireless interface there (eg, use AT24RF08 for the EEPROM), you may read the door open/close times without any direct contact with the device, which makes its concealmentability much easier. It can then reside in the doorframe, a little magnet in the door triggering its reed contact, read/write being done with a handheld reader held over a certain point of the doorframe. Scatter couple such devices in the object, and you have good idea about what was happening there. There is no authorization there; they will just log visits, including you - but you KNOW when you were there and can ignore these entries on your own. This is suitable as an audit device, just to make sure. Be aware that in the highest-threat situations the adversary may enter by unconventional means; there were cases of entry through the roof, the floor, even the wall. The cellphone-based uplink can be strengthened by a trick. There are cellular jammers that can be employed together with the plain ol' cutting of the lines. However, if you have good visibility to some cell base stations, you may employ a directional antenna pointing at it, which makes the setup much more resistant against localized jamming from directions other than the antenna's one. For high-budget people there are also satellite phones. The system can also report to you once every interval, telling you about status changes and if there was anything that could look suspicious but wasn't worth of an asynchronous alarm. Consider using an anonymous phone with a prepaid card, for both sending and receiving the alarms and status messages. The adversary could othervise visit the phone company and ask for cancelling your service for the given time, so you'd miss your alarm. If the neighbourhood situation is suitable, you can combine the efforts of several people in the area, and form a sort of Neighbourhood Watch - a decentralized P2P web of alarm systems talking with each other by any suitable means - from an over-the-street IrDA to 802.11b to Ronja-grade optical links for longer distances. (The network can also double as a community network for TCP/IP communication and Net connection.) This can make an eventual attack very unlikely to pass unnoticed. An interesting low-tech backup system could be a cheap one-time film camera triggered by eg. a fishing line tied to the door or lead over the floor. Even if everything electrical goes down, there is still a chance to get a picture of the intruder. Use different technologies in overlapping layers. Employ your fantasy. Be aware about what dependencies you have in the system (eg, camera system can run for no more than two hours of mains blackout, certain sensors depend on the computer, some alert modes depend on the telephone or cellphone), be prepared for different failure modes - both natural mishaps and intentional sabotage, compensate for them, design the system to fail gracefully and to keep at least some functions (at least the autonomous audit switch loggers) even in the reasonably worst case. This makes the adversary's job less pleasant. From timcmay at got.net Sun Aug 10 10:15:01 2003 From: timcmay at got.net (Tim May) Date: Sun, 10 Aug 2003 10:15:01 -0700 Subject: America died in 1861. Another political entity stole its domain name. In-Reply-To: Message-ID: <2D1540FD-CB56-11D7-BD95-000A956B4C74@got.net> On Saturday, August 9, 2003, at 11:41 PM, Thomas Shaddack wrote: >> How can I tell if my alarm has been "down" for a period of time, >> assuming I >> don't believe the records of the alarm company in such cases? > > There is a plethora of various devices suitable for an alarm system, > both > off-the-shelf and homemadeable. > > You can cheaply roll out a camera system with a cheap PC with Linux > and a > TV-input card with a 4051 analog-multiplexer-based > ... By the way, Americans and those in the American Empire (Iraq, Britain, Kuwait, Italy, Spain, Czech Republic, Liberia, Transylvania, etc.) should be very careful about discussing alarm techniques. In this post-Bill of Rights era, such talk can get you a year in a federal penitentiary, or if one is a Little Brother in one of the Affiliated Nations, an indefinite stay in our newest concentration camp, Camp X-Ray. Just as it is illegal to fortify doors against midnight raids (the African Central Republic of the District of Columbia has laws outlawing the hardening of doors...I'm not kidding), helping perps deploy alarm systems which make "sneak and peak" and pre-dawn SWAT raids harder is criminal conspiracy. Americans need to watch what they say. Talk about drugs, face a bust under paraphernalia and proselytizing laws. Talk about explosives, get a year in the pen. Talk about medicine, have the AMA goons call in the cops. Talk about the law, have lawyers claim that only Bar Association members may give legal advice. Talk about Hollywood, have Jack Valenti file charges. I hear it's still legal to give an opinion about "The Brady Bunch," though Valenti says that loophole will soon be closed by Congress. America died in 1861. Another political entity stole its domain name. --Tim May From sunder at sunder.net Sun Aug 10 07:41:24 2003 From: sunder at sunder.net (Sunder) Date: Sun, 10 Aug 2003 10:41:24 -0400 (edt) Subject: How can you tell if your alarm company's... In-Reply-To: <200308092354.21658.njohnsn@njohnsn.com> Message-ID: >From what I've heard (not confirmed) most of this stuff is either simple sensors (continuity test) or it talks over a variant of rs422 - unencrypted for things like keypads. Not good, especially if these are accessible on the outside. ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------ On Sat, 9 Aug 2003, Neil Johnson wrote: > I have always wondered how the arm/disarm keypad works in most alarm systems. > > I would hope it would send a reasonably secure code to the controller to > disable the alarm system, but I fear that it just a nothing more than a fancy > remote relay and can be easily bypassed. From mv at cdc.gov Sun Aug 10 11:31:29 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Sun, 10 Aug 2003 11:31:29 -0700 Subject: Terminating Arnold's Presidency Message-ID: <3F368F81.B0515311@cdc.gov> At 07:42 PM 8/8/03 -0700, Eric Cordian wrote: >In response to a question about whether she would favor a Constitutional >amendment defining marriage as between a man and a woman, Maybe they'll screw up the specs (by omitting quantity) and make polyamory protected.. >Watch for this President Arnold movement to gather steam. Clinton wants to interpret the "only 2 terms" amendment as "consecutive terms". Sometimes you just have to thank the less-exercised Amerndments.. From mv at cdc.gov Sun Aug 10 11:42:14 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Sun, 10 Aug 2003 11:42:14 -0700 Subject: How can you tell if your alarm company's... Message-ID: <3F369205.BD9879C2@cdc.gov> Spooks & Physical IDS: If you are specifying a "roll your own security system", you probably want to make a distinction between building an "alarm company" and a "physical intrusion detection and logging" system. With the former you're hoping to keep your items; with the latter you're trying to keep your infosec pristine, and the State Burglars will not take anything. That would look bad for the Alarm Company they work for (that you pay to keep your items). Car Alarms: If you have neighbors who can see your house, your homebrew security system can use either strobes to annoy or fake-flame-lighting to alarm them. Anon CopCalls: You could make an anon 911 call using an old unused cellphone ---the base stations will take a 911 without subscribing. You could use a dish to hit a distant cell. Though these are jammable. Best solution is personal IDS that stays quiet. Of course if you do log an intrusion you have to sanitize or leave the space. Keep the housecat away from the battery-powered ultrasound that cuts power to the red computer. ------- Talk softly and carry a big lawyer. ---Hunter S Roosevelt From jya at pipeline.com Sun Aug 10 12:51:28 2003 From: jya at pipeline.com (John Young) Date: Sun, 10 Aug 2003 12:51:28 -0700 Subject: How can you tell if your alarm company's... In-Reply-To: References: <200308092354.21658.njohnsn@njohnsn.com> Message-ID: The alarm and security specialists we've talked to claim the greatest threat to systems are authorized users: the property owners, their children, employees, servants, nearly all of whom fail to arm and disarm the system properly not matter how carefully instructed. A false alarm is feared by these users more than an attacker, for they are more often traumatized by an errant signal, and the outpouring of security personnel and police, than by an actual attacker. (Like the US security and law enforcement systems.) The security responders are so pissed, or so condescending, that the users are in a state of panic about the systems going off falsely. Answer to that is to leave the system off. And claim they forgot to arm it. Thus, self-censorship to keep the cops from attacking. Then there are panic room backups which freak the users due to its capability of killing them with false threats like the gentleman, Safra, was killed on the Mediterranean coast when he believed he was under attack as responders tried to rescue him. Responders are a genuine threat when they think you are an AIDS carrier. It's worth keeping in mind, that protective and security systems can do you great harm, like friendly fire and security agencies of all kinds -- banks, doctors, accountants, in-house guards, most trusted associates. Gun owners, and nations, being killed by their own weapons is a kissing cousin threat. Technology is a gun most often in the hands of those will to fire first then question who's there. WMDs are the biggest threat to the US and ilk, those owned by the panic-room trapped users. North Korea, say, or the Joint Chiefs, aided and abetted by the low-credibility spooks. Back to failure of home security systems: its the back-up batteries that don't get replaced, rather the monthly bill for service is neglected by wayward servants while the owner is vacationing on a yacht being tracked by IRS. From bill.stewart at pobox.com Sun Aug 10 14:50:18 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Sun, 10 Aug 2003 14:50:18 -0700 Subject: Someone at the Pentagon read Shockwave Rider over the weekend In-Reply-To: References: <5.2.1.1.0.20030729152234.04ac11c8@mail.comcast.net> Message-ID: <5.1.1.6.2.20030810144344.0505a848@idiom.com> At 04:17 PM 07/29/2003 -0700, Tim May wrote: >Doing this aboveboard, and doing it with the collusion of the >actors who can alter the outcome, is asking for trouble: >* violation of gambling laws...as I said in other articles, >betting on the death of the King of Jordan is not different >from betting on the winner of the World Series. One of the similarities is that, aside from there being government anti-gambling laws that might forbid both, the Baseball Leagues have rules against members (both players and owners) gambling on the results - is John Poindexter the next Pete Rose? Also, various administration statements came out about how they were going to limit the bets to token amounts, e.g. $100, which might prevent funding of terrorist groups (including Ollie North projects as well as Al Qaeda projects, if in fact the two weren't connected), -- but those limits contradict one of the arguments the Pentagon and its supporters were making about valid uses for this market, which is companies insuring their business activities by betting on terrorist events, similarly to the way they hedge currencies. From cpunk at lne.com Sun Aug 10 20:00:00 2003 From: cpunk at lne.com (cpunk at lne.com) Date: Sun, 10 Aug 2003 20:00:00 -0700 Subject: Cypherpunks List Info Message-ID: <200308110300.h7B300Pc015493@gw.lne.com> Cypherpunks Mailing List Information Last updated: Sep 12, 2002 This message is also available at http://www.lne.com/cpunk Instructions on unsubscribing from the list can be found below. 0. Introduction The Cypherpunks mailing list is a mailing list for discussing cryptography and its effect on society. It is not a moderated list (but see exceptions below) and the list operators are not responsible for the list content. Cypherpunks is a distributed mailing list. A subscriber can subscribe to one node of the list and thereby participate on the full list. Each node (called a "Cypherpunks Distributed Remailer", although they are not related to anonymous remailers) exchanges messages with the other nodes in addition to sending messages to its subscribers. A message posted to one node will be received by the list subscribers on the other nodes, and vice-versa. 1. Filtering The various CDRs follow different policies on filtering spam and to a lesser extent on modifying messages that go to/from their subscribers. Filtering is done, on nodes that do it, to reduce the huge amount of spam that the cypherpunks list is subjected to. There are three basic flavors of filtering CDRs: "raw", which send all messages to their subscribers. "cooked" CDRs try to eliminate the spam on that's on the regular list by automatically sending only messages that are from cypherpunks list subscribers (on any CDR) or people who are replying to list messages. Finally there are moderated lists, where a human moderator decides which messages from the raw list to pass on to subscribers. 2. Message Modification Message modification policy indicates what modifications, if any, beyond what is needed to operate the CDR are done (most CDRs add a tracking X-loop header on mail posted to their subscribers to prevent mail loops). Message modification usually happens on mail going in or out to each CDR's subscribers. CDRs should not modify mail that they pass from one CDR to the next, but some of them do, and others undo those modifications. 3. Privacy Privacy policy indicates if the list will allow anyone ("open"), or only list members, or no one ("private") , to retrieve the subscribers list. Note that if you post, being on a "private" list doesn't mean much, since your address is now out there. It's really only useful for keeping spammers from harvesting addresses from the list software. Digest mode indicates that the CDR supports digest mode, which is where the posts are batched up into a few large emails. Nodes that support only digest mode are noted. 4. Anonymous posting Cypherpunks encourages anonymous posting. You can use an anonymous remailer: http://www.andrebacard.com/remail.html http://anon.efga.org/Remailers http://www.gilc.org/speech/anonymous/remailer.html or you can send posts to the list via cpunks_anon at einstein.ssz.com and your mail's headers will be stripped before posting. Note that this doesn't provide complete anonymity since the receiving site will still have log file entries showing the source of the mail (or you have to trust that they delete them). You also will be 'sharing' a reputation with the other entities that post through this alias, and some of them are spammers, so some subscribers will have this alias filtered. 5. Unsubscribing Unsubscribing from the cypherpunks list: Since the list is run from a number of different CDRs, you have to figure out which CDR you are subscribed to. If you don't remember and can't figure it out from the mail headers (hint: the top Received: line should tell you), the easiest way to unsubscribe is to send unsubscribe messages to all the CDRs listed below. How to figure out which CDR you are subscribed to: Get your mail client to show all the headers (Microsoft calls this "internet headers"). Look for the Sender or X-loop headers. The Sender will say something like "Sender: owner-cypherpunks at lne.com". The X-loop line will say something like "X-Loop: cypherpunks at lne.com". Both of these inticate that you are subscribed to the lne.com CDR. If you were subscribed to the algebra CDR, they would have algebra.com in them. Once you have figured out which CDR you're subscribed to, look in the table below to find that CDRs unsubscribe instructions. 6. Lunatics, spammers and nut-cases "I'm subscribed to a filtering CDR yet I still see lots of junk postings". At this writing there are a few sociopaths on the cypherpunks list who are abusing the lists openness by dumping reams of propaganda on the list. The distinction between a spammer and a subscriber is nearly always very clear, but the dictinction between a subscriber who is abusing the list by posting reams of propaganda and a subscriber who is making lots of controversial posts is not clear. Therefore, we tolerate the crap. Subscribers with a low crap tolerance should check out mail filters. Procmail is a good one, although it works on Unix and Unix-like systems only. Eudora also has a capacity for filtering mail, as do many other mail readers. An example procmail recipie is below, you will of course want to make your own decisions on which (ab)users to filter. # mailing lists: # filter all cypherpunks mail into its own cypherspool folder, discarding # mail from loons. All CDRs set their From: line to 'owner-cypherpunks'. # /dev/null is unix for the trash can. :0 * ^From.*owner-cypherpunks at .* { :0: * (^From:.*ravage at ssz\.com.*|\ ^From:.*jchoate at dev.tivoli.com.*|\ ^From:.*mattd at useoz.com|\ ^From:.*proffr11 at bigpond.com|\ ^From:.*jei at cc.hut.fi) /dev/null :0: cypherspool } 7. List of current CDRs All commands are sent in the body of mail unless otherwise noted. --------------------------------------------------------------------------- Algebra: Operator: Subscription: "subscribe cypherpunks" to majordomo at algebra.com Unsubscription: "unsubscribe cypherpunks" to majordomo at algebra.com Help: "help cypherpunks" to majordomo at algebra.com Posting address: cypherpunks at algebra.com Filtering policy: raw Message Modification policy: no modification Privacy policy: ??? Info: ??? --------------------------------------------------------------------------- CCC: Operator: drt at un.bewaff.net Subscription: "subscribe [password of your choice]" to cypherpunks-request at koeln.ccc.de Unsubscription: "unsubscribe " to cypherpunks-request at koeln.ccc.de Help: "help" to to cypherpunks-request at koeln.ccc.de Web site: http://koeln.ccc.de/mailman/listinfo/cypherpunks Posting address: cypherpunks at koeln.ccc.de Filtering policy: This specific node drops messages bigger than 32k and every message with more than 17 recipients or just a line containing "subscribe" or "unsubscribe" in the subject. Digest mode: this node is digest-only NNTP: news://koeln.ccc.de/cbone.ml.cypherpunks Message Modification policy: no modification Privacy policy: ??? --------------------------------------------------------------------------- Infonex: Subscription: "subscribe cypherpunks" to majordomo at infonex.com Unsubscription: "unsubscribe cypherpunks" to majordomo at infonex.com Help: "help cypherpunks" to majordomo at infonex.com Posting address: cypherpunks at infonex.com Filtering policy: raw Message Modification policy: no modification Privacy policy: ??? --------------------------------------------------------------------------- Lne: Subscription: "subscribe cypherpunks" to majordomo at lne.com Unsubscription: "unsubscribe cypherpunks" to majordomo at lne.com Help: "help cypherpunks" to majordomo at lne.com Posting address: cypherpunks at lne.com Filtering policy: cooked Posts from all CDR subscribers & replies to threads go to lne CDR subscribers. All posts from other CDRs are forwarded to other CDRs unmodified. Message Modification policy: 1. messages are demimed (MIME attachments removed) when posted through lne or received by lne CDR subscribers 2. leading "CDR:" in subject line removed 3. "Reply-to:" removed Privacy policy: private Info: http://www.lne.com/cpunk; "info cypherpunks" to majordomo at lne.com Archive: http://archives.abditum.com/cypherpunks/index.html (thanks to Steve Furlong and Len Sassaman) --------------------------------------------------------------------------- Minder: Subscription: "subscribe cypherpunks" to majordomo at minder.net Unsubscription: "unsubscribe cypherpunks" to majordomo at minder.net Help: "help" to majordomo at minder.net Posting address: cypherpunks at minder.net Filtering policy: raw Message Modification policy: no modification Privacy policy: private Info: send mail to cypherpunks-info at minder.net --------------------------------------------------------------------------- Openpgp: [openpgp seems to have dropped off the end of the world-- it doesn't return anything from sending help queries. Ericm, 8/7/01] Subscription: "subscribe cypherpunks" to listproc at openpgp.net Unsubscription: "unsubscribe cypherpunks" to listproc at openpgp.net Help: "help" to listproc at openpgp.net Posting address: cypherpunks at openpgp.net Filtering policy: raw Message Modification policy: no modification Privacy policy: ??? --------------------------------------------------------------------------- Ssz: Subscription: "subscribe cypherpunks" to majordomo at ssz.com Unsubscription: "unsubscribe cypherpunks" to majordomo at ssz.com Help: "help cypherpunks" to majordomo at ssz.com Posting address: cypherpunks at ssz.com Filtering policy: raw Message Modification policy: Subject line prepended with "CDR:" Reply-to cypherpunks at ssz.com added. Privacy policy: open Info: http://www.ssz.com/cdr/ --------------------------------------------------------------------------- Sunder: Subscription: "subscribe" to sunder at sunder.net Unsubscription: "unsubscribe" to sunder at sunder.net Help: "help" to sunder at sunder.net Posting address: sunder at sunder.net Filtering policy: moderated Message Modification policy: ??? Privacy policy: ??? Info: ??? --------------------------------------------------------------------------- Pro-ns: Subscription: "subscribe cypherpunks" to majordomo at pro-ns.net Unsubscription: "unsubscribe cypherpunks" to majordomo at pro-ns.net Help: "help cypherpunks" to majordomo at pro-ns.net Posting address: cypherpunks at pro-ns.net Filtering policy: cooked Posts from all CDR subscribers & replies to threads go to local CDR subscribers. All posts from other CDRs are forwarded to other CDRs unmodified. Message Modification policy: 1. leading "CDR:" in subject line removed 2. "Reply-to:" removed Privacy policy: private Info: http://www.pro-ns.net/cpunk From mindfuq at comcast.net Sun Aug 10 22:44:33 2003 From: mindfuq at comcast.net (mindfuq at comcast.net) Date: Sun, 10 Aug 2003 22:44:33 -0700 Subject: Cypherpunks procmail filter In-Reply-To: <200308110300.h7B300Pc015493@gw.lne.com> References: <200308110300.h7B300Pc015493@gw.lne.com> Message-ID: <20030811054433.GC32609@tango.gombos.name> * cpunk at lne.com [2003-08-10 21:37]: > # mailing lists: > # filter all cypherpunks mail into its own cypherspool folder, discarding > # mail from loons. All CDRs set their From: line to 'owner-cypherpunks'. > # /dev/null is unix for the trash can. > :0 > * ^From.*owner-cypherpunks at .* > { > :0: > * (^From:.*ravage at ssz\.com.*|\ > ^From:.*jchoate at dev.tivoli.com.*|\ > ^From:.*mattd at useoz.com|\ > ^From:.*proffr11 at bigpond.com|\ > ^From:.*jei at cc.hut.fi) > /dev/null > > :0: > cypherspool > } I thought I'd post an alternative procmail script for anyone interested: XLOOP_ML=cypherpunks@[a-z0-9.-]*(lne.com|ssz.com) # X-Loop mailing lists # :0 : *$ ^X-Loop:.*$XLOOP_ML * ^X-Loop:.*\/[a-z0-9.-]+@ * MATCH ?? ()\/[^@]+ mailing_lists/$MATCH The idea is to generalize the recipe so if you're on other mailing lists that use the "X-Loop" header, you can just add them to the XLOOP variable. And I guess if you still want to filter out sociopaths, this would be that version of it: XLOOP_ML=cypherpunks@[a-z0-9.-]*(lne.com|ssz.com) SPC="[ ]" FROM_="(From${SPC}|(Old-|X-)?(Resent-)?\ (From|Reply-To|Sender):)(.*\<)?" SOCIOPATHS=(\ ravage at ssz\.com.*|\ jchoate at dev.tivoli.com.*|\ mattd at useoz.com|\ proffr11 at bigpond.com|\ jei at cc.hut.fi) #SOCIO_PATH=/dev/null SOCIO_PATH=sociopaths # X-Loop mailing lists # :0 *$ ^X-Loop:.*$XLOOP_ML * ^X-Loop:.*\/[a-z0-9.-]+@ * MATCH ?? ()\/[^@]+ { :0: *$ ^${FROM_}$SOCIOPATHS SOCIO_PATH :0: mailing_lists/$MATCH } From ravage at einstein.ssz.com Mon Aug 11 04:36:39 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Mon, 11 Aug 2003 06:36:39 -0500 (CDT) Subject: The Register - NSA proposes backdoor detection center (fwd) Message-ID: http://www.theregister.co.uk/content/55/32265.html -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From mv at cdc.gov Mon Aug 11 09:36:12 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Mon, 11 Aug 2003 09:36:12 -0700 Subject: The Register - NSA proposes backdoor detection center (fwd) Message-ID: <3F37C5FC.C1590AE@cdc.gov> At 06:36 AM 8/11/03 -0500, Jim Choate wrote: >http://www.theregister.co.uk/content/55/32265.html >>Wolf also said that untrustworthy hardware poses a similar threat. "Most microelectronics fabrication in the USA is rapidly moving offshore," said Wolf. "NSA is working on a Trusted Microelectronics Capability to ensure that state-of-the-art hardware devices will always be available for our most critical systems.<< Only way they can do that is to build it themselves, from HDL to GDSII and make their own masks. You can't prove a function doesn't exist in some box otherwise, if you don't know the trigger. Kinda like a PRNG and its key. From mv at cdc.gov Mon Aug 11 09:42:37 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Mon, 11 Aug 2003 09:42:37 -0700 Subject: Idea: Homemade Passive Radar System (GNU/Radar) Message-ID: <3F37C77D.6C3A1CF9@cdc.gov> At 05:04 PM 8/11/03 +0200, Thomas Shaddack wrote: > This unit has to be cheap and expendable - it's easy to >locate and to destroy by a HARM missile. As a bonus, forcing the adversary >to waste a $250,000+ AGM-88 missile on a sub-$100 transmitter may be quite >demoralizing. Microwave ovens were used in the Yugo war for this. The invading air power can't ignore the ISM band because then you could use it for real missile trackers. Someone who can do vacuum and welding work could change the output freq of an oven magnetron, by changing the shorting-strap connections. From Vincent.Penquerch at artworks.co.uk Mon Aug 11 02:32:19 2003 From: Vincent.Penquerch at artworks.co.uk (Vincent Penquerc'h) Date: Mon, 11 Aug 2003 10:32:19 +0100 Subject: [eff-austin] Antispam Bills: Worse Than Spam? Message-ID: > Nice! I've been thinking I should move there for a while. I also > heard that by 2006 London and all the major cities will have seemless > wifi coverage. The reason Europe is on the ball with this is the EU We're on the way. We already have seemless camera surveillance coverage. -- Vincent Penquerc'h From morlockelloi at yahoo.com Mon Aug 11 11:07:58 2003 From: morlockelloi at yahoo.com (Morlock Elloi) Date: Mon, 11 Aug 2003 11:07:58 -0700 (PDT) Subject: Idea: Homemade Passive Radar System (GNU/Radar) In-Reply-To: Message-ID: <20030811180758.29178.qmail@web40601.mail.yahoo.com> > As an active twist, we can also use a separate unit, Illuminating > Transceiver (IT), periodically broadcasting a pulse of known > characteristics, easy to recognize by the LPs when it bounces from an > aerial target. This unit has to be cheap and expendable - it's easy to > locate and to destroy by a HARM missile. As a bonus, forcing the adversary > to waste a $250,000+ AGM-88 missile on a sub-$100 transmitter may be quite > demoralizing. There can be a whole hierarchy of ITs; when one of them Microwave oven. This has been done in recent years in various theatres. > Even other sources can serve as involuntary ITs. The landscape is littered > with cellular base stations and civilian TV and radio transmitters. Just > pick the suitable frequency and listen on. There is enough wideband power in the ether above inhabited areas to make passive detection from reflected EM possible in theory (without any EM emanating from the target.) The space is illuminated, but the "eyes" are not good enough, yet. Signal levels are extremely low, but it's likely that a flying jet reflects back enough from hundreds of cellphone/celltower transmissions to be few dB above the background noise. However, without knowing where to "look" the receiver cannot use typical narrow beam high-gain antennas. What is needed is an array, like an insect's eye, and that will be a sizeable contraption - passive, but not small. In other words, the size of a passive eye is proportional to the wavelength. To get human eye resolution in 10cm band the size gets to 2km across. Big eye. ===== end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com From s.schear at comcast.net Mon Aug 11 16:42:42 2003 From: s.schear at comcast.net (Steve Schear) Date: Mon, 11 Aug 2003 16:42:42 -0700 Subject: Jay Leno comment Message-ID: <5.2.1.1.0.20030811164051.028f7ea0@mail.comcast.net> TV comedian Jay Leno made this comment August 4, regarding the effort now underway to write a constitution for Iraq: "Hey, why don't we send them ours? It worked well for us for over two hundred years . . . and we're not using it anymore . . " A foolish Constitutional inconsistency is the hobgoblin of freedom, adored by judges and demagogue statesmen. - Steve Schear From bbrow07 at students.bbk.ac.uk Mon Aug 11 09:02:36 2003 From: bbrow07 at students.bbk.ac.uk (ken) Date: Mon, 11 Aug 2003 17:02:36 +0100 Subject: [eff-austin] Antispam Bills: Worse Than Spam? References: <20030806215244.GA4200@malaprop.org> <20030810011505.GA8619@tango.gombos.name> Message-ID: <3F37BE1C.1090308@students.bbk.ac.uk> mindfuq at comcast.net wrote: > Nice! I've been thinking I should move there for a while. I also > heard that by 2006 London and all the major cities will have seemless > wifi coverage. The reason Europe is on the ball with this is the EU > just passed five laws to deregulate emerging telecom companies so they > can compete with the monopolists. A bit of wishful thinking here I think. [...] >>But it don't solve the spam problem :-( > > > That's okay- the antispammers are a bigger problem, and this needs to > be attacked first. Europe is already a step ahead of the U.S. on > that. This is really not true at all. In fact it is far more likely (or maybe less unlikely) that European countries would pass draconian anti-spam laws than it is in the US because they don't on the whole have the same attitude to free speech. > I've got spamassassin to control spam. And so, maybe, do AOL. The real problem with your whole argument of the last week or so is that your mail is not passing across Mallory's back yard, or through pipes beneath his house - you are expecting him to carry it across and deliver it for you. And if he doesn't want to then he doesn't want to. Solution? Choose one of: - get your friends to use a different ISP - build your own network - get your government to take over AOL on your behalf and run it as a public utility - Get With The Program (TM) and fix your mail so it conforms with whatever arbitrary rules AOL have set up. After all SOME people manage to mail AOL customers. In their eyes you must be doing something wrong. How dare you stand against the Corporate Might (TM) of what Made America Great(TM)! - use letter post Each of the above has a downside. From shaddack at ns.arachne.cz Mon Aug 11 08:04:56 2003 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Mon, 11 Aug 2003 17:04:56 +0200 (CEST) Subject: Idea: Homemade Passive Radar System (GNU/Radar) Message-ID: The current developments in international politics, mainly the advent of rogue states attacking sovereign countries from air, causes a necessity of proliferation of cheap air defense solutions. Key part of air defense is the awareness, usually maintained by a network of ground radar stations. In the end of 50's, Czech Republic developed a passive radar system called PRP-1/Kopac (Korelacni Patrac, Correlation Seeker), which was later replaced by more advanced system Ramona and even more advanced Tamara. Then the Revolution came, bringing the inevitable international pressures that led to the bankrupcy of the Tamara developer company, following false indictments of its top managements which lead to revocation of the company's arms sale licence. Shortly after this, articles in the world press appeared about "groundbreaking" passive radar system being developed by - guess who? Lockheed. (After "15 years of research", good part of which consisted from reverse-engineering of seized shipment of I am not sure if Ramonas or Tamaras.) See also http://www.techtydenik.cz/tt1998/tt10/panoram5.htm The system allows locating and identification of aerial, ground, and (when installed on the shore) sea-based EM sources. The passive radar system consists from four main parts. Three are wideband receivers, listening for any characteristical transmitting activity. They talk to the fourth one, where a correlator is located - an electronic system calculating the position of the signal sources from the differences of times when the listening posts received their signals. The civilian sector electronics is developing fast; component prices fall down, computing power goes up, anybody can buy a machine that just few decades ago would make everyone in Pentagon salivating. Naturally, this opens interesting possibilities. The threat rogue states with overwhelming air force pose to other countries makes it a necessity to develop a cheap, open passive radar system, effectively bringing a key part of air defense down to easy affordability on a municipiality level. Let's call it GNU/Radar. We need the four stations: three listening ones, and the correlating one. The correlating station (CS) may be built as a MOSIX or Beowulf cluster. Its job is to handle signals from LPs, identifying the targets, and tracking their position. The listening posts (LPs) need a receiver - a suitably wideband one, a digitizer (a fast ADC card), optionally a DSP board to take some calculations off the shoulders of the CPU, a source of precise timebase for synchronizations (may be a GPS, which also provides information about the location of the listening post which is what the CS needs to know, or may be a receiver of a time synchronization signal broadcasted from somewhere if we want a backup for case of GPS being shut down. The receiver may be possibly adapted from the GNU/Radio project. The timing pulses can be also delivered optically, eg. by a modification in the Ronja unit mentioned later. The LPs crunch the received signals, isolate the interesting-looking ones, mark the precise moments of their reception, and send their arrival times and key characteristics to CS. The transmission channel may be anything with sufficient bandwidth - from an Internet leased line to Ronja-based 10Mbps optical links in case of direct visibility between LPs and CS. As an active twist, we can also use a separate unit, Illuminating Transceiver (IT), periodically broadcasting a pulse of known characteristics, easy to recognize by the LPs when it bounces from an aerial target. This unit has to be cheap and expendable - it's easy to locate and to destroy by a HARM missile. As a bonus, forcing the adversary to waste a $250,000+ AGM-88 missile on a sub-$100 transmitter may be quite demoralizing. There can be a whole hierarchy of ITs; when one of them transmits, the other ones sleep - when the transmitting one is destroyed, one of the sleeping units wakes up and continues in illuminating the airspace. This is within reach of capabilities of a simple microcontroller. Even other sources can serve as involuntary ITs. The landscape is littered with cellular base stations and civilian TV and radio transmitters. Just pick the suitable frequency and listen on. Remember that Kopac was built about 50 years ago, on vacuum tubes. It should be far from impossible to replicate it with contemporary COTS electronics. Using lower frequencies than the gigahertz band usual for modern military radars reduces accuracy, but also dramatically reduces the effectivity of aircraft stealth features. There are already prototype results in this field: http://www.wired.com/news/print/0,1294,16762,00.html Some other sources: http://ronja.twibright.com/ http://slashdot.org/articles/01/06/11/1617239.shtml Opinions, comments, ideas? From rah at shipwright.com Mon Aug 11 15:09:41 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Mon, 11 Aug 2003 18:09:41 -0400 Subject: Mom aids in hunting terrorists over Web Message-ID: The Washington Times www.washingtontimes.com Mom aids in hunting terrorists over Web By Neil Doyle Published August 9, 2003 Referred to by her spy masters only as "Mrs. Galt," she is by day an unremarkable American housewife and mother. But after her two children go to bed, she plunges into a secret world of Internet chat rooms and Web sites populated by some of the most dangerous people on earth. Burrowing into the byzantine network of unpublicized Web sites used by al Qaeda and other terror groups for their routine communications, she sweet-talks her interlocutors into revealing their plans, often with fatal consequences for the terrorists. They have no idea that their supportive new "sister" is a terrorist hunter reporting every word they say to a variety of intelligence agencies. She is so trusted by her unsuspecting targets that they often send her pictures of themselves displaying heavy machine guns and other weapons. She has even been sent pictures of men proudly displaying severed human heads. Her most recent venture - penetrating al Qaeda-affiliated groups in Pakistan - is said to have resulted in the death and detention of several terrorists. Others are still at large, making it necessary to keep her real name and hometown secret. The results of her latest exploits, including transcripts of her chats with suspects, have been placed on a Web site for all to see at www.pakistan-army-isi.com. Despite the name, the site has no connection to the Pakistani army or ISI, the country's intelligence service. "I would have loved to have seen [the terrorists4] faces when they saw the messages on the Web," Mrs. Galt, 42, said in an interview conducted by e-mail. "All I can do is hope that some of the terrorists I talked to get picked up. After all, they are not terrorists until a court says they are." Mrs. Galt is an example of a new breed of cyber-spy - ordinary citizens who want to "do their bit" by putting their computer skills to use fighting terrorism. She reports to London-based private intelligence consultant Glen Jenvey, who makes his research available to government services, including the FBI and the military intelligence agencies of Russia and India. "She has brought us first-rate military counterintelligence, and the people at the top respect her very much," said her British handler, one of a loosely organized group of counterintelligence researchers who specialize in using the Internet to infiltrate militant Islamic groups. Armed with a crib sheet summarizing Islamic sayings and customs, Mrs. Galt plays the part of a "sister" wanting to support the men waging jihad. She ingratiates herself and offers to lend her expertise with computers to further the aims of the groups. Jihad fighters on the front lines in Afghanistan, Pakistan and Kashmir, who often have not seen a woman for several months, seize on the chance to talk to a woman. Mrs. Galt says she flirts with the men to play on their hopes and deflect any suspicions. Over a period of weeks and even months, she slowly teases out details of coming operations, locations of bases and movements of personnel. Mrs. Galt said she has gone as far as setting up Web sites for some notorious groups, including the al Qaeda-affiliated Lashkar-e-Taiba in Pakistan. During one recent online chat, a contact was mourning the death of a friend. "Sister, I cried very much in my prayers because my very close friend, who was also with me in training, got killed," the man wrote. Mrs. Galt said she lent a sympathetic ear and provided soothing words, all the time knowing that information she had provided might have led to the man's death. She said she felt no trace of guilt. Other intelligence coups by Mrs. Galt include a revelation that terrorist groups in Pakistan have been conducting experiments with chemical weapons. Members of one group were asked in an "urgent appeal" to track down the formula for making chlorine gas. They were also exploring the feasibility of manufacturing biological weapons by extracting live viruses from vaccines and cultivating them. Other information she has provided include details of a string of bank accounts used by militant groups, which have shed valuable light on how these groups are funded. Not everything she hears is reliable or can be confirmed. She has also been told by her Web correspondents that Osama bin Laden is being sheltered by Islamist rebels in Chechnya. Mrs. Galt said she has received death threats since she went public, but is undeterred. She is about to adopt a new guise and go back online after a short break. "In about a week or so, I'll have another ID and start all over again, hitting the Web looking for jihad supporters," she said. "It's a never-ending battle." -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From hseaver at cybershamanix.com Mon Aug 11 16:48:41 2003 From: hseaver at cybershamanix.com (Harmon Seaver) Date: Mon, 11 Aug 2003 18:48:41 -0500 Subject: Mom aids in hunting terrorists over Web In-Reply-To: References: Message-ID: <20030811234841.GA15183@cybershamanix.com> On Mon, Aug 11, 2003 at 06:09:41PM -0400, R. A. Hettinga wrote: > > "She has brought us first-rate military counterintelligence, and the people at the top respect her very much," said her British handler, one of a loosely organized group of counterintelligence researchers who specialize in using the Internet to infiltrate militant Islamic groups. No doubt this is Blair's secret intel source for the Niger/uranium bit, eh? -- Harmon Seaver CyberShamanix http://www.cybershamanix.com From timcmay at got.net Mon Aug 11 21:00:56 2003 From: timcmay at got.net (Tim May) Date: Mon, 11 Aug 2003 21:00:56 -0700 Subject: Mom aids in hunting terrorists over Web In-Reply-To: Message-ID: <9352BA67-CC79-11D7-ABBE-000A956B4C74@got.net> Referred to by his spy masters only as "Tim," this spy has been getting those who want more tax money stolen to give to the so-called minorities to reveal their plans to him in Internet chat rooms. He gains their support by denouncing freedom and free trade, by agreeing with their whines that tax rates ought to be raised on the wealthy so that "persons of color and other marginalized peeples" can receive more money to stay at home and eat Doritos while watching Oprah Winfrey. Experts point out that at least 18 of these socialists who this spy "Tim" made contact with have been executed by members of freedom fighting groups. He says that while he does not support the "christer superstitions" of groups like Aryan Nations, their willingness to liquidate race traitors and socialist tax enthusiasts is "admirable." "Tim" was quoted in one forum, untraceably of course, saying that his ultimate goal is to see the 22 million non-working layabouts given a chance to repay what they stole, with interest. If after 36 months they are not on schedule, they would face 5 years in a work camp, working off their debts. Those who failed to repay their debts on this schedule would, he said, have their organs harvested as partial repayment of their debt. "Sometimes they just have to go up the chimney," he added. From bill.stewart at pobox.com Tue Aug 12 01:03:27 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Tue, 12 Aug 2003 01:03:27 -0700 Subject: Antispam Bills: Worse Than Spam? In-Reply-To: <20030802234507.GC2201@tango.gombos.name> References: <037801c35825$a9a457e0$265b8b42@lake> Message-ID: <5.1.1.6.2.20030811212159.04683728@idiom.com> At 04:45 PM 08/02/2003 -0700, mindfuq at comcast.net wrote: >We definately need a law making it illegal for an ISP to block >non-spam email. I cannot email a friend who uses AOL, and wants to >receive my email, because AOL blocks it. Fearghas pointed out the obvious workaround for this, which is that if you don't like AOL's policies on incoming or outgoing email, or your cable modem provider's policies* (which in the US are pretty much guaranteed to be lame), or the cheapest DSL provider around, but you want to keep them because they're cheap or have other features you like, then fine, just use them for Internet packet forwarding, and find yourself an email provider with policies you like. You don't need to find all of them - you only need one. There are about 10,000 ISPs in the US, last time I looked, plus hundreds to thousands of hosting and colo providers who will sell you at least a virtual host, plus myriads of customers of hosting providers who have the resources to run an email business, plus hundreds of thousands of unemployed former dot-commers who'd probably be interested in starting a business if they can't find themselves an employer, and at least 50% of them have the capital required to start a small email provider business, and at least 10% of them have enough capital to start a medium business, big enough to get going if they can find customers. That means that if just 0.01% of those people or businesses agree with you about how the email business really should be run, then there are probably a dozen or so that claim to be just what you want, and at least half a dozen that are actually competent. If just 1% of them agree with you, then there are thousands of them. Go use Google and go find them, or post a message in the appropriate newsgroups asking for them. If you *can't* fund a dozen providers like that, much less a thousand, then obviously the collective wisdom Internet community doesn't agree with your ideas well enough to justify making a law against how the other 99% or 99.99% of email providers run their businesses. Furthermore, if you think you're RIGHT, not just about how you want _some_ ISP to run a service so you can get what you want for your email, but COSMICALLY, STALLMANESQUELY RIGHT about how every ISP should be run, then don't try to convince some technically clueless Congresscritter, get off your ass and go convince people. By the time you've convinced 20% of the customers that that's what ISPs should do, and convinced 20% of the ISPs, everybody else will get the clue. And if you want to get rich while doing so, as opposed to merely popular like Stallman (:-), one of the best ways to do it is to set up a business and show the other ISPs what a REAL mail server looks like while millions of customers show up at your doorstep (hmmm, that's back to the "get off your ass" bit again), or more realistically, dozens show up which gets you enough user feedback to tweak the service and advertising to attract hundreds of users, which brings in enough cash flow to advertise to get thousands, at which point you've had trouble scaling and have redesigned to something actually scalable, which is a bit tough at $5/month * 1000 users, and then the world beats a path to your door because somebody's finally heard of you. From jtrjtrjtr2001 at yahoo.com Tue Aug 12 02:06:43 2003 From: jtrjtrjtr2001 at yahoo.com (Sarad AV) Date: Tue, 12 Aug 2003 02:06:43 -0700 (PDT) Subject: Q on associative binary operation In-Reply-To: Message-ID: <20030812090643.16469.qmail@web21208.mail.yahoo.com> hi, how do we complete this table Table shown may be completed to define 'associative' binary operation * on S={a,b,c,d}. Assume this is possible and compute the missing entries *|a|b|c|d --------- a|a|b|c|d --------- b|b|a|c|d --------- c|c|d|c|d --------- d| | | | Its clear for commutativity but I am a trifle confused on how we do it for associativity. Thank you. Regards Sarath. __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com From s.schear at comcast.net Tue Aug 12 07:49:20 2003 From: s.schear at comcast.net (Steve Schear) Date: Tue, 12 Aug 2003 07:49:20 -0700 Subject: IRS loses a big one? Message-ID: <5.2.1.1.0.20030812074809.046ad140@mail.comcast.net> [Not surprisingly there appears to be no major U.S. media coverage] IRS vs. KUGLIN By Carl F. Worden Forget the war in Iraq, Afghanistan and our excellent adventure in Liberia. Forget about Kobe, Arnold, Arriana, Scott and Laci. The biggest news of the entire week is that on August 8, 2003, the IRS was unable to convince a jury in Memphis, Tennessee that the Federal Tax Code requires the citizens to pay individual income taxes. I kid you not... http://www.sierratimes.com/03/08/10/ar_IRS_vs._KUGLIN.htm also http://www.newsmax.com/insidecover.shtml A foolish Constitutional inconsistency is the hobgoblin of freedom, adored by judges and demagogue statesmen. - Steve Schear From jamesd at echeque.com Tue Aug 12 09:12:16 2003 From: jamesd at echeque.com (James A. Donald) Date: Tue, 12 Aug 2003 09:12:16 -0700 Subject: Controlled nymity In-Reply-To: Message-ID: <3F38AF70.25126.2D49DE4@localhost> -- What we want of a payment system, is that Alice can prove she paid Bob, even if Bob wants to deny it, but no one else can prove that Alice paid Bob unless Alice takes special action to make it provable. (This provides permits recipient anonymity in that Bob can be an alternate identity of Dave, and no one can prove that money paid to Bob actually winds up with Dave. They can, however prove they paid Bob.) If Alice pays Bob in unblinded tokens, this does not help, for Bob can pass the unblinded tokens to yet another identity of his, Fred. One solution is for the bank to maintain an email linked account for Bob, into which Alice pays. This sounds ominous, for the next step might be to link the account to true names, can anyone see any other problems with it. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG a4EU+fvvOcH0Sv52K2EKbF8yLcgewuumffss+deq 4NXChKCIzq02Njnl6SIFC224NDGKfgySzihcR3gfI From timcmay at got.net Tue Aug 12 10:12:16 2003 From: timcmay at got.net (Tim May) Date: Tue, 12 Aug 2003 10:12:16 -0700 Subject: Controlled nymity In-Reply-To: <3F38AF70.25126.2D49DE4@localhost> Message-ID: <1FB13B36-CCE8-11D7-ABBE-000A956B4C74@got.net> On Tuesday, August 12, 2003, at 09:12 AM, James A. Donald wrote: > -- > What we want of a payment system, is that Alice can prove she > paid Bob, even if Bob wants to deny it, but no one else can > prove that Alice paid Bob unless Alice takes special action to > make it provable. > > (This provides permits recipient anonymity in that Bob can be > an alternate identity of Dave, and no one can prove that money > paid to Bob actually winds up with Dave. They can, however > prove they paid Bob.) > > If Alice pays Bob in unblinded tokens, this does not help, for > Bob can pass the unblinded tokens to yet another identity of > his, Fred. > > One solution is for the bank to maintain an email linked > account for Bob, into which Alice pays. This sounds ominous, > for the next step might be to link the account to true names, > can anyone see any other problems with it. First, the issue of double-spending. As any digital instrument is replicable, Alice's "proof" that she transferred a digital instrument to Bob can NEVER by itself mean that Bob eventually got some other form of money. This is why online clearing is so advantageous. Second, the problem of Alice trying to prove (to whom, by the way?) that she paid Bob is a can of worms. If Alice is trying to prove to some third party then perhaps she should use that third party as an escrow service...they know _they_ got paid, because they cashed the instrument, and now they can pay Bob. Third, meatspace identity is only one of many "enforcement mechanisms" which can be tried. Not a good avenue, in my view. --Tim May, Citizen-unit of of the once free United States " The tree of liberty must be refreshed from time to time with the blood of patriots & tyrants. "--Thomas Jefferson, 1787 From bill.stewart at pobox.com Tue Aug 12 12:25:22 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Tue, 12 Aug 2003 12:25:22 -0700 Subject: IRS loses a big one? In-Reply-To: <5.2.1.1.0.20030812074809.046ad140@mail.comcast.net> Message-ID: <5.1.1.6.2.20030812110333.0471eb40@idiom.com> Nah, just a small loss. It's good to beat them, but hard to repeat, and they're playing a numbers game. There are good points and less good points to jury trials. One of the good parts is that a jury can acquit you for any reason that they want to, if you can convince them to. On the other hand, jury verdicts don't set precedents the way judge verdicts can, and jury verdicts of Not Guilty can't be appealed, so there's no way to get them escalated to a wider area, unlike a judge's declaration that a law is unconstitutional, which applies to whatever territory that judge has jurisdiction over (whether that's a city or a Federal District or whatever), though they're useful precedent. That doesn't mean that winning with a jury isn't a Good Thing :-) But in particular, even a fully-informed jury that's judging the law is normally just judging how and whether the law applies to a particular case, and most jury decisions are really about the facts of the case or at most how the law applies to those facts. This jury decided that the IRS had failed to prove that Kuglin violated any laws about what papers she had to file or how she had filed any that she did file. That doesn't mean that she doesn't owe any taxes, or that the IRS can't find a way to get money from her, such as garnishing her wages in the future, or even that any papers she did file were correct - only that the IRS had failed to prove they were punishably wrong. (It doesn't even necessarily mean that the way she handled her papers *wasn't* punishably wrong - only that the IRS didn't give a sufficiently convincing argument that the laws their lawyer likes to quote apply to the actions she took or didn't take in the way that the lawyer contends that they apply.) In particular, based on the two newspaper articles, it sounds like the IRS mouthpiece was saying that Kuglin could and should have had a conversation with them in which they'd have explained to her exactly where it says she had to file things their way, and that she'd failed to do so and was therefore a Bad Person who deserved to be Punished, when in fact she'd sent them several letters which they'd failed to respond to so it's their problem that the conversation didn't go the way they wanted it to. But hey, must've been some clerk's fault, sorry about the mistake. The IRS did lose, which it doesn't like to do, and it may have to find some way to salvage this case or try to bury it, and probably a few more people will be inspired to try to do what Kuglin did, and 10% of them might do it competently, some percentage of them will do it incompetently and get Punished and possibly made examples of, and most will get lost in the noise. Me? I'm not protesting taxes, I'm protesting MS Windows, but I gave up on getting the disk with my TurboTax on it to boot again and scragged the data onto floppies using a rescue disk so we can reinstall onto another system and finish my taxes before the August 15th extension deadline :-) (I'm also protesting the Wintel PC Architecture - I can't get the box to boot from CDROM reliably enough to reinstall Windows or run Knoppix, even after replacing the CDROM drive, and it doesn't like to see the new hard disk drive as a slave when I've got another hard disk as master. And this year's [expletive deleted] Turbotax DRM probably won't let me rerun the return without paying them a second time because the keying info is stashed in the Registry, which isn't accessible from a DOS rescue floppy...) Bill At 07:49 AM 08/12/2003 -0700, Steve Schear wrote: >[Not surprisingly there appears to be no major U.S. media coverage] > >IRS vs. KUGLIN >By Carl F. Worden > >Forget the war in Iraq, Afghanistan and our excellent adventure in >Liberia. Forget about Kobe, Arnold, Arriana, Scott and Laci. The >biggest news of the entire week is that on August 8, 2003, the IRS >was unable to convince a jury in Memphis, Tennessee that the Federal >Tax Code requires the citizens to pay individual income taxes. I kid >you not... > >http://www.sierratimes.com/03/08/10/ar_IRS_vs._KUGLIN.htm > >also >http://www.newsmax.com/insidecover.shtml > >A foolish Constitutional inconsistency is the hobgoblin of freedom, adored >by judges and demagogue statesmen. >- Steve Schear From patrick at lfcgate.com Tue Aug 12 12:20:50 2003 From: patrick at lfcgate.com (Patrick) Date: Tue, 12 Aug 2003 13:20:50 -0600 Subject: [Lucrative-L] updated lucrative source now in CVS Message-ID: I imported Lucrative source into SourceForge CVS so anyone who wishes can get the latest and greatest Lucrative. There are numerous improvements in design and efficiency over v7, more features, and so on. https://sourceforge.net/projects/lucrative There are several tools at SF for lodging bug reports, feature requests, and so on. Please feel free, even encouraged, to make use of them. And I invite participation by developers to contribute to the source. I don't have any specific tasks that I need help on at the moment, but I will use the SF tools to make notes. Also, people uncomfortable or unable to contribute to the source should feel free to contribute anything else they desire: pretty graphics, interface mockups, diagrams, charts, requirements or specifications, documents of all sorts, complaints. One point I would like advice on is whether to extend the FIBI (format for the interchange of bearer instruments) protocol to allow exchange of Chaumian cash as well as Wagnerian. Patrick The Lucrative Project: http://lucrative.thirdhost.com ...................................................... To subscribe or unsubscribe from this discussion list, write to lucrative-l-request at lucrative.thirdhost.com with just the word "unsubscribe" in the message body (or, of course, "subscribe") --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From jya at pipeline.com Tue Aug 12 13:49:27 2003 From: jya at pipeline.com (John Young) Date: Tue, 12 Aug 2003 13:49:27 -0700 Subject: IRS loses a big one? In-Reply-To: <5.2.1.1.0.20030812074809.046ad140@mail.comcast.net> Message-ID: The New York Times reports on this case today: http://www.nytimes.com/2003/08/12/business/12TAX.html From billy at dadadada.net Tue Aug 12 12:04:41 2003 From: billy at dadadada.net (BillyGOTO) Date: Tue, 12 Aug 2003 15:04:41 -0400 Subject: Q on associative binary operation In-Reply-To: <20030812090643.16469.qmail@web21208.mail.yahoo.com> Message-ID: <20030812190441.GA15253@mail.dadadada.net> "For my ally is Perl, and a powerful ally it is." On Tue, Aug 12, 2003 at 02:06:43AM -0700, Sarad AV wrote: > hi, > > how do we complete this table > > Table shown may be completed to define 'associative' > binary operation * on S={a,b,c,d}. Assume this is > possible and compute the missing entries > *|a|b|c|d > --------- > a|a|b|c|d > --------- > b|b|a|c|d > --------- > c|c|d|c|d > --------- > d| | | | Lucky you! There are only 256 possibilities. There are four solutions: The last row can be any of: d c c a d c c b d c c c d c c d ... #!/usr/bin/perl -w use strict; my $optbl = [ [0,1,2,3], [1,0,2,3], [2,3,2,3], ]; for(my $i=0; $i<0x100; $i++){ $optbl->[3] = [ ($i>>0)&0x3, ($i>>2)&0x3, ($i>>4)&0x3, ($i>>6)&0x3, ]; if(&check_assoc($optbl)){ for(join(',',@{$optbl->[3]})){ tr/0123/abcd/; print "$_\n"; } } } sub check_assoc { my $op = shift; for(my $i=0;$i<3;$i++){ for(my $j=0;$j<3;$j++){ for(my $k=0;$k<3;$k++){ if( $op->[ $op->[$i][$j]] [ $k ] != $op->[ $i ] [ $op->[$j][$k] ] ) { return 0; } } } } return 1; } From rah at shipwright.com Tue Aug 12 12:41:32 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 12 Aug 2003 15:41:32 -0400 Subject: [Lucrative-L] updated lucrative source now in CVS Message-ID: --- begin forwarded text From sfurlong at acmenet.net Tue Aug 12 19:28:00 2003 From: sfurlong at acmenet.net (Steve Furlong) Date: Tue, 12 Aug 2003 22:28:00 -0400 Subject: The real ordeals of U.S. soldiers in Iraq In-Reply-To: <5.2.1.1.0.20030812100252.04b144f0@mail.comcast.net> References: <5.2.1.1.0.20030812100252.04b144f0@mail.comcast.net> Message-ID: <200308122228.00190.sfurlong@acmenet.net> On Tuesday 12 August 2003 13:07, Steve Schear wrote: > Through email and chat rooms a picture is emerging of day-to-day > gripes, coupled with ferocious criticism of the way the war has been > handled. They paint a vivid picture of US army life that is a world > away from the sanitized official version. Just bear in mind that it's the grunt's time-honored right to gripe. Gripe about the food, about the weather, about the sergeants, about the officers, about the weapons, about the mission, about anything under the sun. Doesn't mean anything of itself. That said, they have more reason than usual to gripe. Not the overseas posting in a beastly climate, nor even the mission. It's the jerking around. "You'll be coming home next month." "Make that the month after." "Probably be a year, all told." If the pols and the brass had said up front that the troops would be there a year, there'd have been plenty of bitching by both soldiers and civilians but the overall effect would have been less than what's happening now. Army manning a year or two hence ought to be interesting. -- Steve Furlong Computer Condottiere Have GNU, Will Travel "If someone is so fearful that, that they're going to start using their weapons to protect their rights, makes me very nervous that these people have these weapons at all!" -- Rep. Henry Waxman From billy at dadadada.net Tue Aug 12 20:06:18 2003 From: billy at dadadada.net (BillyGOTO) Date: Tue, 12 Aug 2003 23:06:18 -0400 Subject: Q on associative binary operation In-Reply-To: <20030812190441.GA15253@mail.dadadada.net> References: <20030812090643.16469.qmail@web21208.mail.yahoo.com> <20030812190441.GA15253@mail.dadadada.net> Message-ID: <20030813030617.GA17563@mail.dadadada.net> Actually, strike that... The last row can only be (d,c,c,d). I had an off-by-one in the check_assoc subroutine. It should be: sub check_assoc { my $op = shift; for(my $i=0;$i<4;$i++){ for(my $j=0;$j<4;$j++){ for(my $k=0;$k<4;$k++){ if( $op->[ $op->[$i][$j]] [ $k ] != $op->[ $i ] [ $op->[$j][$k] ] ) { return 0; } } } } return 1; } On Tue, Aug 12, 2003 at 03:04:41PM -0400, BillyGOTO wrote: > "For my ally is Perl, and a powerful ally it is." > > On Tue, Aug 12, 2003 at 02:06:43AM -0700, Sarad AV wrote: > > hi, > > > > how do we complete this table > > > > Table shown may be completed to define 'associative' > > binary operation * on S={a,b,c,d}. Assume this is > > possible and compute the missing entries > > > *|a|b|c|d > > --------- > > a|a|b|c|d > > --------- > > b|b|a|c|d > > --------- > > c|c|d|c|d > > --------- > > d| | | | > > > Lucky you! There are only 256 possibilities. > > There are four solutions: > > The last row can be any of: > > d c c a > > d c c b > > d c c c > > d c c d > > ... > > #!/usr/bin/perl -w > use strict; > > my $optbl = [ > [0,1,2,3], > [1,0,2,3], > [2,3,2,3], > ]; > > for(my $i=0; $i<0x100; $i++){ > $optbl->[3] = [ > ($i>>0)&0x3, > ($i>>2)&0x3, > ($i>>4)&0x3, > ($i>>6)&0x3, > ]; > if(&check_assoc($optbl)){ > for(join(',',@{$optbl->[3]})){ > tr/0123/abcd/; > print "$_\n"; > } > } > } > > sub check_assoc { > my $op = shift; > for(my $i=0;$i<3;$i++){ > for(my $j=0;$j<3;$j++){ > for(my $k=0;$k<3;$k++){ > if( $op->[ $op->[$i][$j]] [ $k ] > != $op->[ $i ] [ $op->[$j][$k] ] ) > { > return 0; > } > } } } > return 1; > } From mv at cdc.gov Wed Aug 13 09:48:05 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Wed, 13 Aug 2003 09:48:05 -0700 Subject: Controlled nymity Message-ID: <3F3A6BC5.A08AB53@cdc.gov> At 09:12 AM 8/12/03 -0700, James A. Donald wrote: > -- >What we want of a payment system, is that Alice can prove she >paid Bob, even if Bob wants to deny it, but no one else can >prove that Alice paid Bob unless Alice takes special action to >make it provable. >One solution is for the bank to maintain an email linked >account for Bob, into which Alice pays. This sounds ominous, >for the next step might be to link the account to true names, >can anyone see any other problems with it. Does it help if: Alice generates a secret key for each payment Alice *anonymously* deposits an *encrypted* message containing payment details into Bob's acct Only Alice can reveal the key for a particular transaction in Bob's account, thereby stripping anonymity but also revealing payment. For only that transaction. From mv at cdc.gov Wed Aug 13 10:42:33 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Wed, 13 Aug 2003 10:42:33 -0700 Subject: ATMs moving to triple DES. Message-ID: <3F3A7889.24BDE398@cdc.gov> At 12:56 PM 8/13/03 -0400, Trei, Peter wrote: >http://www.icbnd.com/data/newsletter/community%20banker%20feb%2003%20.pdf > >Finally, five full years after DES was definitively proved >to be vulnerable to brute force attack, the major ATM >networks are moving to 3DES. And you can still use 2-key 3DES... From ptrei at rsasecurity.com Wed Aug 13 09:56:17 2003 From: ptrei at rsasecurity.com (Trei, Peter) Date: Wed, 13 Aug 2003 12:56:17 -0400 Subject: ATMs moving to triple DES. Message-ID: http://www.icbnd.com/data/newsletter/community%20banker%20feb%2003%20.pdf Finally, five full years after DES was definitively proved to be vulnerable to brute force attack, the major ATM networks are moving to 3DES. Peter Trei From bill.stewart at pobox.com Wed Aug 13 14:00:26 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Wed, 13 Aug 2003 14:00:26 -0700 Subject: ATMs moving to triple DES. In-Reply-To: <3F3A7889.24BDE398@cdc.gov> Message-ID: <5.1.1.6.2.20030813135712.00a41d78@idiom.com> At 10:42 AM 08/13/2003 -0700, Major Variola (ret) wrote: >At 12:56 PM 8/13/03 -0400, Trei, Peter wrote: > >http://www.icbnd.com/data/newsletter/community%20banker%20feb%2003%20.pdf > > > > >Finally, five full years after DES was definitively proved > >to be vulnerable to brute force attack, the major ATM > >networks are moving to 3DES. I'm shocked that they didn't do so years ago - I thought they'd at least done the authentication parts. >And you can still use 2-key 3DES... That's ok - 2-key 3DES still has 112 bits of key strength, which is 2**56 times harder than cracking single-DES. 3-Key 3DES looks like it should be harder, but it's still only 112 bits because of meet-in-the-middle attacks using 2**56 words of memory. From ravage at einstein.ssz.com Thu Aug 14 05:21:23 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Thu, 14 Aug 2003 07:21:23 -0500 (CDT) Subject: SCO to argue General Public Licence invalid (fwd) Message-ID: I like the ed's comments at the end. http://www.theinquirer.net/?article=11031 -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" ravage at ssz.com jchoate at open-forge.org www.ssz.com www.open-forge.org -------------------------------------------------------------------- From ravage at einstein.ssz.com Thu Aug 14 08:34:14 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Thu, 14 Aug 2003 10:34:14 -0500 (CDT) Subject: Inferno: Fwd: [nycwireless] Wifi-Hog - Info / Talk (fwd) Message-ID: ---------- Forwarded message ---------- Date: Thu, 14 Aug 2003 09:50:41 -0500 Subject: Inferno: Fwd: [nycwireless] Wifi-Hog - Info / Talk Interesting... ----- Forwarded message from Jonah Brucker-Cohen ----- From sunder at sunder.net Thu Aug 14 09:15:23 2003 From: sunder at sunder.net (Sunder) Date: Thu, 14 Aug 2003 12:15:23 -0400 (edt) Subject: SCO to argue General Public Licence invalid (fwd) In-Reply-To: Message-ID: This is wonderful moronic lawyer behavior. Perhaps if you work at SCO, you have to eat out of lead bowls and drink hot coffee from unglazed lead coffee mugs? Either that or this is some weird, but less potential version of Steve Job's reality distortion field gone bad - the way milk left outside the fridge does. Yes, Federal law allows you the EXTRA right to make one backup copy as per fair use. However, the GPL is not a copyright, it's a license agreement that gives the user extra rights, by virtue of the author's good will. So the author maintains his copyright, but allows the user to do the copying and distributing - the end user is almost acting as the copyright holder's agent. If the court rules that the GPL is invalid (i.e. clueless jury or judge) then all shrink wrap licenses are null and void also, and I don't think Billy Gates would like that very much, so in an odd turn of events, he'll be on the side of GPL come time for appeals! Wouldn't that be sweet irony? Indeed. Like the article says: D'oh! No wonder SCO's SCummy executives dumped their stock.... I would have expected them to claim that the Caldera employee who let Unix(tm) source out the door did so illegally, and therefore the GPL can't apply to that source, and that they still own rights to it, but it's doubtful they could prove such a thing. I believe the right and proper course of action is to give SCO a taste of their own shit, and have every linux user and every linux company file an INDIVIDUAL court case against SCO and NOT turn it into a class action suit (if it were possible). That would stretch SCO's lawyers very think to the point where they couldn't show up in court to defend themselves, and thus automatically loose. * * But(!) I don't play a lawyer on TV, and I'm a very bad actor, so consult a real lawyer, or a real actor, blah, blah, blah. I think Stan Kelly-Bootle's Devil's DP Dictonary needs the word Darl added to it, with the definition of: litigious asshole, who ironically couldn't find his own asshole if it were on his forehead and he looked straight on into a mirror during broad daylight. But, that would be demeaning to assholes. ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------ On Thu, 14 Aug 2003, Jim Choate wrote: > I like the ed's comments at the end. > > http://www.theinquirer.net/?article=11031 From bojan at japi.co.yu Thu Aug 14 06:26:53 2003 From: bojan at japi.co.yu (Bojan) Date: Thu, 14 Aug 2003 14:26:53 +0100 Subject: Fw: Re: Secure IDE? Message-ID: <200308141512.h7EFC9Yg015078@gw.lne.com> ----- cut here ----- From: "Ralf-P. Weinmann" On Wed, Jul 30, 2003 at 04:20:37PM -0400, Trei, Peter wrote: > ABIT has come out with a new motherboard, the > "IC7-MAX3" featuring something called 'Secure > IDE', which seems to involve HW crypto in the > onboard IDE controller: > > >From the marketing fluff at > http://www.abit.com.tw/abitweb/webjsp/english/news1.jsp?pDOCNO=en_0307251 > > "For MAX3, the ABIT Engineers listened > to users who were asking for information > security. SecureIDE connects to your IDE > hard disk and has a special decoder; > without a special key, your hard disk cannot > be opened by anyone. Thus hackers and > would be information thieves cannot access > your hard disk, even if they remove it from your > PC. Protect your privacy and keep anyone > from snooping into your information. Lock > down your hard disk, not with a password, > but with encryption. A password can be > cracked by software in a few hours. ABIT's > SecureIDE will keep government > supercomputers busy for weeks and will > keep the RIAA away from your Kazaa files." > > No, I have no idea what this actually means either. > I'm trying to find out. > > Peter Trei Yeah, that announcement just ran over the slashdot ticker. Someone posted the following insightful link subsequently: ftp://ftp.abit.com.tw/pub/download/fae/secureide_eng_v100.pdf Looks like that sucker only does key-truncated version of DES called DES-40. Right... did they say weeks? I'd say minutes, unless ABIT means [insert some impoverished 3rd world country] government supercomputers. It's snakeoil, move on, nothing to see here. Cheers, Ralf -- Ralf-P. Weinmann PGP fingerprint: 2048/46C772078ACB58DEF6EBF8030CBF1724 ----- cut here ----- | | ( | ) c'ya . o ( | ) \|/ Sharkey \___/ \|/ `-^-' `-^-' | | bomb cia nsa cocaine terrorist drug kill president nuclear -- Hi Echelon! :) PGP 2.6.3i 7CAD47C9: AF D0 62 B3 94 6C 2791 9C CD 87 1D 21 B0 5B 59 -- Arachne V1.70;rev.3, NON-COMMERCIAL copy, http://arachne.cz/ From bojan at japi.co.yu Thu Aug 14 06:27:58 2003 From: bojan at japi.co.yu (Bojan) Date: Thu, 14 Aug 2003 14:27:58 +0100 Subject: Fw: Re: Secure IDE? Message-ID: <200308142333.h7ENX4Yg018296@gw.lne.com> ----- cut here ----- From: "Ralf-P. Weinmann" On Wed, Jul 30, 2003 at 04:20:37PM -0400, Trei, Peter wrote: > ABIT has come out with a new motherboard, the > "IC7-MAX3" featuring something called 'Secure > IDE', which seems to involve HW crypto in the > onboard IDE controller: > > >From the marketing fluff at > http://www.abit.com.tw/abitweb/webjsp/english/news1.jsp?pDOCNO=en_0307251 > > "For MAX3, the ABIT Engineers listened > to users who were asking for information > security. SecureIDE connects to your IDE > hard disk and has a special decoder; > without a special key, your hard disk cannot > be opened by anyone. Thus hackers and > would be information thieves cannot access > your hard disk, even if they remove it from your > PC. Protect your privacy and keep anyone > from snooping into your information. Lock > down your hard disk, not with a password, > but with encryption. A password can be > cracked by software in a few hours. ABIT's > SecureIDE will keep government > supercomputers busy for weeks and will > keep the RIAA away from your Kazaa files." > > No, I have no idea what this actually means either. > I'm trying to find out. > > Peter Trei 40-bit DES in ECB mode sounds even more great. It's them Enovatech guys again. See here: http://archives.abditum.com/cypherpunks/C-punks20030519/0079.html Cheers, Ralf -- Ralf-P. Weinmann PGP fingerprint: 2048/46C772078ACB58DEF6EBF8030CBF1724 ----- cut here ----- | | ( | ) c'ya . o ( | ) \|/ Sharkey \___/ \|/ `-^-' `-^-' | | bomb cia nsa cocaine terrorist drug kill president nuclear -- Hi Echelon! :) PGP 2.6.3i 7CAD47C9: AF D0 62 B3 94 6C 2791 9C CD 87 1D 21 B0 5B 59 -- Arachne V1.70;rev.3, NON-COMMERCIAL copy, http://arachne.cz/ From jonah at coin-operated.com Thu Aug 14 06:31:56 2003 From: jonah at coin-operated.com (Jonah Brucker-Cohen) Date: Thu, 14 Aug 2003 14:31:56 +0100 Subject: [nycwireless] Wifi-Hog - Info / Talk Message-ID: Hey All - I thought NYC Wireless folks might be interested...Here's info on my latest project - Wifi-Hog - I will be giving a talk about this and more of my projects in NYC in two weeks at the Upgrade! @ Eyebeam on Tuesday, August 26th around 7:30pm Hope people can make it out Jonah WIFI-HOG - 2003 Keep public WiFi nodes to yourself! Description * Wi-Fi Hog is personal system for a laptop or portable computer that enables people to gain complete control over a public access wireless network. The idea comes as a reaction to the utopian vision of wireless networks being open, shared, and utilitarian for everyone. * Aimed specifically at public wireless nodes, the WiFi Hog system exists as a laptop connected to a Portable Video Jammer (PVJ) that communicates to software consisting of a packet sniffer and wireless stumbler which monitors incoming packets from an open node. Only traffic originating from the Wifi-Hogger's IP address may access the connection, otherwise the PVJ is switched on, blocking others from accessing the open node. * The project attempts to discover if adding constraints on a network and making access to it more competitive and "territorial" changes the relationships between people who use the network. For more detials (including pics) see : URL: http://www.coin-operated.com/projects ------------------------------------------------------------ Design/Conept/Hardware by Jonah Brucker-Cohen Research Fellow Human Connectedness Group Media Lab Europe Dublin, Ireland http://www.coin-operated.com http://www.coin-operated.com/projects email all to comments and questions to: jonah at coin-operated.com -- NYCwireless - http://www.nycwireless.net/ Un/Subscribe: http://lists.nycwireless.net/mailman/listinfo/nycwireless/ Archives: http://lists.nycwireless.net/pipermail/nycwireless/ ----- End forwarded message ----- From rah at shipwright.com Thu Aug 14 13:29:51 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Thu, 14 Aug 2003 16:29:51 -0400 Subject: The Geodesic Marketspace Message-ID: You probably want to see the web-page, to look at the pictures. No. Not *those* pictures... :-). Cheers, RAH ------ YNOT MASTERS : The ultimate resource for adult webmasters! This Issue: August 14, 2003 INDUSTRY TRENDS by Jason from ImageAuction The Geodesic Marketspace Nineteen ninety four seems like forever ago in Internet years, but this was the year that John Perry Barlow published his seminal work, "The Economy of Ideas" in Wired 2.03 1. That article has haunted me ever since I read it. Still considered heresy by most people, Barlow believed you couldn't contain the torrent of digitized content unleashed on the Net, nor was it even appropriate to try. "How do you sell wine without bottles?" he posed. The very nature of digital content demands a new approach. The problem lies in this limited span of time in the course of human civilization where we have contrived the concept of intellectual property and copyright 2. At a time when it was relatively difficult to manufacture copies of works of art, the idea of granting copy monopolies to the creators seemed like a natural business model, and thus was created this legal concept of "copy"right. This worked well when one could control the tangible manifestations of an idea (a book, a record, a movie) but as Thomas Jefferson eloquently stated, "an idea, once divulged cannot be exclusively possessed." 3 We are now at a crossroads where digital media, unlike its analog predecessors, exhibits more of the properties of ideas than items. "Music as a packaged-goods business is over", the chairman of Sony recently said. "What [do] you do now?", Jefferson, in his letter to Isaac McPherson Monticello, alludes indirectly to a possible solution. 4 One characteristic of an idea that Jefferson describes is "that no one possesses the less, because every other possesses the whole of it." Translated to relate to modern digital media this means that when I make a copy of a digital file, you can have a completely unadulterated copy without detrimentally affecting my copy. This essential and natural characteristic of digital media's existence is exactly what threatens the copyright model to which the entire information industry is so addicted. Jefferson continues, "an individual may exclusively possess [it] as long as he keeps it to himself." The onus is therefore upon the original creator to extract the highest possible value before releasing it. Once released, the market will continue to distribute the information in the most optimized and efficient manner. This manner was described by Peter Huber is his landmark 1987 Justice Department report on competition in the telephone industry entitled "The Geodesic Network" .5Huber was talking about the cost of phone switches and basically foretelling the packet switching architecture the Internet uses today as opposed to the hierarchical circuit switch network that phone networks operated under in the past. But, as it turns out, the term geodesic network is also an apt description for an optimized information network. Information will travel through that network with the path of least resistance. Resistance, or network friction, can appear in many forms. One famous quote dating from early in the growth of the Internet goes, "The Internet sees censorship as damage and routes around it." 6Copyright is a legal grant to impose a form of censorship and adds friction to the information network. Clear examples of geodesic networks in action can be found by looking at peer-to-peer trading systems and email communications. How many of you receive funny images or jokes from friends via email? The point is these images aren't distributed on a website by some monolithic media giant but from person to person (node to node in network parlance) more like a spreading virus. One only needs point to the success of computer viruses and the attraction of viral marketing to understand the efficiencies that a geodesic network possesses. 7 The business model that the media industry currently employs is based on an attempt to impose a false scarcity and thus make money on the friction in the network. Many people equate this perceived scarcity with value, hence the desire to have exclusive or semi-exclusive ownership. But if we look not at the value of the information passing over that network but rather the connections in that network, we get a different picture of how to generate revenue. The connections represent relationship, and the value of that relationship is based on the reputation of the nodes being connected. That reputation, in turn, is based on the differential of the exchange (where one side might be in the form of money and on the other in the form of content: pictures, music, etc). With each additional transaction the strength of that connection (relationship) increases or decreases. In simplified terms, with each positive transaction the supplier can extract an ever-higher premium from the buyer, not based on the value of the information in the new transaction but rather the value of the established relationship. This relationship can also be viewed as a form of brand identity. As an example, the New York Times is well known for its high journalistic standards. Jason Blair not withstanding, people would be willing to pay a higher premium for a story coming from the NYT as compared to say Joe's Newsletter because of the value of the established trust. The stories coming from these two news sources could be exactly the same, word for word, but the NYT can extract a premium not because of any intrinsic, underlying or scarcity value in the content but because they have brand equity and reputation. Under the most common model employed today (see diagram) in the adult entertainment industry, content generally passes from producer to broker who pays a royalty to the producer. The content then passes from broker to paysite operator who usually pays a flat licensing fee. At this point the paysite operators try to attract people (eyeballs) through affiliate programs or advertising to pay for the content usually under a subscription model. They hope that the exclusivity or semi-exclusivity of the content encourages would-be patrons to join. There are many problematic issues with this model: 1) It may take the producer months or even years of licensing fees to recuperate its investment and earn a desired profit; 2) The broker may not offer enough licensing options or the appropriate options for all cases; some websites may only want it for one site, some for 20, some for banners and some may want to give the content to affiliates; 3) The subscription model, employed by paysites, has a fundamental flaw. One month's subscription fee does not usually cover the cost the subscriber imposes on the website in terms of customer acquisition, content and bandwidth. Unlike a health spa, for instance, which can rely on a binding long-term contract, a website is at the whim of the consumer (and credit cards) to cancel their subscriptions. As anyone who has been in this business long enough knows, the average subscription length per customer has been getting steadily shorter; 4) Finally, the subscription model also fails to exact payment when users share content either through download and retransmission or through direct sharing of usernames and passwords. The geodesic distribution model that I'm proposing here relies on extracting value at each transaction as content gets pulled out by the consumer rather than trying to pull the eyeballs of the consumer to the content. Any value in the content that is not extracted at the time of purchase builds up as reputation capital and brand equity. The original producer sells his content to a group of value added resellers (VARs) for a price that the market dictates. These VARs then repackage, re-purpose, merge, sort and manipulate the content in various ways to add unique value that other VARs of the content don't. Some examples include retouching photos and removing blemishes, taking raw video footage and editing it with sound for a more professional look, or using the content in a compilation such as an e-zine. Those VARs then sell to other VARs who then take their content and use it further, creating localized versions, compiling groups of similar content, etc. Imagine, instead of just a director's cut to a movie, you had hundreds of different viewpoints each providing a slightly different take on the movie based on the particular market served. 8 At each transaction, the seller tries to maximize the value of the sale. Buyers reward quality sellers with a higher reputation, again brand equity, and tend to buy from those sellers over and over again. At some point the content is sold to consumers by an aggregator/distributor who sells it on a cost plus basis, namely the cost of acquisition, storage and transmission plus a surcharge based on their reputation or brand. This may be a subscription model but more likely is a system priced on downloads (since the costs, such as storage and transmission, are measured in bits). I'm not advocating a pay per picture system per se. Try to think outside the website box and imagine a Kazaa/Napster type network where you could search for free and get unreliable low quality results or search only reputable dealers where you are willing to pay a slight premium. The reputation may be individualized and based on your personal experience or could be community based like Ebay's feedback system. The higher price you're willing to pay per MB downloaded the higher quality results you would expect. In turn, the Aggregators you are purchasing from, wanting to keep you paying a premium, must constantly find new content to keep you returning to them. They will continue to purchase from trusted VARs with each positive transaction strengthening that trusted relationship and increasing the premium that VAR can expect to earn on the next sale. This strengthening of the reputation works its way back through the network to the original producer. Value is no longer in ! the content but in the ability to continually and consistently produce content. 1 Wired 2.03 Mar 1994 "The Economy of Ideas" - The article has been republished in other forums as "Selling Wine Without Bottles: The Economy of Mind on the Global Net" 2 The first copyright act was the British Statute of Anne 1710 3 "If nature has made any one thing less susceptible than all others of exclusive property, it is the action of the thinking power called an idea, which an individual may exclusively possess as long as he keeps it to himself; but the moment it is divulged, it forces itself into the possession of every one, and the receiver cannot dispossess himself of it. Its peculiar character, too, is that no one possesses the less, because every other possesses the whole of it. He who receives an idea from me, receives instruction himself without lessening mine; as he who lights his taper at mine, receives light without darkening me. That ideas should freely spread from one to another over the globe, for the moral and mutual instruction of man, and improvement of his condition, seems to have been peculiarly and benevolently designed by nature, when she made them, like fire, expansible over all space, without lessening their density in any point, and like the air in which we breathe, move,! and have our physical being, incapable of confinement or exclusive appropriation. Inventions then cannot, in nature, be a subject of property." - Letter to Isaac McPherson Monticello , August 13, 1813 4 Business 2.0 July 2003 "Can Sir Howard Save the Music Biz" 5http://www.phuber.com/huber/geo1/geo1.html 6 Attributed to John Gilmore 7Geodesic n. "The shortest line between two points on any mathematically defined surface." The term geodesic network is not meant to describe the shortest physical path of data over physical wires but a description of the topological properties of the information flow. In other words, I may not have physical network connections to the people in my email address book or the contacts on my ICQ list but I act like a network node when sending information to them. See also Bob Hettinga "What's a Geodesic Economy?" 8ClearPlay is a company trying to do this within the confines of the current copyright laws. It offers filters for popular Hollywood movies removing objectionable material. They do this slyly without actually making a copy of the original movie but relying on a player that skips, pauses and bleeps out objectionable material. Obviously Clearpay's definition of objectionable may be different than someone else's but then someone else could capitalize on that and create a new product to serve a slightly different market. Jason is President of EOE Inc, which has been in the adult Internet industry since 1997 creating several award winning sites such as boobscan.com and puritytest.com. EOE Inc now runs www.imageauction.com , which employs a revolutionary patent pending auction system allowing content producers and value add resellers to maximize their revenue in the new geodesic marketspace. Current projects in the works include a service for 2257.com to help custodians keep offsite backups of their records required under Title 18 Sec. 2257. Jason can be reached at support at imageauction.com . PREVIOUS PAGE NEXT PAGE Do you have questions or comments about this article? Post your comments here About Our Sponsors Search Site Map About Us Contact Us Link To Us Privacy Policy Work at YNOT Gold Member of RSAC . Labelled with ICRA . A Site Against Child Porn . Hosted by SexTracker . Copyright ) 2003 by YNOT Network, LP. All rights reserved. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From jtrjtrjtr2001 at yahoo.com Fri Aug 15 07:49:28 2003 From: jtrjtrjtr2001 at yahoo.com (Sarad AV) Date: Fri, 15 Aug 2003 07:49:28 -0700 (PDT) Subject: Blackout in NYC In-Reply-To: <1995351.1060899234116.JavaMail.nobody@wamui10.slb.atl.eart hlink.net> Message-ID: <20030815144928.29522.qmail@web21208.mail.yahoo.com> hi, There wasn't much of traffic congestion on the manhatten roads when they showed the images on bbc. The manhatten road network is used in examples of deflection routing. Also roads every where should be like that :-) In India during summer-we have around 8 hours of power cut daily. For a moment think of all the iraqi's with power grids taken out now enjoying the 120+ farenhiet sun. A few hours of luxury was gone and it was breaking news in bbc. Sarath. --- John Young wrote: > Quiet here in New York City, thousands walking in > the streets, auto > traffic is pleasantly minimal along upper Broadway. > Traffic lights inoperative, as well as computers > except for laptops such as this. > > Telephones working. Portable radio says the outage > is due to > northeast electrical grid failing. Not terrorist > related, it is termed a "natural" outage due to > overload. > > One report said the cascading outage began at a > sub-station in > NYC, another says it started in Canada. > > Mayor Bloomberg says that power is now starting to > come back, > a bit at a time as the individual elements of the > grid are restored, > __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com From mv at cdc.gov Fri Aug 15 10:46:59 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Fri, 15 Aug 2003 10:46:59 -0700 Subject: Blackout in NYC Message-ID: <3F3D1C93.7DA57D6C@cdc.gov> At 07:49 AM 8/15/03 -0700, Sarad AV wrote: >There wasn't much of traffic congestion on the >manhatten roads when they showed the images on bbc. >The manhatten road network is used in examples of >deflection routing. Also roads every where should be >like that :-) Mutually perpendicular, you mean? Or congested? >In India during summer-we have around 8 hours of >power cut daily. Think of the market for UPSes, man! Or for a thermoelectric generator that runs on cowdung! >For a moment think of all the iraqi's with power >grids taken out now enjoying the 120+ farenhiet sun. A >few hours of luxury was gone and it was breaking news >in bbc. Yeah but the traditional Arab dress deals with the sun, whereas the traditional Victorian/American attire doesn't. The *real story* is how this is a symptom of the Empire Declining. For Californians, its more of a "its your turn now" feeling... IIRC New Zealand had a city w/out watts for a few days, a few years ago. .... "Flex your power" Flush Davis From ericm at lne.com Fri Aug 15 13:15:25 2003 From: ericm at lne.com (Eric Murray) Date: Fri, 15 Aug 2003 13:15:25 -0700 Subject: [cta@hcsin.net: Re: CNN: 'Explores Possibility that Power Outage is Related to Internet Worm'] Message-ID: <20030815131525.A25566@slack.lne.com> Food for thought and grounds for further research: ----- Forwarded message from "Bernie, CTA" ----- From mv at cdc.gov Fri Aug 15 13:19:28 2003 From: mv at cdc.gov (Major Variola (ret.)) Date: Fri, 15 Aug 2003 13:19:28 -0700 Subject: Viral DNS Attack, DDos Idea Message-ID: <3F3D404F.DB3976FC@cdc.gov> Suppose malware appends a bogus entry to an infected machine's /etc/hosts (or more likely, MSwindows' \windows\blahblah\hosts file). (This constitutes a DNS attack on the appended domain name, exploiting the local hosts' name-resolution prioritization.) If the appended IP address points to the same victim (66.66.66.66) on all the virus-infected machines, and the appended (redirected) domain name is popular ("google.com" for instance) then you get a DDoS attack on the appended IP host 66.66.66.66 that grows as the viral infection spreads in the population. You also get a DDoS on the popular domain name ("google.com") you've redirected. If the victim IP address were a router just upstream of the victim domain name, its extra fun for the victim domain --not only are they unavailable on infected machines, but clients pound their upstream when they try to connect. Thoughts? Has this ever been suggested or implemented? --- In "The Wild One" bikers mount a DoS attack on a router: her name is Dorothy and she works at a plugboard. ca 1954 From cmcurtin at interhack.net Fri Aug 15 10:23:49 2003 From: cmcurtin at interhack.net (Matt Curtin) Date: Fri, 15 Aug 2003 13:23:49 -0400 Subject: ATMs moving to triple DES. In-Reply-To: (Peter Trei's message of "Wed, 13 Aug 2003 12:56:17 -0400") References: Message-ID: <86d6f6omvu.fsf@rowlf.interhack.net> "Trei, Peter" writes: > Finally, five full years after DES was definitively proved > to be vulnerable to brute force attack, the major ATM > networks are moving to 3DES. It was even longer than that...we passed six years ago in June. (Time flies, non?) You started it. It's all your fault. :-) -- Matt Curtin, CISSP, IAM, INTP. Keywords: Lisp, Unix, Internet, INFOSEC. Founder, Interhack Corporation +1 614 545 HACK http://web.interhack.com/ Author of /Developing Trust: Online Privacy and Security/ (Apress, 2001) From cta at hcsin.net Fri Aug 15 11:09:12 2003 From: cta at hcsin.net (Bernie, CTA) Date: Fri, 15 Aug 2003 14:09:12 -0400 Subject: CNN: 'Explores Possibility that Power Outage is Related to Internet Worm' In-Reply-To: <1a6301c362b2$03178680$6401a8c0@satan> Message-ID: It is ridiculous to accept that a lightning strike could knock out the grid, or the transmission system is over stressed. There are many redundant fault, limit and Voltage-Surge Protection safeguards and related instrumentation and switchgear installed at the distribution centers and sub stations along the Power Grid that would have tripped to prevent or otherwise divert such a major outage. I believe that the outage was caused by the MSblaster, or its mutation, which was besieged upon the respective vulnerability in certain control and monitoring systems (SCADA and otherwise) running MS 2000 or XP, located different points along the Grid. Some of these systems are accessible via the Internet, while others are accessible by POTS dialup, or private Frame relay and dedicated connectivity. Being an old PLC automation and control hack let me say that there is a very good plausibility that the recent East Coast power outage was due to an attack by an MBlaster variant on the SCADA system at the power plant master terminal, or more likely at several of the remote terminal units "RTU". SCADA runs under Win2000 / XP and the telemetry to the RTU is accessible via the Internet. >From what I recall SCADA based monitoring and control systems were installed at many water / sewer processing, gas and oil processing, and hydro-electric plants. I also believe that yesterdays flooding of a generator sub- facility in Philadelphia was also due to an MBlaster variant attack on the SCADA or similarly Win 2000 / XP based system. To make things worst, the Web Interface is MS ActiveX. Now lets see, how can one craft an ActiveX vuln vector into the blaster? Oh, and for the wardrivers, SCADA can be access via wireless connections on the road puts a new perspective on sniffing around sewer plants. It is also reasonable to assume that we could have a similar security threat regarding those system (SCADA and otherwise based on MS 2000 or XP) involved in the control, data acquisition, and maintenance of other critical infrastructure, such as inter/intra state GAS Distribution, Nuclear Plant Monitoring, Water and Sewer Processing, and city Traffic Control. IMO I think we will see a lot of finger pointing by government agencies, Utilities, and politicians for the Grid outage, until someone confess to the security dilemma and vulnerabilities in the systems which are involved in running this critical infrastructure. Regardless of whether the Grid outage can be attributed to the blaster or its variant, this is not entirely a Microsoft problem, as it reeks of poor System Security Engineering practiced by the Utility Companies, and associated equipment and technology suppliers. Nonetheless, the incident will cause lots of money to be earmarked by the US and Canadian Governments, to be spent in an attempt to solve the problem, or more specifically calm the public. This incident should be fully investigated, and regulations passed to ensure that the Utility companies and their suppliers develop and implement proper safeguards that will help prevent or at least significantly mitigate the effects of such a catastrophe. Conversely, I do not want to see our Government directly involved in yet another "business", which has such a controlling impact over our individual lives. - On 14 Aug 2003 at 15:18, Geoff Shively wrote: > Just flipped on CNN, watching the masses snake through the > streets of Manhattan as correspondents state that this could be > an affect of the blaster worm. > > Interesting but I don't see how an worm of this magnitude > (smaller than that of Slammer/Sapphire and others) could > influence DCS and SCADA systems around the US, particularly just > in the North East. > > Thoughts? > > > Cheers, > > Geoff Shively, CHO > PivX Solutions, LLC > - **************************************************** Bernie Chief Technology Architect Chief Security Officer cta at hcsin.net Euclidean Systems, Inc. ******************************************************* // "There is no expedient to which a man will not go // to avoid the pure labor of honest thinking." // Honest thought, the real business capital. // Observe> Think> Plan> Think> Do> Think> ******************************************************* ----- End forwarded message ----- From bill.stewart at pobox.com Fri Aug 15 17:46:58 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Fri, 15 Aug 2003 17:46:58 -0700 Subject: Viral DNS Attack, DDos Idea In-Reply-To: <3F3D404F.DB3976FC@cdc.gov> Message-ID: <5.1.1.6.2.20030815170442.02f878e8@idiom.com> At 01:19 PM 08/15/2003 -0700, Major Variola (ret.) wrote: >Suppose malware appends a bogus entry to an infected machine's >/etc/hosts (or more likely, MSwindows' \windows\blahblah\hosts file). >(This constitutes a DNS attack on the appended domain name, exploiting >the local hosts' name-resolution prioritization.) >If the appended IP address points to the >same victim (66.66.66.66) on all the virus-infected machines, >and the appended (redirected) domain name is popular ("google.com" Cute, but sounds like a lot of work compared to other obvious attacks you could do if you're spreading a virus anyway. The more popular version of this attack is to try to hack DNS servers, or poison DNS requests, so that DNS requests for google report the wrong thing. One problem with hacking the hosts files is that different versions of Windows tend to put them in different places, though perhaps if you target XP and 2000 and ME and 98 it's consistent enough to work. The real question is whether the bad guys would redirect to a victim, or to a fake web server run by them, so they could hand out bogus responses, such as redirects to various places around the web, potentially along with some advertising banners. Besides making google.com harder to reach, another effect is that lots of people send TCP SYN requests to 66.66.66.66 port 80 instead of google.com port 80, and if there's a web server on that port, they send it HTTP requests for URLs on google.com, which it presumably will reject. If 66.66.66.66 is an arbitrary victim computer with no web server, the main impact is a bunch of extra SYN requests, so the obvious defense is to filter them out from the router. If it's got a single web server, moving the server to a new IP address and using DNS to update it can help, at the cost of disrupting clients until its DNS update propagates, and getting its router to drop requests for port 80 (passing other ports is fine.) If it's a virtual server machine, though, you can't do that without disrupting all the clients on it, which is too bad; either hope you've got enough horsepower to handle rejecting the google.com requests, or front-end it with a squid proxy and kill it off there, which cuts down the CPU impact, though it doesn't cut down the bandwidth much. You could get fancy and have the squid redirect all the real requests to another IP or DNS name, e.g. example1.net/stuff to example2.net/stuff, where the new address is on a different machine and if necessary on a different access line. If it's a router, that's a more interesting problem, because many routers have wimpy CPUs and do the routine work in ASICs - so if the router has an HTTP interface for admin use, and it's not protected by ACLs for some reason, you might blow it away with the work required to reject google hits. But if you don't need the web interface, it's much easier to protect. Also, if the router is in an ISP, rather than at the customer premises, access to it may be blocked anyway, as a general security mechanism, and even if it's not, it's usually easy to add that kind of blocking, by null-routing the traffic rather than by ACLs. >If the victim IP address were a router just upstream >of the victim domain name, its extra fun for the victim domain >--not only are they unavailable on infected machines, >but clients pound their upstream when they try to connect. That's actually much less of a risk, except for CPU consumption, because if the router has enough capacity to handle google.com's traffic, it can handle the bunch of unsuccessful SYN packets that it gets instead. >Thoughts? Has this ever been suggested or implemented? Never seen it. Another variation on this attack is to use random redirect addresses instead of a single target victim - that loses the focus for detection and correction that having a single victim can provide. If you scatter it around, people will still have trouble reaching Google, but almost no web servers will get enough rejected hits to swamp them, so admins are less likely to notice. From camera_lumina at hotmail.com Fri Aug 15 15:17:54 2003 From: camera_lumina at hotmail.com (Tyler Durden) Date: Fri, 15 Aug 2003 18:17:54 -0400 Subject: Blackout in NYC Message-ID: Sarad wrote... >For a moment think of all the iraqi's with power >grids taken out now enjoying the 120+ farenhiet sun. A >few hours of luxury was gone and it was breaking news >in bbc. Although I appreciate the sentiment, your not really getting this. The timing was such that long-term impact was minimal. But if the blackout had come earlier in the day, and lasted for a few days, that outsourcing operation you work for might have been affected (ie, closed). Wall Street is here, for one, and Wall Street these days needs power. Also, NYC now just assumes that power will be there. In 1975 the riots were fairly interesting...the wrong set of conditions could have made this MUCH more interesting (I was on a plane that landed a few hours after the blackouts began. I made my way to my residence as quickly as I could just in case things were going to get interesting again...) As for the racist undertones in BBC and Amercian newfocus, I totally agree. -TD >From: "Major Variola (ret)" >To: "cypherpunks at lne.com" >Subject: Re: Blackout in NYC >Date: Fri, 15 Aug 2003 10:46:59 -0700 > >At 07:49 AM 8/15/03 -0700, Sarad AV wrote: > >There wasn't much of traffic congestion on the > >manhatten roads when they showed the images on bbc. > >The manhatten road network is used in examples of > >deflection routing. Also roads every where should be > >like that :-) > >Mutually perpendicular, you mean? Or congested? > > >In India during summer-we have around 8 hours of > >power cut daily. > >Think of the market for UPSes, man! > >Or for a thermoelectric generator that runs on cowdung! > > >For a moment think of all the iraqi's with power > >grids taken out now enjoying the 120+ farenhiet sun. A > >few hours of luxury was gone and it was breaking news > >in bbc. > >Yeah but the traditional Arab dress deals with the sun, whereas >the traditional Victorian/American attire doesn't. > >The *real story* is how this is a symptom of the Empire Declining. > >For Californians, its more of a "its your turn now" feeling... > >IIRC New Zealand had a city w/out watts for a few days, a few years ago. > >.... >"Flex your power" Flush Davis _________________________________________________________________ The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail From hseaver at cybershamanix.com Fri Aug 15 16:27:44 2003 From: hseaver at cybershamanix.com (Harmon Seaver) Date: Fri, 15 Aug 2003 18:27:44 -0500 Subject: [cta@hcsin.net: Re: CNN: 'Explores Possibility that Power Outage is Related to Internet Worm'] In-Reply-To: <20030815131525.A25566@slack.lne.com> References: <20030815131525.A25566@slack.lne.com> Message-ID: <20030815232744.GB10109@cybershamanix.com> Somehow I have difficulty believing the these people could be so totally lame as to be running mission-critical stuff like this on windoze. Please say it isn't true. Is the military also now dependant on windoze? Bizarre, absolutely bizarre. And here I thought it was probably caused by people with potato guns firing tennis balls filled with concrete, attached to coils of wire cable, dropping them across the power lines and transformer stations. -- Harmon Seaver CyberShamanix http://www.cybershamanix.com From jya at pipeline.com Fri Aug 15 20:13:50 2003 From: jya at pipeline.com (John Young) Date: Fri, 15 Aug 2003 20:13:50 -0700 Subject: [cta@hcsin.net: Re: CNN: 'Explores Possibility that Power Outage is Related to Internet Worm'] In-Reply-To: <20030815232744.GB10109@cybershamanix.com> References: <20030815131525.A25566@slack.lne.com> <20030815131525.A25566@slack.lne.com> Message-ID: Are you suggesting the outage was caused by carbon filaments rocketed across transmission lines? If that was done at several points in the grid it would account for the various finger-pointing to incidents which are claimed to have started the usual-suspect "cascade" of the usual-suspect "antiquated" system that was "not supposed to fail but it did." Perhaps a re-inventory of the USAF's storehouse of BLU-114s is needed to double-check that story about lightning strike. Harmon Seaver wrote: > Somehow I have difficulty believing the these people could be so totally lame >as to be running mission-critical stuff like this on windoze. Please say it >isn't true. Is the military also now dependant on windoze? Bizarre, absolutely >bizarre. And here I thought it was probably caused by people with potato guns >firing tennis balls filled with concrete, attached to coils of wire cable, >dropping them across the power lines and transformer stations. From ckuethe at ualberta.ca Fri Aug 15 19:29:10 2003 From: ckuethe at ualberta.ca (Chris Kuethe) Date: Fri, 15 Aug 2003 20:29:10 -0600 (MDT) Subject: [cta@hcsin.net: Re: CNN: 'Explores Possibility that Power Outage is Related to Internet Worm'] In-Reply-To: <20030815232744.GB10109@cybershamanix.com> References: <20030815131525.A25566@slack.lne.com> <20030815232744.GB10109@cybershamanix.com> Message-ID: On Fri, 15 Aug 2003, Harmon Seaver wrote: > Somehow I have difficulty believing the these people could be so totally lame > as to be running mission-critical stuff like this on windoze. Please say it > isn't true. it's scary just how much mission-critical stuff runs on windows. i'll confess right now to being a unix zealot, so the thought of anything mission critical (beyond hotmail and freecell) on windows is scary. i know of some fairly large installations running control systems for power generation on windows. these same sites then give the vendors access to the system via vpn across the internet. sure there are firewalls, but i don't have faith in the long-term maintenance of the vendor sites. > Is the military also now dependant on windoze? Bizarre, absolutely > bizarre. And here I thought it was probably caused by people with potato guns > firing tennis balls filled with concrete, attached to coils of wire cable, > dropping them across the power lines and transformer stations. the power lines are certainly low-hanging fruit... CK -- GDB has a 'break' feature; why doesn't it have 'fix' too? From rah at shipwright.com Fri Aug 15 18:33:47 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Fri, 15 Aug 2003 21:33:47 -0400 Subject: Royal power shift in Liechtenstein Message-ID: The Telegraph Royal power shift in Liechtenstein By Kate Connolly in Berlin (Filed: 16/08/2003) Prince Hans Adam II of Liechtenstein is to hand over power to his son Alois but will retain the title of head of state. The move, announced by the crown prince yesterday, the tiny country's national holiday, came a few months after he won extended ruling powers in a bitterly fought referendum campaign . Explaining his decision at a party for the state's 33,000 inhabitants at his castle in Vaduz, Prince Hans Adam, 58, said the handover would take place at next year's national holiday. "The problems of foreign and domestic politics in which I have been involved are either solved or close to a successful solution," he said. "New problems have to be solved, and the heir to the throne has already been working on these." Prince Alois, 35, is the eldest of the Prince Hans Adam's four children. Two thirds of Liechtenstein's 17,000 voters supported the new constitution proposed by the Prince Hans Adam, giving him the right to dismiss the government, veto legislation and appoint judges. The prince, whose family has ruled the state for 300 years, already had the power to dissolve parliament and call elections. The campaign led to claims that the prince - who took over government rule from his father in 1989 - was a despot, liable to turn the Ruritanian principality into a dictatorship. But critics of the crown prince's campaign, which split Liechtenstein like few other events in its history, were ostracised. One found a disembowelled cat at his front door while another discovered a rotten pig's snout and tail nailed to his fence with the message: "Shut your mouth and sling your hook." The prince threatened to leave Liechtenstein in favour of neighbouring Austria, where he has a castle, and to sell the royal palace to the Microsoft billionaire Bill Gates if voters failed to back his proposals. Prince Alois, who has four children from his 10-year marriage to Princess Sophie of Bavaria, studied at Sandhurst in the 1990s, and has a law degree from Salzburg university. He has already demonstrated that he shares his father's stubborn streak by recently suggesting, as Prince Hans Adam has done, that Liechtenstein should leave the Council of Europe if it carries out its threat to monitor Liechtenstein's commitment to democracy in the light of the recent referendum. This year, the state, sandwiched between Switzerland and Austria and known for allegedly harbouring illicit money , offered itself for rent to multi-national companies for #320 per head per day. Prince Hans Adam allowed the use of his wine cellar and castle as part of the deal. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From jamesd at echeque.com Fri Aug 15 21:38:06 2003 From: jamesd at echeque.com (James A. Donald) Date: Fri, 15 Aug 2003 21:38:06 -0700 Subject: Controlled nymity Message-ID: <2ocrjv0kg4psa83u7tacmk7489ve8rsr6f@4ax.com> -- James A. Donald: > > What we want of a payment system, is that Alice can prove > > she paid Bob, even if Bob wants to deny it, but no one else > > can prove that Alice paid Bob unless Alice takes special > > action to make it provable. Major Variola (ret) > Does it help if: Alice generates a secret key for each > payment Alice *anonymously* deposits an *encrypted* message > containing payment details into Bob's acct Only Alice can > reveal the key for a particular transaction in Bob's account, > thereby stripping anonymity but also revealing payment. For > only that transaction. Presumably Alice prepares a bunch of unblinded tokens, marks them "for Bob" and encrypts them so that only the bank can read them. Bob then gives that message to the bank, and the bank then tells Bob "yes, its a valid payment for 25 grams of gold to Bob" Since Alice knows the secrets embedded in that message, she can prove that she originated that message, so she can prove she paid Bob, but no one else can prove it. She can prove that to Bob, or to anyone, assuming the bank cooperates. Of course this means the bank knows how much money everyone is paying Bob, even if it does not know who is paying Bob. Also Alice cannot prove that the money was accompanied by the message "OK Bob, here is the twenty five grams of gold, deliver the Maltese falcon tonight." and thus cannot prove that Bob, by accepting the tokens valid for the gold, agreed to deliver the Maltese Falcon. Perhaps these two problems can be fixed. Alice encrypts a message to the bank containing the unblinded tokens. It also contains instructions 'accept this deposit only if accompanied by a number whose hash is X, and only if the message is signed with the private key corresponding to this public key 89798759754. Alice puts this encrypted message to the bank inside a a message to the Bob, which contains the instructions: "OK Bob, here is the twenty five grams of gold, deliver the Maltese falcon tonight. Here is a cheque made out to cash, for 25 grams of gold, valid if accompanied by the hash of this message, and signed with private key 1764383486*b, where b is whatever your private key is. Signed Alice." Bob delivers the cheque, (an encrypted message to the bank) and the bank validates it as correctly formed and containing valid unspent unblinded tokens, and gives him blinded tokens for 25 grams of gold. To prove that it was Bob who did indeed deposit this money, Alice reveals to the bank the message corresponding to the hash, and thus reveals that 89798759754.= B^1764383486, where B is Bob's public key, and thus, if the bank keeps a record of the exchange, proves that it was Bob who made the exchange, and that the money was from Alice, and was for the Maltese falcon. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG t9GmbLxgymh192YQzp+e8St5v1yhN1n014TZ3Fyf 4k6B1/EGsY+IBb0q+xTsr05v3am+86d6UlAzY51Cz From jtrjtrjtr2001 at yahoo.com Sat Aug 16 04:21:15 2003 From: jtrjtrjtr2001 at yahoo.com (Sarad AV) Date: Sat, 16 Aug 2003 04:21:15 -0700 (PDT) Subject: paradoxes of randomness In-Reply-To: <20030802144728.28255.qmail@web21206.mail.yahoo.com> Message-ID: <20030816112115.51302.qmail@web21202.mail.yahoo.com> hi, I was reading the following paper Complexity, Vol. 7, No. 5, May/June 2002, pp. 14-21 PARADOXES OF RANDOMNESS Gregory Chaitin http://www.cs.umaine.edu/~chaitin/summer.html Under the sub heading- Program-Size Complexity,it says "Okay, so what does it mean then for a number to be interesting or uninteresting, now that I'm giving you a better idea of what I'm talking about. Well, interesting means it stands out some way from the herd, and uninteresting means it can't be distinguished really, it's sort of an average, typical number, one that isn't worth a second glance. So how do you define that mathematically using this notion of the size of computer programs? Well, it's very simple: a number is uninteresting or algorithmically random or irreducible or incompressible if there's no way to name it that's more concise than just writing out the number directly. That's the idea. In other words, if the most concise computer program for calculating a number just says to print 123796402, in that case, if that's the best you can do, then that number is uninteresting. And that's typically what happens. On the other hand, if there is a small, concise computer program that calculates the number, that's atypical, that means that it has some quality or characteristic that enables you to pick it out and to compress it into a smaller algorithmic description. So that's unusual, that's an interesting number. " How ever if i take the set of positive whole numbers(zero included),i.e S={0,1,2,...} ,I can compress every positive whole number using a computer program which says f(x)=2x for all x=0,1,2,... ; f(x)=2x+1 for all x=0,1,2,...; and i simply put it an infinite loop shown in the following pseudo code int x=0; while(1) { generate f(x)=2x; generate f(x)=2x+1; } In this way we can compress all the positive whole numbers because say i have a number 10. I try to find if it is interesting or not. decimal 10 = 1010 in binary it takes 4 bits to store decimal number 10 I can write a computer program to generate decimal 10 using f(x)=2x =2*5 =10 for x=5; Decimal number 5 can be represented in binary as 101. So we have 3 bits to represent 5. Using these 3 bits of information,i can get the decimal number 10,when i use f(x)=2x; Similarly-any positive whole number can be compressed using the above pseudo code. This is because Any whole number multiplied by 2 will give an extra bit eg, I have f(x)=2x I choose x=2, 10 in binary(2 bits). 2*2=4 , 100 in binary(3 bits). There is an extra bit that gets added ,when we multiply by 2. I am sure that this is very obvious indeed. So this way I can compress any positive whole number and thus I can show all the whole numbers are interesting contradicting the claim in the paper that most of the whole numbers are uninteresting numbers. He uses this concept of uninteresting numbers to demonstrate algorithmic randomness. The paper further says- "Once you set up this theory properly, it turns out that most numbers, the great majority of positive integers, are uninteresting. You can prove that as a theorem. It's not a hard theorem, it's a counting argument. There can't be a lot of interesting numbers, because there aren't enough concise programs. You know, there are a lot of positive integers, and if you look at programs with the same size in bits, there are only about as many programs of the same size as there are integers, and if the programs have to be smaller, then there just aren't enough of them to name all of those different positive integers." But we already have developed a small concise,as in the pseudo code shown above,that generates me any number of whole numbers. This contradicts the above argumeny. Further down,under the sub heading Redundant,he says- "Is this K bits of mathematical information? K instances of the halting problem will give us K bits of Turing's number. Are these K bits independent pieces of information? Well, the answer is no, they never are. Why not? Because you don't really need to know K yes/no answers, it's not really K full bits of information. There's a lot less information. It can be compressed. Why? " All logs are base 2. "And this is going to be a number between zero and K, a number that's between zero and K. 0 # # that halt # K And if you write this number in binary it's really only about log K bits. # that halt = log K bits " Now how can there be redundancy in various instances of a halting problem. Say-i have a sack with 64 programmes of which ,i know that 32 of them will halt and 32 of them will not halt.I pick,without any order, 32 programs from my sack to check whether they halt or not. If the input programmes are picked truely randomly,then I know 16 of the programs will halt(i.e 50% of the programs halt). So where is the redundancy in different instances of the halting problem? I don't see any redundancy. If the input programs are picked independently,i.e without any mathametcial structure,the output is by no means reduntant. In the section-Redundant,he obtains a real number called k,which he transforms to k bits of information. Then he says that there is redundancy in the output and says that there is only log k(base 2) bits of information. Here he treats k as a real number and says that-he only needs log k(base 2) bits to represent the whole number k. But that is the minimum number of bits that is required to hold the real number in binary representation in its information theorotical sense. What does it have to do with algorithmic randomness? it comes to such a question- I do a fair coin throwing experiment with 64 coins. To represent 64 coins,i need 5 bits of information. If the experiment is truely random,i will get 32 of them as heads and 32 of them as tails-though I dont know which all are heads and which all are tails. now-I see which all are heads.While counting,when I get 32 heads,I can stop counting,since i know the remaining 32 coins are tails. To represent 32 coins-i need 5 bits of information. Since the experiment is truely random-i know half of them will be heads,so in this case using 5 bits of information,i can determine all the coins that are heads and that are tails. So-the question is what is the minimum number of bits or entropy required to determine which all coins are heads and which all coins are tails,is it 5 bits or 6 bits of information? What chaitin does in his k instance halting problem -is he compresses the 6 bits to 5 bits,if we draw an equivalent with our coin tossing experiment,which we can,as it is equivalent to the coin tossing problem. It appears that it is on these lines he obtains the omega notation,though the exact details are not given in this paper. This is what I think.I would like to know more. Regards Sarath. __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com From jtrjtrjtr2001 at yahoo.com Sat Aug 16 04:26:00 2003 From: jtrjtrjtr2001 at yahoo.com (Sarad AV) Date: Sat, 16 Aug 2003 04:26:00 -0700 (PDT) Subject: paradoxes of randomness-errata In-Reply-To: <20030802144728.28255.qmail@web21206.mail.yahoo.com> Message-ID: <20030816112600.2928.qmail@web21208.mail.yahoo.com> >it comes to such a question- >I do a fair coin throwing experiment with 64 coins. >To represent 64 coins,i need 5 bits of information. To represnet 64 coins,i need 6 bits of infomation :) Regards Sarath. __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com From roy at rant-central.com Sat Aug 16 07:13:28 2003 From: roy at rant-central.com (Roy M. Silvernail) Date: Sat, 16 Aug 2003 10:13:28 -0400 Subject: [cta@hcsin.net: Re: CNN: 'Explores Possibility that Power Outage is Related to Internet Worm'] In-Reply-To: References: <20030815131525.A25566@slack.lne.com> <20030815232744.GB10109@cybershamanix.com> Message-ID: <200308161013.28850.roy@rant-central.com> On Friday 15 August 2003 22:29, Chris Kuethe wrote: > On Fri, 15 Aug 2003, Harmon Seaver wrote: > > Somehow I have difficulty believing the these people could be so totally > > lame as to be running mission-critical stuff like this on windoze. Please > > say it isn't true. > > it's scary just how much mission-critical stuff runs on windows. i'll > confess right now to being a unix zealot, so the thought of anything > mission critical (beyond hotmail and freecell) on windows is scary. It's not just the reliance on Windows that's scary. It's the mindset of the industrial controls industry, where the concept of security is percieved as a hassle for the end customer, and therefore something to be avoided. 10 years ago, I was developing a data collection and reporting program for the aircraft industry. The project suffered from creeping featurism, and one of the desired features was adding dialup data exchange, so the collection apps could send their data to a central location via modem. When I asked how much security was wanted on the dialup port, I was told that none was necessary because no one would ever attack the system, and anyway, the data were not interesting to outside parties. 10 years ago, perhaps that was an understandable position, though certainly naive. (I still put in a minimal challenge/response layer, if only to discourage the C-64 kids with wardiallers) A few weeks ago, I sat in on a meeting to talk over design of a TCP/IP Ethernet interface for an existing control system. When I asked what security provisions were envisioned for this interface, I was told that the system was not intended for deployment on publicly routed network segments, so there was no need for any security protocol. > i know of some fairly large installations running control systems for power > generation on windows. these same sites then give the vendors access to the > system via vpn across the internet. sure there are firewalls, but i don't > have faith in the long-term maintenance of the vendor sites. I've just returned from an extensive training seminar on OPC controls technology. The acronym stands for "OLE for Process Control", and it's a Microsoft-centric technology built on top of DCOM. Agt the lower end, OPC would let you control a PLC from Excel. Given the compressed schedule of the course (normally three weeks, it was compressed to two for our class) and my previous experiences, I didn't try to discuss security at all. But I noticed no authentication layer at all. Apparently, the security Microsoft natively provides for controlling DCOM traffic is all that such an application has available. And as far as I can tell, that would be none. I suppose I do get a bit of entertainment from the looks on the engineers' faces when I bring up threat models and attack scenarios. Most of them are indifferent. Some are confused. Some are annoyed. And one or two have understood the threat, but told me that I shouldn't talk to corporate about such things because it would make the sales force nervous. The reactions of sales droids (and even management) has been either dismissive (there is no threat) or hostile (I'm the threat). The most entertaining episode was back when UPS was first deploying their DIAD electronic clipboard, and I asked what steps were being taken to protect the signature data in transit. (There was no protection at all; the signature data were retained in the clear and could be dumped by any device that knew the protocol. I believe this is still the case.) That eventually produced a regional manager who visited the small company where I was employed. He was visibly irritated that anyone would even ask about such things, and answered every threat scenario I presented with "That would never happen!" He stalked off in a huff after I asked him how he would feel if his digitized signature, obtained legitimately when he received a package, were to appear at the bottom of an incriminating document faxed to his general manager. Ironically, several of my jobs have included IT duties along with my usual engineering tasks. Those same sales droids and engineers that scoffed at the need for security in their industrial controls applications came running to me frantically when their workstations became infected with SirCam or Klez. Security, as Schneier says, is a process. It's also a mindset, and I think one either has the mindset or he doesn't. And for those that don't have it, it is *very* difficult to impart. From bill.stewart at pobox.com Sat Aug 16 12:58:37 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Sat, 16 Aug 2003 12:58:37 -0700 Subject: paradoxes of randomness In-Reply-To: <20030816112115.51302.qmail@web21202.mail.yahoo.com> References: <20030802144728.28255.qmail@web21206.mail.yahoo.com> Message-ID: <5.1.1.6.2.20030816125226.02f5d1f0@idiom.com> The standard proof that all positive integers are interesting goes like this: - 1 is the smallest positive integer. That's interesting. - Suppose that you've proven that 1....N are interesting. Then either N+1 is interesting, and you continue the induction process, or - N+1 is the smallest integer that's not interesting. But that's interesting in itself - so N+1 is interesting. You can extend this to all integers, and to the rational numbers using the kinds of ordering that some of Cantor's proofs did. Doesn't work for real numbers, though - you can have a "nothing between X and Y is interesting, but X and Y are", without having any smallest number above X. From justin-cypherpunks at soze.net Sat Aug 16 10:22:18 2003 From: justin-cypherpunks at soze.net (Justin) Date: Sat, 16 Aug 2003 17:22:18 +0000 Subject: paradoxes of randomness-errata In-Reply-To: <20030816112600.2928.qmail@web21208.mail.yahoo.com> References: <20030802144728.28255.qmail@web21206.mail.yahoo.com> <20030816112600.2928.qmail@web21208.mail.yahoo.com> Message-ID: <20030816172218.GA18457@dreams.soze.net> Sarad AV (2003-08-16 11:26Z) wrote: > >it comes to such a question- > > >I do a fair coin throwing experiment with 64 coins. > > >To represent 64 coins,i need 5 bits of information. > > To represnet 64 coins,i need 6 bits of infomation :) To deal with 65 possibilites, you need 7 bits (well, 6.022)... -- No man is clever enough to Times are bad. Children no longer know all the evil he does. obey their parents, and everyone -Francois de la Rochefoucauld is writing a book. -Cicero From morlockelloi at yahoo.com Sat Aug 16 20:11:05 2003 From: morlockelloi at yahoo.com (Morlock Elloi) Date: Sat, 16 Aug 2003 20:11:05 -0700 (PDT) Subject: paradoxes of randomness In-Reply-To: <5.1.1.6.2.20030816125226.02f5d1f0@idiom.com> Message-ID: <20030817031105.51014.qmail@web40607.mail.yahoo.com> > - N+1 is the smallest integer that's not interesting. > But that's interesting in itself - so N+1 is interesting. It breaks down after few consequtive non-interesting integers. In fact, there is a proof somewhere that 17, 18 and 19 are not interesting at all. ===== end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com From jtrjtrjtr2001 at yahoo.com Sun Aug 17 03:19:35 2003 From: jtrjtrjtr2001 at yahoo.com (Sarad AV) Date: Sun, 17 Aug 2003 03:19:35 -0700 (PDT) Subject: paradoxes of randomness In-Reply-To: <20030816144429.GA30418@diamond.madduck.net> Message-ID: <20030817101935.82767.qmail@web21210.mail.yahoo.com> hi, Okay- I need 5 bits to represent 32 coins.I count as coin 0,coin 1,... coin 31. If it is a perfectly random fair coin throwing experiment,then 50 percent of them will be heads. So I know that 16 of them will be heads. What we do is i simply place all the 32 coins on the table in a row or column. I look at the first coin and determine if it is a head or a tail. I repeat the same proccess till i count 16 heads. If I count 15 heads at coin 31, then I cant reduce the entropy. How ever, if i count 16 heads at coin 30,then I dont have to check that coin 31,I already know its a tail,so I have less than 5 bits of entropy. So if it is a perfectly random experiment,I wouldn't get 16 heads before i look at coin 31,which is the last coin and thats what you said-isn't it? So how did chaitin get to compress the information from k instances of the turing machine in http://www.cs.umaine.edu/~chaitin/summer.html under the sub-section redundant? he says- "Is this K bits of mathematical information? K instances of the halting problem will give us K bits of Turing's number. Are these K bits independent pieces of information? Well, the answer is no, they never are. Why not? Because you don't really need to know K yes/no answers, it's not really K full bits of information. There's a lot less information. It can be compressed. Why? " If the input programs are truely random-there is no redundancy and thats a contradiction to the claim in the paper. Thanks. Regards Sarath. >It's simple, if I am correct. The redundancy simply > makes you care > less about the specific instance you are looking at. > > > To represent 32 coins-i need 5 bits of > information. > > Since the experiment is truely random-i know half > of > > them will be heads,so in this case using 5 bits of > > information,i can determine all the coins that are > > heads and that are tails. > > Same deal, unless you are counting pairs, in which > case you cannot > distinguish between the members of a pair. You need > an extra bit to > tell a head from a tail. > > > So-the question is what is the minimum number of > bits > > or entropy required to determine which all coins > are > > heads and which all coins are tails,is it 5 bits > or 6 > > bits of information? > > With 5 bits, you can count to 31, so you need 6. > > Just my two tails. > __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com From shaddack at ns.arachne.cz Sat Aug 16 22:46:51 2003 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Sun, 17 Aug 2003 07:46:51 +0200 (CEST) Subject: [cta@hcsin.net: Re: CNN: 'Explores Possibility that Power Outage is Related to Internet Worm'] In-Reply-To: <20030815232744.GB10109@cybershamanix.com> Message-ID: On Fri, 15 Aug 2003, Harmon Seaver wrote: > Somehow I have difficulty believing the these people could be so totally lame > as to be running mission-critical stuff like this on windoze. Please say it > isn't true. The Microsoft salesmen know the coercive sales tactics. The clients' well-being isn't in their interest; their interest is only a new sale. Hence in their world Windows are suitable for just about everything. By exploiting psychological tricks, they are able to convince less technically capable personnel (eg, the management) about their system's alleged superiority. Not that different from eg. car dealers. A friend some time ago complained about having to ditch a Linux webserver because his company managers did some special deal with Microsoft which gave them substantially lower prices if they would run ALL systems exclusively on Windows. But I forgot the details. > Is the military also now dependant on windoze? Some time ago there was a widely publicized incident with Windows NT controlling a battleship. After a crash the ship had to be towed to the port. From then it's known that NT is an acronym for Needs Towing. > Bizarre, absolutely bizarre. And somehow entirely unsurprising. > And here I thought it was probably caused by people with potato guns > firing tennis balls filled with concrete, attached to coils of wire cable, > dropping them across the power lines and transformer stations. The cable will vaporize at the moment the lightning from the power line hits it, or it will be too heavy to be brought up by anything reasonable. (You don't need even a full contact, getting it to the sparking distance is enough.) That will trigger the breakers and switch the line off for few seconds. But then the power will be switched on again. Then you need to short it the second time. The wire you used will vaporize as well, but the breakers won't switch back on for the second time, claim an error, and an inspection of the power line is required to find the shortcut cause before it can be switched back on, as the electronics then considers the short circuit to be permanent. (I hope I am right here.) Also be aware about the danger of the step voltage at the moment the lightning from the power line hits the ground - you don't want to be anywhere too close, so you will avoid the potato gun and resort to something safer, eg. a suitable rocket engine. In Colombia, the rebels routinely "dark" the cities by blowing up the high voltage masts. If the mast is in a difficult-to-access place, it can take days to build a replacement. There are thousands of miles of power lines, good part of them in less inhabited areas. It is extremely difficult to prevent this kind of attack. To add insult to injury, the adversary can get ahold of the map of the power transmission networks rather easily - they are in all kinds of sources, from tourist maps to maps for pilots, and one can get fairly good idea about the power feeds to a city by just driving around it with open eyes. Underground lines exist, but are more expensive, so they are quite unusual. However, I'd bet that this affair was a plain old Murphy-based cascade failure. On another note, a nice reading about the world of energetics is Arthur Hailey's "Overload". From mv at cdc.gov Sun Aug 17 08:19:50 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Sun, 17 Aug 2003 08:19:50 -0700 Subject: Viral DNS Attack, DDos Idea Message-ID: <3F3F9D16.90CAF5EB@cdc.gov> At 05:46 PM 8/15/03 -0700, Bill Stewart wrote: >At 01:19 PM 08/15/2003 -0700, Major Variola (ret.) wrote: >>Suppose malware appends a bogus entry to an infected machine's >>/etc/hosts (or more likely, MSwindows' \windows\blahblah\hosts file). >>(This constitutes a DNS attack on the appended domain name, exploiting >>the local hosts' name-resolution prioritization.) >>If the appended IP address points to the >>same victim (66.66.66.66) on all the virus-infected machines, >>and the appended (redirected) domain name is popular ("google.com" > >Cute, but sounds like a lot of work compared to other obvious attacks >you could do if you're spreading a virus anyway. Yes if you have virally owned a machine you can do much nastier. But this attack has the advantage that its effects would not be immediately recognized, nor could they be fixed in one spot once detected. Evolved diseases don't kill their hosts. Google is too useful to redirect. On the other hand, you can redirect an entire TLD (eg .mil), albeit on one machine at a time. Try doing that to one of The DNS Roots (pbut). >The more popular version of this attack is to try to hack DNS servers, >or poison DNS requests, so that DNS requests for google report the wrong thing. Yes I've followed discussions about SecDNS etc before. The cute part of the local hostsfile attack is that local machines are *not* administered competently, whereas DNS servers (and even ISP caches) are more likely tended better. >One problem with hacking the hosts files is that >different versions of Windows tend to put them in different places, >though perhaps if you target XP and 2000 and ME and 98 >it's consistent enough to work. OS detection is trivial once in.. as is file/path detection. I bet a javascript program could do it, if the client security settings (ACLs) were poor. >The real question is whether the bad guys would redirect to a victim, >or to a fake web server run by them, so they could hand out >bogus responses, such as redirects to various places around the web, >potentially along with some advertising banners. That's the virus author's choice, of course. In fact, I first thought of the attack as a DNS-redirect on domain names ---intending on random (or even localhost) misdirection. Upon thinking about it, the utility of all those 9AM Monday clicks became apparent. Diagnosing the situation would be a bushel of fun in the first hours either way. >If it's a virtual server machine, though, you can't do that >without disrupting all the clients on it, which is too bad; Hadn't thought of virtual servers... "all your eggs in one basket" :-) >If it's a router, that's a more interesting problem, You're right, routers merely drop port 80 incoming, any router DoS depends on sheer bandwidth --say routing the NYTimes.com clicks to Podunk-BackwaterTimes.com >because many routers have wimpy CPUs and do the routine work in ASICs - ASICs are great except for exception handling, which is a vulnerability. I was working on Intel's network processors earlier this year. Amazing chips--they have hardware support for everything you do in an IP stack, buttloads of memory controllers, I/O up the kazoo, and a dozen hardware-supported thread contexts (hyperthreading) on each of a dozen high-clockrate RISC engines. But they all defer exception packet processing to the onboard ARM, which might alert the host system or at least log the exception by incrementing a counter. But the ARM is not as fast as the threads and could perhaps be overwhelmed. Perhaps the subject of a future Gedanken Design Idea. ----- "When the rotary telephone first came out, people said, 'You mean I have to dial seven numbers?' " From mv at cdc.gov Sun Aug 17 08:43:52 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Sun, 17 Aug 2003 08:43:52 -0700 Subject: reliance that's scary Message-ID: <3F3FA2B8.561BDB5C@cdc.gov> At 10:13 AM 8/16/03 -0400, Roy M. Silvernail wrote: > >Security, as Schneier says, is a process. It's also a mindset, and I think >one either has the mindset or he doesn't. And for those that don't have it, >it is *very* difficult to impart. And you don't get any droid-demonstrable features for all your efforts. Whereas being able to control from a network has gee-whiz sellability. And the customer has a hard time imagining the attack -how are they going to find the network, how are they going to guess the password. I had the pleasure ca 1997 of figuring out how to browser-enable a multiton industrial machine (the kind with big red "stop" buttons, rotating lights on it when it was operating, and stickers showing various forms of dismemberment possible) once. A password was the only access control. I hope anyone who installed this understood firewalling and air gapping... (Meanwhile, my garage door is "protected" merely by the number of possibilities, 256) From timcmay at got.net Sun Aug 17 10:06:32 2003 From: timcmay at got.net (Tim May) Date: Sun, 17 Aug 2003 10:06:32 -0700 Subject: paradoxes of randomness In-Reply-To: <20030817101935.82767.qmail@web21210.mail.yahoo.com> Message-ID: <26B3948E-D0D5-11D7-B701-000A956B4C74@got.net> On Sunday, August 17, 2003, at 03:19 AM, Sarad AV wrote: > hi, > > Okay- I need 5 bits to represent 32 coins.I count as > coin 0,coin 1,... coin 31. > If it is a perfectly random fair coin throwing > experiment,then 50 percent of them will be heads. > > So I know that 16 of them will be heads. I hope you are not saying that you think there will always be 16 heads and 16 tails! Your comment below seems to suggest you think this is so. If so, you need to spend a lot of time thinking about probability. > > What we do is i simply place all the 32 coins on the > table in a row or column. > I look at the first coin and determine if it is a head > or a tail. I repeat the same proccess till i count 16 > heads. If I count 15 heads at coin 31, then I cant > reduce the entropy. How ever, if i count 16 heads at > coin 30,then I dont have to check that coin 31,I > already know its a tail,so I have less than 5 bits of > entropy. How does knowing what has already come before tell you that coin 31 is a tail without your having to look at it to see? It certainly sounds to me that you have a very weird, and very wrong, concept of probability. --Tim May "A democracy cannot exist as a permanent form of government. It can only exist until the voters discover that they can vote themselves money from the Public Treasury. From that moment on, the majority always votes for the candidate promising the most benefits from the Public Treasury with the result that a democracy always collapses over loose fiscal policy always followed by dictatorship." --Alexander Fraser Tyler From timcmay at got.net Sun Aug 17 10:11:39 2003 From: timcmay at got.net (Tim May) Date: Sun, 17 Aug 2003 10:11:39 -0700 Subject: Viral DNS Attack, DDos Idea In-Reply-To: <3F3F9D16.90CAF5EB@cdc.gov> Message-ID: On Sunday, August 17, 2003, at 08:19 AM, Major Variola (ret) wrote: > > Evolved diseases don't kill their hosts. Google is too useful > to redirect. On the other hand, you can redirect an entire > TLD (eg .mil), albeit on one machine at a time. Try doing that > to one of The DNS Roots (pbut). Many evolved diseases _DO_ kill their hosts. Look around. It is true that there are tradeoffs in lethality, time to death, and virulence, and that a disease which kills too quickly and too many won't spread adequately, but quite clearly all of the diseases of the past were evolved (until recently, none were created) and yet they often killed their hosts. --Tim May "In the beginning of a change the patriot is a scarce man, and brave, and hated and scorned. When his cause succeeds, the timid join him, for then it costs nothing to be a patriot." -- Mark Twain From sunder at sunder.net Sun Aug 17 10:50:53 2003 From: sunder at sunder.net (Sunder) Date: Sun, 17 Aug 2003 13:50:53 -0400 (edt) Subject: [cta@hcsin.net: Re: CNN: 'Explores Possibility that Power Outage is Related to Internet Worm'] In-Reply-To: Message-ID: As you probably know by now, there was no lightnight strike and the failure did not start at Nigara. As for our city's reptile of a Mayor he claimed power would be back on in queens by 11pm. It wasn't on until 6am Friday. On Friday night there were still areas that were down in lower Manhattan. Certainly, I'd expect whatever FUD explanation to be most profitable to the NeoCONS to be the eventual reason for the outage, so they can push USPATRIOT V3.0.1 - the one where they add brown alert to the color scheme. Of course CON-Ed would say "Blame Canada." I expect nothing less. Did anyone catch the Shrubbya interview? I think it was on CNNFN or MSNBC or one of those neonews channels... The one where he was busy sweating in the sun's heat in his blue Armani dress shirt while, his face browned from the sun, playing golf. The one where he regurgitated what he had been spoon fed by his PR guys? At one instant he shrugged his shoulders as he said it's an old grid, and it will need to be fixed, and then he went back to golfing. Showing how much he cares about the plight of the east coast. More than likely I suspect the truth is that the grid is indeed outdated and something simply couldn't handle the load. Whenever politicians, and bureaucrats are involved, the outcome is the same: Chief Executive Asshole: "Why should we spend $X million to fix it? It's still running?" Techie: "Because it's running at 95% capacity, and any small spike will cause a big problem." CEA: "But it's been fine for the last 20 years, I'd rather keep the cash and give myself a bonus, and then lay off extraneous employees. We can outsource them to India." Techie: "It's outdated, it will collapse." CEA: "So what? When it does, if it does, we'll hit Uncle Sam for more money, meanwhile I have another yacht to purchase. In any case, it won't likely collapse while I'm still here, and I'll retire soon enough, not my problem... and don't let the door hit your ass on your way out. I don't want ass prints on my brand new gold plated door." ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------ On Fri, 15 Aug 2003, John Young wrote: > Are you suggesting the outage was caused by carbon filaments rocketed > across transmission lines? If that was done at several points in the grid it > would account for the various finger-pointing to incidents which are claimed > to have started the usual-suspect "cascade" of the usual-suspect "antiquated" > system that was "not supposed to fail but it did." From timcmay at got.net Sun Aug 17 14:04:09 2003 From: timcmay at got.net (Tim May) Date: Sun, 17 Aug 2003 14:04:09 -0700 Subject: US soldiers in Iraq held against their will In-Reply-To: <20030817193308.GB30225@cybershamanix.com> Message-ID: <5868E0D0-D0F6-11D7-B701-000A956B4C74@got.net> On Sunday, August 17, 2003, at 12:33 PM, Harmon Seaver wrote: > Just heard about this local guy who reluctantly went to Iraq because > he was in the reserves, now his contract is up (as of 7/31) and they > won't let him out. > I've known for more than 40 years that there's always been language in the deal the Reservists make that say they can be called back as needed, in times of war. And kept in until not needed. If this guy didn't know that Reserve pay comes with strings attached, he should have. No sympathy from me. --Tim May From hseaver at cybershamanix.com Sun Aug 17 12:33:08 2003 From: hseaver at cybershamanix.com (Harmon Seaver) Date: Sun, 17 Aug 2003 14:33:08 -0500 Subject: US soldiers in Iraq held against their will Message-ID: <20030817193308.GB30225@cybershamanix.com> Just heard about this local guy who reluctantly went to Iraq because he was in the reserves, now his contract is up (as of 7/31) and they won't let him out. ======================================================================== Dear friends As many of you know I am in Iraq with the 724th Eng Bn. Many of you may not know however that on July 30th 2003 my enlistment contract ended and the I have been involuntarily extended. I am now a prisoner of the US army. I find it very troubling that the USA would force people against their free will to be in the military, furthermore the fact that their are hundreds perhaps thousands of able bodied volunteer soldier in the Wisconsin Army System that have not been activated and that could replace those soldiers who are in Iraq involuntarily. I request you assistance in helping me get home. Free Moon!! Below is a letter I have written to our Wisconsin congresspersons, and governor. Also below are their addresses and email addresses. I ask that you read my letter to them and email or write all of them with a similar letter addressed from your view point. Please do not forward my letter to them but rather write them in you own words your objection to the practice ofinvoluntary extension as it pertains to me. I feel that if enough people write that it may actually influence my Battalion Commander, who has the power to do so, to grant me my honorable discharge and send me home. Also please forward this email to people who you know know me and would be willing to help. Please help me return home, reunite with my son, and practice my religion of non-violence. Thank you. Love, Jason Moon Russ Fielgold russ_feingold at feingold.senate.gov Send snail mail to this address Bob Schweder C/O Senator Russ Fiengold 1640 Main Street Green Bay, WI 54302 920) 465-7508 Bob Schweder is Fiengold Military/ Veteran Affairs Aide. Herb Kohl senator_kohl at kohl.senate.gov Send snail mail to this address Steve Piotrowski C/o Senator Kohl 14 West Mifflin Street, Suite 207 Madison, WI 53703 Phone: (608) 264-5338 Fax: (608) 264-5473 Kohl personally asked to send all thought regarding Jason to Steve but still email the Senator. He responded personally to my email. Tom Petri US Rep 6th District WI http://www.house.gov/writerep/ Use the above link to write Rep Petri Send snail mail to this address Rep. Tom Petri 490 West Rolling Meadows Drive Suite B Fond du Lac, WI 54937 Tel: 920/922-1180 Toll-free in Wisconsin: 800/242-4883 -- Harmon Seaver CyberShamanix http://www.cybershamanix.com From timcmay at got.net Sun Aug 17 15:21:43 2003 From: timcmay at got.net (Tim May) Date: Sun, 17 Aug 2003 15:21:43 -0700 Subject: US soldiers in Iraq held against their will In-Reply-To: <20030817204340.GA30470@cybershamanix.com> Message-ID: <2E6EF104-D101-11D7-B701-000A956B4C74@got.net> On Sunday, August 17, 2003, at 01:43 PM, Harmon Seaver wrote: > On Sun, Aug 17, 2003 at 02:04:09PM -0700, Tim May wrote: >> On Sunday, August 17, 2003, at 12:33 PM, Harmon Seaver wrote: >> >>> Just heard about this local guy who reluctantly went to Iraq >>> because >>> he was in the reserves, now his contract is up (as of 7/31) and they >>> won't let him out. >>> >> >> >> I've known for more than 40 years that there's always been language in >> the deal the Reservists make that say they can be called back as >> needed, in times of war. And kept in until not needed. >> >> If this guy didn't know that Reserve pay comes with strings attached, >> he should have. >> No sympathy from me. >> > > That doesn't jive with the statutes: You said he was in the reserves. And that's what I commented on. Below you are quoting use of the _National Guard_. National Guard !=! Armed Forces Reserves (any of the services) Activating reservists has a familiar name: "calling up the reserves." And when reservists are activated, they are back in their respective services, e.g., the Army, the Navy, whatever. And once back in the Army, they are subject to the usual extensions of their duty during wartime. Reservists are not the same as National Guard. (In fact, there should be more debate about Bush having the authority to send the National Guard (of any state) into battle. It is supposed to be the Governors of states which can call up the National Guard.) > > TITLE 10 > Subtitle E > PART II > CHAPTER 1211 > > Sec. 12407. > > Sec. 12407. - National Guard in Federal service: > period of service; apportionment > > (a) > > Whenever the President calls the National Guard of a > State into Federal service, he may specify in the > call the period of service. Members and units called > shall serve inside or outside the territory of the > United States during the term specified, unless > sooner relieved by the President. However, no member > of the National Guard may be kept in Federal service > beyond the term of his commission or enlistment. > > > > > > > -- > Harmon Seaver > CyberShamanix > http://www.cybershamanix.com > > --Tim May "A human being should be able to change a diaper, plan an invasion, butcher a hog, conn a ship, design a building, write a sonnet, balance accounts, build a wall, set a bone, comfort the dying, take orders, give orders, cooperate, act alone, solve equations, analyze a new problem, pitch manure, program a computer, cook a tasty meal, fight efficiently, die gallantly. Specialization is for insects." --Robert A. Heinlein From hseaver at cybershamanix.com Sun Aug 17 13:43:40 2003 From: hseaver at cybershamanix.com (Harmon Seaver) Date: Sun, 17 Aug 2003 15:43:40 -0500 Subject: US soldiers in Iraq held against their will In-Reply-To: <5868E0D0-D0F6-11D7-B701-000A956B4C74@got.net> References: <20030817193308.GB30225@cybershamanix.com> <5868E0D0-D0F6-11D7-B701-000A956B4C74@got.net> Message-ID: <20030817204340.GA30470@cybershamanix.com> On Sun, Aug 17, 2003 at 02:04:09PM -0700, Tim May wrote: > On Sunday, August 17, 2003, at 12:33 PM, Harmon Seaver wrote: > > > Just heard about this local guy who reluctantly went to Iraq because > >he was in the reserves, now his contract is up (as of 7/31) and they > >won't let him out. > > > > > I've known for more than 40 years that there's always been language in > the deal the Reservists make that say they can be called back as > needed, in times of war. And kept in until not needed. > > If this guy didn't know that Reserve pay comes with strings attached, > he should have. > No sympathy from me. > That doesn't jive with the statutes: TITLE 10 > Subtitle E > PART II > CHAPTER 1211 > Sec. 12407. Sec. 12407. - National Guard in Federal service: period of service; apportionment (a) Whenever the President calls the National Guard of a State into Federal service, he may specify in the call the period of service. Members and units called shall serve inside or outside the territory of the United States during the term specified, unless sooner relieved by the President. However, no member of the National Guard may be kept in Federal service beyond the term of his commission or enlistment. -- Harmon Seaver CyberShamanix http://www.cybershamanix.com From cypherpunks at salvagingelectrons.com Sun Aug 17 13:26:07 2003 From: cypherpunks at salvagingelectrons.com (Tim Meehan) Date: Sun, 17 Aug 2003 16:26:07 -0400 Subject: Faith-based Drug Wars Message-ID: I'm starting to worry less about Brinworld and more about the Republic of Gilead... Source: Working for Change Pubdate: August 8, 2003 Author: Bill Berkowitz Webpage: http://www.workingforchange.com/article.cfm?ItemID=15420 Faith-based drug wars 08.08.03 - What do advocating "religious hiring rights," a $4 billion workplace retraining bill, and the war on drugs have in common? The short answer: Bring on the faith-based organizations! Although more than 30 months have passed since President Bush announced the centerpiece of his domestic agenda -- his faith-based initiative -- and no significant broader efforts to fund his initiative has emerged from Congress, the administration continues to move ahead on a number of fronts. Bush's latest faith-based proposal involves enlisting religious youth groups in the war on drugs. According to the Washington Times, the administration recently printed 75,000 copies of a guidebook to the drug wars called "Pathways to Prevention: Guiding Youth to Wise Decisions." The 100-page pamphlet "seeks to teach youth leaders how to handle questions and concerns about substance abuse." In addition to the publication, there's a new Web site and an e-mail newsletter. The new anti-drug project is built around three premises which are spelled out in a fact sheet titled "Marijuana and Kids: Faith": 1) "Religion plays a major role in the lives of American teens;" 2) "Religion and religiosity repeatedly correlate with lower teen and adult marijuana and substance use rates and buffer the impact of life stress which can lead to marijuana and substance use;" and 3) "Youth turn to faith communities [but] most faith institutions [with] youth ministries [do not] incorporate significant teen substance abuse prevention activities." Krissy Oechslin, assistant director of communications at the Washington, DC-based Marijuana Policy Project, the nation's largest marijuana policy reform organization, is concerned about the faith-based effort. "We do not oppose efforts to teach kids the truth about drugs. But the one thing that will likely be conspicuously missing from this faith-based initiative is any discussion about the effects of our drug laws," Oechslin told me in a telephone interview. "You can talk all you want about prevention and reducing demand but the fact of the matter is, nearly 750,000 people were arrested for marijuana violations in 2001; nearly 90% of those were for simple possession," Oechslin pointed out. "Despite the fact they are in a religious setting, they will likely avoid significant ethical questions raised by the drug wars, such as whether kids should be put into prison for using marijuana. If you talked with John Walters about this he would probably say that these kinds of questions are irrelevant to the conversation." Moving forward on faith Bush's faith-based anti-drug effort is the latest in a series of moves advancing his faith-based initiative. In late-June, the White House Office of Faith-Based and Community Organizations spelled out its position on a concept called "religious hiring rights." In a position paper titled "Protecting the Civil Rights and Religious Liberty of Faith-Based Organizations: Why Religious Hiring Rights Must Be Preserved," the administration argued religious organizations that receive government grants should be allowed to hire anyone they darn well please. At least two pieces of legislation with "religious hiring rights" provisions are currently under consideration by Congress: "The School Readiness Act of 2003," H.R. 2210, allows religious organizations receiving government funds to provide Head Start services to discriminate in their hiring practices; and the $4 billion Workforce Reinvestment and Adult Education Act -- passed by the full House on a party-line 220-204 vote -- also included a similar faith-based exemption. 'Faith: The Anti-Drug' At a press conference surrounded by Christian, Jewish and Islamic community leaders, John Walters, director of the Office of National Drug Control Policy, said: "Faith plays an important role when it comes to teen marijuana prevention. We are urging youth ministers, volunteers and faith leaders to integrate drug prevention messages and activities into their sermons and youth programming and are providing them with key tools and resources to make a difference. "As long as [America's youth] have, in their minds, the expectation that drug abuse comes as a rite of passage, we will continue to lose too many of our young people." (Isn't it amazing how many press conferences Bush Administration officials have held surrounded by Christian, Jewish and Islamic religious leaders?) "The reality is a lot of people don't know how to talk about these issues," said Jim Towey, the Director of the White House Office of Faith-Based and Community Initiatives. "According to data from Monitoring the Future, 90 percent of teens in the U.S. are affiliated with a religious denomination and 43 percent of eighth graders attend religious services weekly. Churches, temples and mosques are well positioned to cultivate anti-drug values and teach effective coping tools to deal with negative peer pressure," said Towey. The new campaign's slogan -- "Faith. The Anti-Drug" -- appears to indicate that Walters, appointed drug czar by Bush in May 2001, is turning down the volume from an earlier anti-marijuana ad campaign focused on teens. That high-powered effort was aimed at linking teenagers using marijuana to the funding of terrorist organizations and support for terrorism. Walters, characterized as a "drug 'hawk' well known for his moral condemnation of drug use and his criticism of Clinton's drug war techniques," by Salon's Janelle Brown, pointed out that "we need to be candid" about the situation confronting America's youth. Being candid, however, has not been one of the drug czar's strong suits. If Walters were truly candid he would talk about the billions of dollars wasted on the war on drugs; he would talk about the succession of cynical anti-drug advertising campaigns run by high-powered and well-connected ad agencies whose only success has been in lining its own pockets with tax-payer funds; and he would talk about the hundreds of thousands of people languishing in prisons because of marijuana-related convictions. In May, 2002, the Village Voice's Cynthia Cotts reported that a Wall Street Journal article citing the results of a Walters-authorized survey -- conducted by the private research firm Westat and the University of Pennsylvania -- "shows the government's anti-drug ads have completely failed to slow down teen drug use. Over the past five years," Cotts writes, "the feds spent $929 million to spread the message, and what did they get? A quarter of high school seniors still use illegal drugs, and after seeing the ads, some 13-year-old girls started smoking pot." If the new emphasis on faith-based interventions sounds like the repackaging of an old idea, well, that's because it very well might be. Last year, when the president announced his National Drug Control Strategy, FY-2003, "compassionate coercion" was the term coined and touted as a key element for success. Under the heading "Healing America's Drug Users" a White House fact sheet said: "Getting people into treatment -- including programs that call upon the power of faith -- will require us to create a new climate of compassionate coercion, which begins with family, friends, employers, and the community. Compassionate coercion also uses the criminal justice system to get people into treatment." Bush's advocacy of "religious hiring rights" and the administration's grafting of faith-based organizations onto the drug wars cuts to the heart of church/state separation, says Barry Lynn, executive director of Americans United for Separation of Church and State. According to Lynn, this new anti-drug effort is another administration attempt to blur those lines. In a Press Release issued by Americans United Lynn said, "The Bush administration seems to think there's a 'faith-based' solution to every social and medical problem in America. The project announced today is one very small part of a larger crusade that raises troubling constitutional concerns." "The White House is ignoring vital constitutional safeguards," continued Lynn. "The Constitution calls for a separation between religion and government, not a merger." Lynn pointed out that Walters recently appeared at a Riverside, Calif. "Teen Challenge" facility whose treatment program "relies on conversion to fundamentalist Christianity as its form of treatment." Only evangelical Christians are hired to carry out its work. In testimony before Congress in 2001, a Teen Challenge official noted that some Jews who participate in the program convert to Christianity, becoming what he called "completed Jews." Many Jewish leaders found the term offensive, the AU Press Release pointed out. This far, says Jeremy Leaming, Communications Associate at Americans United, government funds have not been awarded to Teen Challenge or any other religious organizations for John Walter's new anti-drug initiative. "But," he added, "we are watching the situation closely." "Bush's whole drug policy is in reality one gigantic faith-based initiative," Bruce Mirken, the Marijuana Policy Project's director of communications, commented in a recent e-mail. "It's sure not based on science or data, particularly in regard to marijuana. The government's own figures show that marijuana use by kids under 21 has gone up over 2000% since marijuana was banned, and a National Research Council study commissioned by the Drug Czar's office reported in 2001 that the evidence shows little or no relationship between the severity of criminal sanctions and rates or frequency of drug use. "If the government announced a program to reduce unemployment, and unemployment subsequently rose 2000%, that policy would be toast faster than you can say 'Bill Bennett loves to gamble,'" Mirken pointed out. "But the administration believes, with deep religious conviction that drugs are bad and must be banned. It's truly a faith based drug policy, and it ruins lives every day." (c) Working Assets Online. All rights reserved. -- Parti Marijuana de l'Ontario Marijuana Party http://ontario.mjparty.ca ICQ: 231997626 AOL/Yahoo/MSN: onmjp From cypherpunks at salvagingelectrons.com Sun Aug 17 13:38:30 2003 From: cypherpunks at salvagingelectrons.com (Tim Meehan) Date: Sun, 17 Aug 2003 16:38:30 -0400 Subject: Superpowers distribute 750,000 shoulder-fired missiles, cook their own gooses In-Reply-To: References: Message-ID: <0upvjvgsc8pat1j500l5ur3t3lrp8pubjc@4ax.com> Tyler Durden said: >Most people in this neck of the woods continue to believe that that flight >that went down over Long Island a few years ago was actually shot >down...many witnesses saw a rocket go up and hit the plane. >The government, of course, denies it. God forbid the airlines collapse. The CIA's official explanation of the event, even to this layman, is aerodynamically impossible. Let me say that the TWA 800 coverup has a lot to do with my cynicism about what really happened on 9/11. (I have a copy of the Howard Stern show from that day, and chopper reporter that Howard fed in clearly reports a second, massive explosion just before the south tower collapsed. Speaking with an ironworker who worked on the cleanup only brought more questions as to the "real" cause of the collapses.) -Tim From cypherpunks at salvagingelectrons.com Sun Aug 17 13:41:03 2003 From: cypherpunks at salvagingelectrons.com (Tim Meehan) Date: Sun, 17 Aug 2003 16:41:03 -0400 Subject: How can you tell if your alarm company's... In-Reply-To: <200308090852.32161.roy@rant-central.com> References: <20030808225907.D60664-100000@kozubik.com> <200308090852.32161.roy@rant-central.com> Message-ID: Roy M. Silvernail said: >But it's not trivial to roll your own 24/7 monitoring company with the ability >to call in the cops. >From what I hear, indoor marijuana grow-ops that are alarmed with hand-rolled systems often activate a pager. In that case you DO NOT want the cops to come. As an aside, watched Das Experiment last night (German movie based on the Stanford prison experiment). Very enlightening/disturbing. -Tim From cypherpunks at salvagingelectrons.com Sun Aug 17 13:43:20 2003 From: cypherpunks at salvagingelectrons.com (Tim Meehan) Date: Sun, 17 Aug 2003 16:43:20 -0400 Subject: How can you tell if your alarm company's... In-Reply-To: <20030809232339.GA27395@cybershamanix.com> References: <20030808225907.D60664-100000@kozubik.com> <200308090852.32161.roy@rant-central.com> <20030809232339.GA27395@cybershamanix.com> Message-ID: <14qvjv0dvuvh2e9k4ubarbi9jou7vq4vje@4ax.com> Harmon Seaver said: > But how important is that anyway? Most any half competent burglar knows >enough to cut the phone wire before the B&E, so they don't get called. A local alarm company here (Alarmforce) advertises an "extra" to their basic package: a backup cellular phone link to their monitoring system. Not sure if it's really functional, or just burgular FUD, but many people have taken it...at an extra charge, of course... -Tim From cypherpunks at salvagingelectrons.com Sun Aug 17 13:43:27 2003 From: cypherpunks at salvagingelectrons.com (Tim Meehan) Date: Sun, 17 Aug 2003 16:43:27 -0400 Subject: How can you tell if your alarm company's... In-Reply-To: <20030809232339.GA27395@cybershamanix.com> References: <20030808225907.D60664-100000@kozubik.com> <200308090852.32161.roy@rant-central.com> <20030809232339.GA27395@cybershamanix.com> Message-ID: Harmon Seaver said: > But how important is that anyway? Most any half competent burglar knows >enough to cut the phone wire before the B&E, so they don't get called. A local alarm company here (Alarmforce) advertises an "extra" to their basic package: a backup cellular phone link to their monitoring system. Not sure if it's really functional, or just burgular FUD, but many people have taken it...at an extra charge, of course... -Tim From hseaver at cybershamanix.com Sun Aug 17 15:20:18 2003 From: hseaver at cybershamanix.com (Harmon Seaver) Date: Sun, 17 Aug 2003 17:20:18 -0500 Subject: US soldiers in Iraq held against their will In-Reply-To: <2E6EF104-D101-11D7-B701-000A956B4C74@got.net> References: <20030817204340.GA30470@cybershamanix.com> <2E6EF104-D101-11D7-B701-000A956B4C74@got.net> Message-ID: <20030817222018.GA30549@cybershamanix.com> On Sun, Aug 17, 2003 at 03:21:43PM -0700, Tim May wrote: > On Sunday, August 17, 2003, at 01:43 PM, Harmon Seaver wrote: > > >On Sun, Aug 17, 2003 at 02:04:09PM -0700, Tim May wrote: > >>On Sunday, August 17, 2003, at 12:33 PM, Harmon Seaver wrote: > >> > >>> Just heard about this local guy who reluctantly went to Iraq > >>>because > >>>he was in the reserves, now his contract is up (as of 7/31) and they > >>>won't let him out. > >>> > >> > >> > >>I've known for more than 40 years that there's always been language in > >>the deal the Reservists make that say they can be called back as > >>needed, in times of war. And kept in until not needed. > >> > >>If this guy didn't know that Reserve pay comes with strings attached, > >>he should have. > >> No sympathy from me. > >> > > > > That doesn't jive with the statutes: > > You said he was in the reserves. And that's what I commented on. > > Below you are quoting use of the _National Guard_. Sorry, I mispoke -- he's in the Guard. -- Harmon Seaver CyberShamanix http://www.cybershamanix.com From hseaver at cybershamanix.com Sun Aug 17 15:38:11 2003 From: hseaver at cybershamanix.com (Harmon Seaver) Date: Sun, 17 Aug 2003 17:38:11 -0500 Subject: war Crimes Message-ID: <20030817223811.GA30662@cybershamanix.com> http://counterpunch.org/cloughley08162003.html "Col. David Hogg, commander of the 2nd Brigade of the 4th Infantry Division, said tougher methods are being used to gather intelligence. On Wednesday night, he said, his troops picked up the wife and daughter of an Iraqi lieutenant general. They left a note: "If you want your family released, turn yourself in." Such tactics are justified, he said." There obviously is very, very little difference anymore between the US gov't and the Third Reich anymore. Read the whole article, it's nauseating. -- Harmon Seaver CyberShamanix http://www.cybershamanix.com From jya at pipeline.com Sun Aug 17 18:14:00 2003 From: jya at pipeline.com (John Young) Date: Sun, 17 Aug 2003 18:14:00 -0700 Subject: Jessica Stern on Jim Bell Message-ID: Jessica Stern's new book, "Terror in the Name of God : Why Religious Militants Kill," has about 8 pages on Jim Bell, in a chapter called "Lone Wolf Avengers," which is shared with the Pakistani Kansai, assassin of CIA employees. Stern says that while Bell is not a religion-based terrorist he is included in the book as an example of the solo individual with a private agenda that smacks of religion. This appears to be a stretch, but Stern stretches her material to fit an agenda. A Stern footnote says the Bell material is based on the forthcoming publication, "James Dalton Bell." She says she had numerous telephone interviews with him beginning in 2000 after making a request in 1998 during Jim's first imprisonment. Her capsule version of Jim's "crimes" and punishment is a bellweather of what may be in store for other miscreants who are fodder for terrorism careerists. To be sure, Jim may get a movie made about him, and I guess that would be his finest hour. Stern says Jim's leadership potential has so far led only to inspiring Carl Johnson to get himself thrown into prison. From timcmay at got.net Sun Aug 17 18:38:54 2003 From: timcmay at got.net (Tim May) Date: Sun, 17 Aug 2003 18:38:54 -0700 Subject: war Crimes In-Reply-To: <20030817223811.GA30662@cybershamanix.com> Message-ID: On Sunday, August 17, 2003, at 03:38 PM, Harmon Seaver wrote: > http://counterpunch.org/cloughley08162003.html > > "Col. David Hogg, commander of the 2nd Brigade of the 4th Infantry > Division, > said tougher methods are being used to gather intelligence. On > Wednesday night, > he said, his troops picked up the wife and daughter of an Iraqi > lieutenant > general. They left a note: "If you want your family released, turn > yourself > in." Such tactics are justified, he said." > > There obviously is very, very little difference anymore between the > US gov't > and the Third Reich anymore. Read the whole article, it's nauseating. Nothing surprises me about Iraq, Liberia, Kosovo, Somalia, and all of the other countries the U.S. has conquered. Suppression of the press, collection of guns, installation of malleable bureaucrats, shooting of journalists filming in public areas, outlawing of certain political parties, kidnapping of dissidents, creation of concentration camps and gulags... And what do the brainiacs think is going to happen when the Iraqis have their first ostensibly free election? Will Cheney declare it null and void? "The Constitution is too important to use in the Turd World." --Tim May "We should not march into Baghdad. To occupy Iraq would instantly shatter our coalition, turning the whole Arab world against us and make a broken tyrant into a latter- day Arab hero. Assigning young soldiers to a fruitless hunt for a securely entrenched dictator and condemning them to fight in what would be an unwinable urban guerilla war, it could only plunge that part of the world into ever greater instability." --George H. W. Bush, "A World Transformed", 1998 From cpunk at lne.com Sun Aug 17 20:00:00 2003 From: cpunk at lne.com (cpunk at lne.com) Date: Sun, 17 Aug 2003 20:00:00 -0700 Subject: Cypherpunks List Info Message-ID: <200308180300.h7I3006p009364@gw.lne.com> Cypherpunks Mailing List Information Last updated: Sep 12, 2002 This message is also available at http://www.lne.com/cpunk Instructions on unsubscribing from the list can be found below. 0. Introduction The Cypherpunks mailing list is a mailing list for discussing cryptography and its effect on society. It is not a moderated list (but see exceptions below) and the list operators are not responsible for the list content. Cypherpunks is a distributed mailing list. A subscriber can subscribe to one node of the list and thereby participate on the full list. Each node (called a "Cypherpunks Distributed Remailer", although they are not related to anonymous remailers) exchanges messages with the other nodes in addition to sending messages to its subscribers. A message posted to one node will be received by the list subscribers on the other nodes, and vice-versa. 1. Filtering The various CDRs follow different policies on filtering spam and to a lesser extent on modifying messages that go to/from their subscribers. Filtering is done, on nodes that do it, to reduce the huge amount of spam that the cypherpunks list is subjected to. There are three basic flavors of filtering CDRs: "raw", which send all messages to their subscribers. "cooked" CDRs try to eliminate the spam on that's on the regular list by automatically sending only messages that are from cypherpunks list subscribers (on any CDR) or people who are replying to list messages. Finally there are moderated lists, where a human moderator decides which messages from the raw list to pass on to subscribers. 2. Message Modification Message modification policy indicates what modifications, if any, beyond what is needed to operate the CDR are done (most CDRs add a tracking X-loop header on mail posted to their subscribers to prevent mail loops). Message modification usually happens on mail going in or out to each CDR's subscribers. CDRs should not modify mail that they pass from one CDR to the next, but some of them do, and others undo those modifications. 3. Privacy Privacy policy indicates if the list will allow anyone ("open"), or only list members, or no one ("private") , to retrieve the subscribers list. Note that if you post, being on a "private" list doesn't mean much, since your address is now out there. It's really only useful for keeping spammers from harvesting addresses from the list software. Digest mode indicates that the CDR supports digest mode, which is where the posts are batched up into a few large emails. Nodes that support only digest mode are noted. 4. Anonymous posting Cypherpunks encourages anonymous posting. You can use an anonymous remailer: http://www.andrebacard.com/remail.html http://anon.efga.org/Remailers http://www.gilc.org/speech/anonymous/remailer.html or you can send posts to the list via cpunks_anon at einstein.ssz.com and your mail's headers will be stripped before posting. Note that this doesn't provide complete anonymity since the receiving site will still have log file entries showing the source of the mail (or you have to trust that they delete them). You also will be 'sharing' a reputation with the other entities that post through this alias, and some of them are spammers, so some subscribers will have this alias filtered. 5. Unsubscribing Unsubscribing from the cypherpunks list: Since the list is run from a number of different CDRs, you have to figure out which CDR you are subscribed to. If you don't remember and can't figure it out from the mail headers (hint: the top Received: line should tell you), the easiest way to unsubscribe is to send unsubscribe messages to all the CDRs listed below. How to figure out which CDR you are subscribed to: Get your mail client to show all the headers (Microsoft calls this "internet headers"). Look for the Sender or X-loop headers. The Sender will say something like "Sender: owner-cypherpunks at lne.com". The X-loop line will say something like "X-Loop: cypherpunks at lne.com". Both of these inticate that you are subscribed to the lne.com CDR. If you were subscribed to the algebra CDR, they would have algebra.com in them. Once you have figured out which CDR you're subscribed to, look in the table below to find that CDRs unsubscribe instructions. 6. Lunatics, spammers and nut-cases "I'm subscribed to a filtering CDR yet I still see lots of junk postings". At this writing there are a few sociopaths on the cypherpunks list who are abusing the lists openness by dumping reams of propaganda on the list. The distinction between a spammer and a subscriber is nearly always very clear, but the dictinction between a subscriber who is abusing the list by posting reams of propaganda and a subscriber who is making lots of controversial posts is not clear. Therefore, we tolerate the crap. Subscribers with a low crap tolerance should check out mail filters. Procmail is a good one, although it works on Unix and Unix-like systems only. Eudora also has a capacity for filtering mail, as do many other mail readers. An example procmail recipie is below, you will of course want to make your own decisions on which (ab)users to filter. # mailing lists: # filter all cypherpunks mail into its own cypherspool folder, discarding # mail from loons. All CDRs set their From: line to 'owner-cypherpunks'. # /dev/null is unix for the trash can. :0 * ^From.*owner-cypherpunks at .* { :0: * (^From:.*ravage at ssz\.com.*|\ ^From:.*jchoate at dev.tivoli.com.*|\ ^From:.*mattd at useoz.com|\ ^From:.*proffr11 at bigpond.com|\ ^From:.*jei at cc.hut.fi) /dev/null :0: cypherspool } 7. List of current CDRs All commands are sent in the body of mail unless otherwise noted. --------------------------------------------------------------------------- Algebra: Operator: Subscription: "subscribe cypherpunks" to majordomo at algebra.com Unsubscription: "unsubscribe cypherpunks" to majordomo at algebra.com Help: "help cypherpunks" to majordomo at algebra.com Posting address: cypherpunks at algebra.com Filtering policy: raw Message Modification policy: no modification Privacy policy: ??? Info: ??? --------------------------------------------------------------------------- CCC: Operator: drt at un.bewaff.net Subscription: "subscribe [password of your choice]" to cypherpunks-request at koeln.ccc.de Unsubscription: "unsubscribe " to cypherpunks-request at koeln.ccc.de Help: "help" to to cypherpunks-request at koeln.ccc.de Web site: http://koeln.ccc.de/mailman/listinfo/cypherpunks Posting address: cypherpunks at koeln.ccc.de Filtering policy: This specific node drops messages bigger than 32k and every message with more than 17 recipients or just a line containing "subscribe" or "unsubscribe" in the subject. Digest mode: this node is digest-only NNTP: news://koeln.ccc.de/cbone.ml.cypherpunks Message Modification policy: no modification Privacy policy: ??? --------------------------------------------------------------------------- Infonex: Subscription: "subscribe cypherpunks" to majordomo at infonex.com Unsubscription: "unsubscribe cypherpunks" to majordomo at infonex.com Help: "help cypherpunks" to majordomo at infonex.com Posting address: cypherpunks at infonex.com Filtering policy: raw Message Modification policy: no modification Privacy policy: ??? --------------------------------------------------------------------------- Lne: Subscription: "subscribe cypherpunks" to majordomo at lne.com Unsubscription: "unsubscribe cypherpunks" to majordomo at lne.com Help: "help cypherpunks" to majordomo at lne.com Posting address: cypherpunks at lne.com Filtering policy: cooked Posts from all CDR subscribers & replies to threads go to lne CDR subscribers. All posts from other CDRs are forwarded to other CDRs unmodified. Message Modification policy: 1. messages are demimed (MIME attachments removed) when posted through lne or received by lne CDR subscribers 2. leading "CDR:" in subject line removed 3. "Reply-to:" removed Privacy policy: private Info: http://www.lne.com/cpunk; "info cypherpunks" to majordomo at lne.com Archive: http://archives.abditum.com/cypherpunks/index.html (thanks to Steve Furlong and Len Sassaman) --------------------------------------------------------------------------- Minder: Subscription: "subscribe cypherpunks" to majordomo at minder.net Unsubscription: "unsubscribe cypherpunks" to majordomo at minder.net Help: "help" to majordomo at minder.net Posting address: cypherpunks at minder.net Filtering policy: raw Message Modification policy: no modification Privacy policy: private Info: send mail to cypherpunks-info at minder.net --------------------------------------------------------------------------- Openpgp: [openpgp seems to have dropped off the end of the world-- it doesn't return anything from sending help queries. Ericm, 8/7/01] Subscription: "subscribe cypherpunks" to listproc at openpgp.net Unsubscription: "unsubscribe cypherpunks" to listproc at openpgp.net Help: "help" to listproc at openpgp.net Posting address: cypherpunks at openpgp.net Filtering policy: raw Message Modification policy: no modification Privacy policy: ??? --------------------------------------------------------------------------- Ssz: Subscription: "subscribe cypherpunks" to majordomo at ssz.com Unsubscription: "unsubscribe cypherpunks" to majordomo at ssz.com Help: "help cypherpunks" to majordomo at ssz.com Posting address: cypherpunks at ssz.com Filtering policy: raw Message Modification policy: Subject line prepended with "CDR:" Reply-to cypherpunks at ssz.com added. Privacy policy: open Info: http://www.ssz.com/cdr/ --------------------------------------------------------------------------- Sunder: Subscription: "subscribe" to sunder at sunder.net Unsubscription: "unsubscribe" to sunder at sunder.net Help: "help" to sunder at sunder.net Posting address: sunder at sunder.net Filtering policy: moderated Message Modification policy: ??? Privacy policy: ??? Info: ??? --------------------------------------------------------------------------- Pro-ns: Subscription: "subscribe cypherpunks" to majordomo at pro-ns.net Unsubscription: "unsubscribe cypherpunks" to majordomo at pro-ns.net Help: "help cypherpunks" to majordomo at pro-ns.net Posting address: cypherpunks at pro-ns.net Filtering policy: cooked Posts from all CDR subscribers & replies to threads go to local CDR subscribers. All posts from other CDRs are forwarded to other CDRs unmodified. Message Modification policy: 1. leading "CDR:" in subject line removed 2. "Reply-to:" removed Privacy policy: private Info: http://www.pro-ns.net/cpunk From roy at rant-central.com Sun Aug 17 17:06:13 2003 From: roy at rant-central.com (Roy M. Silvernail) Date: Sun, 17 Aug 2003 20:06:13 -0400 Subject: reliance that's scary In-Reply-To: <3F3FA2B8.561BDB5C@cdc.gov> References: <3F3FA2B8.561BDB5C@cdc.gov> Message-ID: <200308172006.13728.roy@rant-central.com> On Sunday 17 August 2003 11:43, Major Variola (ret) wrote: > I had the pleasure ca 1997 of figuring out how to browser-enable a > multiton > industrial machine (the kind with big red "stop" buttons, rotating > lights on it when it was operating, and stickers showing various forms > of dismemberment possible) once. A password was the only > access control. I hope anyone who installed this understood firewalling > > and air gapping... Don't count on it. I know of a number of the type of machine you describe that shipped with default networking on NT 4 SP3, destined for some factory's LAN. These are machine tool users, not IT grads. Think they'll remember to air-gap the tooling? They also shipped with explorer as the shell. Guess they never heard of alt-tab. Oh, and let's not forget... no virus scanner and no OS update policy. "The old DOS system didn't need those extra costs!" ;) The high point of one service call was catching the operator playing solitare on the control console of a very large and very dangerous machine. From frissell at panix.com Sun Aug 17 17:28:42 2003 From: frissell at panix.com (Duncan Frissell) Date: Sun, 17 Aug 2003 20:28:42 -0400 Subject: Bookies in Exile Message-ID: <5.2.1.1.0.20030817202500.04576cb0@mail.panix.com> Today's NYT Magazine: http://www.nytimes.com/2003/08/17/magazine/17GAMBLING.html?position=&pagewanted=print&position= August 17, 2003 Bookies in Exile By WILLIAM BERLIND Costa Rica is highly prized by the world's backpackers and sightseers for its unspoiled natural beauty, but it's easy to forget that when arriving in its grimy capital, San Jose. The newly remodeled airport is surrounded by chain hotels, freshly paved roads and shiny corporate plazas. After that it goes rapidly downhill. A dusty highway heading vaguely toward downtown takes you through the poorer suburbs of San Jose, packed with families in corrugated-tin-roof shacks. Above them, on the sides of the surrounding hills, Costa Rica's elite live behind high, fortified walls. The entire valley is blanketed with smog from auto fumes, brush fires and burned trash. This Costa Rica doesn't make for much of a postcard, but to a small group of men, Americans mostly, it is alluring, enchanting and brimming with possibilities for adventure. The men are bookmakers taking bets and dispensing winnings over the Internet, and Costa Rica has exactly what they need -- a government that welcomes new investment in almost whatever form it takes, a well-developed business environment that makes it possible get phone lines hooked up and computer equipment serviced and a sizable English-speaking population capable of manning the phones and helping customers place their bets. Legal prostitution, as well as a plethora of strip clubs, seedy casinos and bars festooned with Budweiser signs, round out the atmosphere. Betting operations are now among San Jose's most lucrative and visible enterprises, and their success has transformed the city. One prominent suburban landmark is an office building occupied by an outfit called BETonSPORTS.com. Throughout its nine floors, 1,500 Costa Ricans are employed (in mostly clerical positions) and offered amenities like on-site day care and classes to improve their English. Most of the bookmaking companies, though, are a good deal smaller and harder to see, tucked away in strip malls and shadowy side streets. The American proprietors are generally in their 30's and 40's, and for them, the Internet provides not only the means to escape the reach of American law, but also a chance to turn what had been the equivalent back home of small, local shops -- sustained by personalized attention and all the headaches that involves -- into booming, virtual superstores that can rake in action from all over the world. The experiences of these men in Costa Rica, as well as of those elsewhere in Central America and the Caribbean, started out as thrilling adventures in what seemed to them like Las Vegas in the 1950's. But as betting operations multiplied, the offshore business has become hotly competitive and complicated. Worse, in recent years lawmakers and ambitious prosecutors back in the States have been mounting ever more serious legal challenges. Returning home to a normal life now means facing the possibility of going to prison. And so, many of the bookmakers who started out so optimistically are finding themselves locked into an isolated way of life that with each passing day seems a worse bet. .... From mv at cdc.gov Sun Aug 17 22:30:48 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Sun, 17 Aug 2003 22:30:48 -0700 Subject: [cta@hcsin.net: Re: CNN: 'Explores Possibility that Power Outage is Related to Internet Worm'] Message-ID: <3F406487.F3E0560E@cdc.gov> At 01:50 PM 8/17/03 -0400, Sunder wrote: >Techie: "It's outdated, it will collapse." Sometimes its easier to ask forgiveness after than to ask for permission before. Sometimes you have to let the system crash so others see its weakness. Ca often runs within a few percent of available juice during the summer too. A fire under a transmission line, an unscheduled downage, we can play dominoes too. From mv at cdc.gov Sun Aug 17 22:33:55 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Sun, 17 Aug 2003 22:33:55 -0700 Subject: Faith-based Drug Wars Message-ID: <3F406543.E6BE4ED4@cdc.gov> At 04:26 PM 8/17/03 -0400, Tim Meehan wrote: >Faith-based drug wars >The new anti-drug project is built around three premises which are spelled out >in a fact sheet titled "Marijuana and Kids: Faith": Hey, wait a minute, the government is not supposed to be supporting any religion, and promoting the Rastafarians seems out of character.. >2) "Religion and religiosity repeatedly correlate with lower teen and adult >marijuana and substance use rates Not if you smoke the right shit The Taliban -a Faith Based Organization. From mv at cdc.gov Sun Aug 17 22:37:15 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Sun, 17 Aug 2003 22:37:15 -0700 Subject: US soldiers in Iraq held against their will Message-ID: <3F40660B.47D47BA5@cdc.gov> At 02:33 PM 8/17/03 -0500, Harmon Seaver wrote: > Just heard about this local guy who reluctantly went to Iraq because >he was in the reserves, now his contract is up (as of 7/31) and they >won't let him out. Did he reluctantly take the $$$ to be in the reserves, too? > my >enlistment contract ended and the I have been involuntarily extended. SOP. Happened during the Yugo thang too. >I >am now a prisoner of the US army. Pity the volunteer moral zombie! Sucks to give up control to .mil, no? I find it very troubling that the USA >would force people against their free will to be in >the military, It hasn't, it only requires males to register. So far. Maybe Faust should be required reading for potential warriors? From shaddack at ns.arachne.cz Sun Aug 17 14:06:10 2003 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Sun, 17 Aug 2003 23:06:10 +0200 (CEST) Subject: Slective DoS on enemy communication by a P2P WLAN Message-ID: http://www.theregister.co.uk/content/68/32361.html US forces to target enemy mobiles with P2P WLANs By Tony Smith Posted: 15/08/2003 at 11:22 GMT The US military is developing a weapon based on peer-to-peer technology to take out mobile phone communications, the US Department of Defence has revealed. The system also has the capability to covertly monitor cellular traffic. Codenamed 'WolfPack', the device is intended to prevent an enemy from using its communications technologies, including cellular, without hindering US forces' own communications systems. WolfPack is a 6 x 4in cylinder weighing 6lbs, capable of being dropped by parachute or fired into the target area as a missile payload. Each device zaps mobile phone communications within a radius of half a kilometre. "The idea is to litter the battlefield with these small objects," WolfPack programme manager Preston Marshall in a statement. The battery-powered device contains an inflatable antenna. Fins mounted inside the cylinder extend from the device on touchdown to lift it into a vertical position. Once in place and with the aerial up, each WolfPack until begins communicating with any others it can detect. Together, they quickly establish a network. Other networks in range can tie in too, creating, if you will, an 'Internet' of WolfPack nodes, which ultimately allows data from any single device to be routed across the network of networks to the command centre. Each cylinder can generate radio signal to disrupt cellular traffic, said Marshall. "Each WolfPack is very small, but collectively they gang up on the signal," he added. Equally, the units can used to monitor enemy communications signals. Think of it as a Napster for military intelligence - each device can share the signals it picks up with all the others. Units can stay powered for up to two months in the field, and can be later collected and re-used. Each node costs around $10,000. Together, they are cheaper, less obtrusive and a much less obvious target for enemy intervention than the aircraft-based systems used to jam or monitor communications at the moment. WolfPack prototypes will be put to the test with in the next 18 months, the DoD said. . From jtrjtrjtr2001 at yahoo.com Mon Aug 18 02:44:16 2003 From: jtrjtrjtr2001 at yahoo.com (Sarad AV) Date: Mon, 18 Aug 2003 02:44:16 -0700 (PDT) Subject: paradoxes of randomness In-Reply-To: <20030817112349.GA22813@diamond.madduck.net> Message-ID: <20030818094416.64032.qmail@web21201.mail.yahoo.com> hi, --- martin f krafft wrote: > > Okay- I need 5 bits to represent 32 coins.I count > as > > coin 0,coin 1,... coin 31. > > No, you can't count coin 0. Or how will you > represent no coins? I thought i could use the null set to point to the first coin,simply as a one to one mapping but then i can't represent no coins. Thanks for the clarification. Regards Sarath. __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com From jtrjtrjtr2001 at yahoo.com Mon Aug 18 03:24:29 2003 From: jtrjtrjtr2001 at yahoo.com (Sarad AV) Date: Mon, 18 Aug 2003 03:24:29 -0700 (PDT) Subject: paradoxes of randomness In-Reply-To: <26B3948E-D0D5-11D7-B701-000A956B4C74@got.net> Message-ID: <20030818102429.35436.qmail@web21208.mail.yahoo.com> hi, Hope you can help on this. --- Tim May wrote: > I hope you are not saying that you think there will > always be 16 heads > and 16 tails! In a perfectly random experiment,how many tails and how many heads do we get? thanks. Regards Sarath. __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com From jtrjtrjtr2001 at yahoo.com Mon Aug 18 06:37:49 2003 From: jtrjtrjtr2001 at yahoo.com (Sarad AV) Date: Mon, 18 Aug 2003 06:37:49 -0700 (PDT) Subject: *** GMX Spamverdacht *** Re: paradoxes of randomness In-Reply-To: <019501c3657a$39634b50$c71121c2@exchange.sharpuk.co.uk> Message-ID: <20030818133749.33571.qmail@web21205.mail.yahoo.com> hi, Thank you-one more question. Will the information obtained from the 2^32 tests have a zero compression rate? If one of the occurance should yield all heads and one occurance yields all tails-there appears to be scope for compression. If the output is random,then it will have no mathametical structure,so I shouldn't be able to compress it at all. Regards Sarath. --- Dave Howe wrote: > for a sufficiently large sample you *should* see > roughly equal numbers of > heads and tails in the average case - but : > for 32 coins in 2^32 tests you should see: > one occurance of all heads (and one of all tails) > 32 occurances of one tail, 31 heads (and 32 of one > head, 31 tails) > 496 occurances of two > and so forth up the chain > none of these are guaranteed - it *is* random after > all - but given a > sufficiently large number of tests, statistically > you should see the > above. > __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com From timcmay at got.net Mon Aug 18 08:02:59 2003 From: timcmay at got.net (Tim May) Date: Mon, 18 Aug 2003 08:02:59 -0700 Subject: paradoxes of randomness In-Reply-To: <20030818102429.35436.qmail@web21208.mail.yahoo.com> Message-ID: <0EA09B93-D18D-11D7-8500-000A956B4C74@got.net> On Monday, August 18, 2003, at 03:24 AM, Sarad AV wrote: > hi, > > Hope you can help on this. > > --- Tim May wrote: > > >> I hope you are not saying that you think there will >> always be 16 heads >> and 16 tails! > > In a perfectly random experiment,how many tails and > how many heads do we get? > First, those who think there are "perfectly random" experiments or numbers are living in a state of sin, to paraphrase John von Neumann. Second, despite the above, good approximations to random behavior are easy to obtain: radioactive decays, lava lamps, Johnson noise in diodes, etc. The important aspects of probability theory emerge even with "imperfect" sources of apparent randomness. Third, the expected distribution of heads and tails in a series of 32 coin tosses is approximated closely by the binomial distribution. The key concepts are combinations and permutations. The expected probability of "all heads" is given by (0.5)^32. There are more chances of seeing 1 head and 31 tails, as the head can appear in any of the 32 positions. ("the combination of 32 things taken 1 at a time"). And so on, up to the maximum of 16 heads, 16 tails...although this particular outcome is not very likely. Fourth, my point was that there is relatively low probability that 32 tosses will result in exactly 16 heads and 16 tails. Given enough experiments, the distribution of outcomes will approximately follow the familiar bell-shaped curve, centered at 16H/16T, but with some chance of each of 0H/32T, 1H/31T,...., 31H/0T, 32H/0T. Fifth, not to sound harsh or snippy or sarcastic, but this is really basic stuff. There is a big gap in your education. Even if not taught this in 9th grade (or whatever the equivalent is in India), this is stuff that should be apparent through thinking about the way chance events occur. I urge you to suspend your "advanced math" questions until you have gone back over the more basic things. (It's crazy to try to understand entropy and the algorithmic information theory work of Greg Chaitin and others without knowing the 18th-century results on probability of people like Pascal, Poisson, etc.) There are many Web pages with class notes on probability, encyclopedia entries, etc. And I suggest experiments with coin tosses. And cards. And dice. --Tim May "A complex system that works is invariably found to have evolved from a simple system that worked ...A complex system designed from scratch never works and cannot be patched up to make it work. You have to start over, beginning with a working simple system." -- Grady Booch From timcmay at got.net Mon Aug 18 08:09:57 2003 From: timcmay at got.net (Tim May) Date: Mon, 18 Aug 2003 08:09:57 -0700 Subject: paradoxes of randomness In-Reply-To: <20030818133749.33571.qmail@web21205.mail.yahoo.com> Message-ID: <077B5A35-D18E-11D7-8500-000A956B4C74@got.net> On Monday, August 18, 2003, at 06:37 AM, Sarad AV wrote: > hi, > > Thank you-one more question. > Will the information obtained from the 2^32 tests have > a zero compression rate? > If one of the occurance should yield all heads and one > occurance yields all tails-there appears to be scope > for compression. This outcome is compressible because it has a short description. > > If the output is random,then it will have no > mathametical structure,so I shouldn't be able to > compress it at all. > Our best current description of randomness is that something is random when it has no _shorter_ description than itself. (A point of view variously credited to Komogoroff, Chaitin, and Solomonoff.) But, as I said in my last post, before you try to understand algorithmic information theory, you need to learn the basics of probability. Without understanding things like combinations and permutations, binomial and Poisson distributions, the law of large numbers, standard deviations, etc., your philosophizing will be ungrounded. You can read articles some of us wrote here about 10-11 years ago by using Google on the obvious terms. --Tim May "We should not march into Baghdad. To occupy Iraq would instantly shatter our coalition, turning the whole Arab world against us and make a broken tyrant into a latter- day Arab hero. Assigning young soldiers to a fruitless hunt for a securely entrenched dictator and condemning them to fight in what would be an unwinable urban guerilla war, it could only plunge that part of the world into ever greater instability." --George H. W. Bush, "A World Transformed", 1998 From hseaver at cybershamanix.com Mon Aug 18 06:20:17 2003 From: hseaver at cybershamanix.com (Harmon Seaver) Date: Mon, 18 Aug 2003 08:20:17 -0500 Subject: US soldiers in Iraq held against their will In-Reply-To: <3F40660B.47D47BA5@cdc.gov> References: <3F40660B.47D47BA5@cdc.gov> Message-ID: <20030818132017.GA31533@cybershamanix.com> On Sun, Aug 17, 2003 at 10:37:15PM -0700, Major Variola (ret) wrote: > At 02:33 PM 8/17/03 -0500, Harmon Seaver wrote: > > Just heard about this local guy who reluctantly went to Iraq because > > >he was in the reserves, now his contract is up (as of 7/31) and they > >won't let him out. > > Did he reluctantly take the $$$ to be in the reserves, too? > > > my > >enlistment contract ended and the I have been involuntarily extended. > > SOP. Happened during the Yugo thang too. So a contract isn't a contract anymore, eh? It's changed unilaterally by USG whenever and however they want? Well, I suppose there's good precedence for that too -- ask any Native American. (snip) > > I find it very troubling that the USA > >would force people against their free will to be in > >the military, > > It hasn't, it only requires males to register. So far. > It certainly is in this case, and, I'm sure, in many others. If you sign a contract to work for me for a year, and at the end of that year, I lock the factory door and won't let you out, send big mean guys with guns to make sure you stay seated at your machine and keep working -- what would you call that? Slavery? -- Harmon Seaver CyberShamanix http://www.cybershamanix.com From bill.stewart at pobox.com Mon Aug 18 08:59:48 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Mon, 18 Aug 2003 08:59:48 -0700 Subject: CAPPS II is back - DontSpyOn.US Message-ID: <5.1.1.6.2.20030818085745.0b7a1928@idiom.com> Bill Scannell, who did the Boycott Delta project about CAPPS II, reports that they're back. ------------------------------------------------------------------------ CAPPS II testing has been restarted. The Department of Homeland Security's Transportation Security Administration continues in its attempts to set up defacto internal border controls at our nation's airports. In response to the collaboration of Galileo, a subsidiary of Cendant, Inc. in this test of the CAPPS II system, a disinvestment campaign has been launched at: http://www.dontspyon.us The idea of citizens having to undergo a background investigation simply to travel in his or her own country is invasive and un-American. The CAPPS II system goes far beyond what any thinking citizen of this country should consider reasonable. That citizens will be required to provide detailed personal information to private companies that can be used for tracking and marketing purposes is repugnant. If enough people refuse to conduct business with Galileo or any of its sister companies, then it is likely that other Computerized Reservation Systems (CRS) will refuse to implement this sadly misguided and anti-democratic program. The boycott will remain in full effect until Galileo publicly withdraws from any involvement with the testing of CAPPS II. 777 --- 777 777 --- 777 "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." - Benjamin Franklin From hseaver at cybershamanix.com Mon Aug 18 07:02:31 2003 From: hseaver at cybershamanix.com (Harmon Seaver) Date: Mon, 18 Aug 2003 09:02:31 -0500 Subject: US soldiers in Iraq held against their will In-Reply-To: <3F40E829.302@email-tc3.5sigcmd.army.mil> References: <3F40660B.47D47BA5@cdc.gov> <20030818132017.GA31533@cybershamanix.com> <3F40E829.302@email-tc3.5sigcmd.army.mil> Message-ID: <20030818140231.GA32479@cybershamanix.com> On Mon, Aug 18, 2003 at 04:52:25PM +0200, Thoenen, Peter CIV Sprint wrote: > > On a semi related side note, how long has this guy been in (total length of > service)? All personnel when they join the US Military are quite clearly > informed they have an 8-year commitment, regardless of how long their > initial enlistment is. If your initial commitment is less than 8 years, > you are moved into the Inactive Ready Reserve (IRR) for the remainder of > the 8 years. (E.g. you enlist for 4 years active or ready reserve (weekend > warriors); you will also spend 4 years in IRR). This is the guard. (snip) > > On that same note, any weekend warrior who complains about being activated > has no sympathy from me. Take the devils coin, be prepared to do his work > also. Yup - I don't have any sympathy for him being called up and sent over, but when the contract is over, the law says they have to release him and can't extend his hitch. -- Harmon Seaver CyberShamanix http://www.cybershamanix.com From timcmay at got.net Mon Aug 18 09:53:22 2003 From: timcmay at got.net (Tim May) Date: Mon, 18 Aug 2003 09:53:22 -0700 Subject: *** GMX Spamverdacht *** Re: *** GMX Spamverdacht *** Re: *** GMX Spamverdacht *** Re: paradoxes of randomness In-Reply-To: <024801c365a2$0387bac0$c71121c2@exchange.sharpuk.co.uk> Message-ID: <7A3B15A5-D19C-11D7-8500-000A956B4C74@got.net> (Will whomever prepending this "Re: *** GMX Spamverdacht ***" header please STOP.) On Monday, August 18, 2003, at 09:01 AM, Dave Howe wrote: > randomness is a funny thing. a truely random file can be *anything* > that > is the right length - including a excerpt from william shakespere > (provided you have enough monkeys) > it is most likely to be random garbage, for a large sample - but for a > very small sample the odds of it being an ordered sample are > surprisingly > good. Quibble: only surprising if one misunderstands probability. (Not saying you do, just quibbling with any claim that readily calculated probabilities can be "surprising.") > the obvious example here is a double coin test - two bits. an ordered > sample would be both heads or both tails. a disordered sample would be > one > head and one tail. in practice, you would expect to see half the > results > from a larger trial (say 32 double-throws) with a ordered sample, and > half > disordered. > as you reach three coins, the odds of a completely ordered result > decrease > (from 2 in 2^2, to 2 in 2^3). for four coins, you still have the same > two > compressable results. consider: > HHHH HHHT HHTH HHTT > HTHH HTHT HTTH HTTT > THHH THHT THTH THTT > TTHH TTHT TTTH TTTT > > in a large trial, you would expect to see each of these once every 2^4 > tests, on the average. obviously HHHH and TTTT are very compressable. > assuming a runlength encoding, I don't think any of the others are > compressable at all...."We should not march into Baghdad. To occupy > Iraq would instantly shatter our coalition, turning the whole Arab world against us and make a broken tyrant into a latter- day Arab hero. Assigning young soldiers to a fruitless hunt for a securely entrenched dictator and condemning them to fight in what would be an unwinable urban guerilla war, it could only plunge that part of the world into ever greater instability." --George H. W. Bush, "A World Transformed", 1998 For any sequence of n fair tosses, the "length after compression" of the outcome is roughly, modulo some constants and factor, (1 - 2^(-n)), where "1" is the uncompressed length. In other words, as n gets large nearly all strings have a "length after compression" that is close to the original length, i.e., little compression. As n gets arbitrarily large, an arbitrarily small fraction of strings have a short, concise description (are "compressed"). --Tim May From DaveHowe at gmx.co.uk Mon Aug 18 04:16:41 2003 From: DaveHowe at gmx.co.uk (Dave Howe) Date: Mon, 18 Aug 2003 12:16:41 +0100 Subject: *** GMX Spamverdacht *** Re: paradoxes of randomness References: <20030818102429.35436.qmail@web21208.mail.yahoo.com> Message-ID: <019501c3657a$39634b50$c71121c2@exchange.sharpuk.co.uk> Sarad AV wrote: > In a perfectly random experiment,how many tails and > how many heads do we get? we don't know - or it wouldn't be random :) for a sufficiently large sample you *should* see roughly equal numbers of heads and tails in the average case - but : for 32 coins in 2^32 tests you should see: one occurance of all heads (and one of all tails) 32 occurances of one tail, 31 heads (and 32 of one head, 31 tails) 496 occurances of two and so forth up the chain none of these are guaranteed - it *is* random after all - but given a sufficiently large number of tests, statistically you should see the above. From sunder at sunder.net Mon Aug 18 10:14:26 2003 From: sunder at sunder.net (Sunder) Date: Mon, 18 Aug 2003 13:14:26 -0400 (edt) Subject: Blackout in NYC In-Reply-To: Message-ID: Yup. I got the fuck out of NYC as fast as I could. Walked for about 3 hrs incl. over a bridge. :) Made sure I got there before dark. I outwalked the busses! That's how bad traffic was for cars. The bars were already happy places at 5pm with lots of crowds in front of them extending out into the streets... this is probably one of the major reasons it was so civil. The other was that the outage did not occur while it was already dark, and the third likely due to the previous "Get the fuck out of NYC" when the WTC turned to dust. At work we are still experiencing outages as our ISP is down because their ISP is down. Even more fun, our phone system goes through the ISP, so that's down too. This is what you get when you pay the lowest price you can. I expect this is the same reason this outtage occured in the first place. Everyone cutting corners, etc. (See my previous rant.) My fault for working for a small .com rather than a big company, but no one is hiring sysadmins these days unless they're wet behind the ears and are willing to take $40K, or they're outsourcing to the likes of EDS. I've got lots of fun exposure to EDS outsourcing quality of service - those guys are total morons. Asked them to reboot one machine, and got back 30 emails saying "not my dept." Took about 4-5 hours to get a machine rebooted when it should have taken less than 5 mins. On another occasion they couldn't figure out how to get their internal and external DNS to point to the same host... and they actually have an entire DNS dept! To quote Homer, D'Oh! Hopefully IBM's outsourcing gig is better. To anyone thinking they can outsource IT and/or systems admins, I wish you the best. You'll need it. In the end, you get what you pay for. Every fucking time. No exceptions. Sure, Raj is cheaper than me. But that's the level of service you should expect too, 'cause you'll get it! I won't comment on the previous NYC outage/riots as I wasn't in NYC at the time. ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------ On Fri, 15 Aug 2003, Tyler Durden wrote: > Sarad wrote... > > >For a moment think of all the iraqi's with power > >grids taken out now enjoying the 120+ farenhiet sun. A > >few hours of luxury was gone and it was breaking news > >in bbc. > > Although I appreciate the sentiment, your not really getting this. The > timing was such that long-term impact was minimal. But if the blackout had > come earlier in the day, and lasted for a few days, that outsourcing > operation you work for might have been affected (ie, closed). Wall Street is > here, for one, and Wall Street these days needs power. > > Also, NYC now just assumes that power will be there. In 1975 the riots were > fairly interesting...the wrong set of conditions could have made this MUCH > more interesting (I was on a plane that landed a few hours after the > blackouts began. I made my way to my residence as quickly as I could just in > case things were going to get interesting again...) > > As for the racist undertones in BBC and Amercian newfocus, I totally agree. From rsw at jfet.org Mon Aug 18 10:26:12 2003 From: rsw at jfet.org (Riad S. Wahby) Date: Mon, 18 Aug 2003 13:26:12 -0400 Subject: paradoxes of randomness In-Reply-To: <077B5A35-D18E-11D7-8500-000A956B4C74@got.net>; from timcmay@got.net on Mon, Aug 18, 2003 at 08:09:57AM -0700 References: <20030818133749.33571.qmail@web21205.mail.yahoo.com> <077B5A35-D18E-11D7-8500-000A956B4C74@got.net> Message-ID: <20030818132612.B27934@positron.mit.edu> Tim May wrote: > But, as I said in my last post, before you try to understand > algorithmic information theory, you need to learn the basics of > probability. Without understanding things like combinations and > permutations, binomial and Poisson distributions, the law of large > numbers, standard deviations, etc., your philosophizing will be > ungrounded. A good place to learn the basics: http://web.jfet.org/6.041-text/ -- Riad Wahby rsw at jfet.org MIT VI-2 M.Eng From sunder at sunder.net Mon Aug 18 11:29:15 2003 From: sunder at sunder.net (Sunder) Date: Mon, 18 Aug 2003 14:29:15 -0400 (edt) Subject: Superpowers distribute 750,000 shoulder-fired missiles, cook their own gooses In-Reply-To: <0upvjvgsc8pat1j500l5ur3t3lrp8pubjc@4ax.com> Message-ID: Could you turn that into an mp3 and email a url to it? ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------ On Sun, 17 Aug 2003, Tim Meehan wrote: > Tyler Durden said: > > >Most people in this neck of the woods continue to believe that that flight > >that went down over Long Island a few years ago was actually shot > >down...many witnesses saw a rocket go up and hit the plane. > >The government, of course, denies it. God forbid the airlines collapse. > > The CIA's official explanation of the event, even to this layman, is > aerodynamically impossible. Let me say that the TWA 800 coverup has a lot to do > with my cynicism about what really happened on 9/11. (I have a copy of the > Howard Stern show from that day, and chopper reporter that Howard fed in clearly > reports a second, massive explosion just before the south tower collapsed. > Speaking with an ironworker who worked on the cleanup only brought more > questions as to the "real" cause of the collapses.) > > -Tim From ptrei at rsasecurity.com Mon Aug 18 12:04:53 2003 From: ptrei at rsasecurity.com (Trei, Peter) Date: Mon, 18 Aug 2003 15:04:53 -0400 Subject: Superpowers distribute 750,000 shoulder-fired missiles, cook their own gooses Message-ID: > > Tyler Durden said: > > > > >Most people in this neck of the woods continue to believe that that > flight > > >that went down over Long Island a few years ago was actually shot > > >down...many witnesses saw a rocket go up and hit the plane. > > >The government, of course, denies it. God forbid the airlines collapse. > > > > The CIA's official explanation of the event, even to this layman, is > > aerodynamically impossible. Let me say that the TWA 800 coverup has a > lot to do > > with my cynicism about what really happened on 9/11. (I have a copy of > the > > Howard Stern show from that day, and chopper reporter that Howard fed in > clearly > > reports a second, massive explosion just before the south tower > collapsed. > > Speaking with an ironworker who worked on the cleanup only brought more > > questions as to the "real" cause of the collapses.) > > > > -Tim > Both of these these stories lack plausibility as far as I'm concerned. 1. For Flight 800: Why would a terrorist wait so long, and shoot at a plane at such an extreme altitude and range? It would have made a lot more sense to fire just after it got off the ground. Far less chance of a miss. 2. WTC: If you have the ability to insert tower-busting bombs into the WTC towers, why the hell would you go to the trouble of doing the plane thing? It tooks extra months/years, with high training costs, many extra people, and a substantial chance of failure or detection. For that matter, why the hell would you wait the better part of an hour before blowing the charge? Sometimes you just have to remember Occam's Razor. Terrorists may do evil things, but they are not usually that stupid. Peter Trei From billy at dadadada.net Mon Aug 18 12:34:31 2003 From: billy at dadadada.net (BillyGOTO) Date: Mon, 18 Aug 2003 15:34:31 -0400 Subject: Superpowers distribute 750,000 shoulder-fired missiles, cook their own gooses In-Reply-To: References: Message-ID: <20030818193431.GA6385@mail.dadadada.net> On Mon, Aug 18, 2003 at 03:04:53PM -0400, Trei, Peter wrote: > Both of these these stories lack plausibility as far as I'm concerned. > 2. WTC: If you have the ability to insert tower-busting bombs into > the WTC towers, why the hell would you go to the trouble of doing the > plane thing? It tooks extra months/years, with high training costs, many > extra people, and a substantial chance of failure or detection. > For that matter, why the hell would you wait the better part of > an hour before blowing the charge? Rather than a terrorist bomb, could it have been a damage control function by the good guys? The objective in such a case being a controlled collapse. I imagine it could take far longer than an hour to place such charges. My ignorance is probably obvious from the question, but I've heard this idea bandied about before. I'd imagine that if this were the case, expert engineers studying the collapse would recognize it instantly, so it doesn't seem too probable. Just throwing it out there. From mike at shinn.net Mon Aug 18 13:04:18 2003 From: mike at shinn.net (Michael Shinn) Date: Mon, 18 Aug 2003 16:04:18 -0400 Subject: US soldiers in Iraq held against their will In-Reply-To: <20030818140231.GA32479@cybershamanix.com> References: <3F40660B.47D47BA5@cdc.gov> <20030818132017.GA31533@cybershamanix.com> <3F40E829.302@email-tc3.5sigcmd.army.mil> <20030818140231.GA32479@cybershamanix.com> Message-ID: <1061237057.7112.47.camel@localhost.localdomain> On Mon, 2003-08-18 at 10:02, Harmon Seaver wrote: > On Mon, Aug 18, 2003 at 04:52:25PM +0200, Thoenen, Peter CIV Sprint wrote: > > > > On a semi related side note, how long has this guy been in (total length of > > service)? All personnel when they join the US Military are quite clearly > > informed they have an 8-year commitment, regardless of how long their > > initial enlistment is. If your initial commitment is less than 8 years, > > you are moved into the Inactive Ready Reserve (IRR) for the remainder of > > the 8 years. (E.g. you enlist for 4 years active or ready reserve (weekend > > warriors); you will also spend 4 years in IRR). > > > This is the guard. Don't forget the reserves in additional to the Guard. One point, its a bit of a stretch to call the guard or reserves "weekend warriors" anymore. Many of those units are deployed on active duty for long stretches of time (12 months or longer) due to increasing military committments around the world. Further, many of the SF groups, which see a lot of use these days, are part of the National Guard as well and rarely go unused by the Pentagon. -- Michael T. Shinn KeyID: 91C0781F Key fingerprint = 05 81 9F 80 0E CE DB AE 02 6F 0D B8 D9 CC 0F A2 http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91C0781F From Vincent.Penquerch at artworks.co.uk Mon Aug 18 08:33:18 2003 From: Vincent.Penquerch at artworks.co.uk (Vincent Penquerc'h) Date: Mon, 18 Aug 2003 16:33:18 +0100 Subject: *** GMX Spamverdacht *** Re: paradoxes of randomness Message-ID: > If the output is random,then it will have no > mathametical structure,so I shouldn't be able to > compress it at all. You could very well end up with all tails. That's a sequence that has the same probability of happening that any other sequence. A compressor will look for redundancy in the input you give it, not in the algorithm you used to generate that input (conceptually, a compressor could deduce the (determinist) algorithm from the output, but if you bring it true randomness, chances are it will not). Thus, a compressor will compress very well a sequence made of all tails, but badly another which exhibits no detectable redundancy. Once you have the sequence, you lost a lot of info about whatever algorithm was used to generate it. A sequence of all tails could have been generated by a simple algorithm which generates all tails. That's an emergement description of this one particular sequence, but one that would not apply to *all* sequences your algorithm can ever produce. That's lost information, and that's why it can be compressed. -- Vincent Penquerc'h From peter.thoenen at email-tc3.5sigcmd.army.mil Mon Aug 18 07:52:25 2003 From: peter.thoenen at email-tc3.5sigcmd.army.mil (Thoenen, Peter CIV Sprint) Date: Mon, 18 Aug 2003 16:52:25 +0200 Subject: US soldiers in Iraq held against their will In-Reply-To: <20030818132017.GA31533@cybershamanix.com> References: <3F40660B.47D47BA5@cdc.gov> <20030818132017.GA31533@cybershamanix.com> Message-ID: <3F40E829.302@email-tc3.5sigcmd.army.mil> Harmon Seaver wrote: > On Sun, Aug 17, 2003 at 10:37:15PM -0700, Major Variola (ret) wrote: > >>At 02:33 PM 8/17/03 -0500, Harmon Seaver wrote: >> >>> Just heard about this local guy who reluctantly went to Iraq because >> >>>he was in the reserves, now his contract is up (as of 7/31) and they >>>won't let him out. >> >>Did he reluctantly take the $$$ to be in the reserves, too? >> >> >>>my >>>enlistment contract ended and the I have been involuntarily extended. >> >>SOP. Happened during the Yugo thang too. On a semi related side note, how long has this guy been in (total length of service)? All personnel when they join the US Military are quite clearly informed they have an 8-year commitment, regardless of how long their initial enlistment is. If your initial commitment is less than 8 years, you are moved into the Inactive Ready Reserve (IRR) for the remainder of the 8 years. (E.g. you enlist for 4 years active or ready reserve (weekend warriors); you will also spend 4 years in IRR). While in the IRR you have no requirements other than to keep the government informed of your current contact information. You have no drills and receive no benefits. The US Government though reserves the right to call you up at whim any time during this period. I am curious if this person is still within his 8-year commitment even though he completed his initial commitment. If he is still within this 8 year window, he doesnt have a leg to stand on nor my sympathy. On that same note, any weekend warrior who complains about being activated has no sympathy from me. Take the devils coin, be prepared to do his work also. The few folk that have my sympathy are those IRR folk that have be activated. I have a couple IRR buddies who haven't so much as thought about the military in years all of a sudden get activated for Iraq, now thats something to complain about. 4 years active, 3 years smoking dope in college, then a call from the good old us army ordering you to report to your IRR unit within 48 hours and go to Iraq. Those are the folk I feel sorry for. They did their time, got out, and didn't continue to take the devils coin ever 4th weekend. >> >>It hasn't, it only requires males to register. So far. >> > How is that for some equally rights. Women continue to whine and cry that they are being discriminated against in the military as the military refused to open up certain all male MOS's (18 and 11 series to name a couple) yet I don't see them hounding congress for the equal right to be drafted. Nothing like having your cake and getting to eat it to. ** OFFTOPIC: Anybody remember the exact saying (and who coined it) about if you take the Devil's coin, don't complain about doing the Devil's work. I can not seem to find the exact text ** -Peter DISCLAIMER: Like always, this email is the personal opinion of Peter Thoenen and not condoned by Sprint or the US Army. [demime 0.97c removed an attachment of type application/pgp-signature] From DaveHowe at cmn.sharp-uk.co.uk Mon Aug 18 09:01:38 2003 From: DaveHowe at cmn.sharp-uk.co.uk (Dave Howe) Date: Mon, 18 Aug 2003 17:01:38 +0100 Subject: *** GMX Spamverdacht *** Re: *** GMX Spamverdacht *** Re: paradoxes of randomness References: <20030818133749.33571.qmail@web21205.mail.yahoo.com> Message-ID: <024801c365a2$0387bac0$c71121c2@exchange.sharpuk.co.uk> Sarad AV wrote: > Will the information obtained from the 2^32 tests have > a zero compression rate? > If one of the occurance should yield all heads and one > occurance yields all tails-there appears to be scope > for compression. In that one case, yes. The compression will vary based on the deviation from an ideally compressable sample - for *any* bit pattern 0x0000 to 0xFFFF you would expect to see it once in 2^32 trials (by definition) therefore you will get a mix of compressable and uncompressable patterns, with uncompressable patterns being more likely (simply because there are more of them in the full range of available patterns 0x0000 to 0xFFFF > If the output is random,then it will have no > mathametical structure,so I shouldn't be able to > compress it at all. randomness is a funny thing. a truely random file can be *anything* that is the right length - including a excerpt from william shakespere (provided you have enough monkeys) it is most likely to be random garbage, for a large sample - but for a very small sample the odds of it being an ordered sample are surprisingly good. the obvious example here is a double coin test - two bits. an ordered sample would be both heads or both tails. a disordered sample would be one head and one tail. in practice, you would expect to see half the results from a larger trial (say 32 double-throws) with a ordered sample, and half disordered. as you reach three coins, the odds of a completely ordered result decrease (from 2 in 2^2, to 2 in 2^3). for four coins, you still have the same two compressable results. consider: HHHH HHHT HHTH HHTT HTHH HTHT HTTH HTTT THHH THHT THTH THTT TTHH TTHT TTTH TTTT in a large trial, you would expect to see each of these once every 2^4 tests, on the average. obviously HHHH and TTTT are very compressable. assuming a runlength encoding, I don't think any of the others are compressable at all..... From DaveHowe at cmn.sharp-uk.co.uk Mon Aug 18 10:41:22 2003 From: DaveHowe at cmn.sharp-uk.co.uk (Dave Howe) Date: Mon, 18 Aug 2003 18:41:22 +0100 Subject: paradoxes of randomness References: <7A3B15A5-D19C-11D7-8500-000A956B4C74@got.net> Message-ID: <039501c365af$f0fadb40$c71121c2@exchange.sharpuk.co.uk> Tim May wrote: > (Will whomever prepending this "Re: *** GMX Spamverdacht ***" header > please STOP.) that would be my email provider - and hence me. sorry. They suck in many ways, but they give an efficient free service with tls support; one of the ways they suck is to either a) hide some of your mail in a folder invisible to pop3 (so you have to use their german-only and non-fishable interface to go look) b) add that bloody stupid header to random emails that they think are spam (no idea what criteria is in use as it is all in german) > Quibble: only surprising if one misunderstands probability. (Not > saying you do, just quibbling with any claim that readily calculated > probabilities can be "surprising.") I meant surprising for Sarad - Much of this discussion pre-assumes that he *does* misunderstand probability but is willing to substitute our collective insanity for his current ignorance :) Erm - what was that? a misplaced .sig? From bill.stewart at pobox.com Tue Aug 19 00:40:40 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Tue, 19 Aug 2003 00:40:40 -0700 Subject: Superpowers distribute 750,000 shoulder-fired missiles, cook their own gooses In-Reply-To: <0upvjvgsc8pat1j500l5ur3t3lrp8pubjc@4ax.com> References: Message-ID: <5.1.1.6.2.20030819003040.02fb2c60@idiom.com> At 04:38 PM 08/17/2003 -0400, Tim Meehan wrote: >The CIA's official explanation of the event, even to this layman, is >aerodynamically impossible. Let me say that the TWA 800 coverup has a lot >to do >with my cynicism about what really happened on 9/11. The Feds spent a lot of time saying "We haven't proven it's not terrorists" "Just in case it's terrorists we'll impede your right to travel" "Could be terrorists, but we haven't definitively ruled it out" "Civil rights? What civil rights?" "Be afraid, it might have been terrorists" "No, we're not requiring the airlines to demand ID, that's voluntary" "Unabombers under the bed!" "Of course you need Gov't ID to travel" "Really, we're in control, trust us!" "Those aren't the civil rights you're looking for" "[expletive deleted]! Looks like it was an electrical problem on TWA800" "Give *what* civil rights back? You've *always* had to give ID to travel!" The real coverup was that the Feds didn't have the jurisdiction to impose travel controls on Americans, but they could get the airlines to claim that the Feds were requiring them to do it, which the airlines liked because it reduced the ability of travellers to resell cheap tickets, and that when the ostensible terrorists were accounted for (TWA800 was a genuine accident, and Teddy the K was caught), they weren't going to reduce their controls or lying, because they really *liked* controlling our travel. From jtrjtrjtr2001 at yahoo.com Tue Aug 19 03:13:07 2003 From: jtrjtrjtr2001 at yahoo.com (Sarad AV) Date: Tue, 19 Aug 2003 03:13:07 -0700 (PDT) Subject: paradoxes of randomness In-Reply-To: <039501c365af$f0fadb40$c71121c2@exchange.sharpuk.co.uk> Message-ID: <20030819101307.98118.qmail@web21202.mail.yahoo.com> hi, --- Dave Howe wrote: . (Not > > saying you do, just quibbling with any claim that > readily calculated > > probabilities can be "surprising.") > I meant surprising for Sarad - Much of this > discussion pre-assumes that he > *does* misunderstand probability but is willing to > substitute our > collective insanity for his current ignorance :) No more of that-I will have a good read. I am basically confused of the fact > In a perfectly random experiment,how many tails and > how many heads do we get? we don't know - or it wouldn't be random :) >for a sufficiently large sample you *should* see >roughly equal numbers of heads and tails in the >average case. We say that, we-don't know or it wont be random. Then we say that we must see roughly equal numbers of heads and tails for large trials. Thats what I fail to understand. The idea of a perfect random experiment was taken just to understand the concept. Thanks. Regards Sarath. __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com From mv at cdc.gov Tue Aug 19 06:17:23 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Tue, 19 Aug 2003 06:17:23 -0700 Subject: Viral DNS Attack, DDos Idea Message-ID: <3F422362.5B7A08B8@cdc.gov> At 10:11 AM 8/17/03 -0700, Tim May wrote: >Many evolved diseases _DO_ kill their hosts. Look around. > >It is true that there are tradeoffs in lethality, time to death, and >virulence, and that a disease which kills too quickly and too many >won't spread adequately, but quite clearly all of the diseases of the >past were evolved (until recently, none were created) and yet they >often killed their hosts. This objection jammed in my memegrinder so I had to examine it. I'll argue that the nastiness of many human diseases are *temporary* exceptions to the "evolved pathogens don't kill" observation. Because humans are not in equilibrium: * Human population is growing. This means you can kill your host, two new ones are born every minute (except in a few places, eg W. Europe). If your host population is growing like that, you can be extra lethal, temporarily. If the host numbers are stable, you could wipe them all out if you're too lethal. * Humans are expanding their range. This means new diseases are introduced from existing resivoirs so they have not adapted to humans --especially the conditions of modern humans-- yet. Ebola, HIV, etc. * Humans only *recently* live in dense (and stationary) groups. This means that pathogens have not adapted yet. Cities are incubators. Bubonic plague, TB are good examples here. * Rapid travel is even more recent an invention. Populations who have never seen a pathogen (West nile, etc.) are getting exposed for the first time. No equilibrium there. The "Cortez" effect, amplified by Whittle's jet engine. "Globalization" means everyone gets exposed to everyone else's pathogens. A sick chinese chicken can ruin your day in America. Guns, germs, and steel. BTW Globalization also means that everyone gets exposed to everyone's plants, insects, etc. A lot of isolated species (e.g., Hawaii) that can't deal with competition will be toast just as much as the Amerinds who met Mr. Cortez. Guns, germs, and steel. Meet Mr. Kudzu. ..... Obviously, the scale of "temporary" should be taken in the larger context, not that of one's own lifespan. Of course a coadapted pathogen (eg flu) can spontaneously become newly virulent simply because of mutation or recombination. If the hosts aren't all connected, then merely one particular host-group dies, along with the newly virulent strain. Losing some village is not a big deal (until someone gets on a plane). .... Interesting to extend the analogy to say virii that zap cellphones or PCs permenantly vs. merely being annoyances. A PC-zapping virus would give Macs the kind of ripe open field not seen since the days of the Bering Strait. Also interesting to view the RIAA vs. Networked-Computer struggle in a biological ("evo/eco") light. Ms. Dodo, meet Mr. Kudzu. And of course fascinating to watch how the new dense mobile humans (or their lawyers :-) adapt behaviorally. From timcmay at got.net Tue Aug 19 08:45:08 2003 From: timcmay at got.net (Tim May) Date: Tue, 19 Aug 2003 08:45:08 -0700 Subject: paradoxes of randomness In-Reply-To: <20030819101307.98118.qmail@web21202.mail.yahoo.com> Message-ID: <1C8DADC8-D25C-11D7-8500-000A956B4C74@got.net> On Tuesday, August 19, 2003, at 03:13 AM, Sarad AV wrote: >> In a perfectly random experiment,how many tails and >> how many heads do we get? > we don't know - or it wouldn't be random :) >> for a sufficiently large sample you *should* see >> roughly equal numbers of heads and tails in the >> average case. > > We say that, we-don't know or it wont be random. Then > we say that we must see roughly equal numbers of heads > and tails for large trials. Thats what I fail to > understand. Start small. Do some experiments _yourself_. Take a coin out of your pocket. I assume your local coin has something that may be called a "head" and something that may be called a "tail." In any case, decide what you want to call each side. Flip the coin very high in the air and let it land on the ground without any interference by you. This is a "fair toss." (That subtle air currents may affect the landing is completely unimportant, as you will see even if you have doubts about it now.) Now let's try a little piece of induction on this one, single toss. Remember when you had said earlier that a "perfectly random coin toss" would have exactly equal numbers of heads and tails? Well, with a single toss there can ONLY be either a head or a tail. The outcome will be ONE of these, not some mixture of half and half. This proves, by the way, that any claim that a random coin toss must result in equal numbers of heads and tails in any particular experiment. Now toss the coin a second time and record the results. (I strongly urge you to actually do this experiment. Really. These are the experiments which teach probability theory. No amount of book learning substitutes.) So the coin has been tossed twice in this particular experiment. There is now the possibility for equal numbers of heads and tails....but for the second coin toss to give the opposite result of the first toss, "every time, to balance the outcomes," the coin or the wind currents would have to "conspire" to make the outcome the opposite of what the first toss gave. (This is so absurd as to be not worth discussing, except that I know of no other way to convince you that your theory that equal numbers of heads and tails must be seen cannot be true in any particular experiment. The more mathematical way of saying this is that the "outcomes are independent." The result of one coin toss does not affect the next one, which may take place far away, in another room, and so on.) In any case, by the time a third coin toss happens there again cannot be equal numbers of heads and tails, for obvious reasons. And so on. Do this experiment. Do this experiment for at least 10 coin tosses. Write down the results. This will take you only a few minutes. Then repeat the experiment and write down the results. Repeat it as many times as you need to to get a good feeling for what is going on. And then think of variations with dice, with cards, with other sources of randomness. And don't "dry lab" the results by imagining what they must be in your head. Actually get your hands dirty by flipping the coins, or dealing the cards, or whatever. Don't cheat by telling yourself you already know what the results must be. Only worry about the deep philosophical implications of randomness after you have grasped, or grokked, the essence. (Stuff about Kripke's possible worlds semantics, Bayesian outlooks, Kolmogoroff-Chaitin measures, etc., is very exciting, but it's based on the foundations.) --Tim May "We should not march into Baghdad. To occupy Iraq would instantly shatter our coalition, turning the whole Arab world against us and make a broken tyrant into a latter- day Arab hero. Assigning young soldiers to a fruitless hunt for a securely entrenched dictator and condemning them to fight in what would be an unwinable urban guerilla war, it could only plunge that part of the world into ever greater instability." --George H. W. Bush, "A World Transformed", 1998 From mv at cdc.gov Tue Aug 19 10:37:15 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Tue, 19 Aug 2003 10:37:15 -0700 Subject: paradoxes of randomness Message-ID: <3F42604B.6C11D160@cdc.gov> At 08:45 AM 8/19/03 -0700, Tim May wrote: >Only worry about the deep philosophical implications of randomness >after you have grasped, or grokked, the essence. Then do this: get a block cipher or crypto-hash algorithm, and pick a key. Now encrypt 0, then 1, then 2, etc. Examine the 17th bit of each output as you encrypt the integers. Is this sequence random? Compressible? How could you tell whether this sequence is random or not, if you didn't know the key? Hint: those are trick questions intended to lure you into crypto. And if you ask "why 17?" you get whacked by a virtual bamboo cane. From DaveHowe at gmx.co.uk Tue Aug 19 04:38:02 2003 From: DaveHowe at gmx.co.uk (Dave Howe) Date: Tue, 19 Aug 2003 12:38:02 +0100 Subject: paradoxes of randomness References: <20030819101307.98118.qmail@web21202.mail.yahoo.com> Message-ID: <013101c36646$59f68d60$c71121c2@exchange.sharpuk.co.uk> Sarad AV wrote: > We say that, we-don't know or it wont be random. Then > we say that we must see roughly equal numbers of heads > and tails for large trials. Thats what I fail to > understand. its the difference between any one test (which will be completely unpredictable) and probabilities (where you know that, unless there is a weighting in force, the odds of any one of n options coming up will be 1 in n, so you would expect to see roughly equal numbers of each) as an analogy - imagine a horse race where all five horses are roughly equal in fitness and rider skill. a bookie would give equal odds on each (not 1 in 5, as he has to make a profit, but no horse would be "worth" more than another). You would *expect* that, if the race was run enough times, each horse would run about a fifth of them - but that won't help you predict the result of any one race in particular, nor would it be impossible for one horse to win all the races, purely from luck. From morlockelloi at yahoo.com Tue Aug 19 15:47:57 2003 From: morlockelloi at yahoo.com (Morlock Elloi) Date: Tue, 19 Aug 2003 15:47:57 -0700 (PDT) Subject: paradoxes of randomness In-Reply-To: <3F42604B.6C11D160@cdc.gov> Message-ID: <20030819224757.1797.qmail@web40605.mail.yahoo.com> > Is this sequence random? Compressible? How could you tell whether this > sequence is random or not, if you didn't know the key? This is the a way to describe so-called randomness. One simply has no adequate access to the Key and/or the Algorithm. Both coin flipping and quantum noise fall into this category. Actually, it's a pretty good method of authenticating Allah. ===== end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com From sfurlong at acmenet.net Wed Aug 20 00:31:50 2003 From: sfurlong at acmenet.net (Steve Furlong) Date: Wed, 20 Aug 2003 03:31:50 -0400 Subject: Archive mboxes Message-ID: <200308200331.50945.sfurlong@acmenet.net> As per multiple request, the weekly mboxes for the Cypherpunks mailing list (LNE node) are available at my cpunks archive site: http://archives.abditum.com/cypherpunks/ The hypermail conversions are available as before, with new links to the .tgz mboxes. These mboxes are exactly as produced by my mail client. In particular, email addresses are not munged. The consensus of those who answered by "concerns" mail seems to be that spammers wouldn't get any useful addresses from the mboxes that they couldn't get more easily by other means. Annual sets will be added as appropriate to the bottom of the page. So far, there's only a 2002 set. -- Steve Furlong Computer Condottiere Have GNU, Will Travel "If someone is so fearful that, that they're going to start using their weapons to protect their rights, makes me very nervous that these people have these weapons at all!" -- Rep. Henry Waxman From hseaver at cybershamanix.com Wed Aug 20 06:09:50 2003 From: hseaver at cybershamanix.com (Harmon Seaver) Date: Wed, 20 Aug 2003 08:09:50 -0500 Subject: US soldiers in Iraq held against their will In-Reply-To: References: Message-ID: <20030820130950.GA20121@cybershamanix.com> On Wed, Aug 20, 2003 at 10:01:38AM -0400, Tyler Durden wrote: > Peter Thonen wrote.. > > "On that same note, any weekend warrior who complains about being activated > has > no sympathy from me. > Take the devils coin, be prepared to do his work also." > > Well, what if the Devil stole that $ from you in the first place? What > level of subversion is appropriate in order to re-appropriate those $$$? > This case is clearly different from the true blue career war criminal, ehr > I mean career soldier. Here, these people have likely been paying taxes for > a while! So I don't mind too much if they're trying to dodge their > commitment in this context. > I think also a great many of the young guys joined the National Guard in a patriotic fervor right after 9/11, but by the time the crusade against Iraq got started, quite a few had become well aware that Iraq had nothing to do with 9/11, that the invasion was all about oil, etc, and weren't willing to go. It seems that the military is claiming that we are in a "national emergency" and they can do whatever they want, despite laws to the contrary. -- Harmon Seaver CyberShamanix http://www.cybershamanix.com From camera_lumina at hotmail.com Wed Aug 20 07:01:38 2003 From: camera_lumina at hotmail.com (Tyler Durden) Date: Wed, 20 Aug 2003 10:01:38 -0400 Subject: US soldiers in Iraq held against their will Message-ID: Peter Thonen wrote.. "On that same note, any weekend warrior who complains about being activated has no sympathy from me. Take the devils coin, be prepared to do his work also." Well, what if the Devil stole that $ from you in the first place? What level of subversion is appropriate in order to re-appropriate those $$$? This case is clearly different from the true blue career war criminal, ehr I mean career soldier. Here, these people have likely been paying taxes for a while! So I don't mind too much if they're trying to dodge their commitment in this context. -TD >From: "Thoenen, Peter CIV Sprint" > >To: Harmon Seaver >CC: cypherpunks at minder.net >Subject: Re: US soldiers in Iraq held against their will >Date: Mon, 18 Aug 2003 16:52:25 +0200 > >Harmon Seaver wrote: > > > On Sun, Aug 17, 2003 at 10:37:15PM -0700, Major Variola (ret) wrote: > > > >>At 02:33 PM 8/17/03 -0500, Harmon Seaver wrote: > >> > >>> Just heard about this local guy who reluctantly went to Iraq because > >> > >>>he was in the reserves, now his contract is up (as of 7/31) and they > >>>won't let him out. > >> > >>Did he reluctantly take the $$$ to be in the reserves, too? > >> > >> > >>>my > >>>enlistment contract ended and the I have been involuntarily extended. > >> > >>SOP. Happened during the Yugo thang too. > >On a semi related side note, how long has this guy been in (total length of >service)? All personnel >when they join the US Military are quite clearly informed they have an >8-year >commitment, regardless >of how long their initial enlistment is. If your initial commitment is >less >than 8 years, you are >moved into the Inactive Ready Reserve (IRR) for the remainder of the 8 >years. >(E.g. you enlist for 4 >years active or ready reserve (weekend warriors); you will also spend 4 >years >in IRR). > >While in the IRR you have no requirements other than to keep the government >informed of your current >contact information. You have no drills and receive no benefits. The US >Government though reserves >the right to call you up at whim any time during this period. I am curious >if >this person is still >within his 8-year commitment even though he completed his initial >commitment. >If he is still within >this 8 year window, he doesnt have a leg to stand on nor my sympathy. > >On that same note, any weekend warrior who complains about being activated >has >no sympathy from me. > Take the devils coin, be prepared to do his work also. The few folk >that >have my sympathy are >those IRR folk that have be activated. I have a couple IRR buddies who >haven't so much as thought >about the military in years all of a sudden get activated for Iraq, now >thats >something to complain >about. 4 years active, 3 years smoking dope in college, then a call from >the >good old us army >ordering you to report to your IRR unit within 48 hours and go to Iraq. >Those >are the folk I feel >sorry for. They did their time, got out, and didn't continue to take the >devils coin ever 4th weekend. > > >> > >>It hasn't, it only requires males to register. So far. > >> > > > >How is that for some equally rights. Women continue to whine and cry that >they are being >discriminated against in the military as the military refused to open up >certain all male MOS's (18 >and 11 series to name a couple) yet I don't see them hounding congress for >the >equal right to be >drafted. Nothing like having your cake and getting to eat it to. > >** OFFTOPIC: Anybody remember the exact saying (and who coined it) about if >you take the Devil's >coin, don't complain about doing the Devil's work. I can not seem to find >the >exact text ** > >-Peter > >DISCLAIMER: Like always, this email is the personal opinion of Peter >Thoenen >and not condoned by >Sprint or the US Army. > >[demime 0.97c removed an attachment of type application/pgp-signature] _________________________________________________________________ Help protect your PC: Get a free online virus scan at McAfee.com. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 From camera_lumina at hotmail.com Wed Aug 20 10:42:17 2003 From: camera_lumina at hotmail.com (Tyler Durden) Date: Wed, 20 Aug 2003 13:42:17 -0400 Subject: US soldiers in Iraq held against their will Message-ID: Peter Thoenen wrote... "That is the same logic I use to justify to myself working as a defense contractor. The amount uncle sam will pay me in my lifetime is greater than or equal to the amount I will ever actually pay him in taxes. I win in the long run :) " Just make sure those bombs you're building don't actually work! Otherwise, keep on "bleeding the beast"... -TD >From: "Thoenen, Peter CIV Sprint" > >To: Tyler Durden >CC: hseaver at cybershamanix.com, cypherpunks at minder.net >Subject: Re: US soldiers in Iraq held against their will >Date: Wed, 20 Aug 2003 19:20:15 +0200 > > >Tyler Durden wrote: > >>Peter Thonen wrote.. >> >>"On that same note, any weekend warrior who complains about being >>activated has >>no sympathy from me. >> Take the devils coin, be prepared to do his work also." >> >>Well, what if the Devil stole that $ from you in the first place? What >>level of subversion is appropriate in order to re-appropriate those $$$? >> >>-TD >> > >That is the same logic I use to justify to myself working as a defense >contractor. The amount uncle sam will pay me in my lifetime is greater >than or equal to the amount I will ever actually pay him in taxes. I win >in the long run :) > >-Peter ><< attach3 >> _________________________________________________________________ Get MSN 8 and enjoy automatic e-mail virus protection. http://join.msn.com/?page=features/virus From paulhart at redchocolate.ca Wed Aug 20 11:14:29 2003 From: paulhart at redchocolate.ca (Paul Hart) Date: Wed, 20 Aug 2003 14:14:29 -0400 Subject: US soldiers in Iraq held against their will In-Reply-To: <20030820130950.GA20121@cybershamanix.com> Message-ID: <23D5C17A-D33A-11D7-8937-000393CC268A@redchocolate.ca> On Wednesday, August 20, 2003, at 09:09 AM, Harmon Seaver wrote: > It seems that the military is claiming that we are in a "national > emergency" and they can do whatever they want, despite laws to the > contrary. > You are in a "national emergency." http://www.whitehouse.gov/news/releases/2001/09/20010914-5.html From cypherpunks at einstein.ssz.com Wed Aug 20 08:10:52 2003 From: cypherpunks at einstein.ssz.com (The Entrekins) Date: Wed, 20 Aug 2003 15:10:52+0000 Subject: The Entrekins Message-ID: <200308202013.h7KKD1r24233@einstein.ssz.com> [demime found a multipart/alternative section which it tried to parse but could not find any section which it could render. Please send plain text.] From rah at shipwright.com Wed Aug 20 12:33:04 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Wed, 20 Aug 2003 15:33:04 -0400 Subject: City Unplugs Camera Software Message-ID: Aug 20, 2003 City Unplugs Camera Software By THOMAS W. KRAUSE tkrause at tampatrib.com TAMPA - The Tampa Police Department has eliminated the facial-recognition software hooked up to cameras scanning crowds in Ybor City - after two years, zero arrests and zero positive identifications. The software, provided to the city free by its manufacturer, was intended to recognize the facial characteristics of felons and runaway children through a database of more than 24,000 mug shots. It was shut down Tuesday, having failed in its objective. ``It's just proven not to have any benefit to us,'' said Capt. Bob Guidara, a department spokesman. The 36 surveillance cameras, which were installed a few years before the facial-recognition software, will remain. Police spokesman Joe Durkin said the software might not work but the cameras have led to several arrests. ``Officers have been able to make arrests involving illegal drug dealing, fights and things of that nature,'' Durkin said. ``One officer monitoring the cameras has been able to be the eyes of many in foiling this type of activity.'' The cameras are staffed by one officer every Thursday, Friday and Saturday during peak night hours. The software will be removed, but the surveillance schedule will not change. When the FaceIt system first was suggested for Tampa, civil liberties groups voiced concerns about loss of privacy. Durkin said Chief Bennie Holder discontinued the system because of the lack of arrests, not the privacy issues. In June 2001, the FaceIt software was loaned to Tampa as a test market. Last year, after the system made no positive identifications, the software and cameras were tweaked. Initially, only one of the 36 cameras in Ybor City could use the identification software at any given time. Since last year's upgrade, six cameras could scan crowds for faces and compare those faces to the database. Software also was upgraded to work better in the low lighting of Ybor streets. Despite the attempt to work out the kinks, the FaceIt system failed to make a positive match after another year. Although Tampa has had the system for two years, it was not in use for four months at the end of 2001. No explanation for the lack of use was released. Guidara said FaceIt did work well in controlled testing. People's faces were entered into the system, then the people were sent to Ybor. About 80 percent were identified by FaceIt, he said. Asked why testing proved reliable but usage provided no identifications, Guidara was stumped. ``That's a good question,'' he said. ``I think those questions are better asked of the manufacturer.'' Representatives of Identix Corp. did not return calls Tuesday. When Tampa installed the software, it was one of two U.S. cities using the system. Virginia Beach installed FaceIt for its boardwalk, but unlike Tampa, paid for it through a $150,000 federal grant matched with $50,000 of its own money. An Identix spokesman told The Tampa Tribune last year that tests in the Boston and Dallas-Fort Worth airports were successful. The Identix Web site says the FaceIt system has ``proven to be an effective investigative tool in helping to identify individuals on a watch list'' and says it has been used in town centers, airports and border crossings worldwide. Reporter Andy Reid contributed to this report. Reporter Thomas W. Krause can be reached (813) 259-7698. This story can be found at: http://www.tampatribune.com/MGA0TF0TKJD.html Go Back To The Story -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From s.schear at comcast.net Wed Aug 20 16:16:36 2003 From: s.schear at comcast.net (Steve Schear) Date: Wed, 20 Aug 2003 16:16:36 -0700 Subject: Postal ID plan creates privacy fears Message-ID: <5.1.0.14.0.20030820161325.046e3740@mail.comcast.net> A government report that urges the U.S. Postal Service to create "smart stamps" to track the identity of people who send mail is eliciting concern from privacy advocates. The report, released last month by the President's Commission on the U.S. Postal Service, issued numerous recommendations... One is that the USPS "aggressively pursue" the development of a so-called intelligent mail system... [that] would involve using barcodes or special stamps, identifying, at a minimum, the sender, the destination and the class of mail ...The report proposes a broad expansion of the concept to all mail for national security purposes. It also suggests USPS work with the U.S. Department of Homeland Security to develop the system... http://news.com.com/2100-1028_3-5062617.html "There is no protection or safety in anticipatory servility." Craig Spencer From peter.thoenen at email-tc3.5sigcmd.army.mil Wed Aug 20 10:20:15 2003 From: peter.thoenen at email-tc3.5sigcmd.army.mil (Thoenen, Peter CIV Sprint) Date: Wed, 20 Aug 2003 19:20:15 +0200 Subject: US soldiers in Iraq held against their will In-Reply-To: References: Message-ID: <3F43ADCF.5010001@email-tc3.5sigcmd.army.mil> Tyler Durden wrote: > Peter Thonen wrote.. > > "On that same note, any weekend warrior who complains about being > activated has > no sympathy from me. > Take the devils coin, be prepared to do his work also." > > Well, what if the Devil stole that $ from you in the first place? What > level of subversion is appropriate in order to re-appropriate those $$$? > > -TD > That is the same logic I use to justify to myself working as a defense contractor. The amount uncle sam will pay me in my lifetime is greater than or equal to the amount I will ever actually pay him in taxes. I win in the long run :) -Peter [demime 0.97c removed an attachment of type application/pgp-signature] From ericm at lne.com Thu Aug 21 07:33:18 2003 From: ericm at lne.com (Eric Murray) Date: Thu, 21 Aug 2003 07:33:18 -0700 Subject: National Emergency? In-Reply-To: <20030821131735.GC21943@cybershamanix.com>; from hseaver@cybershamanix.com on Thu, Aug 21, 2003 at 08:17:35AM -0500 References: <20030821131735.GC21943@cybershamanix.com> Message-ID: <20030821073306.A24170@slack.lne.com> On Thu, Aug 21, 2003 at 08:17:35AM -0500, Harmon Seaver wrote: > So how much of the Constitution gets shredded by Bush's declaration of a > "national emergency" right after 9/11, and how long can he maintain that. I > mean, I realize the the Constitution/bill of rights is pretty much gone anyway, Hasn't there been a perpetual "National Emergency", signed by every president since WWII or therebouts? Is Bush's a double plus National Emergency? Eric From hseaver at cybershamanix.com Thu Aug 21 06:16:43 2003 From: hseaver at cybershamanix.com (Harmon Seaver) Date: Thu, 21 Aug 2003 08:16:43 -0500 Subject: US soldiers in Iraq held against their will In-Reply-To: <23D5C17A-D33A-11D7-8937-000393CC268A@redchocolate.ca> References: <20030820130950.GA20121@cybershamanix.com> <23D5C17A-D33A-11D7-8937-000393CC268A@redchocolate.ca> Message-ID: <20030821131643.GB21943@cybershamanix.com> On Wed, Aug 20, 2003 at 02:14:29PM -0400, Paul Hart wrote: > On Wednesday, August 20, 2003, at 09:09 AM, Harmon Seaver wrote: > > It seems that the military is claiming that we are in a "national > >emergency" and they can do whatever they want, despite laws to the > >contrary. > > > > You are in a "national emergency." > > http://www.whitehouse.gov/news/releases/2001/09/20010914-5.html Yes, of course, we will always be in a national emergency. Very convenient, eh? Using that logic, we didn't even need the unpatriot act enacted, they can simply evade any and all laws/bill of rights on the basis that we are in a "national emergency" just on the scumbag prez's say so. Isn't this essentially what every dictator does? -- Harmon Seaver CyberShamanix http://www.cybershamanix.com From mv at cdc.gov Thu Aug 21 08:17:14 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Thu, 21 Aug 2003 08:17:14 -0700 Subject: National Emergency? Message-ID: <3F44E27A.528088B1@cdc.gov> At 07:33 AM 8/21/03 -0700, Eric Murray wrote: >On Thu, Aug 21, 2003 at 08:17:35AM -0500, Harmon Seaver wrote: >> So how much of the Constitution gets shredded by Bush's declaration of a >> "national emergency" right after 9/11, and how long can he maintain that. I >> mean, I realize the the Constitution/bill of rights is pretty much gone anyway, > >Hasn't there been a perpetual "National Emergency", signed by >every president since WWII or therebouts? > >Is Bush's a double plus National Emergency? It has come to our attention that you citizens are being unsoc. Please turn on your telescreen (eg Fox News) and wait for the next minute of hate. Then call your local Fatherland Security Agency and wait for instructions. Repeat after me: "We have always been at war with Oceania bin Laden" War is peace. ------ In no part of the constitution is more wisdom to be found, than in the clause which confides the question of war or peace to the legislature, and not to the executive department. -James Madison (congress has not declared war since 1941) From hseaver at cybershamanix.com Thu Aug 21 06:17:35 2003 From: hseaver at cybershamanix.com (Harmon Seaver) Date: Thu, 21 Aug 2003 08:17:35 -0500 Subject: National Emergency? Message-ID: <20030821131735.GC21943@cybershamanix.com> So how much of the Constitution gets shredded by Bush's declaration of a "national emergency" right after 9/11, and how long can he maintain that. I mean, I realize the the Constitution/bill of rights is pretty much gone anyway, but ... -- Harmon Seaver CyberShamanix http://www.cybershamanix.com From hseaver at cybershamanix.com Thu Aug 21 07:36:00 2003 From: hseaver at cybershamanix.com (Harmon Seaver) Date: Thu, 21 Aug 2003 09:36:00 -0500 Subject: National Emergency? In-Reply-To: References: Message-ID: <20030821143600.GA22197@cybershamanix.com> On Thu, Aug 21, 2003 at 04:02:19PM +0100, Vincent Penquerc'h wrote: > > So how much of the Constitution gets shredded by Bush's > > declaration of a > > "national emergency" right after 9/11, and how long can he > > maintain that. I > > mean, I realize the the Constitution/bill of rights is pretty > > much gone anyway, > > but ... > > http://www4.law.cornell.edu/uscode/50/1622.html > Part of which says: (b) Termination review of national emergencies by Congress Not later than six months after a national emergency is declared, and not later than the end of each six-month period thereafter that such emergency continues, each House of Congress shall meet to consider a vote on a joint resolution to determine whether that emergency shall be terminated. Funny, I've never heard or read anything about them doing this. -- Harmon Seaver CyberShamanix http://www.cybershamanix.com From timcmay at got.net Thu Aug 21 09:56:08 2003 From: timcmay at got.net (Tim May) Date: Thu, 21 Aug 2003 09:56:08 -0700 Subject: National Emergency? In-Reply-To: <20030821073306.A24170@slack.lne.com> Message-ID: <5C1E66F6-D3F8-11D7-8807-000A956B4C74@got.net> On Thursday, August 21, 2003, at 07:33 AM, Eric Murray wrote: > On Thu, Aug 21, 2003 at 08:17:35AM -0500, Harmon Seaver wrote: >> So how much of the Constitution gets shredded by Bush's >> declaration of a >> "national emergency" right after 9/11, and how long can he maintain >> that. I >> mean, I realize the the Constitution/bill of rights is pretty much >> gone anyway, > > Hasn't there been a perpetual "National Emergency", signed by > every president since WWII or therebouts? > > Is Bush's a double plus National Emergency? Yes, some National Emergencies are more equal than others. Seriously, I recollect some studies done of just which National Emergencies, National Decision Directives, and Executive Orders were declared when, and for how long. My recollection is that the ones Lincoln declared remained in force for decades, until the next crop...and possibly were never rescinded. Some of the ones in the 1970s and 80s give the guy in the White House the power to seize all radio and television stations, all newspapers, and to take control of all factories. Pretty much the whole ball of wax, more than any of the fascists like Mussolini, Roosevelt, Tojo, or Hitler ever got. --Tim May "They played all kinds of games, kept the House in session all night, and it was a very complicated bill. Maybe a handful of staffers actually read it, but the bill definitely was not available to members before the vote." --Rep. Ron Paul, TX, on how few Congresscritters saw the USA-PATRIOT Bill before voting overwhelmingly to impose a police state From error at lostinthenoise.net Thu Aug 21 10:20:44 2003 From: error at lostinthenoise.net (error) Date: 21 Aug 2003 10:20:44 -0700 Subject: [Full-Disclosure] JAP back doored Message-ID: <1061486443.337.118.camel@eris> This is a terrible day for privacy advocates that used the once (perhaps never true) "anonymous" Java Anonymous Proxy. According to a story ( http://theregister.co.uk/content/55/32450.html) by The Register (It was also posted to ("http://securityfocus.com/archive/1/334382/2003-08-18/2003-08-24/0) BugTraq) JAP was back doored by court order. It was a forced upgrade (after a service interruption) to monitor "one site" that continues to be unnamed. How sad it is when a group have a motto of "Anonymity is not a crime." and then hand logs to the police without a word? Clearly if they are able to defend themselves on alt.2600 (http://groups.google.com/groups?dq=&hl=en&lr=&ie=UTF-8&frame=right&th=f4ef43 f695ca29e8&seekm=3f3d3740%241_1%40news.vic.com#link10), they aren't under a gag. Read it and weep. -- error [demime 0.97c removed an attachment of type application/RENAMED-99 which had a name of signature_asc.RENAMED-99] From mv at cdc.gov Thu Aug 21 10:31:17 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Thu, 21 Aug 2003 10:31:17 -0700 Subject: Popular Net anonymity service back-doored (fwd) Message-ID: <3F4501E5.B019753D@cdc.gov> At 06:44 PM 8/21/03 +0200, Thomas Shaddack wrote: >Popular Net anonymity service back-doored >Fed-up Feds get court order >http://theregister.co.uk/content/55/32450.html > >The popular Java Anonymous Proxy (JAP), used to anonymise one's comings and >goings across the Internet, has been back-doored by court order. The service >is currently logging access attempts to a particular, and unnamed, Web site >and reporting the IP addys of those who attempt to contact it to the German >police. > >"What was the alternative? Shutting down the service? The security >apparatchiks would have appreciated that - anonymity in the Internet and >especially AN.ON are a thorn in their side anyway." The way the Zealots dealt with Roman collaborators is becoming increasingly attractive... >Sorry, the Feds undoubtedly appreciated the JAP team's willingness to >back-door the app while saying nothing about it a lot more than they would In the US, their claims about anonymity would be *fraudulent* and subject to legal action. Perhaps some extra-German folks should use the proxy and hit a lot of National Socialist sites... don't want Grosser Bruder to get bored... From error at lostinthenoise.net Thu Aug 21 10:35:36 2003 From: error at lostinthenoise.net (error) Date: 21 Aug 2003 10:35:36 -0700 Subject: JAP back doored Message-ID: <1061487336.338.127.camel@eris> This is a terrible day for privacy advocates that used the once (perhaps never true) "anonymous" Java Anonymous Proxy. According to a story ( http://theregister.co.uk/content/55/32450.html) by The Register (It was also posted to ("http://securityfocus.com/archive/1/334382/2003-08-18/2003-08-24/0) BugTraq) JAP was back doored by court order. It was a forced upgrade (after a service interruption) to monitor "one site" that continues to be unnamed. How sad it is when a group have a motto of "Anonymity is not a crime." and then hand logs to the police without a word? Clearly if they are able to defend themselves on alt.2600 (http://groups.google.com/groups?dq=&hl=en&lr=&ie=UTF-8&frame=right&th=f4ef43 f695ca29e8&seekm=3f3d3740%241_1%40news.vic.com#link10), they aren't under a gag. Read it and weep. -- error [demime 0.97c removed an attachment of type application/pgp-signature which had a name of signature.asc] From frissell at panix.com Thu Aug 21 09:54:05 2003 From: frissell at panix.com (Duncan Frissell) Date: Thu, 21 Aug 2003 12:54:05 -0400 (EDT) Subject: National Emergency? In-Reply-To: <20030821131735.GC21943@cybershamanix.com> References: <20030821131735.GC21943@cybershamanix.com> Message-ID: Nothing much new. The answer is "forever". http://www.cato.org/pubs/pas/pa-358es.html Executive Orders and National Emergencies: How Presidents Have Come to "Run the Country" by Usurping Legislative Power DCF On Thu, 21 Aug 2003, Harmon Seaver wrote: > So how much of the Constitution gets shredded by Bush's declaration of a > "national emergency" right after 9/11, and how long can he maintain that. I > mean, I realize the the Constitution/bill of rights is pretty much gone anyway, > but ... > > > -- > Harmon Seaver > CyberShamanix > http://www.cybershamanix.com From rabbi at abditum.com Thu Aug 21 14:05:07 2003 From: rabbi at abditum.com (Len Sassaman) Date: Thu, 21 Aug 2003 14:05:07 -0700 (PDT) Subject: Major German Anonymity Service compromised Message-ID: A number of cypherpunks have asked me about the current JAP situation. Here's the scoop, as I know it. (I've sent mail to some of the Dresden folks, but haven't heard back yet.) This thread on Usenet contains the pertinent information: http://groups.google.com/groups?selm=f938f87a44e64d6776c635b979aa1c48%40remailer.frell.eu.org&oe=UTF-8&output=gplain The Java Anonymous Proxy is a real-time web mix system, (originally) designed to provide web browsing anonymity that couldn't be undermined by any one proxy operator. Well, no more. The JAP authors silently introduced a back-channel intended to compromise anonymity of users accessing certain sites, under the guise of an "obligatory update". They claim 30,000 total users. That's a large amount of people who are being lied to about their anonymity. (The JAP website, as of this morning, was still stating: "Since many users use these intermediaries at the same time, the internet connection of any one single user is hidden among the connections of all the other users. No one, not anyone from outside, not any of the other users, not even the provider of the intermediary service can determine which connection belongs to which user." Which would be true if not for the backchannel.) JAP's webpage: http://anon.inf.tu-dresden.de/index_en.html The JAP operators justify their actions (which were taken to comply with German law) by stating that their alternative was to shut the system down. There are a number of problems with this, the first being that anonymity systems which are contingent upon selective government approval for anonymity are ill-suited to a global Internet environment: What makes a court order from Germany, or England, or the US any more valid than a court order from another net-connected UN member, like China, or France? If we believe privacy and anonymity to be human rights, then we cannot build these sort of backdoors into the system and expect them not to be abused. Compare the JAP operator's actions with those of Julf Helsingius, operator of anon.penet.fi (the famous anonymous remailer/pseudonym server): http://www.penet.fi/press-english.html Julf closed down his system, which was inherently vulnerable to subpoena attacks since it stored nym to user mapping information, when he realized he could be forced to reveal any user's identity by almost any entity willing to abuse the global legal systems. Time has shown that was the right choice. Cypherpunk and Mixmaster remailers, already developed and deployed by this time, rose up in penet's place, and at this point it would be impossible for anyone to effectively compromise a user's identity via court order. (There are Mixmaster nodes operating in almost a dozen countries, and the system is truly designed to defeat rogue operators.) With the next-generation of remailers on the horizon (Mixminion and Mixmaster 4.0), ease of use should near that of Penet. Unfortunately, these are email solutions, and don't address the web browsing issue that JAP attempted to solve. Bad anonymity systems are worse than no anonymity systems. JAP has become a bad anonymity system -- mainly because it represents itself as being far stronger and more secure than it is. I am unclear on the JAP source code license. Perhaps it is possible to restore the code to the uncompromised version, and erect a parallel, trusted JAP network -- though the damage to its reputation is certainly severe. This goes to demonstrate again that crypto isn't the only consideration in an anonymity system: Anonymizer, for instance, is still a better choice for web anonymity than JAP, even though JAP offered mixing and independent operators. An anonymity provider should never represent itself as offering a greater level of protection than is actually offered -- which is the worst thing that the JAP team did (and is still doing.) --Len. From perry at piermont.com Thu Aug 21 12:10:02 2003 From: perry at piermont.com (Perry E. Metzger) Date: 21 Aug 2003 15:10:02 -0400 Subject: ADMIN: List returning Message-ID: The list should be coming back on the air of the next few days. I'll be approving a large batch of recent posts in a few hours, and then most of the rest next Tuesday. (Don't expect new posts to be approved over the weekend, though I'll do it if I can get to it.) Perry PS I'd say "We apologize for the inconvenience." but I don't want to sound overly Sirius Cybernetics about it... --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From Vincent.Penquerch at artworks.co.uk Thu Aug 21 08:02:19 2003 From: Vincent.Penquerch at artworks.co.uk (Vincent Penquerc'h) Date: Thu, 21 Aug 2003 16:02:19 +0100 Subject: National Emergency? Message-ID: > So how much of the Constitution gets shredded by Bush's > declaration of a > "national emergency" right after 9/11, and how long can he > maintain that. I > mean, I realize the the Constitution/bill of rights is pretty > much gone anyway, > but ... http://www4.law.cornell.edu/uscode/50/1622.html -- Vincent Penquerc'h From rah at shipwright.com Thu Aug 21 13:22:59 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Thu, 21 Aug 2003 16:22:59 -0400 Subject: ADMIN: List returning Message-ID: --- begin forwarded text From Vincent.Penquerch at artworks.co.uk Thu Aug 21 09:01:42 2003 From: Vincent.Penquerch at artworks.co.uk (Vincent Penquerc'h) Date: Thu, 21 Aug 2003 17:01:42 +0100 Subject: National Emergency? Message-ID: > Funny, I've never heard or read anything about them doing this. An interesting bit in http://www4.law.cornell.edu/uscode/50/1541.html is that the US president can perform an "introduction of United States Armed Forces into hostilities" without Congress declaring war, if a national emergency is in effect. So the war in Iraq would seem to be essentially legal from a POV of US law. I previously thought that only Congress could do this. National emergency is a very interesting bit of the code to have if you have either a friendly majority in both houses, or if opposing you would be seen as political suicide, as was the case in late 2001... I wonder if the powers conferred include anything like law enacting with Congress bypass (for speed, you know, we don't want Congress delaying this very important new bit of anti terrorist press quashing law...) -- Vincent Penquerc'h From shaddack at ns.arachne.cz Thu Aug 21 09:44:07 2003 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Thu, 21 Aug 2003 18:44:07 +0200 (CEST) Subject: Popular Net anonymity service back-doored (fwd) Message-ID: ---------- Forwarded message ---------- Date: Wed, 20 Aug 2003 21:56:22 -0700 Subject: Popular Net anonymity service back-doored From: Thomas C. Greene Organization: The Register To: bugtraq at securityfocus.com Popular Net anonymity service back-doored Fed-up Feds get court order http://theregister.co.uk/content/55/32450.html The popular Java Anonymous Proxy (JAP), used to anonymise one's comings and goings across the Internet, has been back-doored by court order. The service is currently logging access attempts to a particular, and unnamed, Web site and reporting the IP addys of those who attempt to contact it to the German police. We know this because the JAP operators immediately warned users that their IP traffic might be going straight to Big Brother, right? Wrong. After taking the service down for a few days with the explanation that the interruption was "due to a hardware failure", the operators then required users to install an "upgraded version" (ie. a back-doored version) of the app to continue using the service. "As soon as our service works again, an obligatory update (version 00.02.001) [will be] needed by all users," the public was told. Not a word about Feds or back doors. Fortunately, a nosey troublemaker had a look at the 'upgrade' and noticed some unusual business in it, such as: "CAMsg::printMsg(LOG_INFO,"Loading Crime Detection Data....\n");" "CAMsg::printMsg(LOG_CRIT,"Crime detected - ID: %u - Content: \n%s\n",id,crimeBuff,payLen);" and posted it to alt.2600. Soon the JAP team replied to the thread, admitting that there is now a "crime detection function" in the system mandated by the courts. But they defended their decision: "What was the alternative? Shutting down the service? The security apparatchiks would have appreciated that - anonymity in the Internet and especially AN.ON are a thorn in their side anyway." Sorry, the Feds undoubtedly appreciated the JAP team's willingness to back-door the app while saying nothing about it a lot more than they would have appreciated seeing the service shut down with a warning that JAP can no longer fulfill its stated obligation to protect anonymity due to police interference. Admittedly, the JAP team makes some good points in its apology. For one, they say they're fighting the court order but that they must comply with it until a decision is reached on their appeal. Jap is a collaborative effort of Dresden University of Technology, Free University Berlin and the Independent Centre for Privacy Protection Schleswig-Holstein, Germany (ICPP). A press release from ICPP assures users that JAP is safe to use because access to only one Web site is currently being disclosed, and only under court-ordered monitoring. But that's not the point. Disclosure is the point. The JAP Web site still claims that anonymity is sacrosanct: "No one, not anyone from outside, not any of the other users, not even the provider of the intermediary service can determine which connection belongs to which user." This is obviously no longer true, if it ever was. And that's a serious problem, that element of doubt. Anonymity services can flourish only if users trust providers to be straight with them at all times. This in turn means that providers must be absolutely punctilious and obsessive about disclosing every exception to their assurances of anonymity. One doesn't build confidence by letting the Feds plug in to the network, legally or otherwise, and saying nothing about it. Justifying it after the fact, as the JAP team did, simply isn't good enough. Telling us that they only did it to help catch criminals isn't good enough either. Sure, no normal person is against catching criminals - the more the merrier, I say. But what's criminal is highly relative, always subject to popular perception and state doctrine. If we accept Germany's definition of criminal activity that trumps the natural right to anonymity and privacy, then we must accept North Korea's, China's and Saudi Arabia's. They have laws too, after all. The entire purpose of anonymity services is to sidestep state regulation of what's said and what's read on the basis of natural law. The JAP Web site has a motto: "Anonymity is not a crime." It's a fine one, even a profound one. But it's also a palpably political one. The JAP project inserted itself, uncalled, into the turbulent confluence between natural law and state regulation, and signaled its allegiance to the former. It's tragic to see it bowing to the latter. . From shaddack at ns.arachne.cz Thu Aug 21 10:01:28 2003 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Thu, 21 Aug 2003 19:01:28 +0200 (CEST) Subject: Popular Net anonymity service back-doored (fwd) Message-ID: The good thing on the bad thing is that Java is relatively easy to decompile and audit. The bad thing on this good thing is that next to nobody will bother. The good thing on this bad thing is that at least someone will do, as it turned out in this case. Wondering how difficult it would be to make a "rogue" version of JAP with the logging functions removed or damaged. ---------- Forwarded message ---------- Date: Wed, 20 Aug 2003 21:56:22 -0700 Subject: Popular Net anonymity service back-doored From: Thomas C. Greene Organization: The Register To: bugtraq at securityfocus.com Popular Net anonymity service back-doored Fed-up Feds get court order http://theregister.co.uk/content/55/32450.html The popular Java Anonymous Proxy (JAP), used to anonymise one's comings and goings across the Internet, has been back-doored by court order. The service is currently logging access attempts to a particular, and unnamed, Web site and reporting the IP addys of those who attempt to contact it to the German police. We know this because the JAP operators immediately warned users that their IP traffic might be going straight to Big Brother, right? Wrong. After taking the service down for a few days with the explanation that the interruption was "due to a hardware failure", the operators then required users to install an "upgraded version" (ie. a back-doored version) of the app to continue using the service. "As soon as our service works again, an obligatory update (version 00.02.001) [will be] needed by all users," the public was told. Not a word about Feds or back doors. Fortunately, a nosey troublemaker had a look at the 'upgrade' and noticed some unusual business in it, such as: "CAMsg::printMsg(LOG_INFO,"Loading Crime Detection Data....\n");" "CAMsg::printMsg(LOG_CRIT,"Crime detected - ID: %u - Content: \n%s\n",id,crimeBuff,payLen);" and posted it to alt.2600. Soon the JAP team replied to the thread, admitting that there is now a "crime detection function" in the system mandated by the courts. But they defended their decision: "What was the alternative? Shutting down the service? The security apparatchiks would have appreciated that - anonymity in the Internet and especially AN.ON are a thorn in their side anyway." Sorry, the Feds undoubtedly appreciated the JAP team's willingness to back-door the app while saying nothing about it a lot more than they would have appreciated seeing the service shut down with a warning that JAP can no longer fulfill its stated obligation to protect anonymity due to police interference. Admittedly, the JAP team makes some good points in its apology. For one, they say they're fighting the court order but that they must comply with it until a decision is reached on their appeal. Jap is a collaborative effort of Dresden University of Technology, Free University Berlin and the Independent Centre for Privacy Protection Schleswig-Holstein, Germany (ICPP). A press release from ICPP assures users that JAP is safe to use because access to only one Web site is currently being disclosed, and only under court-ordered monitoring. But that's not the point. Disclosure is the point. The JAP Web site still claims that anonymity is sacrosanct: "No one, not anyone from outside, not any of the other users, not even the provider of the intermediary service can determine which connection belongs to which user." This is obviously no longer true, if it ever was. And that's a serious problem, that element of doubt. Anonymity services can flourish only if users trust providers to be straight with them at all times. This in turn means that providers must be absolutely punctilious and obsessive about disclosing every exception to their assurances of anonymity. One doesn't build confidence by letting the Feds plug in to the network, legally or otherwise, and saying nothing about it. Justifying it after the fact, as the JAP team did, simply isn't good enough. Telling us that they only did it to help catch criminals isn't good enough either. Sure, no normal person is against catching criminals - the more the merrier, I say. But what's criminal is highly relative, always subject to popular perception and state doctrine. If we accept Germany's definition of criminal activity that trumps the natural right to anonymity and privacy, then we must accept North Korea's, China's and Saudi Arabia's. They have laws too, after all. The entire purpose of anonymity services is to sidestep state regulation of what's said and what's read on the basis of natural law. The JAP Web site has a motto: "Anonymity is not a crime." It's a fine one, even a profound one. But it's also a palpably political one. The JAP project inserted itself, uncalled, into the turbulent confluence between natural law and state regulation, and signaled its allegiance to the former. It's tragic to see it bowing to the latter. . From morlockelloi at yahoo.com Thu Aug 21 19:31:13 2003 From: morlockelloi at yahoo.com (Morlock Elloi) Date: Thu, 21 Aug 2003 19:31:13 -0700 (PDT) Subject: JAP back doored In-Reply-To: <1061486443.337.118.camel@eris> Message-ID: <20030822023113.37311.qmail@web40613.mail.yahoo.com> > This is a terrible day for privacy advocates that used the once (perhaps This is the great day for *true* privacy advocates worldwide. In face of huge difficulties and dangers in providing real anonymity, some human rights/wrongs organisations capitalised (in several ways) on the need for anonymity by providing non-solutions with cosmetic appearance of anonymity. They captured the gullible public with this "service" and dealt another blow to the real anonymity. Who needs complicated mixmaster when there are cool cretin-friendly java/web/whatever solutions ? One would hope that users of other centralised "anonymity" services will learn from this, if one is incurable optimist, that is. ===== end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com From timcmay at got.net Thu Aug 21 19:31:53 2003 From: timcmay at got.net (Tim May) Date: Thu, 21 Aug 2003 19:31:53 -0700 Subject: Is it time to kill the JAP backdoor cretins and their families? In-Reply-To: Message-ID: On Thursday, August 21, 2003, at 01:38 PM, Vincent Penquerc'h wrote: >> "CAMsg::printMsg(LOG_INFO,"Loading Crime Detection Data....\n");" >> "CAMsg::printMsg(LOG_CRIT,"Crime detected - ID: %u - Content: >> \n%s\n",id,crimeBuff,payLen);" > > Well, people say the JAP team hid it, but with that (assuming the > strings appeared verbatim in the binary), they made sure someone > would spot it. They essentially made sure the users would be warned > about it while keeping plausible deniability. > It would be easy for me to say that all of the operators connected with JAP should be killed, either necklaced and left to burn in their driveways, with perhaps their families (children, siblings, parents) also tortured to death, or at least that the offices of JAP should be firebombed, but I will not do this. I don't know what pressures they were placed under to do this dastardly act. However, it is for sure clear that: * no one connected with JAP should be hired or used as a consultant in any way by anyone of our persuasion. If this means the JAPsters are unemployable except by Big Brother, so be it. * we should look for other evidence of other crimes against liberty. If other crimes are found, then of course I retract my comment about their necklacing deaths not being justified. But of course those who placed any faith in "trust us, we won't narc you out!" software are the real fools. --Tim May "According to the FBI, there's a new wrinkle in prostitution: suburban teenage girls are now selling their white asses at the mall to make money to spend at the mall. ... Now, you see, the joke here, of course, is on White America, which always felt superior to blacks, and showed that with their feet, moving out of urban areas. "White flight," they called it. Whites feared blacks. They feared if they raised their kids around blacks, the blacks would turn their daughters and prostitutes. And now, through the miracle of MTV, damned if it didn't work out that way! " --Bill Maher, "Real Time with Bill Maher," HBO, 15 August 2003 From Vincent.Penquerch at artworks.co.uk Thu Aug 21 11:59:05 2003 From: Vincent.Penquerch at artworks.co.uk (Vincent Penquerc'h) Date: Thu, 21 Aug 2003 19:59:05 +0100 Subject: JAP back doored Message-ID: > JAP was back doored by court order. It was a forced upgrade (after a > service interruption) to monitor "one site" that continues to be Still useful to protect against third party eavesdroppers, I guess. Short of onion routing, are there any other services like that around, apart from the likes of anonymizer.com ? I've been using JAP for some time, but mainly to hide my IP from visited sites. Guess I'll keep on using it. I'm on Win32 BTW, as headers indicate. I'm at work, too paranoid to access Internet from my own Unix box ;) -- Vincent Penquerc'h From lists.netsys.com at jscript.dk Thu Aug 21 11:06:08 2003 From: lists.netsys.com at jscript.dk (Thor Larholm) Date: Thu, 21 Aug 2003 20:06:08 +0200 Subject: [Full-Disclosure] JAP back doored References: <1061486443.337.118.camel@eris> Message-ID: <009601c3680e$ea18f1c0$0200000a@JumperLappy> RIP The userbase of any anonymity service stays, and dissappears, with the trust. ----- Original Message ----- From: "error" To: ; Sent: Thursday, August 21, 2003 7:20 PM Subject: [Full-Disclosure] JAP back doored _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html From Vincent.Penquerch at artworks.co.uk Thu Aug 21 13:38:10 2003 From: Vincent.Penquerch at artworks.co.uk (Vincent Penquerc'h) Date: Thu, 21 Aug 2003 21:38:10 +0100 Subject: [Full-Disclosure] RE: JAP back doored Message-ID: > "CAMsg::printMsg(LOG_INFO,"Loading Crime Detection Data....\n");" > "CAMsg::printMsg(LOG_CRIT,"Crime detected - ID: %u - Content: > \n%s\n",id,crimeBuff,payLen);" Well, people say the JAP team hid it, but with that (assuming the strings appeared verbatim in the binary), they made sure someone would spot it. They essentially made sure the users would be warned about it while keeping plausible deniability. -- Vincent Penquerc'h _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html From shaddack at ns.arachne.cz Thu Aug 21 13:39:56 2003 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Thu, 21 Aug 2003 22:39:56 +0200 (CEST) Subject: Popular Net anonymity service back-doored (fwd) Message-ID: More informations. ---------- Forwarded message ---------- Date: Thu, 21 Aug 2003 20:38:46 +0200 Subject: Re: Popular Net anonymity service back-doored From: Florian Weimer To: bugtraq at securityfocus.com, full-disclosure at lists.netsys.com Cc: Thomas C. Greene -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 "Thomas C. Greene " writes: > traffic might be going straight to Big Brother, right? Wrong. After taking > the service down for a few days with the explanation that the interruption > was "due to a hardware failure", the operators then required users to install > an "upgraded version" (ie. a back-doored version) of the app to continue > using the service. This is technically incorrect. As far as I know, the client update is completely unrelated. The logging functionality has been implemented in the mixes themselves, otherwise you would be able to circumvent it by using a different client. The CVS commit occured on 2003-06-27. Logging is implemented this way: if the last mix in the cascade (which sees the request in the clear) detects a suspicious request, it is logged together with an ID. The ID is transmitted (through the cascade) to the first mix, which logs the ID and the IP address. Combining the two log files, it is possible to collapse the cascade and backtrack the requests. This exploits that TU Dresden operates both the first and last mix in the Dresden--Dresden cascade (which is the only that works reliably, AFAIK). An employee of TU Dresden described this scheme in an interview with Heise Online, a German online news site, back in October 2001. He announced an implementation within the next six months, but I don't know at the moment if he was speaking for the JAP project as a whole, or if he was just expressing his own ideas. According to the news sources I have read, the court requested surveillance based on the target IP address. However, the source code does not contain code to monitor specific (target) IP addresses, but an elaborate URL screening facility, based on regular expressions. Just by specifying ".*", it should be possible to log all requests (and the corresponding IP addresses). I don't know why the source code doesn't implement the surveillance based on IP addresses, as the court allegedly requested. > "What was the alternative? Shutting down the service? The security > apparatchiks would have appreciated that - anonymity in the Internet > and especially AN.ON are a thorn in their side anyway." Note that this kind of target-based monitoring would be much harder on the plain Internet unless the remote site is willing to cooperate. A broken anonymizer makes this type of surveillance quite easy. > But that's not the point. Disclosure is the point. The JAP Web site still > claims that anonymity is sacrosanct: "No one, not anyone from outside, not > any of the other users, not even the provider of the intermediary service can > determine which connection belongs to which user." The official declaration ("Selbstverpflichtung") of the mixes, which promises that neither logging will be enabled nor backdoors will be implemented, hasn't been updated either. However, perhaps the JAP team at TU Dresden hadn't much choice. I haven't seen the court order, but I could imagine that they weren't allowed to inform the users because it would have harmed the criminal investigation. Following the order while fighting it within the legal system is perhaps a wiser choice than just resisting it (and thus breaking the law yourself). But I agree that it takes them awfully long to update their web site, now that some information is public. Finally, they could have avoided all the hassle if they hadn't published the source code. Why did they publish? I don't believe it's an accident. For BUGTRAQ readers: Symantec strips message headers. The original To: and Cc: are: From s.schear at comcast.net Thu Aug 21 23:27:15 2003 From: s.schear at comcast.net (Steve Schear) Date: Thu, 21 Aug 2003 23:27:15 -0700 Subject: Popular Net anonymity service back-doored (fwd) In-Reply-To: Message-ID: <5.2.1.1.0.20030821231543.045aa370@mail.comcast.net> At 10:39 PM 8/21/2003 +0200, Thomas Shaddack wrote: >However, perhaps the JAP team at TU Dresden hadn't much choice. I >haven't seen the court order, but I could imagine that they weren't >allowed to inform the users because it would have harmed the criminal >investigation. Following the order while fighting it within the legal >system is perhaps a wiser choice than just resisting it (and thus >breaking the law yourself). Some time back I suggested, on this list, what I believe is a legal method for thwarting such court orders for libraries that may work for other service providers. In short, implementing a feature (perhaps a paid feature to turn it into a profit center) where users can inquire whether they or anyone using the service is the subject of such a court order short circuits the process. If an inquiry comes in when no relevant court orders are in place then the service can reply no. If court order is received the service cannot tell the users, but it can fail to respond. This response failure is documented in the feature service guide as being indicative of a muzzled service provider. So, unless the courts can order a service provider to lie to their clients, and thus subject them to possible litigation if it violates their TOS, the this non-response should do the trick. steve From shaddack at ns.arachne.cz Thu Aug 21 20:54:44 2003 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Fri, 22 Aug 2003 05:54:44 +0200 (CEST) Subject: JAP back doored In-Reply-To: Message-ID: On Thu, 21 Aug 2003, Vincent Penquerc'h wrote: > Still useful to protect against third party eavesdroppers, I guess. Could it be at least somehow useful as a part of some bigger scheme, a layer of a cake? Can a distributed multilayered proxy be built with some less-than-trusted components? > Short of onion routing, are there any other services like that around, > apart from the likes of anonymizer.com ? On another note, the Sobig worm is de facto a distributed network of proxy servers, though primarily designed for sending spam. Could it be of any use for web? According to some sources it should be able to proxy a plethora of protocols. From mv at cdc.gov Fri Aug 22 09:53:44 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Fri, 22 Aug 2003 09:53:44 -0700 Subject: SIGINT thesis Message-ID: <3F464A98.5ACBB0B4@cdc.gov> This from cryptography mailing list (URL corrected from orig): Some people on this list may be interested in http://www.staff.ncl.ac.uk/d.f.j.wood/thesis_index.htm (Note: I haven't read more than Chapter 1.) From anmetet at freedom.gmsociety.org Fri Aug 22 08:34:31 2003 From: anmetet at freedom.gmsociety.org (An Metet) Date: Fri, 22 Aug 2003 11:34:31 -0400 Subject: Is it time to kill the JAP backdoor cretins and their families? Message-ID: >It would be easy for me to say that all of the operators connected with JPE Maybe this is the place to post their names, for posterity. From wolf at priori.net Fri Aug 22 13:30:33 2003 From: wolf at priori.net (Meyer Wolfsheim) Date: Fri, 22 Aug 2003 13:30:33 -0700 (PDT) Subject: Popular Net anonymity service back-doored (fwd) In-Reply-To: Message-ID: On Fri, 22 Aug 2003, Thomas Shaddack wrote: > Yet more info. Let's not overreact before we get complete dataset. It is worth noting that the notice mentioned below was placed on the JAP website only after the news of the back channel was made public on Usenet and the various security mailing lists. Not the most laudable behavior, to say the least. -MW- > ---------- Forwarded message ---------- > Date: Fri, 22 Aug 2003 09:34:27 +0200 > Subject: Re: Popular Net anonymity service back-doored > From: nordi > To: bugtraq at securityfocus.com, full-disclosure at lists.netsys.com > > On Thursday, 21. August 2003 14:05, Thomas C. Greene wrote: > > It's not secure, and claiming that it is taints anything else they may be > > doing on behalf of users. They're *still* saying it's impossible for anyone > > to intercept users' traffic or identify them. > > > Actually, this is absolutely not what they are saying. When you visit the > website of the JAP project http://anon.inf.tu-dresden.de/ it says in big, red > letters: > > "Aus aktuellem Anlass weisen wir noch einmal ausdr|cklich daraufhin, dass > sich die JAP Software in Entwicklung befindet und noch nicht maximale > Sicherheit bietet. (siehe unten ... )" > > In English this means something like > > "Due to recent events we explicitly inform you of the fact that the JAP > software is still being developed and does not yet provide maximum security. > (see below ...)" > > As I said: big, red letters at the top of their main page. And when you click > that "see below" link it says there "Attention! [...] This version does NOT > yet implement the security features described above and desired by us. But it > does alread protect you against atackers that control the net only locally at > one place such as [...] the owner of a mix." > > So by the time you download that software you should have already read _two_ > statements telling you that JAP is not as secure as it could be. It also > tells you that in the current configuration, the JAP people can see all your > traffic if they want to: Note that it says it will protect you against "the > owner of _A_ mix". But if you take the Dresden-Dresden cascade, the JAP > people obviously control _all_ of them. And the above statement already > implies that in this case, JAP cannot protect you. > > > If you still want to use JAP, > http://www.heise.de/newsticker/data/uma-20.08.03-000/ (in German) tells you > how to do it securely: simply use just a single mix that is not controlled by > the JAP project and you'll be fine. The court order is only valid for the JAP > people, so everybody else in Germany (and elsewhere of course) can offer a > non-backdoored mix which will make the cascade secure. This actually means > that all cascades but the Dresden-Dresden one are secure. > > > MfG > nordi > > > -- > Denn der Menschheit drohen Kriege, gegen welche die vergangenen wie armselige > Versuche sind, und sie werden kommen ohne jeden Zweifel, wenn denen, die sie > in aller Vffentlichkeit vorbereiten, nicht die Hdnde zerschlagen werden. > Bertolt Brecht, 1952 From shaddack at ns.arachne.cz Fri Aug 22 12:53:39 2003 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Fri, 22 Aug 2003 21:53:39 +0200 (CEST) Subject: Popular Net anonymity service back-doored (fwd) Message-ID: Yet more info. Let's not overreact before we get complete dataset. ---------- Forwarded message ---------- Date: Fri, 22 Aug 2003 09:34:27 +0200 Subject: Re: Popular Net anonymity service back-doored From: nordi To: bugtraq at securityfocus.com, full-disclosure at lists.netsys.com On Thursday, 21. August 2003 14:05, Thomas C. Greene wrote: > It's not secure, and claiming that it is taints anything else they may be > doing on behalf of users. They're *still* saying it's impossible for anyone > to intercept users' traffic or identify them. Actually, this is absolutely not what they are saying. When you visit the website of the JAP project http://anon.inf.tu-dresden.de/ it says in big, red letters: "Aus aktuellem Anlass weisen wir noch einmal ausdr|cklich daraufhin, dass sich die JAP Software in Entwicklung befindet und noch nicht maximale Sicherheit bietet. (siehe unten ... )" In English this means something like "Due to recent events we explicitly inform you of the fact that the JAP software is still being developed and does not yet provide maximum security. (see below ...)" As I said: big, red letters at the top of their main page. And when you click that "see below" link it says there "Attention! [...] This version does NOT yet implement the security features described above and desired by us. But it does alread protect you against atackers that control the net only locally at one place such as [...] the owner of a mix." So by the time you download that software you should have already read _two_ statements telling you that JAP is not as secure as it could be. It also tells you that in the current configuration, the JAP people can see all your traffic if they want to: Note that it says it will protect you against "the owner of _A_ mix". But if you take the Dresden-Dresden cascade, the JAP people obviously control _all_ of them. And the above statement already implies that in this case, JAP cannot protect you. If you still want to use JAP, http://www.heise.de/newsticker/data/uma-20.08.03-000/ (in German) tells you how to do it securely: simply use just a single mix that is not controlled by the JAP project and you'll be fine. The court order is only valid for the JAP people, so everybody else in Germany (and elsewhere of course) can offer a non-backdoored mix which will make the cascade secure. This actually means that all cascades but the Dresden-Dresden one are secure. MfG nordi -- Denn der Menschheit drohen Kriege, gegen welche die vergangenen wie armselige Versuche sind, und sie werden kommen ohne jeden Zweifel, wenn denen, die sie in aller Vffentlichkeit vorbereiten, nicht die Hdnde zerschlagen werden. Bertolt Brecht, 1952 From kelsey.j at ix.netcom.com Fri Aug 22 22:34:12 2003 From: kelsey.j at ix.netcom.com (John Kelsey) Date: Sat, 23 Aug 2003 01:34:12 -0400 Subject: paradoxes of randomness In-Reply-To: <1C8DADC8-D25C-11D7-8500-000A956B4C74@got.net> References: <20030819101307.98118.qmail@web21202.mail.yahoo.com> Message-ID: <5.2.0.9.0.20030823012845.04650c00@pop.ix.netcom.com> At 08:45 AM 8/19/03 -0700, Tim May wrote: ... >(I strongly urge you to actually do this experiment. Really. These are the >experiments which teach probability theory. No amount of book learning >substitutes.) Yep. I've often thought that one benefit to playing RPGs when I was younger was directly observing lots and lots of rolls of various kinds of dice. That gives you an intuition for how unlikely things can happen sometimes, for the difference between "very unlikely" and "impossible," etc. >So the coin has been tossed twice in this particular experiment. There is >now the possibility for equal numbers of heads and tails....but for the >second coin toss to give the opposite result of the first toss, "every >time, to balance the outcomes," the coin or the wind currents would have >to "conspire" to make the outcome the opposite of what the first toss >gave. (This is so absurd as to be not worth discussing, except that I know >of no other way to convince you that your theory that equal numbers of >heads and tails must be seen cannot be true in any particular experiment. >The more mathematical way of saying this is that the "outcomes are >independent." The result of one coin toss does not affect the next one, >which may take place far away, in another room, and so on.) In fact, I believe this is the trick that makes it very easy to distinguish between sequences of coin flips that really happen, and ones that are made up by a human. The human tends to try to make things even out over time. >--Tim May --John Kelsey, kelsey.j at ix.netcom.com PGP: FA48 3237 9AD5 30AC EEDD BBC8 2A80 6948 4CAA F259 From shaddack at ns.arachne.cz Fri Aug 22 16:47:45 2003 From: shaddack at ns.arachne.cz (Thomas Shaddack) Date: Sat, 23 Aug 2003 01:47:45 +0200 (CEST) Subject: A little more about CDROMs Message-ID: http://www.wired.com/news/medtech/0,1286,60138,00.html Summary: Coating a CD by a reagent, then exposing it to a sample that changes its color, then counting read errors on the CD. Maybe could be a nice application for the lowest-level laser signal access I proposed earlier. (It apparently really could have some unexpected applications beyond CD copying, Tim.) From kelsey.j at ix.netcom.com Fri Aug 22 23:20:43 2003 From: kelsey.j at ix.netcom.com (John Kelsey) Date: Sat, 23 Aug 2003 02:20:43 -0400 Subject: JAP back doored In-Reply-To: References: Message-ID: <5.2.0.9.0.20030823021250.04600850@pop.ix.netcom.com> At 05:54 AM 8/22/03 +0200, Thomas Shaddack wrote: >On Thu, 21 Aug 2003, Vincent Penquerc'h wrote: > > Still useful to protect against third party eavesdroppers, I guess. > >Could it be at least somehow useful as a part of some bigger scheme, a >layer of a cake? Can a distributed multilayered proxy be built with some >less-than-trusted components? For this kind of system, I think it's really hard to get much security from the people at the endpoints of the chain of anonymizers. Specifically, if the attacker has control of both the entry and exit anonymizer, or if he has control of, say, a target site and the entry anonymizer, he can pretty reliably unmask the user's identity with just a few minutes of browsing. Wei Dai discussed this idea several years ago, and I later reinvented the same idea. --John Kelsey, kelsey.j at ix.netcom.com PGP: FA48 3237 9AD5 30AC EEDD BBC8 2A80 6948 4CAA F259 From rah at shipwright.com Sat Aug 23 18:15:18 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Sat, 23 Aug 2003 21:15:18 -0400 Subject: 'Lincoln's Constitution': Desperate Times, Desperate Measures Message-ID: The usual statist apologia for statist apologia... Cheers, RAH ------- The New York Times August 24, 2003 'Lincoln's Constitution': Desperate Times, Desperate Measures By RICHARD A. POSNER LINCOLN'S CONSTITUTION By Daniel Farber. 240 pp. Chicago: The University of Chicago Press. $27.50. Since Sept. 11, 2001, the United States has been at war. It is a war unlike our previous wars, but it is a war nevertheless. War places law under pressure, and so it is timely to consider the pressure exerted on law by our previous wars, a pressure that was greatest during the Civil War. Hence ''Lincoln's Constitution,'' by Daniel Farber, a professor of law at the University of California, Berkeley, and the University of Minnesota. Farber addresses two topics. The first is the relation between the federal government and the states. Farber asks whether secession was lawful and, if not, what means were lawful to combat it. The second topic is the curtailment of civil liberties, and other constitutionally highhanded actions by Lincoln. Here the question is whether Lincoln upset the balance between the executive and the legislative and judicial branches of the federal government. Farber makes a workmanlike lawyer's case for the constitutionality of most of Lincoln's controversial measures, yet in doing so seems somehow to miss the point. In defense of suspending habeas corpus, a power that the Constitution seems pretty clearly to reserve for Congress (though Farber disagrees), Lincoln asked rhetorically and, as it seems to me, unanswerably, ''Are all the laws, but one, to go unexecuted, and the government itself go to pieces, lest that one be violated?'' In the weeks following Lincoln's inauguration, and indeed for the first two years of the war (until the almost simultaneous Union victories at Gettysburg and Vicksburg), the outcome of the Civil War was in doubt. Suspending habeas corpus may have been one of the measures that kept the Union going during this very dangerous period. The suspension not only enabled thousands of rebels and subversives to be detained without access to judges, many of whom were sympathetic to the Southern cause, but also showed Lincoln to be resolute, indeed ruthless, in the prosecution of the war. Resoluteness in times of great danger is essential to staving off defeatism; it goes some distance in explaining why Britain withstood the Nazi onslaught in 1940 and France did not. Farber is a law professor, not a historian. His method is that of close study of the constitutional text, the original understanding of the text's meaning and the Supreme Court's decisions interpreting and applying the text. The discussion is lucid and often ingenious, and the research, so far as I can judge, meticulous. But there is something rather odd about the enterprise, given that Farber is one of the relatively small band of law professors who explicitly defend pragmatism as the right way for judges and lawyers to think about law, especially American constitutional law. ''Pragmatism'' for these purposes may be defined as an overriding concern for the practical consequences, long-term as well as short-term, of constitutional principles -- as distinct from a more lawyerly insistence that such principles be ''logically'' derivable from orthodox legal materials, like the constitutional text, its understanding by the text's authors or ratifiers and previous judicial decisions from which rules applicable to new cases can be deduced. The pragmatic approach is forward-looking, asking what the decision in a case will do for us, the living. The orthodox lawyer's approach is backward-looking, asking what outcome would have the longer or better legal pedigree -- that is, would correspond more closely to some authoritative enactment or pronouncement in the past. The greater the practical consequences of a legal principle or decision, the more attractive the pragmatic approach is. That makes it a natural approach to take to constitutional law. Not only does the Constitution deal with matters of great practical significance, but it is very hard to amend, which magnifies the consequences of judicial decisions construing it. The most critical episode in the history of the United States was the Civil War. Never was the need for adjusting the law to pragmatic realities greater. Farber is not oblivious of this issue -- how could he be? -- yet it barely figures in his analysis, which is preoccupied with esoteric questions like ''the precise locus of American sovereignty.'' He makes the interesting point that the Supreme Court's recent states' rights decisions echo some of the arguments made by Jefferson Davis in support of secession, but he comments unpragmatically that ''the fact that these arguments can be deployed even today and can win the assent of . . . justices proves their durability and continuing allure.'' Pragmatists doubt that abstract arguments are what move Supreme Court justices; those arguments are, rather, the rhetorical decor of decisions reached on other, more practical grounds. Those who think it would have been disastrous had the secession succeeded will be inclined to believe that Lincoln was right to suspend habeas corpus. Was he legally right? That is a different question. One answer is that whatever measures are necessary to save the nation from suicide are, if not compelled, at least permitted by the Constitution, whatever the text, history or precedents might seem to imply. There are no limits to lawyers' ingenuity, and Farber is able to generate plausible arguments for the constitutionality of most of Lincoln's acts. With a little more effort he could defend all of them as lawful. For example, Farber endorses a particularly facile ''legal'' justification for Lincoln's suspension of habeas corpus: that since the president can use deadly force against rebels, he should be allowed to detain them indefinitely. But habeas corpus enables a court to determine whether a detained person is a rebel. That is why we try criminals rather than lynch them. (Moreover, Farber slides too easily from the question of whether Lincoln was authorized to suspend habeas corpus to whether he was authorized to flout Chief Justice Roger Taney's order granting habeas corpus, as he did. Officials are obliged to obey judicial orders even when erroneous.) There is a pragmatic argument against this approach, an argument for saying that Lincoln was right to do what he did -- in fact had no choice -- but that what he did violated the Constitution. In this view, it would have been a kind of treason had Lincoln been scrupulous in observing the limitations that the Constitution placed on his authority. There is value in distinguishing what is right from what is legal in order to avoid creating precedents that subsequent presidents might invoke in less exigent circumstances. One wouldn't want presidential suspensions of habeas corpus to become a habit. Article 48 of the Weimar Constitution allowed the president of the German Republic to suspend the Constitution in situations of emergency. The presidents invoked the power frequently, creating precedents for Hitler to employ when he took power in 1933. That is a pragmatic argument for limiting the pragmatic interpretation of our Constitution. Nonetheless, when the pressure of the practical is as enormous as it was in the Civil War, the marking off of nice legal distinctions has almost a frivolous air. Farber argues that Lincoln acted unconstitutionally when at the outset of the Civil War he used government money to pay people to recruit soldiers for the Union Army, because there was no Congressional appropriation for this purpose, and when he invited volunteers to join the Regular Army, because the raising of armies is a Congressional prerogative. It is one thing to say that the Constitution reserves the ominous power to suspend habeas corpus for Congress, and another to say that the Constitution is to be interpreted so literally that a president must use subterfuge to raise armies during a national emergency. That is the kind of literalism that would forbid the creation of the Air Force as a separate branch of the armed forces because the Constitution authorizes Congress to create and regulate only land and nava! l forces. It is curious to find a pragmatist like Farber sympathetic to such casuistry. But I do not want to end on a critical note. Farber has written a timely and important book, which should provoke fruitful discussion of enduring issues of civil liberties and judicial philosophy. Richard A. Posner's most recent book is ''Law, Pragmatism, and Democracy.'' He is a judge on the United States Court of Appeals for the Seventh Circuit. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From cpunk at lne.com Sun Aug 24 20:00:00 2003 From: cpunk at lne.com (cpunk at lne.com) Date: Sun, 24 Aug 2003 20:00:00 -0700 Subject: Cypherpunks List Info Message-ID: <200308250300.h7P300qD015246@gw.lne.com> Cypherpunks Mailing List Information Last updated: Sep 12, 2002 This message is also available at http://www.lne.com/cpunk Instructions on unsubscribing from the list can be found below. 0. Introduction The Cypherpunks mailing list is a mailing list for discussing cryptography and its effect on society. It is not a moderated list (but see exceptions below) and the list operators are not responsible for the list content. Cypherpunks is a distributed mailing list. A subscriber can subscribe to one node of the list and thereby participate on the full list. Each node (called a "Cypherpunks Distributed Remailer", although they are not related to anonymous remailers) exchanges messages with the other nodes in addition to sending messages to its subscribers. A message posted to one node will be received by the list subscribers on the other nodes, and vice-versa. 1. Filtering The various CDRs follow different policies on filtering spam and to a lesser extent on modifying messages that go to/from their subscribers. Filtering is done, on nodes that do it, to reduce the huge amount of spam that the cypherpunks list is subjected to. There are three basic flavors of filtering CDRs: "raw", which send all messages to their subscribers. "cooked" CDRs try to eliminate the spam on that's on the regular list by automatically sending only messages that are from cypherpunks list subscribers (on any CDR) or people who are replying to list messages. Finally there are moderated lists, where a human moderator decides which messages from the raw list to pass on to subscribers. 2. Message Modification Message modification policy indicates what modifications, if any, beyond what is needed to operate the CDR are done (most CDRs add a tracking X-loop header on mail posted to their subscribers to prevent mail loops). Message modification usually happens on mail going in or out to each CDR's subscribers. CDRs should not modify mail that they pass from one CDR to the next, but some of them do, and others undo those modifications. 3. Privacy Privacy policy indicates if the list will allow anyone ("open"), or only list members, or no one ("private") , to retrieve the subscribers list. Note that if you post, being on a "private" list doesn't mean much, since your address is now out there. It's really only useful for keeping spammers from harvesting addresses from the list software. Digest mode indicates that the CDR supports digest mode, which is where the posts are batched up into a few large emails. Nodes that support only digest mode are noted. 4. Anonymous posting Cypherpunks encourages anonymous posting. You can use an anonymous remailer: http://www.andrebacard.com/remail.html http://anon.efga.org/Remailers http://www.gilc.org/speech/anonymous/remailer.html or you can send posts to the list via cpunks_anon at einstein.ssz.com and your mail's headers will be stripped before posting. Note that this doesn't provide complete anonymity since the receiving site will still have log file entries showing the source of the mail (or you have to trust that they delete them). You also will be 'sharing' a reputation with the other entities that post through this alias, and some of them are spammers, so some subscribers will have this alias filtered. 5. Unsubscribing Unsubscribing from the cypherpunks list: Since the list is run from a number of different CDRs, you have to figure out which CDR you are subscribed to. If you don't remember and can't figure it out from the mail headers (hint: the top Received: line should tell you), the easiest way to unsubscribe is to send unsubscribe messages to all the CDRs listed below. How to figure out which CDR you are subscribed to: Get your mail client to show all the headers (Microsoft calls this "internet headers"). Look for the Sender or X-loop headers. The Sender will say something like "Sender: owner-cypherpunks at lne.com". The X-loop line will say something like "X-Loop: cypherpunks at lne.com". Both of these inticate that you are subscribed to the lne.com CDR. If you were subscribed to the algebra CDR, they would have algebra.com in them. Once you have figured out which CDR you're subscribed to, look in the table below to find that CDRs unsubscribe instructions. 6. Lunatics, spammers and nut-cases "I'm subscribed to a filtering CDR yet I still see lots of junk postings". At this writing there are a few sociopaths on the cypherpunks list who are abusing the lists openness by dumping reams of propaganda on the list. The distinction between a spammer and a subscriber is nearly always very clear, but the dictinction between a subscriber who is abusing the list by posting reams of propaganda and a subscriber who is making lots of controversial posts is not clear. Therefore, we tolerate the crap. Subscribers with a low crap tolerance should check out mail filters. Procmail is a good one, although it works on Unix and Unix-like systems only. Eudora also has a capacity for filtering mail, as do many other mail readers. An example procmail recipie is below, you will of course want to make your own decisions on which (ab)users to filter. # mailing lists: # filter all cypherpunks mail into its own cypherspool folder, discarding # mail from loons. All CDRs set their From: line to 'owner-cypherpunks'. # /dev/null is unix for the trash can. :0 * ^From.*owner-cypherpunks at .* { :0: * (^From:.*ravage at ssz\.com.*|\ ^From:.*jchoate at dev.tivoli.com.*|\ ^From:.*mattd at useoz.com|\ ^From:.*proffr11 at bigpond.com|\ ^From:.*jei at cc.hut.fi) /dev/null :0: cypherspool } 7. List of current CDRs All commands are sent in the body of mail unless otherwise noted. --------------------------------------------------------------------------- Algebra: Operator: Subscription: "subscribe cypherpunks" to majordomo at algebra.com Unsubscription: "unsubscribe cypherpunks" to majordomo at algebra.com Help: "help cypherpunks" to majordomo at algebra.com Posting address: cypherpunks at algebra.com Filtering policy: raw Message Modification policy: no modification Privacy policy: ??? Info: ??? --------------------------------------------------------------------------- CCC: Operator: drt at un.bewaff.net Subscription: "subscribe [password of your choice]" to cypherpunks-request at koeln.ccc.de Unsubscription: "unsubscribe " to cypherpunks-request at koeln.ccc.de Help: "help" to to cypherpunks-request at koeln.ccc.de Web site: http://koeln.ccc.de/mailman/listinfo/cypherpunks Posting address: cypherpunks at koeln.ccc.de Filtering policy: This specific node drops messages bigger than 32k and every message with more than 17 recipients or just a line containing "subscribe" or "unsubscribe" in the subject. Digest mode: this node is digest-only NNTP: news://koeln.ccc.de/cbone.ml.cypherpunks Message Modification policy: no modification Privacy policy: ??? --------------------------------------------------------------------------- Infonex: Subscription: "subscribe cypherpunks" to majordomo at infonex.com Unsubscription: "unsubscribe cypherpunks" to majordomo at infonex.com Help: "help cypherpunks" to majordomo at infonex.com Posting address: cypherpunks at infonex.com Filtering policy: raw Message Modification policy: no modification Privacy policy: ??? --------------------------------------------------------------------------- Lne: Subscription: "subscribe cypherpunks" to majordomo at lne.com Unsubscription: "unsubscribe cypherpunks" to majordomo at lne.com Help: "help cypherpunks" to majordomo at lne.com Posting address: cypherpunks at lne.com Filtering policy: cooked Posts from all CDR subscribers & replies to threads go to lne CDR subscribers. All posts from other CDRs are forwarded to other CDRs unmodified. Message Modification policy: 1. messages are demimed (MIME attachments removed) when posted through lne or received by lne CDR subscribers 2. leading "CDR:" in subject line removed 3. "Reply-to:" removed Privacy policy: private Info: http://www.lne.com/cpunk; "info cypherpunks" to majordomo at lne.com Archive: http://archives.abditum.com/cypherpunks/index.html (thanks to Steve Furlong and Len Sassaman) --------------------------------------------------------------------------- Minder: Subscription: "subscribe cypherpunks" to majordomo at minder.net Unsubscription: "unsubscribe cypherpunks" to majordomo at minder.net Help: "help" to majordomo at minder.net Posting address: cypherpunks at minder.net Filtering policy: raw Message Modification policy: no modification Privacy policy: private Info: send mail to cypherpunks-info at minder.net --------------------------------------------------------------------------- Openpgp: [openpgp seems to have dropped off the end of the world-- it doesn't return anything from sending help queries. Ericm, 8/7/01] Subscription: "subscribe cypherpunks" to listproc at openpgp.net Unsubscription: "unsubscribe cypherpunks" to listproc at openpgp.net Help: "help" to listproc at openpgp.net Posting address: cypherpunks at openpgp.net Filtering policy: raw Message Modification policy: no modification Privacy policy: ??? --------------------------------------------------------------------------- Ssz: Subscription: "subscribe cypherpunks" to majordomo at ssz.com Unsubscription: "unsubscribe cypherpunks" to majordomo at ssz.com Help: "help cypherpunks" to majordomo at ssz.com Posting address: cypherpunks at ssz.com Filtering policy: raw Message Modification policy: Subject line prepended with "CDR:" Reply-to cypherpunks at ssz.com added. Privacy policy: open Info: http://www.ssz.com/cdr/ --------------------------------------------------------------------------- Sunder: Subscription: "subscribe" to sunder at sunder.net Unsubscription: "unsubscribe" to sunder at sunder.net Help: "help" to sunder at sunder.net Posting address: sunder at sunder.net Filtering policy: moderated Message Modification policy: ??? Privacy policy: ??? Info: ??? --------------------------------------------------------------------------- Pro-ns: Subscription: "subscribe cypherpunks" to majordomo at pro-ns.net Unsubscription: "unsubscribe cypherpunks" to majordomo at pro-ns.net Help: "help cypherpunks" to majordomo at pro-ns.net Posting address: cypherpunks at pro-ns.net Filtering policy: cooked Posts from all CDR subscribers & replies to threads go to local CDR subscribers. All posts from other CDRs are forwarded to other CDRs unmodified. Message Modification policy: 1. leading "CDR:" in subject line removed 2. "Reply-to:" removed Privacy policy: private Info: http://www.pro-ns.net/cpunk From ravage at einstein.ssz.com Mon Aug 25 05:44:05 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Mon, 25 Aug 2003 07:44:05 -0500 (CDT) Subject: RSA Seeks to Fix RFID Worries (fwd) Message-ID: http://www.eweek.com/article2/0,3959,1229502,00.asp -- -- ravage at ssz.com jchoate at open-forge.com www.ssz.com www.open-forge.com From ravage at einstein.ssz.com Mon Aug 25 06:04:26 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Mon, 25 Aug 2003 08:04:26 -0500 (CDT) Subject: Iraq Travel Warning (fwd) Message-ID: ---------- Forwarded message ---------- Date: Mon, 25 Aug 2003 08:58:25 -0400 From: PA List Manager To: DOSTRAVEL at LISTS.STATE.GOV Subject: Iraq Travel Warning Iraq Travel Warning United States Department of State Bureau of Consular Affairs Washington, DC 20520 August 22, 2003 This Travel Warning provides updated information on the security situation in Iraq and advises Americans of the bombing at the UN headquarters that resulted in deaths and injuries of American citizens. The security threat to all American citizens in Iraq remains high. This replaces the Travel Warning of July 15, 2003. On August 19, 2003, an explosion occurred at the UN headquarters located at the Canal Hotel in Baghdad. An explosion also occurred at the Jordanian Embassy in Baghdad on August 7, 2003. The Department of State continues to strongly warn U.S. citizens against travel to Iraq. Although the restrictions on the use of U.S. passport travel to, in or through Iraq has been lifted, travel to Iraq remains dangerous. Remnants of the former Baath regime, transnational terrorists, and criminal elements remain active. Coalition led military operations continue, and there are daily attacks against Coalition forces throughout the country. Attacks have occurred in Baghdad, Faluja, Ramadi, Tikrit, Bayji, Baqubah, Mosul, Kirkuk and other areas, but the security environment in all of Iraq remains volatile and unpredictable. Attacks on coalition forces as well as civilian targets usually occur during the late evening and early morning hours. Travel at night is extremely dangerous. There have been attacks on civilian as well as military convoys. Travelers are strongly urged to travel in convoys of at least four vehicles in daylight hours only. There has been an increase in the use of Improvised Explosive Devices (IED) and/or mines on roads, particularly in plastic bags, soda cans, and dead animals. Grenades and explosives have been thrown into vehicles from overpasses, particularly in crowded areas. There is a U.S. consular officer in Baghdad who can provide limited emergency services to U.S. citizens in Iraq and is located at the Iraq Forum (Convention Center) across from the al-Rashid Hotel. The consular officer cannot provide visa service. American citizens who choose to visit or remain in Iraq despite the warning contained herein are urged to pay close attention to their personal security, should avoid rallies and demonstrations, and should inform the U.S. consular officer of their presence in Iraq. American citizens may obtain the latest security information or other information about Iraq by phone: 1-914-360-1025, or by e-mail: payneba at orha.centcom.mil. Detailed security information is also available at http://www.centcom.mil. Updated information on travel and security in Iraq may be obtained from the Department of State by calling 1-888-407-4747 within the United States, and from overseas, 1-317-472-2328. U.S. citizens who plan to travel to or remain in Iraq despite this Travel Warning should consult the Department of State's latest Consular Information sheets and the current Worldwide Caution Public Announcement, which are available on the Department's Internet site at http://travel.state.gov. *********************************************************** See http://travel.state.gov/travel_warnings.html for State Department Travel Warnings ************************************************************ To change your subscription, go to http://www.state.gov/www/listservs_cms.html From mv at cdc.gov Mon Aug 25 09:23:44 2003 From: mv at cdc.gov (Major Variola (ret.)) Date: Mon, 25 Aug 2003 09:23:44 -0700 Subject: "domestic terrorism", fat lazy amerikans & ducks Message-ID: <3F4A380F.FB20A1A@cdc.gov> As expected, animal and environmental activists are now being called terrorists. Foie Gras Flap Leads to Vandalism Sonoma Police Chief John Gurney, who described the attacks as a "sophisticated campaign of domestic terrorism," said: "They're trying to impose their beliefs on others through the use of force, fear and intimidation." Manrique said the vandals had left behind a videotape of his family inside the house that had been shot through a window. http://www.latimes.com/news/local/la-me-foiegras25aug25,1,2739877.story?coll=la-home-todays-times The radical group Earth Liberation Front issued an unsigned e-mail Friday calling the incidents ELF actions,'' and the FBI was investigating the dealership fire as domestic terrorism, Police Chief Frank Wills said. http://www.mtstandard.com/articles/2003/08/23/newsnationworld_top/hjjgjbhgjbhgjj.txt From rah at shipwright.com Mon Aug 25 07:38:03 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Mon, 25 Aug 2003 10:38:03 -0400 Subject: Report: Giorgio Agamben. Stato di eccezione Message-ID: --- begin forwarded text From patrick at lfcgate.com Mon Aug 25 10:40:20 2003 From: patrick at lfcgate.com (Patrick) Date: Mon, 25 Aug 2003 11:40:20 -0600 Subject: "domestic terrorism", fat lazy amerikans & ducks In-Reply-To: <3F4A380F.FB20A1A@cdc.gov> Message-ID: <00b601c36b2f$f8249d90$0200a8c0@scylla> > As expected, animal and environmental activists are now being called > terrorists. Not new; some have been labeled terrorists for a long time, with good reason. But don't confuse activists with terrorists. Handing out leaflets is activism. Planting firebombs in restaurants is terrorism. http://www.activistcash.com has some introductory material on how PETA is connected with ALF, ELF, etc. Patrick From hseaver at cybershamanix.com Mon Aug 25 10:27:10 2003 From: hseaver at cybershamanix.com (Harmon Seaver) Date: Mon, 25 Aug 2003 12:27:10 -0500 Subject: "domestic terrorism", fat lazy amerikans & ducks In-Reply-To: <00b601c36b2f$f8249d90$0200a8c0@scylla> References: <3F4A380F.FB20A1A@cdc.gov> <00b601c36b2f$f8249d90$0200a8c0@scylla> Message-ID: <20030825172710.GB4964@cybershamanix.com> On Mon, Aug 25, 2003 at 11:40:20AM -0600, Patrick wrote: > > As expected, animal and environmental activists are now being called > > terrorists. > > Not new; some have been labeled terrorists for a long time, with > good reason. Good reason? EarthFirsters are called terrorists when they treesit or blockade roads. How about releasing furfarm mink, do you consider that terrorism as well? AFAIK, neither ELF or ALF has every harmed a human, so calling them terrorists is just statist agitprop. > But don't confuse activists with terrorists. Handing out > leaflets is activism. Planting firebombs in restaurants is terrorism. > > http://www.activistcash.com has some introductory material on > how PETA is connected with ALF, ELF, etc. > > > Patrick -- Harmon Seaver CyberShamanix http://www.cybershamanix.com From ravage at einstein.ssz.com Mon Aug 25 10:38:04 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Mon, 25 Aug 2003 12:38:04 -0500 (CDT) Subject: DHS has 1 in 12 federal employees (fwd) Message-ID: http://www.post-gazette.com/pg/03237/214959.stm -- -- ravage at ssz.com jchoate at open-forge.com www.ssz.com www.open-forge.com From mv at cdc.gov Mon Aug 25 13:34:19 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Mon, 25 Aug 2003 13:34:19 -0700 Subject: Schneier at toorcon 2003 Message-ID: <3F4A72CB.9AFEA138@cdc.gov> I'm told by an organizer that Bruce Schneier will be speaking at toorcon in San Diego this year. See www.toorcon.org for info. From mv at cdc.gov Mon Aug 25 13:47:26 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Mon, 25 Aug 2003 13:47:26 -0700 Subject: "domestic terrorism", fat lazy amerikans & ducks Message-ID: <3F4A75DD.999E7998@cdc.gov> At 11:40 AM 8/25/03 -0600, Patrick wrote: > But don't confuse activists with terrorists. Handing out >leaflets is activism. Planting firebombs in restaurants is terrorism. Sabotage needn't induce terror, and leaflets can induce terror. Hell, art projects can induce terror, and sabotage can be unnoticed. ---- Additional case studies are needed, however, to determine which traits of chemical and biological terrorists might help identify them because charisma, paranoia, and grandiosity are alo found to varying degreees among, for example, leaders of political parties, large corporations, and academic depts. --John T Finn, _Science_ v 289 1 sept 2000 From wolf at priori.net Mon Aug 25 14:44:18 2003 From: wolf at priori.net (Meyer Wolfsheim) Date: Mon, 25 Aug 2003 14:44:18 -0700 (PDT) Subject: Schneier at toorcon 2003 In-Reply-To: <3F4A72CB.9AFEA138@cdc.gov> Message-ID: On Mon, 25 Aug 2003, Major Variola (ret) wrote: > I'm told by an organizer that > Bruce Schneier will be speaking at toorcon in San Diego this year. > See www.toorcon.org for info. This is of interest why? From Ned.Rossiter at arts.monash.edu.au Sun Aug 24 22:01:23 2003 From: Ned.Rossiter at arts.monash.edu.au (Ned Rossiter) Date: Mon, 25 Aug 2003 15:01:23 +1000 Subject: Report: Giorgio Agamben. Stato di eccezione Message-ID: [here's a fascinating report from Brett Neilson on Agamben's latest book, yet to be translated. Among other things, the report nicely illuminates the Schmittian problematic of a 'state of exception' via the Schmitt-Benjamin dialogue, pointing out why such a juridico-political condition remains useful as an object of critique for thinking many current crises in life in the 'global civil war'./Ned] Giorgio Agamben. Stato di eccezione. Torino: Bollati Borighieri. 2003 Brett Neilson University of Western Sydney At a time when Australians face trial before U.S. military tribunals, asylum seekers languish in camps like Baxter and Nauru, and new government legislation allows the detention of Australian citizens themselves, the prose of Giorgio Agamben burns with relevance for those who live on the southern continent. Stato di eccezione is Agamben's latest offering, an extension and deepening of Homo sacer (1995)--of which it announces itself as Volume II, Part 1. Growing more directly from this earlier text than Quel che resta di Auschwitz (1998), Volume III of Homo sacer, the book is at once more historically grounded and more politically audacious. Agamben steps away from the pessimistic analytic of 'bare life' to recover some of the redemptive energy that inhabits La communit} che viene (1990), his best-known work among English language readers. Perhaps it is the force with which emergency powers have gripped the world in the past two years that lends Stato di eccezione a political intensity that remains wholly current even as it interrogates Roman republican law and plummets the ontological depths of early 20th-century thinkers like Carl Schmitt and Walter Benjamin. In the opening pages of Stato di eccezione, Agamben announces that 'before the unstoppable progression of what has been identified as a "global civil war," the state of exception tends ever more to present itself as the dominant paradigm of government in contemporary politics.' The reference to 'global civil war' signals an immediate concern with the current transformations of world order, even as the text notes that this term first appears in 1961 (both in the work of Hannah Arendt and Carl Schmitt). Agamben identifies the 'military order' issued by George W. Bush on 13 November 2001 (subjecting non-citizens suspected of terrorist activities to indefinite detention and military tribunals) as the most recent in a line of emergency measures that open a no-man's-land between the political and the juridical. The French Htat de siKge (which finds its origins in the eighteenth century Revolution), article 48 of the Weimar constitution (mobilized over 250 times before 1933), the Italian decreto di urgenza (which became the normal means of governmental legislation following World War II), the emergency powers of the British parliament (introduced with the Defence of the Realm Act in 1914), and the capacity of the U.S. president to issue 'executive orders' (which allowed Lincoln to suspend to writ of habeas corpus in 1861, Wilson to assume emergency powers in 1917-18, and F.D. Roosevelt to declare a national emergency six hours after assuming power in 1933)--all of these attest the inextricable link between the state of exception and the normal functioning of the bourgeois democratic state. Far from being a hallmark of totalitarian rule, the state of exception 'presents itself as a zone of indetermination between democracy and absolutism.' Thus even those who argue that emergency powers are necessary to safeguard democracy, such as Clinton. L. Rossiter--author of Constitutional Dictatorship: Crisis Government in the Modern Democracies (1948, must recognize the mutual implication of the emergency state and absolutist government, noting that 'the constitutional use of emergency powers is becoming the rule and not the exception.' As in Homo sacer, Agamben's argument finds its point of departure in Carl Schmitt's Political Theology. Schmitt describes the state of exception as a kind of legal vacuum, a 'suspension of the legal order in its totality.' But for him, the issue is to ensure a relation, no matter what type, between the state of emergency and the legal order: 'The state of emergency is always distinguished from anarchy and chaos and, in the legal sense, there is still order in it, even through it is not a legal order.' The state of emergency introduces a zone of anomy into the law, and thus it can be presented as a doctrine of sovereignty. The sovereign, who proclaims the state of emergency, remains anchored in the legal order. But precisely because this decision concerns a nullification of the norm, and consequently, because the state of emergency represents the control of a space that is neither external nor internal, 'the sovereign remains exterior to the normally valid legal order, and nevertheless belongs to it.' In Stato di eccezione, Agamben works to sever this link between sovereign power and legal order, revealing an 'essential fiction' that underlies the push to 'global civil war.' The book thus points to a 'countermovement' that separates life from law--a force that 'melts that which has been artificially and violently linked.' There are three main moments to this countermovement. 1. First is Agamben's interpretation of the term 'force-of-law,' which, as he notes, supplies the title for a 1990 lecture by Jacques Derrida. For Agamben, it is astounding that, despite the debate between philosophers and legal theorists occasioned by this lecture, there has been little analysis of the 'enigmatic formula' that provides its title. Following article six of the French constitution of 1791, he finds the term 'force-of-law' to designate the indestructible character of the law--the supreme value of acts expressed by an assembly representative of the people (which the sovereign can neither abrogate nor modify). In the technical sense, 'force-of-law' refers not to the law itself, but to decrees that have, as the expression goes, 'force-of-law'--decrees that executive power can be authorized to give, and most notably in the state of exception. The term identifies a gap between the efficacy of the law and its formal essence, and this means that acts that do not have the value of law can acquire the 'force-of-law.' For Agamben, this separation between law and 'force-of-law' characterizes the state of exception. In the state of exception, the 'force-of-law' can exist without law. There is a radical separation between potential and act as well as a mystical element or fiction that seeks to eliminate this disconnection. Far from leading back to the legal order, as Schmitt contends, the state of exception exhibits the 'impossible conjuncture' between norm and reality, or between the law and its application. It is a limit zone where logic and practice intermingle and a pure violence without logos activates an enunciation with no real referent. 2. To deepen his case against Schmitt, Agamben offers an analysis of the Roman republican convention of the iustitium--an ancient precedent for the state of exception. When the Roman senate was alerted to a situation that seemed to threaten or compromise the republic, they pronounced a senatus consultum ultimum. This involved the declaration of a tumultus or a state of emergency whose consequence was the proclamation of the iustitium. The iustitium involved not a suspension of the framework of justice but a suspension of the law itself. Following Adolphe Nissen's Das Iustitium (1877), Agamben distinguishes the legal void of the iustitium from the paradigm of dictatorship. Under the Roman constitution, a dictator was a special type of magistrate selected by the consuls, whose wide powers were conferred by means of a lex curiata that defined their scope. In the iustitium, by contrast, there was no creation of a new magistrate. The powers enjoyed by the magistrates under the iustitium resulted not from the conferment of a dictatorial imperium but from the suspension of laws that limited their actions. Agamben points out that the same is true for modern emergency powers. It is a mistake to confuse the state of exception with dictatorship (a fullness of powers or pleromatic state of law)--and this is, indeed, the limit of Schmitt's analysis. In spite of the common view, neither Hitler nor Mussolini was a dictator. Hitler, in particular, was Chancellor of the Reich, legally appointed by the president. What was so dangerous about the Nazi regime is that it allowed the Weimar constitution to remain valid, while doubling it with a secondary and legally non-formalized structure that could only exist alongside the first by virtue of a generalized state of emergency. For one reason or another, the existence of such spaces devoid of law seems so essential to the legal order that the latter must make every possible effort to assure a relation to the former, as if the law in order to guarantee its functioning must necessarily entertain a relation to anomy. 3. In this perspective, Agamben reads the debate on the state of emergency that pitted Carl Schmitt against Walter Benjamin from 1928 to 1940. Schmitt's influence on Benjamin has always appeared scandalous, but Agamben attempts to reverse this scandal, suggesting that Schmitt's theory of sovereignty must be read as response to Benjamin's 'Critique of Violence.' In this 1921 essay, Benjamin posits the existence of a 'pure' or 'revolutionary' violence--that is, violence outside the law, a violence that ruptures the dialectic between the violence that institutes the law (constituent power) and the violence that upholds the law (constituted power). Agamben argues that the state of emergency is the means invented by Schmitt to respond to this postulation of a pure violence. For Schmitt, there can be no violence absolutely exterior to the nomos, because revolutionary violence, once the state of emergency is established, always finds itself to be included in the law. Benjamin's definitive response to Schmitt is the famous passage in 'Theses on the Philosophy of History' where he surmises that 'the "state of emergency" in which we live is not the exception but the rule.' But before revisiting those important lines, Agamben detours through Benjamin's The Origin of German Tragic Drama, which contrasts Schmitt's theory of sovereign decision with the notion of sovereign indecision. Far from deciding on the state of exception (and thereby including it in the legal order), the sovereign in the German tragic drama aims to avoid such emergency measures (to keep them separate from the legal order): 'Whereas the modern concept of sovereignty amounts to a supreme executive power on the part of the prince, the baroque concept emerges from a discussion of the state of emergency, and makes it the most important function of the prince to avert this.' Confronted with the decision to proclaim an emergency, the sovereign reveals that 'he is almost incapable of making a decision.' The fracture between sovereign power and the capacity to act thus becomes impassable. For Benjamin, the state of exception leads not to the restoration of legal order but to a generalized catastrophe. And in this catastrophe, the transcendental claims of sovereign power are vanquished: 'However highly he is enthroned over subject and state, ... [the sovereign] is confined to the world of creation; he is lord of the creatures, but he remains a creature.' This figure of generalized catastrophe under a sky void of transcendental authority haunts Agamben's description of a 'global civil war' characterized by 'governmental violence that ignores international law externally and produces a permanent state of exception internally, while all the time pretending to uphold the law.' Far from facilitating a return to the 'state of law,' the current global emergency throws the very concepts of the 'state' and 'law' into question. Today the state of exception has reached its 'maximum planetary unfolding' and manifests itself as an unrestrained festival in which pure violence is exercised in full freedom. Not accidentally does the term iustitium, after the fall of the Roman republic, come to designate the period of public mourning following the sovereign's death. According to classicist Karl Meuli, anomic festivals (such as the Roman saturnalia, the charivari, and the medieval carnival) display a connection with the situations of suspended law that characterize certain archaic penal institutions. They thus reveal the anomic drive that lies at the very heart of the nomos. As Agamben explains, 'in the exhibition of the mournful character of every festival and the festive character of every mourning, law and anomy show their distance and, at the same time, their secret solidarity.' This double movement adds a new level of disingenuousness to one of the most feted comments of recent Australian public life--Immigration Minister Phillip Ruddock's description of the former Lager at Woomera: 'It's not a holiday camp, nor should it be seen as one.' For Agamben, the Western political system is founded in the double movement between two heterogeneous and antithetical elements: nomos and anomy, legal right and pure violence, the law and the forms of life whose articulation is guaranteed by the state of emergency. In opposition to the movement that seeks to maintain the relation between these elements, he poses a countermovement that seeks to break the fictional link between violence and the law. He thus understands contemporary Western culture as a 'field of tensions' in which two opposing forces clash--one that institutes and imposes, the other that deactivates and deposes. There can be no hope of flattening these forces onto indifference, or containing them in the synthesizing logic of dialectic. But equally it is only possible to distinguish them by virtue of their articulation in the biopolitical machine--'bare life is a product of the machine and not something that pre-exists it.' The task of a radical politics is to break the link between violence and the law, an action that implies not the return to an original state but the accession to a new condition. Stato di eccezione is Agamben's most sustained blueprint of this politics-to-come, a document that charts an ethical and conceptual path beyond the state of exception by providing tools to break into and move through it. Dr. Brett Neilson Centre for Cultural Research University of Western Sydney PENRITH SOUTH DC NSW 1797 AUSTRALIA Tel: +61-2-4736-0387 Fax: +61-2-4736-0224 http://www.uws.edu.au/ccr Free Trade in the Bermuda Triangle ... and Other Tales of Counterglobalization http://www.upress.umn.edu/Books/N/neilson_free.html # distributed via : no commercial use without permission # is a moderated mailing list for net criticism, # collaborative text filtering and cultural politics of the nets # more info: majordomo at bbs.thing.net and "info nettime-l" in the msg body # archive: http://www.nettime.org contact: nettime at bbs.thing.net --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From sunder at sunder.net Mon Aug 25 13:40:52 2003 From: sunder at sunder.net (Sunder) Date: Mon, 25 Aug 2003 16:40:52 -0400 (edt) Subject: "domestic terrorism", fat lazy amerikans & ducks In-Reply-To: <3F4A380F.FB20A1A@cdc.gov> Message-ID: So what are the bets as to how soon they'll start calling democrats terrorists? :) ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------ On Mon, 25 Aug 2003, Major Variola (ret.) wrote: > As expected, animal and environmental activists are now being called > terrorists. From ravage at einstein.ssz.com Mon Aug 25 14:42:14 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Mon, 25 Aug 2003 16:42:14 -0500 (CDT) Subject: Slashdot | DeCSS Loses Free Speech Shield (fwd) Message-ID: http://yro.slashdot.org/yro/03/08/25/1940200.shtml?tid=123&tid=153&tid=99 -- -- ravage at ssz.com jchoate at open-forge.com www.ssz.com www.open-forge.com From ravage at einstein.ssz.com Mon Aug 25 15:24:11 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Mon, 25 Aug 2003 17:24:11 -0500 (CDT) Subject: "domestic terrorism", fat lazy amerikans & ducks In-Reply-To: <3F4A380F.FB20A1A@cdc.gov> Message-ID: On Mon, 25 Aug 2003, Major Variola (ret.) wrote: > As expected, animal and environmental activists are now being called > terrorists. > > > Foie Gras Flap Leads to Vandalism > > Sonoma Police Chief John Gurney, who described the attacks as a > "sophisticated campaign of domestic terrorism," said: "They're trying to > impose their beliefs on others through the use of force, fear and > intimidation." Ask him why he carries a gun. While I don't agree with their methods in all cases it seems to me that they're not telling people what to do, but rather telling others to stop doing it to them. The reality is that the domestic activist movement has only made progress when resorting to violence and destruction. Look at the womens rights movement, 60's civil rights movement, conservation movements in the 60's and 70's. Anything less and the powers that be choose $$$$ over anything else. It's the nature of the beast who goes for these sorts of positions of 'authority'. A perfect example of why greed is -not- good and 'power' should never be placed in one 'authority'. -- -- ravage at ssz.com jchoate at open-forge.com www.ssz.com www.open-forge.com From ravage at einstein.ssz.com Mon Aug 25 15:49:37 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Mon, 25 Aug 2003 17:49:37 -0500 (CDT) Subject: "domestic terrorism", fat lazy amerikans & ducks In-Reply-To: <00b601c36b2f$f8249d90$0200a8c0@scylla> Message-ID: On Mon, 25 Aug 2003, Patrick wrote: > leaflets is activism. Planting firebombs in restaurants is terrorism. Is spiking a tree? Exactly whose tree is it anyway? What happens when the last whale is in the harpoon site, is it ok to ruin the shot? It's not as simple as you make it out to be. The reality is there is a whole host of response ranges that exist between flyers and firebombs. Your binary view is simply an indicator of your brainwashing ;) -- -- ravage at ssz.com jchoate at open-forge.com www.ssz.com www.open-forge.com From ravage at einstein.ssz.com Mon Aug 25 15:52:42 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Mon, 25 Aug 2003 17:52:42 -0500 (CDT) Subject: Hangar 18 Weekly Social Message-ID: Asymmetric Clustering... Distributed Name Space... Global Sign-on... Guerrilla Networking... Open Source Technology... Do these words make your heart beat faster and your breath go shallow? If so then perhaps you should become involved with Hangar 18. We are a tit-for-tat group of computer hobbyist of a wide range of skills intent on building the next computing infra-structure using Open Source technology. We don't focus on any one form of technology but instead focus on real world applications in grid or large scale distributed computing. Time: Aug. 28, 2003 Every Thursday, excluding national holidays 8:00 - 9:00 pm (or later) http://open-forge.org Location: The Robot Group http://robotgroup.net Please contact the Robot Group for directions if you don't know how to get their, per their request. The location varies from week to week so be sure to check with an active Hangar 18 member (or join the mailing list!) for more information. Identification: We'll be the group with the Plan 9 OS box on the table...;) From ravage at einstein.ssz.com Mon Aug 25 16:35:47 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Mon, 25 Aug 2003 18:35:47 -0500 (CDT) Subject: Slashdot | Florida Proposes Taxing Local LANs (fwd) Message-ID: http://yro.slashdot.org/yro/03/08/25/2248224.shtml?tid=103&tid=98&tid=99 -- -- ravage at ssz.com jchoate at open-forge.com www.ssz.com www.open-forge.com From ravage at einstein.ssz.com Mon Aug 25 16:36:56 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Mon, 25 Aug 2003 18:36:56 -0500 (CDT) Subject: Slashdot | Florida Proposes Taxing Local LANs (fwd) Message-ID: http://yro.slashdot.org/yro/03/08/25/2248224.shtml?tid=103&tid=98&tid=99 -- -- ravage at ssz.com jchoate at open-forge.com www.ssz.com www.open-forge.com From ravage at einstein.ssz.com Mon Aug 25 16:37:22 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Mon, 25 Aug 2003 18:37:22 -0500 (CDT) Subject: Slashdot | Is Linux as Secure as We'd Like to Think? (fwd) Message-ID: http://ask.slashdot.org/askslashdot/03/08/25/1959204.shtml?tid=106&tid=126&tid=172&tid=185&tid=95 -- -- ravage at ssz.com jchoate at open-forge.com www.ssz.com www.open-forge.com From mv at cdc.gov Mon Aug 25 20:09:22 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Mon, 25 Aug 2003 20:09:22 -0700 Subject: Schneier at toorcon 2003 Message-ID: <3F4ACF62.CC4D475C@cdc.gov> At 02:44 PM 8/25/03 -0700, Meyer Wolfsheim wrote: >On Mon, 25 Aug 2003, Major Variola (ret) wrote: > >> I'm told by an organizer that >> Bruce Schneier will be speaking at toorcon in San Diego this year. >> See www.toorcon.org for info. > >This is of interest why? Because it was previously untrue, and now, being true, should be advertized to the relevant audience. From rah at shipwright.com Mon Aug 25 17:22:00 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Mon, 25 Aug 2003 20:22:00 -0400 Subject: "domestic terrorism", fat lazy amerikans & ducks In-Reply-To: References: Message-ID: At 4:40 PM -0400 8/25/03, Sunder wrote: >So what are the bets as to how soon they'll start calling democrats >terrorists? :) Aren't they? :-) Cheers, RAH They're socialists, at the very least... -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rabbi at abditum.com Mon Aug 25 20:27:20 2003 From: rabbi at abditum.com (Len Sassaman) Date: Mon, 25 Aug 2003 20:27:20 -0700 (PDT) Subject: Is it time to kill the JAP backdoor cretins and their families? In-Reply-To: Message-ID: On Thu, 21 Aug 2003, Tim May wrote: > It would be easy for me to say that all of the operators connected with > JAP should be killed, either necklaced and left to burn in their > driveways, with perhaps their families (children, siblings, parents) > also tortured to death, or at least that the offices of JAP should be > firebombed, but I will not do this. For what it is worth, there has been a lot of good theory research in the field of strong anonymity to come out of Dresden. Operators of anonymity services, of course, are free to do what they wish with their services: log, not log, restrict users, etc., as long as their policies are clearly presented to their users. To lie to their users and to misrepresent the level of anonymity provided by the system is reprehensible. > But of course those who placed any faith in "trust us, we won't narc > you out!" software are the real fools. It's this point of Tim's I have been meaning to address, since it isn't quite as simple as this. First of all, JAP was presented as something other than the above. It was not a "trust us" system -- it used mixes, with independent operators. JAP was intended to be a "trust the laws of mathematics" system, and was undermined by the software authors. I won't go into a lot of detail about why low-latency mixes are more likely to be breakable, even when deployed correctly, as this is covered pretty well in the literature. But I would like to suggest that, in some cases, a "trust us not to narc you out" system may, in fact, be superior to the alternatives. The Cypherpunk adage "trust in the laws of mathematics, not of men" excludes a third evaluation classification: the laws of reputation and economics. Let's look at JAP vs. Anonymizer, prior to the JAP backdoor issue: o JAP was a low-latency mix cascade system with independent operators. o JAP had ~ 30K users. o JAP was run primarily by educational/research institutions with government influence. o Anonymizer is a low-latency single-hop proxy system with one operator. o Anonymizer has ~ 100K paid users, and an undetermined amount of free users. (Estimates are as high as 2 mil, though that may be a stretch). o Anonymizer is a for-profit company that makes its money by not narc'ing out its users. >From the laws of math vs. men standpoint, JAP looks like it was the better choice. However, even when setting aside the issue that our understanding of the math involved may be flawed, JAP quickly becomes less appealing choice once the other factors are considered. University / government funded research relies on grants for its existence. This makes the operators beholden to the source of grant funds. It also eliminates an economic incentive to put users first. Private companies offering privacy/anonymity services are faced with a direct correlation between revenue and delivery of such services. Should a company like Anonymizer violate its stated privacy policy and misrepresent its level of security, as JAP did, the results would be devastating to the viability of the company. The JAP group, on the other hand, is facing nothing more than a little bad PR and the loss of some users. (Many of those 30,000 probably are unaware of the silent compromise of JAP security). Then there is the anonymity-set issue. With almost 4 times the number of users as JAP, Anonymizer is much stronger against many adversaries who lack sophisticated attack capabilities. Anonymity is difficult to achieve. If the number of users of a system is too small to provide sufficient cover traffic for the individual users, it does not matter how "secure" the system is -- it can be treated as a black box, and its users' actions analyzed. Honestly, as much as it pains me to say this as maintainer of Mixmaster, one is probably a lot safer using Anonymizer and Hotmail to send anonymous email than Mixmaster (against most realistic adversaries at this point) simply based on the respective size of the user bases. Hopefully that will improve greatly as the Mixmaster network continues to mature, and remailer software gets easier to use. [Yes, as a "trust-us" system, Anonymizer isn't appropriate for some uses that a correctly implemented and deployed verifiably strong anonymity system would be. However, those uses aren't likely to be common. But one must evaluate his own threat models and take whatever precautions are necessary.] --Len. From dave at farber.net Mon Aug 25 17:35:58 2003 From: dave at farber.net (Dave Farber) Date: Mon, 25 Aug 2003 20:35:58 -0400 Subject: [IP] blackmail / real world stego use Message-ID: >Date: Sat, 23 Aug 2003 00:00:11 +0200 >From: Barry Wels >Subject: blackmail / real world stego use >Sender: owner-cryptography at metzdowd.com >To: cryptography at metzdowd.com > > >Hi, > >So far I have only found one English item in the news about this. > >http://www.expatica.com/index.asp?pad=2,18,&item_id=33655 > >So let me translate some of the dutch information about this >interesting case : > >A 45-year old chip designer from Utrecht was arrested June 3. >He confessed to have tried to blackmail the 'Campina' food company. >He had threatened to poison their products, and demanded 200.000 euro. >The most remarkable thing about this case is however how he >communicated with Campina, and how he thought to receive the money. > >He forced Campina to open a bank account, and get a 'world card' with >it. Then they had to deposit 200.000 Euro on it (about 185.000 >US dollar). He ordered them to buy a credit card reader, and read the >information off the magnetic-stripe of the 'world card'. >Then they had to send him the output of the card reader, together with >the pin code. With this information, he then could create a copy of >the 'world card' using a card-writer and a blank card. > >To send him the information, he made them use steganography! >Campina received an envelope via snailmail containing a floppy with a >stego program and instructions. >They had to encode the 'world card' info into a picture of a red VW >golf, using the stego program, and a fixed crypto key that was >included in the envelope. >Finally, they had to place the picture in a fake add on a website >where large amounts of people sell/buy second hand cars. >He would then read the add, and make a copy of the picture. >Decode the stego info out of it, write his own copy of the card, >and withdraw money. Without ever having personal contact with Campina >(or the police). To be real clever, he did not approach the website >with the car adds directly. Police found out the add was approached >trough a US anonymizer called SURFOLA.com. SURFOLA.com claims on their >website : >"We will not give out your name, residence address, or e-mail address >to any third parties without your permission, for any reason, at any >time, ever." > >The Utrecht police informed the FBI, and asked for assistance. Within >24 hours, the FBI cracked the case, supplying the Dutch police with >a '@wxs.nl' e-mail address and some paypal.com financial data. >This data led to the 45 year old chip programmer. >After his identity was known, the police ofcourse started surveillance on >him. The 'desert terrorist' was arrested red-handed when he withdrew money >from an ATM using the world-card copy.... > >Greetings, > >Barry Wels. > > >The Cryptography Mailing List >Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com ------------------------------------- You are subscribed as adam at homeport.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- "It is seldom that liberty of any kind is lost all at once." -Hume From s.schear at comcast.net Mon Aug 25 21:54:08 2003 From: s.schear at comcast.net (Steve Schear) Date: Mon, 25 Aug 2003 21:54:08 -0700 Subject: [dave@farber.net: [IP] blackmail / real world stego use] In-Reply-To: <20030826023655.GA89895@lightship.internal.homeport.org> Message-ID: <5.2.1.1.0.20030825214850.042e2ee0@mail.comcast.net> At 10:36 PM 8/25/2003 -0400, you wrote: >To be real clever, he did not approach the website > >with the car adds directly. Police found out the add was approached > >trough a US anonymizer called SURFOLA.com. SURFOLA.com claims on their > >website : > >"We will not give out your name, residence address, or e-mail address > >to any third parties without your permission, for any reason, at any > >time, ever." > > > >The Utrecht police informed the FBI, and asked for assistance. Within > >24 hours, the FBI cracked the case, supplying the Dutch police with > >a '@wxs.nl' e-mail address and some paypal.com financial data. > >This data led to the 45 year old chip programmer. > >After his identity was known, the police ofcourse started surveillance on > >him. The 'desert terrorist' was arrested red-handed when he withdrew money > >from an ATM using the world-card copy.... He should have used a open WiFi hotspot at someone's home in a neighborhood far from his home. steve From s.schear at comcast.net Mon Aug 25 22:11:49 2003 From: s.schear at comcast.net (Steve Schear) Date: Mon, 25 Aug 2003 22:11:49 -0700 Subject: Is it time to kill the JAP backdoor cretins and their families? In-Reply-To: <20030826034752.GB90753@lightship.internal.homeport.org> References: Message-ID: <5.2.1.1.0.20030825221009.042e3c50@mail.comcast.net> At 11:47 PM 8/25/2003 -0400, Adam Shostack wrote: >So, to the question of, is a private company better than a research >lab? Probably. But could a privacte company comprimise its users >without imploding? Probably. The right system is probably something >like Tarzan, running low-latency traffic inside the file trading >cloud. So, has anyone picked up Tarzan and dusted it off? I see an Onion Router, The Next Generation is planned/underway, and I've heard moves are afoot to release the code on sourceforge. steve A foolish Constitutional inconsistency is the hobgoblin of freedom, adored by judges and demagogue statesmen. - Steve Schear From adam at homeport.org Mon Aug 25 19:36:55 2003 From: adam at homeport.org (Adam Shostack) Date: Mon, 25 Aug 2003 22:36:55 -0400 Subject: [dave@farber.net: [IP] blackmail / real world stego use] Message-ID: <20030826023655.GA89895@lightship.internal.homeport.org> ----- Forwarded message from Dave Farber ----- From adam at homeport.org Mon Aug 25 20:47:53 2003 From: adam at homeport.org (Adam Shostack) Date: Mon, 25 Aug 2003 23:47:53 -0400 Subject: Is it time to kill the JAP backdoor cretins and their families? In-Reply-To: References: Message-ID: <20030826034752.GB90753@lightship.internal.homeport.org> On Mon, Aug 25, 2003 at 08:27:20PM -0700, Len Sassaman wrote: | However, even when setting aside the issue that our understanding of the | math involved may be flawed, JAP quickly becomes less appealing choice | once the other factors are considered. | | University / government funded research relies on grants for its | existence. This makes the operators beholden to the source of grant funds. | It also eliminates an economic incentive to put users first. | | Private companies offering privacy/anonymity services are faced with a | direct correlation between revenue and delivery of such services. Should a | company like Anonymizer violate its stated privacy policy and misrepresent | its level of security, as JAP did, the results would be devastating to the | viability of the company. The JAP group, on the other hand, is facing | nothing more than a little bad PR and the loss of some users. (Many of | those 30,000 probably are unaware of the silent compromise of JAP | security). Much as we'd like reputational issues to rule, I think your final parenthetical is important. I would be willing to bet that Lance *could* take FBI money to rat out users without it reaching the userbase. I'd also be willing to bet that Lance *wouldn't,* but that bet would obviously be smaller. So, to the question of, is a private company better than a research lab? Probably. But could a privacte company comprimise its users without imploding? Probably. The right system is probably something like Tarzan, running low-latency traffic inside the file trading cloud. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume From bill.stewart at pobox.com Tue Aug 26 02:23:07 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Tue, 26 Aug 2003 02:23:07 -0700 Subject: "domestic terrorism", fat lazy amerikans & ducks In-Reply-To: References: Message-ID: <5.1.1.6.2.20030826022244.055358d8@idiom.com> At 08:22 PM 08/25/2003 -0400, R. A. Hettinga wrote: >At 4:40 PM -0400 8/25/03, Sunder wrote: > >So what are the bets as to how soon they'll start calling democrats > >terrorists? :) > >Aren't they? > >:-) Nah - who's afraid of Democrats? From ravage at einstein.ssz.com Tue Aug 26 05:29:20 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Tue, 26 Aug 2003 07:29:20 -0500 (CDT) Subject: Guardian Unlimited Books | By genre | Observer review: The Music of the Primes by Marcus du Sautoy (fwd) Message-ID: Suggested reading... http://books.guardian.co.uk/reviews/scienceandnature/0,6121,1028232,00.html -- -- ravage at ssz.com jchoate at open-forge.com www.ssz.com www.open-forge.com From hseaver at cybershamanix.com Tue Aug 26 06:54:51 2003 From: hseaver at cybershamanix.com (Harmon Seaver) Date: Tue, 26 Aug 2003 08:54:51 -0500 Subject: Slashdot | Florida Proposes Taxing Local LANs (fwd) In-Reply-To: References: Message-ID: <20030826135451.GA6632@cybershamanix.com> I don't get it -- exactly what do they think they would be taxing? 9% of what? The bits and bytes that flow thru? The owners already paid a sales tax on the hardware, or is this like a yearly property tax? Bizarre! On Mon, Aug 25, 2003 at 06:35:47PM -0500, Jim Choate wrote: > http://yro.slashdot.org/yro/03/08/25/2248224.shtml?tid=103&tid=98&tid=99 > > -- -- > ravage at ssz.com jchoate at open-forge.com > www.ssz.com www.open-forge.com -- Harmon Seaver CyberShamanix http://www.cybershamanix.com From hseaver at cybershamanix.com Tue Aug 26 08:15:55 2003 From: hseaver at cybershamanix.com (Harmon Seaver) Date: Tue, 26 Aug 2003 10:15:55 -0500 Subject: Slashdot | Florida Proposes Taxing Local LANs (fwd) In-Reply-To: <20030826160747.I55235-100000@localhost> References: <20030826135451.GA6632@cybershamanix.com> <20030826160747.I55235-100000@localhost> Message-ID: <20030826151555.GA6659@cybershamanix.com> On Tue, Aug 26, 2003 at 04:16:32PM +0100, Jim Dixon wrote: > On Tue, 26 Aug 2003, Harmon Seaver wrote: > > > I don't get it -- exactly what do they think they would be taxing? 9% of > > what? The bits and bytes that flow thru? The owners already paid a sales tax > > on the hardware, or is this like a yearly property tax? > > Bizarre! > > A bit tax has been proposed in the European Union several times. The > general idea is to levy a tax on each bit/byte of Internet traffic that > flows through some specified point or set of points. So far the Internet > service providers have successfully lobbied against the tax. > > The US legislators obviously haven't clearly thought through their > proposal yet. But it would be easy enough to, for example, reason > that it costs N cents to push a megabyte down a telephone wire, and > so it would be 'logical' to impose a tax 0.09 * N cents/megabyte. > The LAN is just a way around the telephone wire, right? No, that would be taxing the WAN, not the LAN. Which, BTW, they already do, both fed and state. Not by throughput, per se, but there's a tax on the lines, the T1's or whatever. If they tax the actual LANs, they would either have to mandate a bit meter on each LAN, or, if they are talking about a property type tax --- hmm, that could actually be a GoodThing@ -- think about it, a property tax on the LAN would mean that companies would be reluctant to buy new hardware, and, as their computers aged, they'd naturally migrate to linux to be able to get decent speed out of the ancient cpus. 8-) -- Harmon Seaver CyberShamanix http://www.cybershamanix.com From sunder at sunder.net Tue Aug 26 07:25:47 2003 From: sunder at sunder.net (Sunder) Date: Tue, 26 Aug 2003 10:25:47 -0400 (edt) Subject: "domestic terrorism", fat lazy amerikans & ducks In-Reply-To: <5.1.1.6.2.20030826022244.055358d8@idiom.com> Message-ID: Why the republicans of course. :) --- BEGING Sarcastic Lunatic RANT and RAVE V3.2 ---- Me, I'm "afraid" of the oil companies, they're constantly raising the price of gas, so I'm going to call them "price gouging terrorists." I'd happily switch to another brand, but it seems all them are raising their prices equally. Oh, and the milk terrorists are at it again, adding another $1 to the price of a gallon of milk. And those annoying terrorists that call us during dinner at at it again, the telemarketers... well, actually, I've gotten less and less of these calls recently, but why spoil a good rant (wink, wink) :) Oh, yeah, and those CON-Ed guys are terrorists too, why they threated to raise their prices, or they'll let us experience more black outs (well they didn't, but Bush said so - so he's a terrorist too!) Oh, yeah, and Mayor Bloomberg's a terrorist from the point of view of smokers, and cell phone users who happen to drive. And so is the governor... fuck why isn't Arnold running for Governor of NYC??? Wait, he was, The Terminator - so that means he's a SkyNet Cell Member, and therefore, a terrorist too! And, let's not forget the MTA who recently raised their prices by 30% terrorized all New Yorkers, too... And wait, wait! The fucknuts that did the world trade center were terrorists, and they wore underwear and socks! So anyone who wears underwear or socks is a terrorist!!! Arrest'em all! Fuck it, everyone's a terrorist. Send'em all to GITMO.... :^) ---- END OF RANT -------------------------------- ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------ On Tue, 26 Aug 2003, Bill Stewart wrote: > At 08:22 PM 08/25/2003 -0400, R. A. Hettinga wrote: > >At 4:40 PM -0400 8/25/03, Sunder wrote: > > >So what are the bets as to how soon they'll start calling democrats > > >terrorists? :) > > > >Aren't they? > > > >:-) > > Nah - who's afraid of Democrats? From s.schear at comcast.net Tue Aug 26 10:29:57 2003 From: s.schear at comcast.net (Steve Schear) Date: Tue, 26 Aug 2003 10:29:57 -0700 Subject: Some new problems uncovered for short latency mixes In-Reply-To: <200308230738.h7N7cLX9019959@new.toad.com> References: <3.0.5.32.20030822070719.01925b80@mailbox.jf.intel.com> Message-ID: <5.2.1.1.0.20030826101732.03ffb548@mail.comcast.net> Probabilistic Analysis of Anonymity by Vitaly Shmatikov Abstract: We present a formal analysis technique for probabilistic security properties of peer-to-peer communication systems based on random message routing among members. The behavior of group members and the adversary is modeled as a discrete-time Markov chain, and security properties are expressed as PCTL formulas. To illustrate feasibility of the approach, we model the Crowds system for anonymous Web browsing, and use a probabilistic model checker, PRISM, to perform automated analysis of the system... http://citeseer.nj.nec.com/shmatikov02probabilistic.html "...for every complex problem, there is a solution that is simple, neat, and wrong." -- H.L. Mencken From s.schear at comcast.net Tue Aug 26 10:33:21 2003 From: s.schear at comcast.net (Steve Schear) Date: Tue, 26 Aug 2003 10:33:21 -0700 Subject: "domestic terrorism", fat lazy amerikans & ducks In-Reply-To: Message-ID: <5.2.1.1.0.20030826103036.04001278@mail.comcast.net> At 01:11 PM 8/26/2003 -0400, Tyler Durden wrote: >So... >how many people does one have to terrorize in order to be a terrorist? > >PS: Anyone else getting tired of the term "terror"? Back when we all hated >Osama bin Laden (remember that guy?) Osama was promoted from "Terrorist" >to "terror mastermind" to "lord of terror" and so on. I'm sick of being >told I'm some sniveling lil' bitch that needs protecting. Right now I am 3 >blocks from the "Hole of Death" and if I stand up and look out that window >I can see what will likely be the next "ground zero", but I'm not scared >per se (granted, it would SUCK to die in a giant pile of collapsing rubble >or crashing-and-bleeding due to a dirty bomb). > >Can't we just call the "terrorists" our "enemies" like back in the good >old days? How about calling them "asyms", for Asymmetrical Warriors? This is in keeping with the U.S. military nomenclature for them. steve "[I]t is the leaders of the country who determine the policy and it is always a simple matter to drag the people along, whether it is a democracy, or a fascist dictatorship, or a parliament, or a communist dictatorship. Voice or no voice, the people can always be brought to the bidding of the leaders. That is easy. All you have to do is tell them they are being attacked, and denounce the peacemakers for lack of patriotism and exposing the country to danger. It works the same in any country." --Reichsmarschall Hermann Goering From mv at cdc.gov Tue Aug 26 11:18:12 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Tue, 26 Aug 2003 11:18:12 -0700 Subject: "domestic terrorism", fat lazy amerikans & ducks Message-ID: <3F4BA464.5170753@cdc.gov> At 01:11 PM 8/26/03 -0400, Tyler Durden wrote: >PS: Anyone else getting tired of the term "terror"? Back when we all hated You're out of the loop. Here's how you play the propoganda drinking game: You and a friend get a bottle of and watch a Bush speech. *You* drink whenever he says "terror"; *she* drinks whenever he says "freedom". If he says "warlord", "constitution", "regime" or "WoMD" you both drink. If he says "occupation", "election", "oil" or "Quisling" you skip a drink. If he mentions "viet nam" or "guerilla" you take 2 drinks. Whoever is left standing gets to clean up. From sunder at sunder.net Tue Aug 26 08:29:32 2003 From: sunder at sunder.net (Sunder) Date: Tue, 26 Aug 2003 11:29:32 -0400 (edt) Subject: Slashdot | Florida Proposes Taxing Local LANs (fwd) In-Reply-To: <20030826135451.GA6632@cybershamanix.com> Message-ID: Yes, they'll tax 9% of the packets. This means that out of 100 packets, only 91 of them will go to other hosts, the other 9 packets must be routed to the FL tax board in the form of ICMP ECHO requests. However, be advised that if you have ever lived or thought about living in Florida, this tax applies to you, so you should set your networking devices to behave accordingly. This tax applies to you, even if you live abroad. OB DISCLAIMER: This is also known in some unsavory circles as a DDoS. :^) If you actually do this, expect a visit from the Men in Black, with names such as Agent Smith, who unlike me, have no sense of humor. (I think I've had a bit too much caffeine this morning... heh...) ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------ On Tue, 26 Aug 2003, Harmon Seaver wrote: > I don't get it -- exactly what do they think they would be taxing? 9% of > what? The bits and bytes that flow thru? The owners already paid a sales tax > on the hardware, or is this like a yearly property tax? > Bizarre! > > On Mon, Aug 25, 2003 at 06:35:47PM -0500, Jim Choate wrote: > > http://yro.slashdot.org/yro/03/08/25/2248224.shtml?tid=103&tid=98&tid=99 From rah at shipwright.com Tue Aug 26 09:02:14 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 26 Aug 2003 12:02:14 -0400 Subject: "domestic terrorism", fat lazy amerikans & ducks In-Reply-To: References: Message-ID: At 10:25 AM -0400 8/26/03, Sunder wrote: >I'm "afraid" of the oil companies Ah. You're afraid of markets. That makes you a socialist. *You*'re a terrorist, Sunder. ;-) Cheers, RAH -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From sunder at sunder.net Tue Aug 26 09:40:59 2003 From: sunder at sunder.net (Sunder) Date: Tue, 26 Aug 2003 12:40:59 -0400 (edt) Subject: "domestic terrorism", fat lazy amerikans & ducks In-Reply-To: Message-ID: >From the "If she weighs as much as a duck, she's a witch" department: You're accusing me, of being a socialist, therefore you are not with me, so you're against me, therefore you're on the side of the terrorists, therefore, you are a terrorist. :^) ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------ On Tue, 26 Aug 2003, R. A. Hettinga wrote: > At 10:25 AM -0400 8/26/03, Sunder wrote: > >I'm "afraid" of the oil companies > > Ah. You're afraid of markets. That makes you a socialist. > > *You*'re a terrorist, Sunder. > > ;-) From jya at pipeline.com Tue Aug 26 12:45:55 2003 From: jya at pipeline.com (John Young) Date: Tue, 26 Aug 2003 12:45:55 -0700 Subject: "domestic terrorism", fat lazy amerikans & ducks In-Reply-To: References: Message-ID: Nonshit, Robert, Ray's an organ-eating anarchist not a vapid tea-sip socialist. A while back Ray yanked a capitalist apologist's lawyer's cold dead dried nut heart from behind a Kevlar diamond-studded vest and lipped and tongued it like a lady's freeze-dried private then swallowed it whole, burping at the lawyer never missing a syllable in a diatribe against outlaws, yodeling in Harvard Law speak that cyber jesse james are the worst evil in the marketplace for riggers of such places. No difference between a socialist and a capitalist, barks the enemy of both sides of the same schema to rape the poor and credulous, to feather the leaders' nest with yuk-yuk a sucker every day. Commies, now there's a diversion fabricated in the propaganda mills by ideological word-toolers of capitalists and socialists, heeding the marketplace rule 1: concoct a worse evil to send the pack howling at phantasms while draining their savings, cutting back their jobs, sending their sons off to slaughter pens, or, to put it more vulgarly, the free hand of the market lifting wallets and crushnig lives while the media-mesmerized yokels stare bug-eyed shitless at angels and devils paraded from pulpits to chickenhawk feeding lots. No difference between capitalists, socialists and organized religion. Creepy, how these fundamentalists yarp and predate, blaming their victims, citing chapter and verse why those who got it deserve it, QED. Then philosophers who gloss the way things are as if nothing can be done about. Then there're mean anarchists, who Ray is one of, not the house-broken kind perfuming the fould feathered nests with mild wordy, wordy dissent as if an SEC regulator, or more recently, promoter of the public paying for new power grids. Markets suck, that's what makes them so appealing to bloodsuckers of addled customers, and moreso to vulture investors. From adam at homeport.org Tue Aug 26 10:07:42 2003 From: adam at homeport.org (Adam Shostack) Date: Tue, 26 Aug 2003 13:07:42 -0400 Subject: "domestic terrorism", fat lazy amerikans & ducks In-Reply-To: References: Message-ID: <20030826170742.GA3028@lightship.internal.homeport.org> John, you write like a Republican speechwriter on a bad trip. On Tue, Aug 26, 2003 at 12:45:55PM -0700, John Young wrote: | Nonshit, Robert, Ray's an organ-eating anarchist not a | vapid tea-sip socialist. A while back Ray yanked a | capitalist apologist's lawyer's cold dead dried nut heart | from behind a Kevlar diamond-studded vest and lipped | and tongued it like a lady's freeze-dried private then | swallowed it whole, burping at the lawyer never missing a | syllable in a diatribe against outlaws, yodeling in Harvard | Law speak that cyber jesse james are the worst evil in | the marketplace for riggers of such places. From camera_lumina at hotmail.com Tue Aug 26 10:11:06 2003 From: camera_lumina at hotmail.com (Tyler Durden) Date: Tue, 26 Aug 2003 13:11:06 -0400 Subject: "domestic terrorism", fat lazy amerikans & ducks Message-ID: So... how many people does one have to terrorize in order to be a terrorist? PS: Anyone else getting tired of the term "terror"? Back when we all hated Osama bin Laden (remember that guy?) Osama was promoted from "Terrorist" to "terror mastermind" to "lord of terror" and so on. I'm sick of being told I'm some sniveling lil' bitch that needs protecting. Right now I am 3 blocks from the "Hole of Death" and if I stand up and look out that window I can see what will likely be the next "ground zero", but I'm not scared per se (granted, it would SUCK to die in a giant pile of collapsing rubble or crashing-and-bleeding due to a dirty bomb). Can't we just call the "terrorists" our "enemies" like back in the good old days? -TD >From: "R. A. Hettinga" >To: Sunder , Bill Stewart >CC: cypherpunks at lne.com >Subject: Re: "domestic terrorism", fat lazy amerikans & ducks >Date: Tue, 26 Aug 2003 12:02:14 -0400 > >At 10:25 AM -0400 8/26/03, Sunder wrote: > >I'm "afraid" of the oil companies > >Ah. You're afraid of markets. That makes you a socialist. > >*You*'re a terrorist, Sunder. > >;-) > >Cheers, >RAH > >-- >----------------- >R. A. Hettinga >The Internet Bearer Underwriting Corporation >44 Farquhar Street, Boston, MA 02131 USA >"... however it may deserve respect for its usefulness and antiquity, >[predicting the end of the world] has not been found agreeable to >experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _________________________________________________________________ Get MSN 8 and help protect your children with advanced parental controls. http://join.msn.com/?page=features/parental From rah at shipwright.com Tue Aug 26 12:34:18 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 26 Aug 2003 15:34:18 -0400 Subject: [johnmacsgroup] Follow up to German Anonymizer no longer anonymous Message-ID: --- begin forwarded text From rah at shipwright.com Tue Aug 26 12:48:56 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 26 Aug 2003 15:48:56 -0400 Subject: "domestic terrorism", fat lazy amerikans & ducks In-Reply-To: <20030826170742.GA3028@lightship.internal.homeport.org> References: <20030826170742.GA3028@lightship.internal.homeport.org> Message-ID: At 1:07 PM -0400 8/26/03, Adam Shostack wrote: >John, you write like a Republican speechwriter on a bad trip. Give him *all* of Ben Stein's money... :-). But then, later on, he says this... On Tue, Aug 26, 2003 at 12:45:55PM -0700, John Young wrote: >Markets suck, that's what makes them so appealing to >bloodsuckers of addled customers, and moreso to >vulture investors. I'm sooo confused... Cheers, RAH -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From jdd at dixons.org Tue Aug 26 08:16:32 2003 From: jdd at dixons.org (Jim Dixon) Date: Tue, 26 Aug 2003 16:16:32 +0100 (BST) Subject: Slashdot | Florida Proposes Taxing Local LANs (fwd) In-Reply-To: <20030826135451.GA6632@cybershamanix.com> Message-ID: <20030826160747.I55235-100000@localhost> On Tue, 26 Aug 2003, Harmon Seaver wrote: > I don't get it -- exactly what do they think they would be taxing? 9% of > what? The bits and bytes that flow thru? The owners already paid a sales tax > on the hardware, or is this like a yearly property tax? > Bizarre! A bit tax has been proposed in the European Union several times. The general idea is to levy a tax on each bit/byte of Internet traffic that flows through some specified point or set of points. So far the Internet service providers have successfully lobbied against the tax. The US legislators obviously haven't clearly thought through their proposal yet. But it would be easy enough to, for example, reason that it costs N cents to push a megabyte down a telephone wire, and so it would be 'logical' to impose a tax 0.09 * N cents/megabyte. The LAN is just a way around the telephone wire, right? > On Mon, Aug 25, 2003 at 06:35:47PM -0500, Jim Choate wrote: > > http://yro.slashdot.org/yro/03/08/25/2248224.shtml?tid=103&tid=98&tid=99 -- Jim Dixon jdd at dixons.org tel +44 117 982 0786 mobile +44 797 373 7881 From sfurlong at acmenet.net Tue Aug 26 14:13:33 2003 From: sfurlong at acmenet.net (Steve Furlong) Date: Tue, 26 Aug 2003 17:13:33 -0400 Subject: "domestic terrorism", fat lazy amerikans & ducks In-Reply-To: <5.1.1.6.2.20030826022244.055358d8@idiom.com> References: <5.1.1.6.2.20030826022244.055358d8@idiom.com> Message-ID: <200308261713.33375.sfurlong@acmenet.net> On Tuesday 26 August 2003 05:23, Bill Stewart wrote: > Nah - who's afraid of Democrats? Branch Davidians, perhaps. Elian Gonzales's Florida relatives. Dems themselves tend to be pathetic wankers, but you gotta admit they're adept at using the state's monopoly power on force. -- Steve Furlong Computer Condottiere Have GNU, Will Travel "If someone is so fearful that, that they're going to start using their weapons to protect their rights, makes me very nervous that these people have these weapons at all!" -- Rep. Henry Waxman From sunder at sunder.net Tue Aug 26 14:20:33 2003 From: sunder at sunder.net (Sunder) Date: Tue, 26 Aug 2003 17:20:33 -0400 (edt) Subject: "domestic terrorism", fat lazy amerikans & ducks In-Reply-To: Message-ID: I caught some of that... I think he means suck in the blowjob sense... i.e. a good form of suck... the same it's desirable to have an S.O that does suck. :^) ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------ On Tue, 26 Aug 2003, R. A. Hettinga wrote: > Give him *all* of Ben Stein's money... > > :-). > > But then, later on, he says this... > > On Tue, Aug 26, 2003 at 12:45:55PM -0700, John Young wrote: > >Markets suck, that's what makes them so appealing to > >bloodsuckers of addled customers, and moreso to > >vulture investors. > > I'm sooo confused... From twister at stop1984.info Tue Aug 26 10:03:54 2003 From: twister at stop1984.info (Twister (Bettina Jodda)) Date: Tue, 26 Aug 2003 19:03:54 +0200 Subject: [johnmacsgroup] Follow up to German Anonymizer no longer anonymous Message-ID: Hello all :-) I thought this might be interesting: The anonymization service AN.ON, also known as JAP, is no more anonymous. The German crime prosecution organization BKA is logging access to at least one IP address. Obviously not all of the so called Mixes are coverd by the surveillance. No matter if the Mix is being observed or not JAP users easily can hide their real Internet IP by using a SSL Proxy. This is possible because the JAP Client does not transfer any IP addresses to the Mix. So the first Mix just knows the proxy's IP but not the client's IP. If the proxy does not log anything, or at least the BKA cannot access the system, the user can be called anonymous. Therefore, German pro privacy group STOP1984 made up a list of 73 public proxies which are known to be compatible to JAP. To use a proxy you must change JAP's configuration as described on: http://stop1984.com/index.php?lang=en&text=japstop.txt "Though we are very much aware of the explainations the developpers of JAP gave for their measures, we do not agree in the idea of an anonymizer being used for surveillance. Privacy, especially in times when it is so easy to grab data and personal information, should be essential and a service providing this privacy should not be forced into tricking their customers into thinking they are private when they are not." says Twister of STOP1984. "We want to help people to re-gain their privacy by using JAP." Twister ------------------------ Yahoo! Groups Sponsor ---------------------~--> Buy Ink Cartridges or Refill Kits for Your HP, Epson, Canon or Lexmark Printer at Myinks.com. Free s/h on orders $50 or more to the US & Canada. http://www.c1tracking.com/l.asp?cid=5511 http://us.click.yahoo.com/l.m7sD/LIdGAA/qnsNAA/XgSolB/TM ---------------------------------------------------------------------~-> To unsubscribe from this group, send an email to: johnmacsgroup-unsubscribe at yahoogroups.com Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Tue Aug 26 16:27:21 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 26 Aug 2003 19:27:21 -0400 Subject: Will tax-dodging dentists fill growth gap? Message-ID: The Times August 27, 2003 European Briefing Will tax-dodging dentists fill growth gap? By Carl Mortished HOW do you catch a Belgian dentist? This is not a silly joke, but a question for the Belgian parliament, which is debating a tax amnesty Bill. By 2005 an EU directive will impose an obligation on the EU`s bankers to disclose details of foreign bank accounts to other EU tax authorities. With internal EU capital flight coming to an end, Belgium is seizing its chance to grab an estimated g160 billion (#110 billion) that is thought to be stashed by its famous 14dentists12 in Luxembourg and elsewhere. The Belgian 14dentists12, afficionados of untraceable bearer bonds and offshore accounts free of withholding taxes, are to be tempted back with a pardon and a penalty. Success could bring the financially challenged treasury an estimated g500 million. There is even talk of a boost to Belgian equity markets if the dentists are persuaded to invest in stocks in exchange for lower fines. The problem is fixing the level of the fine. Too high and the tax-dodgers will turn up their noses; too low and it becomes morally indefensible and could be politically embarrassing. But the lure of billions of euros has created a momentum and there is a model that is exciting the imitators. The Italian Government just avoided breaching the eurozone`s 3 per cent public deficit rule because of g8 billion of exceptional income courtesy of Italy`s returning tax cheats. Vast sums of money, held in Swiss banks, were repatriated. Germany also has a Bill in hand. Gerhard Schr\der, the Chancellor, believes that his countrymen have secreted g100 billion abroad and he hopes the delightfully named 14Act for the Promotion of Tax Honesty12 will encourage the repatriation of much of this money to the benefit of the German state and the Frankfurt b\rse. If it succeeds, and France follows the trend, the recycling of hundreds of billions of euros could be a welcome stimulus to the eurozone economy. Belgian tax experts suggest that the fiscally shy Belgian 14dentists12 will take the bait, not least because a new generation wants the cash. The original capital, hoarded by professionals, is now being inherited by children who get no pleasure from watching interest accrue in a Luxembourg private bank. In the end, there is something grubby about a tax amnesty. Tax law is rigid and subject to very narrow interpretation. You pay exactly what the law says you owe, not a penny more, nor a penny less. There is no overriding political objective here. Forget to pay and you will be charged interest. Hide your income and you go to jail. But find a loophole and you are free to exploit it. How then does an amnesty promote honesty? It does not, but rather promotes contempt of the taxman, who is increasingly seen not as a law enforcer, but as a manager of a government profit centre. The solution, of course, is for the state to reduce its tithe and offer no incentive to cheats. Low taxes mean never having to say you are sorry. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Tue Aug 26 19:21:04 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Tue, 26 Aug 2003 22:21:04 -0400 Subject: Ebonics version of the Lord's Prayer. No. Really. Message-ID: Evidently, there are 1221 different versions besides this one. Cthulhu help us all... Cheers, RAH ------- EBONICS A slang dialect used by certain groups of the African-American community. Yo, Big Daddy upstairs, You be chillin So be yo hood You be sayin' it, I be doin' it In this here hood and yo's Gimme some eats And cut me some slack, Blood Sos I be doin' it to dem dat diss me Don't be pushing me into no jive Ang keep dem crips away Cause you always be da man, G Straight up. Aa-men. Contributed by Wolfgang Kuhl - E-mail WKuhl44238 at aol.com SECTION INDEX CONVENT OF PATER NOSTER CHRISTUS REX ) Copyright Christus Rex, Inc. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From bill.stewart at pobox.com Wed Aug 27 00:06:27 2003 From: bill.stewart at pobox.com (Bill Stewart) Date: Wed, 27 Aug 2003 00:06:27 -0700 Subject: Slashdot | Florida Proposes Taxing Local LANs (fwd) In-Reply-To: <20030826135451.GA6632@cybershamanix.com> References: Message-ID: <5.1.1.6.2.20030826234459.0519a7c0@idiom.com> At 08:54 AM 08/26/2003 -0500, Harmon Seaver wrote: > I don't get it -- exactly what do they think they would be taxing? >9% of what? The bits and bytes that flow thru? >The owners already paid a sales tax on the hardware, >or is this like a yearly property tax? >Bizarre! The standard joke about how you tell a computer salesman from a used car salesman is that the car salesman knows when he's lying. These incompetents like taxing things, but if they don't know what they technology is about, they *really* *really* shouldn't propose special taxes on it until they know how to count the objects they want to tax. A LAN isn't just hardware (which as you say the purchasers buy sales tax on), it's also the labor involved in installing it (which they've already charged income tax on, if it was explicitly paid for) and the labor involved in operating it (which also gets income tax collected on it.) And the prices of any of the hardware except the wire keeps dropping rapidly. In the last 15 years, we've gone from $2000 1-megabit 1baseT hubs to $20 100-meg hubs, and $1500 VAX and VME cards to $59 GigE cards and $5 100baseT cards. And how do you count the interface cards that are built in to most PCs these days? And does Wireless count as a LAN? And if it does, can you add a directional antenna and make it a WAN to avoid the tax? And is this only for LANs in businesses? Or also for LANs at home? Or is this really an excuse for the LAN Tax Police to go around with scanners trying to detect people who didn't register their LANs when they were buying that Cat5 cable at the grocery store, the way the BBC Police used to go hunting for Brits who hadn't paid their television taxes? (Probably not - this seems like a clear case of incompetence rather than malice - but it *is* the state where Jeb Bush is governor.) From decoy at iki.fi Tue Aug 26 14:25:58 2003 From: decoy at iki.fi (Sampo Syreeni) Date: Wed, 27 Aug 2003 00:25:58 +0300 (EEST) Subject: "domestic terrorism", fat lazy amerikans & ducks In-Reply-To: <3F4A380F.FB20A1A@cdc.gov> References: <3F4A380F.FB20A1A@cdc.gov> Message-ID: On 2003-08-25, Major Variola (ret.) uttered: >As expected, animal and environmental activists are now being called >terrorists. In many cases, that's an exaggeration. In some, it isn't. Animal rights activists don't normally resort to the kinds of violence, say, anti-abortionists do, but they do systematically disrupt certain sectors of peaceful commerce, like the fur industry. That sort of terror is focused enough not to cause the wider public to react, but it does hurt you very, very badly if you've pegged your livelihood to said industry. At least around these parts some people have actually met personal bankruptcy because of the interference. Few sane people would go with the current anti-terrorism legislation, even when it's meant to counter real terror. Personally I'd rather see some anti-gun use legislation rolled back, so that you could teach your friendly ALF representative a lesson if he's dumb enough to meddle with your foxhouse. -- Sampo Syreeni, aka decoy - mailto:decoy at iki.fi, tel:+358-50-5756111 student/math+cs/helsinki university, http://www.iki.fi/~decoy/front openpgp: 050985C2/025E D175 ABE5 027C 9494 EEB0 E090 8BA9 0509 85C2 From ravage at einstein.ssz.com Wed Aug 27 05:52:38 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Wed, 27 Aug 2003 07:52:38 -0500 (CDT) Subject: The Register - Why Sobig is bad for privacy and AV vendors (fwd) Message-ID: http://www.theregister.co.uk/content/56/32510.html -- -- ravage at ssz.com jchoate at open-forge.com www.ssz.com www.open-forge.com From ravage at einstein.ssz.com Wed Aug 27 05:53:09 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Wed, 27 Aug 2003 07:53:09 -0500 (CDT) Subject: The Register - China to form anti-spam task force (fwd) Message-ID: http://www.theregister.co.uk/content/6/32504.html -- -- ravage at ssz.com jchoate at open-forge.com www.ssz.com www.open-forge.com From ravage at einstein.ssz.com Wed Aug 27 05:54:19 2003 From: ravage at einstein.ssz.com (Jim Choate) Date: Wed, 27 Aug 2003 07:54:19 -0500 (CDT) Subject: US Republican Party outsources fund raising to India (fwd) Message-ID: http://www.theinquirer.net/?article=11219 -- -- ravage at ssz.com jchoate at open-forge.com www.ssz.com www.open-forge.com From ericm at lne.com Wed Aug 27 08:52:31 2003 From: ericm at lne.com (Eric Murray) Date: Wed, 27 Aug 2003 08:52:31 -0700 Subject: spam blacklists and lne CDR Message-ID: <20030827085231.B17231@slack.lne.com> Hi. The last couple days I've gotten a lot of mail bounces from cpunks subscribers who are blocking lne.com because it's on the osirusoft spam "blacklist". There is no way to get off this list; in fact the site appears to be down. Lne.com doesn't send spam; I don't know why we are on this list. My guess is that it's becase we're listed on a couple other "extreme" blacklists that blacklist entire networks that are owned by ISPs that the list operator does not like. If you or your ISP uses this blacklist, I have no choice but to drop you from the lne cdr lest my mailbox drown in reject messages. I have mixed feelings about blacklists-- I've had to implement one here so we didn't drown in spam and it seems to work reasonably well. But lists that 1) don't let you get off and 2) list sites to pressure them to change ISPs don't get much respect from me, and neither do the ISPs that blindly use them. Eric From camera_lumina at hotmail.com Wed Aug 27 06:38:06 2003 From: camera_lumina at hotmail.com (Tyler Durden) Date: Wed, 27 Aug 2003 09:38:06 -0400 Subject: P2P Run out of Palestinian refugee camp Message-ID: Interesting story. They're even streaming Terminator3 from their servers, which are also supposedly located in the refugee camp. http://msn.com.com/2100-1105_2-5063402.html?part=msn&subj=ns&tag=nl -TD PS: Saw a Muslim woman walking down Wall Street this morning, wearing a Che Guevara t-shirt! _________________________________________________________________ MSN 8: Get 6 months for $9.95/month http://join.msn.com/?page=dept/dialup From mv at cdc.gov Wed Aug 27 09:48:13 2003 From: mv at cdc.gov (Major Variola (ret.)) Date: Wed, 27 Aug 2003 09:48:13 -0700 Subject: earthstation 5 Message-ID: <3F4CE0CC.5EFAA72C@cdc.gov> >>Ras says that once the privacy features are fully utilized by the end-use then no one in the world can figure out who you are.<< Right. And I bet you can get a good deal on a Hamas leader's used cell-phone... >>Despite what Ras might say about ES5, there is a large element in the P2P community that question the claims made by Ras. Some even go as far as to suggest conspiracy theories about the reason for ES5's existence. Ras's view is that he understands why people may view a middle eastern company in this light, given the current political climate in that area, but was obviously quick to dismiss any hidden motive. << "Trust us" If you wanted to plant a trojan on a lot of machines, wouldn't free movies be a great way to do so? They could open source their code, and still have a biz model, since they run central servers (until the MPAA DoS's them). Either they are naif, or they are clever and exploiting others naivite ------ "A person may act psychotic to 'protect' himself from the conscious awareness that he really is psychotic" ---Charles V Ford, MD CNS News Aug 2003 p 51 From article at mises.org Wed Aug 27 07:58:40 2003 From: article at mises.org (Mises Daily Article) Date: Wed, 27 Aug 2003 09:58:40 -0500 Subject: Costs of the Surveillance State Message-ID: http://www.mises.org/fullstory.asp?control=1300 Costs of the Surveillance State by Erich Mattei [Posted August 27, 2003] Police departments around the nation have begun utilizing high-tech video surveillance in their fight against crime, as the private sector has for many years. Officials in New Orleans recently announced that by October the city plans to have installed 100 of these surveillance cameras within its limits. The plan, which will eventually see the installation of 1,000 cameras throughout the city, is part of an effort to further combat crime in certain "hot spots."[1] New Orleans Police Department spokesman Sgt. Paul Accardo said that in July alone suspects in two separate slayings were captured thanks to the footage caught on surveillance. The city is now one of more than a dozen cities around the nation that are using surveillance to deter crime and identify criminals. The implementation of public video surveillance is a direct result of the inefficiencies of state law enforcement. As a result, instead of loosening regulations and allowing individuals to purchase protection for themselves from private agencies, the state is attempting to account for its own incompetence. (This issue has followed the same path as the evolution of the housing crisis of past decades, whereby state imposed rent control and standards created a shortage of affordable housing, which the state attempted to account for with the creation of subsidized housing.[2]) Of the many absurd features of the adoption of public video surveillance, there are three notable injustices that will arise. First, how will government decide where the cameras will be placed? Obviously the purpose of the tactic is to aid the ineffectual law enforcement in high crime areas, but whose property will be in the eye of the lens? Clearly, this is just another instance of subsidization, some benefit at the expense of others. Secondly, which of the state's personnel will view the footage and judge how such footage can be used? Further, who is to determine the legitimacy or conclusiveness of evidence caught on tape? Could someone smoking a cigarette be accused of smoking dope, or could someone sipping a milkshake in their car be accused of drinking and driving? Finally, who or what will set limits on the usage of the cameras? When will usage go too far? What ludicrous, illegitimate new laws condemning victimless crimes will be passed for individuals to uphold once personal activities on private property have been publicized? These chief issues surrounding the implementation of public surveillance merely scratch the surface into what such measures would certainly bring about. Although it is difficult for many to admit, public law enforcement is characterized by the same traits that are exhibited in all government provided goods and services. Likewise, the recent trend within the sector provides a perfect example of the injustices and inefficiencies of such programs. Analysis of the current crime situation plaguing cities around the nation reveals the irony of state-run defense. By monopolizing law enforcement, the state has taken up the responsibility of protecting everyone within its borders, and the certain failures guaranteed by such measures have manifested themselves. A primary reason for these shortcomings is the shortage of law enforcement services. In providing a "free" service[3] such as police and courts, the state has essentially fixed the price of protection below the market price thus setting the demand for such services far beyond supply. Additionally, in regulating private police and security agencies to the point where an array of justified measures have been simply outlawed, the state is the only source of legal defense. Being that individuals seeking defense have no other legal means of protection than the state, what incentive does the state have to operate efficiently? Since the service is already funded by the taxes, and individuals cannot patronize another defender, the state can thoughtlessly surf its monopoly wave. What, then, is the most efficient, just solution? As is the case with every good and service that constitute the economy, freedom. Unregulated markets are characterized by the tendency of resources to move toward their most efficient, most demanded uses; hence defense services would naturally shift to traditionally high-crime areas, creating competition and overall lower prices. Free market law enforcement would operate as insurance does, save for the current regulations on that industry. Individuals would purchase defense services, if they so desired, on a subscription basis paying premiums as stipulated in contract. Different levels of coverage would exist so as to best satisfy the demands of the consumer. Through competition, inefficient and corrupt bandit agencies, like some current police forces around the nation, would undoubtedly find themselves bankrupt as the proficient, just agencies best satisfy individuals' needs. It would be likely that group services would become widespread whereby individuals living in the same community would pool their funds to purchase defense for the group as a whole. Likewise, if individuals felt as though they could defend themselves, without aid, the option is theirs. No one can deny the fact that public law enforcement falls short of being a success. However, many believe that the solution is giving more entitlement to the state to allocate funds for improvements, such as the installation of surveillance cameras. Society has come to allow government too much clout, entrusting it with too many responsibilities, granting it an abundance of control. When individuals face tribulations or the status of the economy is in shambles, people see the state as the source of salvation instead of the source of the problem. Erich Mattei is an economics major at Loyola University of New Orleans. ehmattei at loyno.edu. See his archive. [1] The Times-Picayune. Saturday, August 9, 2003. A1, A7. [2] See Block, Walter, & Edgar Olsen. Rent Control: Myths and Realities. The Fraser Institute. Vancouver, British Columbia: 1981. [3] Obviously these services are not free being that they are funded by plunder, i.e. taxes. See Rothbard, Murray. Power and Market. 2nd Edition. Sheed Andrews and McMeel, Inc. Kansas City: 1977. 1734. [Print Friendly Page] Mises Email List Services Join the Mises Institute Mises.org Store Home | About | Email List | Search | Contact Us | Periodicals | Articles | Games & Fun News | Resources | Catalog | Contributions | Freedom Calendar You are subscribed as: rahettinga at earthlink.net To unsubscribe, click here: http://mises.biglist.com/unsub.php/article/rahettinga at earthlink.net or e-mail: article-unsubscribe-rahettinga=earthlink.net at mises.biglist.com --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From sunder at sunder.net Wed Aug 27 07:29:35 2003 From: sunder at sunder.net (Sunder) Date: Wed, 27 Aug 2003 10:29:35 -0400 (edt) Subject: [cta@hcsin.net: Re: CNN: 'Explores Possibility that Power Outage is Related to Internet Worm'] In-Reply-To: <3F4CAA78.7060605@algroup.co.uk> Message-ID: Indeed: http://www.villagevoice.com/issues/0334/barrett.php http://www.villagevoice.com/issues/0334/mondo1.php http://www.villagevoice.com/issues/0334/cotts.php ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD. \|/ + v + : The look on Sadam's face - priceless! --------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------ On Wed, 27 Aug 2003, Ben Laurie wrote: > Yeah, ridiculous. So who remembers what caused the last major power > outage in NY? (Hint: it wasn't _one_ lightning strike). From ben at algroup.co.uk Wed Aug 27 05:56:24 2003 From: ben at algroup.co.uk (Ben Laurie) Date: Wed, 27 Aug 2003 13:56:24 +0100 Subject: [cta@hcsin.net: Re: CNN: 'Explores Possibility that Power Outage is Related to Internet Worm'] In-Reply-To: <20030815131525.A25566@slack.lne.com> References: <20030815131525.A25566@slack.lne.com> Message-ID: <3F4CAA78.7060605@algroup.co.uk> Eric Murray wrote: > Food for thought and grounds for further research: > > ----- Forwarded message from "Bernie, CTA" ----- > > Mailing-List: contact bugtraq-help at securityfocus.com; run by ezmlm > Precedence: bulk > List-Id: > List-Post: > List-Help: > List-Unsubscribe: > List-Subscribe: > Delivered-To: mailing list bugtraq at securityfocus.com > Delivered-To: moderator for bugtraq at securityfocus.com > From: "Bernie, CTA" > Organization: HCSIN > To: bugtraq at securityfocus.com > Date: Fri, 15 Aug 2003 14:09:12 -0400 > Subject: Re: CNN: 'Explores Possibility that Power Outage is Related to Internet Worm' > Priority: normal > In-reply-to: <1a6301c362b2$03178680$6401a8c0 at satan> > X-mailer: Pegasus Mail for Windows (v4.11) > > It is ridiculous to accept that a lightning strike could knock > out the grid, or the transmission system is over stressed. There > are many redundant fault, limit and Voltage-Surge Protection > safeguards and related instrumentation and switchgear installed > at the distribution centers and sub stations along the Power > Grid that would have tripped to prevent or otherwise divert such > a major outage. Yeah, ridiculous. So who remembers what caused the last major power outage in NY? (Hint: it wasn't _one_ lightning strike). -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff From thecrypto at thecrypto.org Wed Aug 27 14:31:00 2003 From: thecrypto at thecrypto.org (TheCrypto) Date: Wed, 27 Aug 2003 14:31:00 -0700 Subject: spam blacklists and lne CDR In-Reply-To: <20030827085231.B17231@slack.lne.com> References: <20030827085231.B17231@slack.lne.com> Message-ID: <20030827213100.GB2910@localhost> Hit wrong button in Mutt so resending to whole list now Osirusoft blacklisted the world. They are shutting down and sent out a message to blacklist everyone. Slashdot Article: http://slashdot.org/article.pl?sid=03/08/27/0214238&mode=thread&tid=111&tid=126 -- TheCrypto E-Mail: thecrypto at thecrypto.org || A quote should really go here. Website: http://www.thecrypto.org || However, I could not find one. IIP Nick: TheCrypto AIM: HackerDragon128 || So now you are quoteless...... Fingerprint: E82B 0D92 258B 32A6 87A6 5823 2A00 35CC 38F6 F19A KeyID: 38F6F19A From roy at rant-central.com Wed Aug 27 15:39:28 2003 From: roy at rant-central.com (Roy M. Silvernail) Date: Wed, 27 Aug 2003 18:39:28 -0400 Subject: spam blacklists and lne CDR In-Reply-To: <20030827085231.B17231@slack.lne.com> References: <20030827085231.B17231@slack.lne.com> Message-ID: <200308271839.28406.roy@rant-central.com> On Wednesday 27 August 2003 11:52, Eric Murray wrote: > Hi. The last couple days I've gotten a lot of mail bounces from cpunks > subscribers who are blocking lne.com because it's on the osirusoft spam > "blacklist". There is no way to get off this list; in fact the site > appears to be down. Down, indeed. In fact, it's gone. http://slashdot.org/article.pl?sid=03/08/27/0214238&mode=nested&tid=111&tid=126 This caused me to have to polish my SpamAssassin rules a bit to remove the Osirusoft contribution to scoring. Gotta love email. Monday, I had to add an alternate port to my hosted mailserver to get around the new Fuse.net policy of blocking outbound port 25. I just hope they don't start blocking inbound 22. That would be bad. From rah at shipwright.com Wed Aug 27 18:44:17 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Wed, 27 Aug 2003 21:44:17 -0400 Subject: Costs of the Surveillance State Message-ID: --- begin forwarded text From jtrjtrjtr2001 at yahoo.com Thu Aug 28 00:14:20 2003 From: jtrjtrjtr2001 at yahoo.com (Sarad AV) Date: Thu, 28 Aug 2003 00:14:20 -0700 (PDT) Subject: Q on associative binary operation In-Reply-To: Message-ID: <20030828071420.82829.qmail@web21203.mail.yahoo.com> hi, Table shown is completed to define 'associative' binary operation * on S={a,b,c,d}. *|a|b|c|d --------- a|a|b|c|d --------- b|b|a|c|d --------- c|c|d|c|d --------- d|d|c|c|d The operation * is associative iff (a*b)*c=a*(b*c) for all a,b,c element of set S. So can (a*d)*d=a*(d*d)=d considered as associative over * for this case as per definition? Regards Sarath. __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com From wordspy at logophilia.com Thu Aug 28 02:08:34 2003 From: wordspy at logophilia.com (Paul McFedries) Date: Thu, 28 Aug 2003 05:08:34 -0400 Subject: The Word Spy for 08/28/2003 -- darknet Message-ID: darknet n. The collection of networks and other technologies that enable people to illegally share copyrighted digital files with little or no fear of detection. Also: Darknet. Example Citation --------------------------------- Here is a prediction: the darknet will never die. Adversaries will send out their digital agents to hunt down its disciples. But the darknet will go further underground, finding new ways to escape the reach of these electronic attackers. The faithful will find safety by banding together in small groups, beyond the reach of the oppressors. The script for the next Matrix sequel? No -- because the darknet is already here: it is the unofficial side of the internet. And its resilience guarantees that it will remain a thorn in the side of the music and movie industries, whatever successes they may have in crushing its early manifestations. --Richard Waters, "No respite from the forces of darknet," Financial Times (London), July 29, 2003 Backgrounder --------------------------------- The ominous tone that pervades the word "darknet" is probably no accident. That's because the joint coiners of the term -- Peter Biddle, Paul England, Marcus Peinado, and Bryan Willman -- are employees of Microsoft, a company on the forefront of something called digital rights management. DRM is a set of technologies that aims not just to ensure that people pay for copyrighted digital content, but also that they can't make illegal copies of that content. In a paper called "The Darknet and the Future of Content Distribution" (see http://crypto.stanford.edu/DRM2002/darknet5.doc), the above authors argue that the existence of the darknet severely undermines all DRM initiatives, which is dark news indeed for Microsoft and every other company that hopes to control the use and abuse of copyrighted digital files. Earliest Citation --------------------------------- "Users will copy objects if it is possible and interesting to do so," said authors Peter Biddle, Paul England, Marcus Peinado and Bryan Willman. That truism, they said, when combined with a high-bandwidth network and only a fraction of users initially sharing content, made the darknet ubiquitous. Sharing has existed for years, they argued, but the "sneaker net" approach of mixed cassette tapes passed among friends or sent through the mail meant the copyright abuse was "trivial." --Patrick Ross, "Microsoft Employees Write That DRM Systems Is Doomed to Fail," Washington Internet Daily, November 25, 2002 First Use --------------------------------- We investigate the darknet -- a collection of networks and technologies used to share digital content. The darknet is not a separate physical network but an application and protocol layer riding on existing networks. Examples of darknets are peer-to-peer file sharing, CD and DVD copying, and key or password sharing on email and newsgroups. The last few years have seen vast increases in the darknetms aggregate bandwidth, reliability, usability, size of shared library, and availability of search engines. In this paper we categorize and analyze existing and future darknets, from both the technical and legal perspectives. We speculate that there will be short-term impediments to the effectiveness of the darknet as a distribution mechanism, but ultimately the darknet-genie will not be put back into the bottle. --Peter Biddle, Paul England, Marcus Peinado, and Bryan Willman, "The Darknet and the Future of Content Distribution," Digital Rights Management conference, November 22, 2002 See Also --------------------------------- bitlegging: http://www.wordspy.com/words/bitlegging.asp burn and return: http://www.wordspy.com/words/burnandreturn.asp cuckoo egg: http://www.wordspy.com/words/cuckooegg.asp digifeiter: http://www.wordspy.com/words/digifeiter.asp IP thief: http://www.wordspy.com/words/IPthief.asp Napster bomb: http://www.wordspy.com/words/Napsterbomb.asp P2P: http://www.wordspy.com/words/P2P.asp Subject Categories --------------------------------- Computers - Data: http://www.wordspy.com/index/Computers-Data.asp Computers - Internet: http://www.wordspy.com/index/Computers-Internet.asp Computers - Networking: http://www.wordspy.com/index/Computers-Networking.asp Computers - Programming and Software: http://www.wordspy.com/index/Computers-ProgrammingandSoftware.asp Words About Words --------------------------------- The best craftsman always leaves holes and gaps in the works of the poem so that something that is not in the poem can creep, crawl, flash, or thunder in. The joy and function of poetry is, and was, the celebration of man, which is also the celebration of God. --Dylan Thomas, Welsh poet, short-story writer, and playwright, "Poetic Manifesto" in the _Texas Quarterly_, Winter 1961 Miscellanea --------------------------------- The WordSpy mailing list is available in an HTML version that bears an uncanny resemblance to the pages on the Word Spy Web site (see the address below). If you'd like to try it out, send a note to listmanager at logophilia.com and include only the command "html wordspy" (without the quotation marks) in the Subject line. For more Word Spy words, see the Word Spy Archives: http://www.wordspy.com/ You are currently subscribed as rah at shipwright.com. To drop this address from the list, you have two choices: Send a message to listmanager at logophilia.com and include only the command "leave wordspy" (without the quotation marks) in the Subject line. Or, Use the following Web address: http://www.wordspy.com/list/remove.asp?Email=rah at shipwright.com&ID=26169 ======================================================== --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From mv at cdc.gov Thu Aug 28 07:42:23 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Thu, 28 Aug 2003 07:42:23 -0700 Subject: traffix analysis Message-ID: <3F4E14CF.B4E49B6B@cdc.gov> At 08:14 PM 8/27/03 -0700, Steve Schear wrote: >Using random "throwaway" WiFi neighborhood hotspots can blunt this type of >attack. Even if they trace the link back to the consumer who lent his >bandwidth it may provide scant information. Yes, but remember to wear a disguise/cloak and be careful how you arrive there. If you threaten King George, Who Worships Mars God of War, they will seize all the surveillance camera videos (public and private) near the AP you exploit. Don't stop for gas anywhere nearby. A high-gain antenna is recommended. From timcmay at got.net Thu Aug 28 10:41:51 2003 From: timcmay at got.net (Tim May) Date: Thu, 28 Aug 2003 10:41:51 -0700 Subject: Q on associative binary operation In-Reply-To: <20030828071420.82829.qmail@web21203.mail.yahoo.com> Message-ID: On Thursday, August 28, 2003, at 12:14 AM, Sarad AV wrote: > hi, > > Table shown is completed to define 'associative' > binary operation * on S={a,b,c,d}. > > *|a|b|c|d > --------- > a|a|b|c|d > --------- > b|b|a|c|d > --------- > c|c|d|c|d > --------- > d|d|c|c|d > > > The operation * is associative iff (a*b)*c=a*(b*c) for > all a,b,c element of set S. > > So can (a*d)*d=a*(d*d)=d considered as associative > over * for this case as per definition? > This looks like a homework assignment for a class. If a, b, c, and d are all arbitrary symbols, most substitutions (such as a = 2, b = 5, etc.) certainly will _not_ give (a*d)*d=a*(d*d)=d as a true statement. Only special values of a and d will make that true. (For example, a = 1 and d = 1 makes (1*1)*1=1*(1*1)=1. Other values may as well. Finding them is up to you. Lastly, your English is again unclear. "So can (a*d)*d=a*(d*d)=d considered as associative over * for this case as per definition?" isn't a proper English sentence. Why do you keep posing these problems to the list? Are they homework problems? Do you think the list is just too quiet and needs ill=phrased puzzlers to keep it occupied? Did you ever do the coin flip experiment we suggested you do? Are you an AI which has failed the Turing Test and escaped? --Tim May From rob at vees.net Thu Aug 28 08:26:47 2003 From: rob at vees.net (Rob Carlson) Date: Thu, 28 Aug 2003 11:26:47 -0400 Subject: IRS loses a big one? In-Reply-To: <5.2.1.1.0.20030812074809.046ad140@mail.comcast.net> Message-ID: <09C73268-D96C-11D7-BC54-000393DEFD20@vees.net> On Tuesday, Aug 12, 2003, at 10:49 America/New_York, Steve Schear wrote: > [Not surprisingly there appears to be no major U.S. media coverage] The New York Times carried a detailed article about the case on August 12, 2003. There are many more articles in major sources like it. > IRS vs. KUGLIN > By Carl F. Worden > > Forget the war in Iraq, Afghanistan and our excellent adventure in > Liberia. Forget about Kobe, Arnold, Arriana, Scott and Laci. The > biggest news of the entire week is that on August 8, 2003, the IRS > was unable to convince a jury in Memphis, Tennessee that the Federal > Tax Code requires the citizens to pay individual income taxes. I kid > you not... As I understand it, the jury found that Kuglin was not criminally liable for tax evasion because the IRS ignored her letters asking what law required her to pay her taxes. In the absence of any response, the jury found that she had acted reasonably and in good faith. She was not a tax evader beyond a reasonable doubt. She may still be found civilly liable when the IRS sues her for the money. If I'm not mistaken, that requires only a preponderance of the evidence. -- Rob Carlson rob at vees.net http://vees.net/ From billy at dadadada.net Thu Aug 28 10:22:04 2003 From: billy at dadadada.net (BillyGOTO) Date: Thu, 28 Aug 2003 13:22:04 -0400 Subject: Q on associative binary operation In-Reply-To: <20030828071420.82829.qmail@web21203.mail.yahoo.com> References: <20030828071420.82829.qmail@web21203.mail.yahoo.com> Message-ID: <20030828172204.GA4782@mail.dadadada.net> On Thu, Aug 28, 2003 at 12:14:20AM -0700, Sarad AV wrote: > hi, > > Table shown is completed to define 'associative' > binary operation * on S={a,b,c,d}. > > *|a|b|c|d > --------- > a|a|b|c|d > --------- > b|b|a|c|d > --------- > c|c|d|c|d > --------- > d|d|c|c|d > > > The operation * is associative iff (a*b)*c=a*(b*c) for > all a,b,c element of set S. > So can (a*d)*d=a*(d*d)=d considered as associative > over * for this case as per definition? a d d d \ / \ / d d a d \ / \ / d = d What's the problem? From camera_lumina at hotmail.com Thu Aug 28 12:36:29 2003 From: camera_lumina at hotmail.com (Tyler Durden) Date: Thu, 28 Aug 2003 15:36:29 -0400 Subject: Q on associative binary operation Message-ID: Yeah, kinda bizarre. There's also an ambiguity that prevents one from saying Q is associative. Is the table defined for both directions of *? In other words, is the table meant to imply values for both x*y (ie, left*top) as well as y*x (top*left)? For most objects x*y will not equal y*x (indeed, one may be undefined as in the case of matrix multiplication). Anyone remember the group theoretic term for these kinds of groups? -TD >From: Tim May >To: cypherpunks at lne.com >Subject: Re: Q on associative binary operation Date: Thu, 28 Aug 2003 >10:41:51 -0700 > >On Thursday, August 28, 2003, at 12:14 AM, Sarad AV wrote: > >>hi, >> >>Table shown is completed to define 'associative' >>binary operation * on S={a,b,c,d}. >> >>*|a|b|c|d >>--------- >>a|a|b|c|d >>--------- >>b|b|a|c|d >>--------- >>c|c|d|c|d >>--------- >>d|d|c|c|d >> >> >>The operation * is associative iff (a*b)*c=a*(b*c) for >>all a,b,c element of set S. >> >>So can (a*d)*d=a*(d*d)=d considered as associative >>over * for this case as per definition? >> > >This looks like a homework assignment for a class. > >If a, b, c, and d are all arbitrary symbols, most substitutions (such as a >= 2, b = 5, etc.) certainly will _not_ give (a*d)*d=a*(d*d)=d as a true >statement. Only special values of a and d will make that true. (For >example, a = 1 and d = 1 makes (1*1)*1=1*(1*1)=1. Other values may as well. >Finding them is up to you. > >Lastly, your English is again unclear. "So can (a*d)*d=a*(d*d)=d considered >as associative over * for this case as per definition?" isn't a proper >English sentence. > >Why do you keep posing these problems to the list? Are they homework >problems? Do you think the list is just too quiet and needs ill=phrased >puzzlers to keep it occupied? > >Did you ever do the coin flip experiment we suggested you do? > >Are you an AI which has failed the Turing Test and escaped? > > >--Tim May _________________________________________________________________ Enter for your chance to IM with Bon Jovi, Seal, Bow Wow, or Mary J Blige using MSN Messenger http://entertainment.msn.com/imastar From morlockelloi at yahoo.com Thu Aug 28 18:11:54 2003 From: morlockelloi at yahoo.com (Morlock Elloi) Date: Thu, 28 Aug 2003 18:11:54 -0700 (PDT) Subject: traffix analysis In-Reply-To: <3F4E14CF.B4E49B6B@cdc.gov> Message-ID: <20030829011154.62041.qmail@web40604.mail.yahoo.com> > Yes, but remember to wear a disguise/cloak and be careful how you > arrive there. If you threaten King George, Who Worships Mars God of > War, they will seize all the surveillance camera videos (public and private) > near the AP you exploit. Don't stop for gas anywhere nearby. A 18-24" 2.4Ghz grid dish (available for less than $70-90) with 18-21 dB gain will associate at 11 Mb/s with consumer-grade APs with diversity antennas at 2-3 miles. You can also use it to offer free connectivity to a cafe 2 miles away, but that's another maillist. ===== end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com From jtrjtrjtr2001 at yahoo.com Thu Aug 28 23:21:08 2003 From: jtrjtrjtr2001 at yahoo.com (Sarad AV) Date: Thu, 28 Aug 2003 23:21:08 -0700 (PDT) Subject: Q on associative binary operation In-Reply-To: <20030828172204.GA4782@mail.dadadada.net> Message-ID: <20030829062108.45264.qmail@web21205.mail.yahoo.com> hi, Let ~ represents a relation. If a~b and b~a,then a~a (by transitivity) is an incorrect argument. By definition of transitivity, if a~b and b~c implies that a~c. I was asking on the same lines if (a*d)*d=a*(d*d)=d. By definition associativity is defined on a,b,c element of set S and not two elements of the set. x*y (ie, left*top) can be followed. Regards Sarath. --- BillyGOTO wrote: > On Thu, Aug 28, 2003 at 12:14:20AM -0700, Sarad AV > wrote: > > hi, > > > > Table shown is completed to define 'associative' > > binary operation * on S={a,b,c,d}. > > > > *|a|b|c|d > > --------- > > a|a|b|c|d > > --------- > > b|b|a|c|d > > --------- > > c|c|d|c|d > > --------- > > d|d|c|c|d > > > > > > The operation * is associative iff (a*b)*c=a*(b*c) > for > > all a,b,c element of set S. > > > So can (a*d)*d=a*(d*d)=d considered as associative > > over * for this case as per definition? > > a d d d > \ / \ / > d d a d > \ / \ / > d = d > > What's the problem? > __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com From rah at shipwright.com Fri Aug 29 05:08:31 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Fri, 29 Aug 2003 08:08:31 -0400 Subject: Net anonymity service un-backdoored Message-ID: The Register  28 August 2003  Updated: 17:42 GMT Net anonymity service un-backdoored By Thomas C Greene in Washington Posted: 28/08/2003 at 13:31 GMT The Java Anonymous Proxy (JAP) service, a collaborative effort of Dresden University of Technology, Free University Berlin and the Independent Centre for Privacy Protection Schleswig-Holstein, Germany (ICPP), has been allowed to suspend its monitoring of users' IP traffic pending a decision on the legality of back-dooring it. Collectively known as the AN.ON Project, the operators appealed a lower court's decision allowing the German Feds to obtain reports on users' access to a particular IP address (no doubt having to do with KP or bomb-making, etc). The appeals court has allowed the operators to discontinue logging until their appeal has been answered. When a decision has been reached, the JAP team says they will document the whole affair, but cannot do so until the court issues its ruling. A single record of access to the forbidden IP address has been logged but not yet disclosed to the Feds pending the higher court's decision, the JAP team says . In a previous article The Register criticised the way the JAP team handled its initial confrontation with the Feds, ie., by waiting quietly until a user discovered the back door before acknowledging the situation. We believe there were better ways of dealing with the court order, either by posting a prominent warning that the service might be subject to monitoring by the authorities, by leaking the information to the press outside Germany, or by disabling the affected proxies temporarily in protest. We hope that if the JAP team should lose its appeal and be ordered to resume monitoring, particularly under a gag order, it will find a way of giving the public a proper heads up. Their previous performance hardly inspires confidence, but there is always opportunity for redemption. -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From s.schear at comcast.net Fri Aug 29 09:46:56 2003 From: s.schear at comcast.net (Steve Schear) Date: Fri, 29 Aug 2003 09:46:56 -0700 Subject: "Terror Reading" Message-ID: <5.2.1.1.0.20030829094452.0411c420@mail.comcast.net> At 10:48 AM 6/26/2002 -0400, Kathleen Dolan wrote: >>In many states, it is illegal to store records showing who borrowed a >>book from a public library. Maryland, for example, requires destruction of >>the record after a point and even backups cannot be accessed without a >>court order. >> >>KAD > >Say a public library implements a policy of replying positively to all >such inquiries, that is, if asked by a patron the db admin will tell them >when their account is free of such inquiries. If a request does come in >then the db admin can either: fail to respond (monitoring implied), tell >them they are being monitored (violating the law) or lie and say they are >not even if they are. So, can the Feds require a librarian to lie to a >customer who inquires whether their library usage is being monitored? Looks like at least one library is trying a variation the method I suggested... "The Patriot Act also prohibits libraries and others from notifying patrons and others that an investigation is ongoing. At least one library has tried a solution to "beat the system" by regularly informing the board of directors that there are no investigations. If the director does not notify the Board that there are no investigations, it can serve as a clue that something may be happening. " http://www.ombwatch.org/article/articleview/1706/1/41 steve A foolish Constitutional inconsistency is the hobgoblin of freedom, adored by judges and demagogue statesmen. - Steve Schear From timcmay at got.net Fri Aug 29 09:47:02 2003 From: timcmay at got.net (Tim May) Date: Fri, 29 Aug 2003 09:47:02 -0700 Subject: The Word Spy for 08/28/2003 -- darknet In-Reply-To: Message-ID: <6A6A5742-DA40-11D7-87EC-000A956B4C74@got.net> On Friday, August 29, 2003, at 09:02 AM, R. A. Hettinga wrote: > I'm sure certian Virginia boys around here would say that that there's > a misspelling in there, somewhere... Certain Californians will say that the "Darknet" allegedly coined in 2002 by these guys is clearly a misspelling of "Blacknet," coined for this usage in 1988, by me, and made popular in 1992-3, when it was actually deployed (by me)...and investigated by various TLAs on espionage grounds. Not surprising that this "appropriation of the term" came from our friends in Redmond. Perhaps they will copyright the term and then send me and others threatening letters. --Tim May (a few excerpts follow) > The script for the next Matrix sequel? No -- because the darknet is > already here: it is the unofficial side of the internet. And its > resilience guarantees that it will remain a thorn in the side of the > music and movie industries, whatever successes they may have in > crushing its early manifestations. > --Richard Waters, "No respite from the forces of darknet," Financial > Times (London), July 29, 2003 > > Backgrounder > --------------------------------- > The ominous tone that pervades the word "darknet" is probably no > accident. That's because the joint coiners of the term -- Peter > Biddle, Paul England, Marcus Peinado, and Bryan Willman -- are > employees of Microsoft, a company on the forefront of something > called digital rights management.... > Earliest Citation > --------------------------------- > First Use > --------------------------------- > We investigate the darknet -- a collection of networks and > technologies used to share digital content. The darknet is not a > separate physical network but an application and protocol layer > riding on existing networks. Examples of darknets are peer-to-peer > file sharing, CD and DVD copying, and key or password sharing on > email and newsgroups. The last few years have seen vast increases in > the darknetms aggregate bandwidth, reliability, usability, size of > shared library, and availability of search engines. In this paper we > categorize and analyze existing and future darknets, from both the > technical and legal perspectives. We speculate that there will be > short-term impediments to the effectiveness of the darknet as a > distribution mechanism, but ultimately the darknet-genie will not be > put back into the bottle. > --Peter Biddle, Paul England, Marcus Peinado, and Bryan Willman, "The > Darknet and the Future of Content Distribution," Digital Rights > Management conference, November 22, 2002 From andrewt at nmh.co.za Fri Aug 29 01:02:57 2003 From: andrewt at nmh.co.za (Andrew Thomas) Date: Fri, 29 Aug 2003 10:02:57 +0200 Subject: DoS of spam blackhole lists Message-ID: <002301c36e03$f8f63c70$0101a8c0@gfserver> Hi, Considering that it appears that spammers are now resorting to DoS'ing sites that host spam lists, wouldn't now be a good time to investigate the possibilities of a distributed, or at least, load balanced blacklist provider? Even something as simple as round-robin DNS with sufficient nodes (couple of hundred?) should be enough to make such attacks highly inefficient and far, far less likely to be effective. Of course, with round robin DNS, one can target the DNS servers. Would this make for an interesting community project? Any comments appreciated. -- Andrew G. Thomas Hobbs & Associates Chartered Accountants (SA) (o) +27-(0)21-683-0500 (f) +27-(0)21-683-0577 (m) +27-(0)83-318-4070 From timcmay at got.net Fri Aug 29 10:22:31 2003 From: timcmay at got.net (Tim May) Date: Fri, 29 Aug 2003 10:22:31 -0700 Subject: "Terror Reading" In-Reply-To: <5.2.1.1.0.20030829094452.0411c420@mail.comcast.net> Message-ID: <5F320F34-DA45-11D7-87EC-000A956B4C74@got.net> On Friday, August 29, 2003, at 09:46 AM, Steve Schear wrote: > At 10:48 AM 6/26/2002 -0400, Kathleen Dolan wrote: >>> In many states, it is illegal to store records showing who borrowed a >>> book from a public library. Maryland, for example, requires >>> destruction of >>> the record after a point and even backups cannot be accessed without >>> a >>> court order. >>> >>> KAD >> >> Say a public library implements a policy of replying positively to >> all such inquiries, that is, if asked by a patron the db admin will >> tell them when their account is free of such inquiries. If a request >> does come in then the db admin can either: fail to respond >> (monitoring implied), tell them they are being monitored (violating >> the law) or lie and say they are not even if they are. So, can the >> Feds require a librarian to lie to a customer who inquires whether >> their library usage is being monitored? > > Looks like at least one library is trying a variation the method I > suggested... > > "The Patriot Act also prohibits libraries and others from notifying > patrons and others that an investigation is ongoing. At least one > library has tried a solution to "beat the system" by regularly > informing the board of directors that there are no investigations. If > the director does not notify the Board that there are no > investigations, it can serve as a clue that something may be > happening. " > > http://www.ombwatch.org/article/articleview/1706/1/41 > This is the "dead librarian switch." And in these times when the Constitution has been shredded, when dissidents are being sent to concentration camps in Cuba, when thought criminals who post links to explosives knowledge are in prison, perhaps "dead librarian switch" has literal meaning. I am giving thought to visiting one of my local libraries and sauntering up the checkout desk and casually saying "So, what about this Patriot Act and librarians narcing us out to Big Brother?" Then, after hearing her explanation, just as casually saying "Well, I hope it never happens. Because if I ever learn that you have narced me out, I would of course have to lie in wait until you leave the library and then do what needs to be done." Seriously, maybe librarians need to realize at a gut level that if they act as stool pigeons, as narcs, then some of them may pay the same price that rats in general sometimes pay. --Tim May "He who fights with monsters might take care lest he thereby become a monster. And if you gaze for long into an abyss, the abyss gazes also into you." -- Nietzsche From mv at cdc.gov Fri Aug 29 10:38:52 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Fri, 29 Aug 2003 10:38:52 -0700 Subject: traffix analysis Message-ID: <3F4F8FAC.A99F80AC@cdc.gov> At 06:11 PM 8/28/03 -0700, Morlock Elloi wrote: >A 18-24" 2.4Ghz grid dish (available for less than $70-90) with 18-21 dB gain >will associate at 11 Mb/s with consumer-grade APs with diversity antennas at >2-3 miles. Yes; for naif readers note that the "grid" means that you don't worry about wind as much as a solid dish. (The uwaves see the screen as solid, however.) With that much gain (ie directionality) wind could mess with your (albeit brief) connection. Its very important that you go *away* from your normal haunts if you use this (esp. more than once) for attention-receiving activities. (Any mailbomber would know this.) And best to piggyback on a commercial AP, unless you dislike the individuals you are implicating... Apologies for the pedanticism to regular opsec-clued readers. (And students, don't test your virii in plain sight of a narc..) ---- Wait until the .iq bombers clue into the delayed double-bombing technique favored by .us anti-repro-choice guerillas... a brisant double-tap.. yeah baby From mv at cdc.gov Fri Aug 29 10:45:22 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Fri, 29 Aug 2003 10:45:22 -0700 Subject: The Word Spy for 08/28/2003 -- darknet Message-ID: <3F4F9132.987D13C0@cdc.gov> At 09:47 AM 8/29/03 -0700, Tim May wrote: >Certain Californians will say that the "Darknet" allegedly coined in >2002 by these guys is clearly a misspelling of "Blacknet," coined for Maybe the NAACP got upset... ----- Sure Arnold gangbanged a chick, but it was a *black* chick, it just shows he's not bigoted.. From timcmay at got.net Fri Aug 29 11:18:41 2003 From: timcmay at got.net (Tim May) Date: Fri, 29 Aug 2003 11:18:41 -0700 Subject: The Word Spy for 08/28/2003 -- darknet In-Reply-To: <3F4F9132.987D13C0@cdc.gov> Message-ID: <37CAE5D2-DA4D-11D7-87EC-000A956B4C74@got.net> On Friday, August 29, 2003, at 10:45 AM, Major Variola (ret) wrote: > At 09:47 AM 8/29/03 -0700, Tim May wrote: >> Certain Californians will say that the "Darknet" allegedly coined in >> 2002 by these guys is clearly a misspelling of "Blacknet," coined for > > Maybe the NAACP got upset.. Why would colored people care about some honkey mofo using "black"? --Tim May "The State is the great fiction by which everyone seeks to live at the expense of everyone else." --Frederic Bastiat From timcmay at got.net Fri Aug 29 11:33:32 2003 From: timcmay at got.net (Tim May) Date: Fri, 29 Aug 2003 11:33:32 -0700 Subject: Shielding microwave dishes from prying eyes In-Reply-To: <3F4F8FAC.A99F80AC@cdc.gov> Message-ID: <4AC3A783-DA4F-11D7-87EC-000A956B4C74@got.net> On Friday, August 29, 2003, at 10:38 AM, Major Variola (ret) wrote: > At 06:11 PM 8/28/03 -0700, Morlock Elloi wrote: >> A 18-24" 2.4Ghz grid dish (available for less than $70-90) with 18-21 > dB gain >> will associate at 11 Mb/s with consumer-grade APs with diversity > antennas at >> 2-3 miles. > > Yes; for naif readers note that the "grid" means that you don't worry > about wind as much > as a solid dish. (The uwaves see the screen as solid, however.) With > that much gain > (ie directionality) wind could mess with your (albeit brief) > connection. > > Its very important that you go *away* from your normal haunts if you > use > > this (esp. more than once) for attention-receiving activities. Were I setting up such a system, I think I'd look closely at installing the dishes in small plastic sheds. Small Rubbermaid plastic tool sheds, for example. Even an upended plastic garbage can would probably work well, though it might look a little odd. (Not odd enough to get the attention of the roving vans, though.) If on a rooftop, where a garden shed or plastic garbage can would look out of place, a cylinder of light plastic (semi-rigid, not the Saran wrap stuff) would look like just another rooftop piece of hardware. A wander through a Home Depot might reveal something already made which would hold a 1.5 m dish very nicely. A cylinder with an overhanging roof would like a roof vent, and would also shelter the cylinder walls from ice and other microwave absorbers. I live in rural, hilly area, so I doubt any FCC vans are rolling around looking for (unlicensed?) directional microwave dishes. If I lived in any kind of urban or even suburban area, and were setting up such a dish system, I'd look for ways to camouflage it. Transparency of the plastic to the specific microwaves should be checked, of course. Easy to check. Detection of the dish by side-lobe leakage is harder. > --Tim May "To those who scare peace-loving people with phantoms of lost liberty, my message is this: Your tactics only aid terrorists." --John Ashcroft, U.S. Attorney General From rah at shipwright.com Fri Aug 29 09:02:11 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Fri, 29 Aug 2003 12:02:11 -0400 Subject: The Word Spy for 08/28/2003 -- darknet Message-ID: I'm sure certian Virginia boys around here would say that that there's a misspelling in there, somewhere... Cheers, RAH --- begin forwarded text From billy at dadadada.net Fri Aug 29 10:13:59 2003 From: billy at dadadada.net (BillyGOTO) Date: Fri, 29 Aug 2003 13:13:59 -0400 Subject: Q on associative binary operation In-Reply-To: <20030829062108.45264.qmail@web21205.mail.yahoo.com> References: <20030828172204.GA4782@mail.dadadada.net> <20030829062108.45264.qmail@web21205.mail.yahoo.com> Message-ID: <20030829171359.GA19701@mail.dadadada.net> On Thu, Aug 28, 2003 at 11:21:08PM -0700, Sarad AV wrote: > hi, > > Let ~ represents a relation. > > If a~b and b~a,then > > a~a (by transitivity) > is an incorrect argument. > By definition of transitivity, if a~b and b~c implies > that a~c. right. > I was asking on the same lines if (a*d)*d=a*(d*d)=d. What does that have to do with transitivity? You didn't mention transitivity when you posed the question. Ridiculous. '*' is an operator, not a relation. Relations can't be parenthesized unless you're going to make truth or falsehood a symbol to be operated upon. Tim is right. Cypherpunks isn't a place to look for help with your algebra homework. I like doing interesting math problems, but you're not even properly asking the questions you want answered. That makes it a LOT less fun. > By definition associativity is defined on a,b,c > element of set S and not two elements of the set. This is getting stupid. The '*' operator was defined associative. The property of associativity applies to ASSOCIATIONS between symbols (i.e binary operators). > x*y (ie, left*top) can be followed. I'm totally done with this. From bfordham at socialistsushi.com Fri Aug 29 10:21:42 2003 From: bfordham at socialistsushi.com (Bryan L. Fordham) Date: Fri, 29 Aug 2003 13:21:42 -0400 Subject: "Terror Reading" In-Reply-To: <5.2.1.1.0.20030829094452.0411c420@mail.comcast.net> References: <5.2.1.1.0.20030829094452.0411c420@mail.comcast.net> Message-ID: <3F4F8BA6.6030203@socialistsushi.com> Steve Schear wrote: > Looks like at least one library is trying a variation the method I > suggested... > > "The Patriot Act also prohibits libraries and others from notifying > patrons and others that an investigation is ongoing. At least one > library has tried a solution to "beat the system" by regularly > informing the board of directors that there are no investigations. If > the director does not notify the Board that there are no > investigations, it can serve as a clue that something may be happening. " > > http://www.ombwatch.org/article/articleview/1706/1/41 http://librarian.net/technicality.html is another example if such tactics. --B From john at kozubik.com Fri Aug 29 13:42:53 2003 From: john at kozubik.com (John Kozubik) Date: Fri, 29 Aug 2003 13:42:53 -0700 (PDT) Subject: DoS of spam blackhole lists In-Reply-To: <002301c36e03$f8f63c70$0101a8c0@gfserver> Message-ID: <20030829133328.R36493-100000@kozubik.com> On Fri, 29 Aug 2003, Andrew Thomas wrote: > Considering that it appears that spammers are now resorting > to DoS'ing sites that host spam lists, wouldn't now be a good > time to investigate the possibilities of a distributed, or at > least, load balanced blacklist provider? That's an interesting reaction to the problem. Here's a better idea: a) admit that your stupid, self-appointed-netcop blacklists and self-righteous spam projects are inherently flawed, and are generally populated by spam reports made by clueless idiots that don't realize they are reporting forged and/or incorrect addresses. The net effect is that a lot of innocent bystanders/IP-blocks/ISPs waste a lot of time dealing with your self-righteous crusader projects. b) realize that the distributed method you suggest already exists - it is called procmail(*). Please spend your sophomore year working on something besides "self-appointed-spam-netcop-site-of-the-week". (*) or you could setup a dummy email account on all web-published documents, and delete any email that arrives in both mailboxes, or you could implement a challenge/response mechanism for all new senders. All three mechanisms mentioned are distributed, independent, and don't require some asshole swooping in to save us with his miraculous spews database. ----- John Kozubik - john at kozubik.com - http://www.kozubik.com From frantz at pwpconsult.com Fri Aug 29 13:54:29 2003 From: frantz at pwpconsult.com (Bill Frantz) Date: Fri, 29 Aug 2003 13:54:29 -0700 Subject: Responding to orders which include a secrecy requirement In-Reply-To: Message-ID: The Java Anonymous Proxy (JAP) service, your local library, and you, among others need to develop a response should you be served with an order (court or otherwise) to produce information which includes the requirement that you keep the order secret. There are a large number of responses one could use. Some of them might be: * Cooperate. * Take the service down. * Publicly refuse to cooperate. * Publicly announce that you are being monitored. * Stop saying that the service is not monitored. * Appear to cooperate, but provide false information. * etc. Please keep in mind when reading the following analysis that I am not a lawyer. Cooperation seems to be the safest from a short term legal standpoint. However, to the extent it encourages the police state, it is dangerous in the long term. Taking the service down is an obvious response. It is a difficult response for your public library to implement. In addition, a strict enough secrecy order could require you to keep the service up. Publicly refusing to cooperate is the most honorable response, and will probably end you up in jail for an indefinite term on contempt charges. This is the path of civil disobedience, followed by a number of heros in past encounters with totalitarianism. Publicly announcing that you are being monitored will probably end up with the same contempt charges as a public refusal to cooperate, coupled with the possibility of the dishonorable act of breaking your word (depending on your terms of service). Stopping your notification that the service is not monitored can be forbidden by a strict enough secrecy order. It may be the least legally risky of the options. The fact that you will stop notification should be included in your terms of service. Providing false information is an interesting option, but I think you are legal toast if you are caught doing it. One can get a lot of amusement from considering who to implicate in place of the real anonymous user. Cheers - Bill ------------------------------------------------------------------------- Bill Frantz | "A Jobless Recovery is | Periwinkle -- Consulting (408)356-8506 | like a Breadless Sand- | 16345 Englewood Ave. frantz at pwpconsult.com | wich." -- Steve Schear | Los Gatos, CA 95032, USA From s.schear at comcast.net Fri Aug 29 15:28:22 2003 From: s.schear at comcast.net (Steve Schear) Date: Fri, 29 Aug 2003 15:28:22 -0700 Subject: Responding to orders which include a secrecy requirement In-Reply-To: References: Message-ID: <5.2.1.1.0.20030829152504.0412e258@mail.comcast.net> At 01:54 PM 8/29/2003 -0700, you wrote: >Stopping your notification that the service is not monitored can be >forbidden by a strict enough secrecy order. It may be the least legally >risky of the options. The fact that you will stop notification should be >included in your terms of service. All covered in my previous postings. This approach should be particularly applicable to ISPs as they generally have billing arrangement and can add this on as an extra service fee for each inquiry. Instead of court orders being a cost they become a revenue source. steve "The fetters imposed on liberty at home have ever been forged out of the weapons provided for defence against real, pretended, or imaginary dangers from abroad." --President James Madison (1751-1836) From morlockelloi at yahoo.com Fri Aug 29 16:41:25 2003 From: morlockelloi at yahoo.com (Morlock Elloi) Date: Fri, 29 Aug 2003 16:41:25 -0700 (PDT) Subject: traffix analysis In-Reply-To: <3F4F8FAC.A99F80AC@cdc.gov> Message-ID: <20030829234125.79203.qmail@web40605.mail.yahoo.com> > as a solid dish. (The uwaves see the screen as solid, however.) With > that much gain (ie directionality) wind could mess with your (albeit brief) > connection. This one has 30 degree coverage and is perfect for connecting to consumer APs up to a mile: http://www.tranzeo.com/products.php?cmd=viewpage&id=102 Car window glass will cost you about 1.5-2 dB. ===== end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com From justin-cypherpunks at soze.net Fri Aug 29 10:15:44 2003 From: justin-cypherpunks at soze.net (Justin) Date: Fri, 29 Aug 2003 17:15:44 +0000 Subject: Slashdot | Florida Proposes Taxing Local LANs (fwd) In-Reply-To: <5.1.1.6.2.20030826234459.0519a7c0@idiom.com> References: <5.1.1.6.2.20030826234459.0519a7c0@idiom.com> Message-ID: <20030829171544.GB14687@dreams.soze.net> Bill Stewart (2003-08-27 07:06Z) wrote: > At 08:54 AM 08/26/2003 -0500, Harmon Seaver wrote: > > I don't get it -- exactly what do they think they would be taxing? > >9% of what? The bits and bytes that flow thru? > >The owners already paid a sales tax on the hardware, > >or is this like a yearly property tax? > >Bizarre! > > The standard joke about how you tell a computer salesman > from a used car salesman is that the car salesman > knows when he's lying. These incompetents like taxing things, > but if they don't know what they technology is about, > they *really* *really* shouldn't propose special taxes > on it until they know how to count the objects they want to tax. I got the impression they want to tax the yearly depriciation of the networking equipment. Just as silly as, and perhaps even more expensive than, taxing the bits. -- No man is clever enough to Times are bad. Children no longer know all the evil he does. obey their parents, and everyone -Francois de la Rochefoucauld is writing a book. -Cicero From timcmay at got.net Fri Aug 29 18:54:03 2003 From: timcmay at got.net (Tim May) Date: Fri, 29 Aug 2003 18:54:03 -0700 Subject: Responding to orders which include a secrecy requirement In-Reply-To: <5.2.1.1.0.20030829152504.0412e258@mail.comcast.net> Message-ID: On Friday, August 29, 2003, at 03:28 PM, Steve Schear wrote: > At 01:54 PM 8/29/2003 -0700, you wrote: >> Stopping your notification that the service is not monitored can be >> forbidden by a strict enough secrecy order. It may be the least >> legally >> risky of the options. The fact that you will stop notification >> should be >> included in your terms of service. > > All covered in my previous postings. This approach should be > particularly applicable to ISPs as they generally have billing > arrangement and can add this on as an extra service fee for each > inquiry. Instead of court orders being a cost they become a revenue > source. > This has been proposed for, but it fails for the usual reasons. An ISP is free to say "anyone requesting a tap is required to pay a fee," just as any ISP is free to say that it will handle installation of special Carnivore equipment for a certain fee. But when Big Brother commands that his Carnivore boxes be added, ISPs are afraid to shoot his agents who trespass. And so the work is done for free. And so, too, will the fees you talk about be waived. I think my solution may be best: take a few ISPs who have bent over for Big Brother and kill their owners and staff. A few ISP owners found necklaced and smoking may send a message to others. It works for the Mob in a way none of the more civilized approaches can possibly work. "You narc us out, we douse your children with gasoline and light them off. Your choice." Sometimes freedom demands harshness. --Tim May From measl at mfn.org Fri Aug 29 21:00:46 2003 From: measl at mfn.org (J.A. Terranson) Date: Fri, 29 Aug 2003 23:00:46 -0500 (CDT) Subject: Responding to orders which include a secrecy requirement In-Reply-To: Message-ID: On Fri, 29 Aug 2003, Tim May wrote: > But when Big Brother commands that his Carnivore boxes be added, ISPs > are afraid to shoot his agents who trespass. Just for the record, as someone who is in a position to have first-hand personal knowledge of this... When the various plastic-id carrying critters came around asking to let ISPs install Carnivores just after 9/11, they were almost all turned away. The notable exceptions were from companies that are (not surprisingly) based outside of the US. I was *stunned* at how many ISPs told them to fuck off (including, I am happy to say, the one I work at).. When a court order is present - that is a whole new ball game: nobody will refuse that. > And so the work is done for free. And so, too, will the fees you talk > about be waived. Free under the duress of a court order is AFAIK virgin territory here. There is no question that installing a DCS1000 is no small task when you're dealing with modern high speed circuits (OC12s and up), and will require significant planning and engineering support to accomplish without devastating interruptions in service - this is a significant expense to the business being ordered to comply. I would be surprised if this went on without compensation, even if at a reduced rate. And the sheer expense may in and of itself be a controlling factor in such orders. I know that they are rare enough to cause ripples of whispers in the NSP/ISP community. > I think my solution may be best: take a few ISPs who have bent over for > Big Brother and kill their owners and staff. A few ISP owners found > necklaced and smoking may send a message to others. It works for the > Mob in a way none of the more civilized approaches can possibly work. > > "You narc us out, we douse your children with gasoline and light them > off. Your choice." > > Sometimes freedom demands harshness. Make them move to Texas. Force them to listen to recordings of Shrub all day, while sitting in the hot Texas sun. > --Tim May -- Yours, J.A. Terranson sysadmin at mfn.org "Every living thing dies alone." Donnie Darko From sfurlong at acmenet.net Fri Aug 29 20:56:15 2003 From: sfurlong at acmenet.net (Steve Furlong) Date: Fri, 29 Aug 2003 23:56:15 -0400 Subject: "Terror Reading" In-Reply-To: <5F320F34-DA45-11D7-87EC-000A956B4C74@got.net> References: <5F320F34-DA45-11D7-87EC-000A956B4C74@got.net> Message-ID: <200308292356.15162.sfurlong@acmenet.net> On Friday 29 August 2003 13:22, Tim May wrote: > I am giving thought to visiting one of my local libraries and > sauntering up the checkout desk and casually saying "So, what about > this Patriot Act and librarians narcing us out to Big Brother?" > > Then, after hearing her explanation, just as casually saying "Well, I > hope it never happens. Because if I ever learn that you have narced > me out, I would of course have to lie in wait until you leave the > library and then do what needs to be done." Yah, good thinking. Push the local librarian from siding with the patrons against intrusive and unwarranted snooping, to thinking that Asscruft may actually have a point if there are all these dangerous wackos running around. -- Steve Furlong Computer Condottiere Have GNU, Will Travel "If someone is so fearful that, that they're going to start using their weapons to protect their rights, makes me very nervous that these people have these weapons at all!" -- Rep. Henry Waxman From nightwatch01 at comcast.net Sat Aug 30 01:02:14 2003 From: nightwatch01 at comcast.net (Tim) Date: Sat, 30 Aug 2003 01:02:14 -0700 Subject: Responding to orders which include a secrecy requirement In-Reply-To: References: Message-ID: <3F505A06.3070207@comcast.net> J.A. Terranson wrote: >On Fri, 29 Aug 2003, Tim May wrote: > > > >>But when Big Brother commands that his Carnivore boxes be added, ISPs >>are afraid to shoot his agents who trespass. >> >> > >Just for the record, as someone who is in a position to have first-hand >personal knowledge of this... > >When the various plastic-id carrying critters came around asking to let ISPs >install Carnivores just after 9/11, they were almost all turned away. The >notable exceptions were from companies that are (not surprisingly) based >outside of the US. > >I was *stunned* at how many ISPs told them to fuck off (including, I am happy >to say, the one I work at).. > So in other words, Tim May doesn't know what the hell he's talking about (again)! >>I think my solution may be best: take a few ISPs who have bent over for >>Big Brother and kill their owners and staff. A few ISP owners found >>necklaced and smoking may send a message to others. It works for the >>Mob in a way none of the more civilized approaches can possibly work. >> >>"You narc us out, we douse your children with gasoline and light them >>off. Your choice." >> >>Sometimes freedom demands harshness. >> Tim May is the perfect example why vigilante justice is generally considered to be a bad thing -- stupid assholes like Tim May spout off & take action based on paranoia instead of facts & principles of anarchy instead of justice and innocent parties get hurt. >>--Tim May From ericm at lne.com Sat Aug 30 06:10:14 2003 From: ericm at lne.com (Eric Murray) Date: Sat, 30 Aug 2003 06:10:14 -0700 Subject: Responding to orders which include a secrecy requirement In-Reply-To: ; from timcmay@got.net on Fri, Aug 29, 2003 at 06:54:03PM -0700 References: <5.2.1.1.0.20030829152504.0412e258@mail.comcast.net> Message-ID: <20030830061014.A30391@slack.lne.com> On Fri, Aug 29, 2003 at 06:54:03PM -0700, Tim May wrote: > But when Big Brother commands that his Carnivore boxes be added, ISPs > are afraid to shoot his agents who trespass. > I think my solution may be best: take a few ISPs who have bent over for > Big Brother and kill their owners and staff. A few ISP owners found > necklaced and smoking may send a message to others. The message it sends is to accept the cops offer of on-site "protection" when the ISP is faced with allowing the tap or being put in jail. By upping the stakes you force the business owner to accept the cops as the lesser of two evils. The mafia's actions tended to make business owners clamor for more police and more intrusive police protection. Not less. This is a problem that's better solved with crypto. Eric From rah at shipwright.com Sat Aug 30 04:19:03 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Sat, 30 Aug 2003 07:19:03 -0400 Subject: The new information ecosystem Part 1: It's a peer-to-peer world Message-ID: The new information ecosystem: cultures of anarchy and closure Siva Vaidhyanathan - openDemocracy 30/8/2003 search advanced search | join openDemocracy help P2P: the new information war? Journalism & war e-Democracy Politics of Digital TV The people vs. copyright The 9/11 media fall-out Public service futures Global media ownership Governing the Net feature articles web resources stories Solana Larsen Caspar Melville P2P: the new information war? Overview Articles Discussion Links return to the debate open easy read version download printable version (free to supporters) The new information ecosystem: cultures of anarchy and closure Siva Vaidhyanathan 26 - 6 - 2003 Part 1 of The new information ecosystem: cultures of anarchy and closure Siva Vaidhyanathan, author of the forthcoming The Anarchist in the Library and a true scholar of the internet age, presents a compelling, five-part panorama of the implications of electronic peer-to-peer networks for culture, science, security, and globalisation. His provocative argument registers peer-to-peer as a key site of contest over freedom and control of information. Bill Thompson of openDemocracy responds to Siva in a sparkling exchange of powerful, lucid intelligence. Part 1: It's a peer-to-peer world In the first of his five-part series, Siva Vaidhyanathan maps the fluid new territory of electronic peer-to-peer networks that are transforming the information ecosystem. Is this a landscape of enlarging freedoms where citizens shape the forms and meanings of social communication, or does it offer an invitation to entrenching state surveillance and closure? Part 2: 'Pro-gumbo': culture as anarchy Peer-to-peer technologies have precedents in the anarchistic and hybrid processes by which cultures have always been formed. Decoding anxious cultural preservationists from Matthew Arnold to Samuel Huntington, the second instalment of Siva Vaidhyanathan's five-part series reframes p2p in the light of other technologies and practices - cassettes, creolisation world music - which likewise reveal the energetic promiscuity of culture. Any attempt to censor or limit this flow would leave cultures stagnant. Part 3: The anarchy and oligarchy of science Science is knowledge in pursuit of truth that can expand human betterment. But part three of Siva Vaidhyanathan's powerful series sees the free information flows at the heart of science being pressured by the copyright economy, the post-9/11 security environment, proprietary capture of genetic databases, and science policies of governments and universities. If commerce and control defeat openness and accumulation, what happens to science impacts on democracy itself. Part 4: The nation-state vs. networks In the last decade, the nation-state has survived three challenges to its hegemony - from the Washington Consensus, the California Ideology, and Anarchy. The promise of a borderless globalisation unified by markets and new technology has been buried. The fourth part of Siva Vaidhyanathan's compelling series asks: what then remains of the utopian vision of global peer-to-peer networks that would bypass traditional structures of power? Part 1: It's a peer-to-peer world The rise of electronic peer-to-peer networks has thrown global entertainment industries into panic mode. They have been clamouring for more expansive controls over personal computers and corporate and university networks. They have proposed radical re-engineering of basic and generally open communicative technologies. And they have complained quite loudly - often with specious data and harsh tones that have had counterproductive public relations results - about the extent of their plight. But the future of entertainment is only a small part of the story. In many areas of communication, social relations, cultural regulation, and political activity, peer-to-peer models of communication have grown in influence and altered the terms of exchange. What is at stake? This is the story of clashing ideologies: information anarchy and information oligarchy . They feed off of each other dialectically. Oligarchy justifies itself through "moral panics" over the potential effects of anarchy. And anarchy justifies itself by reacting to the trends toward oligarchy. The actors who are promoting information anarchy include libertarians, librarians, hackers, terrorists, religious zealots, and anti-globalisation activists. The actors who push information oligarchy include major transnational corporations, the World Trade Organisation , and the governments of the United States of America and the Peoples' Republic of China. Rapidly, these ideologies are remaking our information ecosystem. And those of us uncomfortable with either vision, and who value what we might call "information justice", increasingly find fault and frustration with the ways our media, cultural, information and political systems are changing. The most interesting thing about these challenges and battles is that we can observe how ideologies alter our worlds. Ideologies are, to use a phrase from Pierre Bourdieu, "structuring structures". Ideologies are lenses, ways of thinking and seeing, that guide our perceptions and habits. They are permeable and malleable. They are not determinative. But they make a difference in the judgments we make and the habits we develop. In recent years we have seen the rise of anarchy as a relevant ideology in many areas of life. Our ideologies affect the technologies we choose to adopt. And using certain technologies can alter our ideologies. Anarchy is not just a function of small political groups and marginal information technologies any more. Anarchy matters. This is more than a battle of ideologies. It is also the story of specific battles. There are dozens of examples of recent and current conflicts that arose out of efforts to control the flows of information: The story of the "Locust Man," an imprisoned dissident democratic activist in China who distributed political messages by attaching them to the backs of locusts. The ordeal of the public library in Arlington, Virginia, at which two of the hijackers of 11 September 2001 used public terminals in the days preceding their attack. An increasing number of American librarians have had to endure federal law enforcement agencies asking them to violate their code of ethics and their patrons' privacy since this incident. The controversy over the complaint that some Canadian women can no longer get tested for genes that indicate a predisposition for breast cancer because an American company has patented those genes and charges too much for the test. Through such incidents, we can examine the following issues: The battle to control democratic sources of information such as public libraries, which are suddenly considered dens of terrorism and pornography. Libraries are under attack through technological mandates and legal restrictions. Efforts to radically re-engineer the personal computers and networks to eliminate the very power and adaptability that makes these machines valuable. The cultural implications of allowing fans and creators worldwide sample cultural products at no marginal costs through peer-to-peer computer networks. Futile attempts to restrict the use and distribution of powerful encryption technology out of fear that criminals and terrorists will evade surveillance. Commercial and governmental efforts to regulate science and mathematics, including control over the human genome. Attempts to stifle the activities of political dissidents and religious groups. The information policy implications of recent United States policies including the USA Patriot Act ,Total Information Awareness , and the Department of Homeland Security . This essay is the first of a series for openDemocracy that will consider these battles for control of information. This introductory piece will examine the proliferation of peer-to-peer systems. The nature of peer-to-peer Peer-to-peer electronic networks such as Napster, KaZaa, and Gnutella, solve two communicative problems and create two more. The first problem is somewhat trivial. Where do we find a convenient index to files on other people's hard drives? Or, in the case of Napster founder Sean Fanning, a Boston-area university student, how can I find music on other people's computers without asking them to expose themselves to threats by copyright holders? The second problem is more substantial. How do we exploit two of the great underused resources of the digital age: surplus storage space and surplus processing power? More significantly, how do we do this in a way that is effectively anonymous and simple? Fundamentally, peer-to-peer file-sharing systems such as KaZaa, Gnutella, Freenet, and the dearly-departed Napster attempt to recapture or at least simulate the structure and function of the original internet, when all clients were servers and all servers were clients. This original vision of the internet, call it Internet 1.0, arose in the 1970s and devolved around 1994 with the rise of ISPs and dynamic Internet Protocol (IP) numbers. The handful of netizens of Internet 1.0 worked with mainframe computers linked to each other through the Domain Name System (DNS), which helped direct packets of data to the proper destination. Each sender and each destination had a discreet and constant IP number that identified it to the network hubs. But as Internet Service Providers (ISPs) proliferated in the mid-1990s and connected millions of personal computers to networks for only several minutes or hours at a time, it became clear that rotating and re-using IP numbers would allow many more users to share the internet. Thus began Internet 2.0, in which increasingly personal computers allowed their users to receive and consume information, but allowed limited ability to donate to the system. This extension of the network cut off personal computers from the server business. Most users donated information only through e-mail. And it became clear that while the internet once seemed like a grand bazaar of homemade goods and interesting (albeit often frightening) texts generated through community dynamics, it would soon seem more like a shopping mall than a library or bazaar. Two new problems Peer-to-peer file-sharing technology is a set of protocols that allow users to open up part of their private content to public inspection, and thus, copying. In the digital world, one cannot access a file without making a copy of it. From this fact arose the first peer-to-peer problem: there is no way to enforce scarcity on these systems. The popularity and common uses of these protocols produce massive anxiety within the industries that rely on artificial scarcity to generate market predictability. The second problem is less well understood because there is no special interest constituency complaining about it. So states have stepped up to take the lead in confronting it. That problem is irresponsibility. Because most of what happens over peer-to-peer networks is relatively anonymous, servers and clients are not responsible for the ramifications of their communicative acts. Using widely available forms of encryption or networks that assure privacy, one may traffic in illicit material such as child pornography with almost no fear. In many places in the world, the availability of adult pornography or racist speech through peer-to-peer systems undermines a decade of efforts to cleanse the more visible and therefore vulnerable World Wide Web. This second problem is actually a solution to another communicative problem that exists primarily in illiberal communicative contexts. Many of the same states that hope to quash pornography also want to quash the speech and organisational communications of democratic activists. So the very existence of these communicative technologies creates moral panics throughout the illiberal world as well as the liberal world. While some worry about the erosion of commerce, others worry about the erosion of power. And the same technologies that liberal societies would use to protect commerce might find more effective uses in Burma or China. Listening to Napster But most of the popular discussion about the rise and effects of peer-to-peer technology has read like a sports story: who is winning and who is losing? Some has read like a crime story: how do we stop this thievery? I am more interested in looking at peer-to-peer communication in its most general sense. How do we explain the peer-to-peer phenomenon? How do we get beyond the sports story or the crime story? Peer-to-peer communication is unmediated, uncensorable, and virtually direct. It might occur between two computers sitting on different continents. It might occur across a fence in a neighborhood in Harare, Zimbabwe. What we are hearing when we listen to peer-to-peer systems are " bruits publics ", or public noises - not the reasonable, responsible give and take of the bourgeois public sphere. This is very old. What we call 'p2p' communicative networks actually reflect and amplify - revise and extend - an old ideology or cultural habit. Electronic peer-to-peer systems like Gnutella merely simulates other, more familiar forms of unmediated, uncensorable, irresponsible, troublesome speech; for example, anti-royal gossip before the French Revolution, trading cassette tapes among youth subcultures such as punk or rap, or the distribution of illicit Islamist cassette tapes through the streets and bazaars of Cairo. Certain sectors of modern society have evolved with and through the ideology of peer-to-peer. Academic culture and science rely on an ideal of raw, open criticism: peer-to-peer review, one might call it. The difference, of course, is that academia and science generally require a licensing procedure to achieve admission to the system. The Free Software movement is the best example of what legal theorist Yochai Benkler calls "peer production" , but what we might as well, for the sake of cuteness and consistency, call "peer-to-peer production". This form of speech has value. But it has different value in different contexts. And while peer-to-peer communication has an ancient and important, although under-documented, role, we are clearly seeing both an amplification and a globalisation of these processes. That means that what used to occur only across fences or on park benches now happens between and among members of the Chinese diaspora who might be in Vancouver and Singapore, Shanghai and Barcelona. As cultural groups disperse and reify their identities, they rely more and more on the portable elements of their collective culture which are widely available through electronic means. The clampdown strategy Several technological innovations have enabled this amplification and globalisation of peer-to-peer communication: The protocols that makeup the internet (i.e. TCP/IP) and the relative openness of networks that make up the internet. The modularity, customisability, portability, and inexpense of the personal computer. The openness, customisability, and insecurity of the major personal computer operating systems. The openness, insecurity, and portability of the digital content itself. Understandably, states and corporations that wish to impede peer-to-peer communication have been focusing on these factors. These are, of course, the very characteristics of computers and the internet that have driven this remarkable - almost revolutionary - adoption of them in the past decade. These are the sites of the battle. States and media corporations wish to: Monitor and regulate every detail of communication and shift liability and regulatory responsibility to the Internet Service Providers. Redesign the protocols that run the internet. Neuter the customisability of the personal computer and other digital devices. Impose "security" on the operating systems so that they might enable "trust" between a content company and its otherwise untrustworthy users. These efforts involve both public and private intervention, standard setting by states and private actors. The United States Congress, the Federal Communication Commission, the Motion Picture Association of America, Microsoft and Intel have all been involved in efforts to radically redesign our communicative technologies along these lines. And they are appealing for complementary legal and technical interventions by the European Union and the World Trade Organisation. These moves would create Internet 3.0, although it would not actually look like the internet at all. It would not be open and customisable. Content - and thus culture - would not be adaptable and malleable. And what small measures of privacy these networks now afford would evaporate. These are the dangers that Lawrence Lessig warned us about in 1998 in his seminal work Code and Other Laws of Cyberspace . Only now are we coming to understand that Lessig was right. These regulatory efforts have sparked an arms race. The very suggestion of such radical solutions generated immediate reactions by those who support anarchistic electronic communication. Every time a regime rolls out a new form of technological control, some group of hackers or "hacktivists" break through it or evade it in a matter of weeks. The only people who really adhere to these controls are those not technologically proficient: most of the world. It might surprise casual observers of these battles that the important conflicts are not happening in court. The Napster case had some interesting rhetorical nuggets. But basically this was classic contributory infringement by a commercial service. KaZaa is a bit more interesting because it is a distributed company with assets under a series of jurisdictions and a technology that limits its ability to regulate what its clients do. KaZaa might collapse and only fully distributed, voluntary networks might remain: namely, Gnutella and Freenet. The real conflicts will be in the devices, the networks, and the media products themselves. And there seems to be few areas of healthy public discussion or critique about the relationships between technology and culture. Meanwhile, the strategies and structures that limit peer-to-peer communication also quash dissent, activism, and organisation in illiberal contexts - that is, oppressive, totalitarian and authoritarian states. And for this reason, p2p systems like Freenet - encrypted, completely anonymous, and unquenchable - are essential tools for democratic activists in places like Saudi Arabia, Cuba, Zimbabwe, Burma and China. The lessons for the public sphere Where there is no rich, healthy public sphere we should support anarchistic communicative techniques. Where there is a rich, healthy public sphere, we must take an honest, unromantic account of the costs of such anarchy. And through public spheres we should correct for the excesses of communicative anarchy. Still, we must recognise that poor, sickly, fragile public spheres are more common than rich, healthy public spheres. And the battles at play over privacy, security, surveillance, censorship and intellectual property in the United States right now will determine whether we will count the world's oldest democracy as sickly or healthy. Anarchy is radical democracy. But it is not the best form of democracy. But as a set of tools, anarchy can be an essential antidote to tyranny. return to the debate open easy read version download printable version (free to supporters) Got something to say about this article? Join the discussion Copyright ) Siva Vaidhyanathan ,2003. Published by openDemocracy Ltd. You may download and print extracts from this article for your own personal and non-commercial use only. If you are a library, university, teaching institution, business or media organisation, you must acquire an Academic License or Organisational License from openDemocracy , or seek permission directly from the author, before making copies, circulating or reproducing this article for teaching or commercial. openDemocracy Ltd | hello at openDemocracy.net -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Sat Aug 30 04:19:07 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Sat, 30 Aug 2003 07:19:07 -0400 Subject: The new information ecosystem Part 2: 'Pro-gumbo': culture as anarchy Message-ID: 30/8/2003 search advanced search | join openDemocracy help P2P: the new information war? Journalism & war e-Democracy Politics of Digital TV The people vs. copyright The 9/11 media fall-out Public service futures Global media ownership Governing the Net feature articles web resources stories Solana Larsen Caspar Melville P2P: the new information war? Overview Articles Discussion Links return to the debate open easy read version download printable version (free to supporters) Part 2: 'Pro-gumbo': culture as anarchy Siva Vaidhyanathan 10 - 7 - 2003 Part 2 of The new information ecosystem: cultures of anarchy and closure Siva Vaidhyanathan, author of the forthcoming The Anarchist in the Library and a true scholar of the internet age, presents a compelling, five-part panorama of the implications of electronic peer-to-peer networks for culture, science, security, and globalisation. His provocative argument registers peer-to-peer as a key site of contest over freedom and control of information. Bill Thompson of openDemocracy responds to Siva in a sparkling exchange of powerful, lucid intelligence. Part 1: It's a peer-to-peer world In the first of his five-part series, Siva Vaidhyanathan maps the fluid new territory of electronic peer-to-peer networks that are transforming the information ecosystem. Is this a landscape of enlarging freedoms where citizens shape the forms and meanings of social communication, or does it offer an invitation to entrenching state surveillance and closure? Part 2: 'Pro-gumbo': culture as anarchy Peer-to-peer technologies have precedents in the anarchistic and hybrid processes by which cultures have always been formed. Decoding anxious cultural preservationists from Matthew Arnold to Samuel Huntington, the second instalment of Siva Vaidhyanathan's five-part series reframes p2p in the light of other technologies and practices - cassettes, creolisation world music - which likewise reveal the energetic promiscuity of culture. Any attempt to censor or limit this flow would leave cultures stagnant. Part 3: The anarchy and oligarchy of science Science is knowledge in pursuit of truth that can expand human betterment. But part three of Siva Vaidhyanathan's powerful series sees the free information flows at the heart of science being pressured by the copyright economy, the post-9/11 security environment, proprietary capture of genetic databases, and science policies of governments and universities. If commerce and control defeat openness and accumulation, what happens to science impacts on democracy itself. Part 4: The nation-state vs. networks In the last decade, the nation-state has survived three challenges to its hegemony - from the Washington Consensus, the California Ideology, and Anarchy. The promise of a borderless globalisation unified by markets and new technology has been buried. The fourth part of Siva Vaidhyanathan's compelling series asks: what then remains of the utopian vision of global peer-to-peer networks that would bypass traditional structures of power? Part 2: 'Pro-gumbo': culture as anarchy In much of the American South before the Civil War, drums were illegal. Slaveholders were aware of the West African traditions of "talking instruments" and tried everything within their means to stifle free, open, unmediated communication across distances. Drums could signal insurrection. And drums could conjure collective memories of a time of freedom. Mostly, slaveholders realised that to subjugate masses of people, they had to alienate them from their culture as much as possible. They had to strand them in a strange land and try to make that land seem stranger than it was. They had to strictly regulate slave culture. They had to outlaw slave literacy. They had to commit social and cultural homicide to keep otherwise free people from rising up and taking charge of their own bodies. That the rhythms of Africa and the Caribbean still set the time for American culture speaks to the determination and courage of African American slaves. The slaveholders outlawed the tools. But they could not stop the beat (see Eileen Southern, The Music of Black Americans and Christopher Small, Music of the Common Tongue ) That the rhythms of Africa and the Caribbean still set the time for American culture speaks to the determination and courage of African American slaves. The slaveholders outlawed the tools. But they could not stop the beat. As oligarchic forces such as global entertainment conglomerates strive to restrict certain tools that they assume threaten their livelihood, they should consider that throughout the history of communication, people have managed to use and adapt technologies in surprising and resilient ways. Once in a while, a set of communicative technologies offers revolutionary potential: peer-to-peer networks do just that. They are part of a collection of technologies - including cassette audio tapes, video tapes, recordable compact discs, video discs, home computers, the internet, and jet airplanes - that link diasporic communities and remake nations. They empower artists in new ways and connect communities of fans. The battle to control these cultural flows says much about the anxieties and unsteadiness of the power structures that had hoped to exploit cultural globalisation. It also teaches us much about the nature of culture itself. Global culture by the download A couple of years ago, a journalist friend of mine put me in contact with a gentleman who does consulting work for the World Bank. This gentleman called me to see if I was interested in participating in a meeting in New York that June which would enable cultural ministers from a handful of African countries - including Nigeria, Ghana, and South Africa - to meet leaders from the American music industry. The goal was to brainstorm about how African musicians might exploit digital music distribution systems to market and deliver their songs directly to diasporic communities. The battle to control these cultural flows says much about the anxieties and unsteadiness of the power structures that had hoped to exploit cultural globalisation. It also teaches us much about the nature of culture itself. He had no way of knowing what I thought of this idea. I had yet to publish anything on the subject. So my opinions were not widely known. So he was not quite prepared for my reaction. "Why do they need record companies?" I asked. "The artists can do it all themselves for less than $10,000." He was stunned. Having a World Bank perspective on development, he assumed that the artists of the developing world would need and welcome the giant helping hand of Bertelsmann or AOL Time Warner. So he responded with an appeal to technological expertise. The artists would need the major labels, he said, because the labels are working on incorporating digital rights management software into digital music files. Without watermarking or copy-protection features, the artists would just be giving their music away. Then I explained to him that it was too late for all that. The power of digitisation and networking had beaten him and the record companies to it. I didn't even touch the subject of the complications inherent in asking African musicians - who are often dissidents - to work with government culture ministers. I just made it seem like he had missed a technological moment. He had the best of intentions. But he had not considered that certain technological changes had fostered a new ideological movement as well. And that these trends might change the nature of global music and creativity. All music will be 'world music' One of the great unanswered questions is how file sharing and MP3 compression will affect the distribution of what music corporations call " world music ", tunes from non-English-speaking nations, offering rhythms that seem fresh to Europeans and Americans who have grown up and old on the driving four-four beat of rock-and-roll. Now, rhymes and rhythms from all corners of the Earth are available in malleable form at low cost to curious artists everywhere. Peer-to-peer has gone global. Of course, there are some big economic and technological hurdles to overcome before it can affect all cultural traditions equally. As the differences narrow, how will the availability of a vast and already stunningly diverse library of sounds change creativity and commerce? Won't all music be "world music?" The riches of ephemera On any given day, on any peer-to-peer file sharing system, one can find the most obscure and rare items. I have downloaded some of Malcolm X's speeches, Reggae remixes of Biggie Smalls' hits , various club dance mixes of Queen's Bohemian Rhapsody, and long lost Richard Pryor comedy bits that were only released on vinyl by a long-defunct company. Through nation-specific and general "world music" chat rooms on the now-defunct Napster, I had been able to find Tamil film songs, Carnatic classical music, and pop stuff from Asian Dub Foundation ,Ali Farka Toure ,Orisha , and Youssou N'Dour . The most interesting and entertaining phenomena of the MP3-peerto-peer is the availability of "mashes" - new compositions created by combining the rhythm tracks of one song and the vocal track of another. (The best example of a popular "mash", currently, is Genie's Revenge , a combination of vocals by Christina Aguilera and a guitar riff by the Strokes). Anxious ethnomusicology This is a phenomenon that ethnomusicologists are just starting to consider. During the 1980s and 1990s, anthropologist Steven Feld raised some serious questions about the future of global cultural diversity as "world music" gained market share and generated interest among western producers and labels. Feld published some of his thoughts as an article called A Sweet Lullaby for World Music . The article traces the development of marketing efforts for this new genre of "world music", which meant anything from drum beats from Mali to the ambient sounds of lemurs in Madagascar. Feld expressed concern early on the very term "world music" made some forms of music distinct from what academics and music industry figures call "music". Since the rise of the world music genre as a commercial factor, music scholarship has been asking the question, "how has difference fared in the new gumbo?" Feld wrote that recent world music scholarship has revealed the "uneven rewards, unsettling representations, and complexly entangled desires that lie underneath the commercial rhetoric of global connection, that is, the rhetoric of 'free' flow and 'greater' access." "Free flow" is a buzzword in north-south communication policy debates. Stemming from 1970s arguments in Unesco forums, the United States argued that the world community should establish standards that would encourage the free flow of information across borders, ostensibly to spread democracy and ensure civil rights. Many oppressive states - chiefly India under Indira Gandhi - argued that the doctrine of "free flow" was merely a cover for what we now call the neoliberal agenda: sweetening American corporate expansion by dusting it with the sugar of enlightenment principles. The "free-flow" vs. " cultural imperialism " argument (which has since been supplemented by another approach that emphasises the complex uses to which all audiences put cultural elements) has unfortunately limited our vision and stifled discussions about what we might do to encourage freedom and the positive externalities of cultural flow while limiting the oppressive and exploitative externalities of the spread of American and European modes of cultural production and distribution. Feld also outlined the reaction to scholarship that embraced this "cultural imperialism" model. In contrast to those who raise concerns about the spread of new loud noises, "celebratory" scholarship emphasised the use and re-use of elements of American and European musical forms in the emerging pop sounds flowing from the developing world. It also celebrated the new market success that artists from the developing world were achieving. This scholarship emphasised fluid cultural identities and predicted an eventual equilibrium of the power differences in the world music industry. This school, which I subscribe to, downplays the influence of hegemony and underlines the potential creative and democratic power of sharing. Instead of "celebratory", I prefer the term "pro- gumbo ". Steven Feld, who belongs to that group of scholars who utilise what he calls "anxious narratives", sees little possibility for resisting the commodification of ethnicity and musical styles. For the anxious, "global" becomes "displaced"; "emerging" become "exploited"; "cultural conversations" become "white noise". To make his point that we should not ignore the effects of the cultural violence that is primitivism , Feld writes, "The advertisement of this democratic and liberal vision for world music embodies an idealism about free-flows, sharing, and choice. But it masks the reality that visibility in product choice is directly related to sales volume, profitability, and stardom." Even though I celebrate sharing, free flows, and gumbo, I must concede the gravity of Feld's concerns. But my question now is: how does peer-to-peer change these issues? Feld is really writing about the anxieties of ethnomusicologists. He is not so concerned with the effects on the actual music and how it works in the lives of musicians and fans: "In the end, no matter how inspiring the musical creation, no matter how affirming its participatory dimension, the existence and success of world music returns to one of globalization's basic economic clichis: the drive for more and more markets and market niches. In the cases here, we see how the worlds of small (UNESCO and Auvidis) and large (Sony) and major independent (ECM) music owners and distributors can come into unexpected interaction. We see how production can proceed from the acquisition of a faraway cheap inspiration and labor. We see how exotic Euromorphs can be marketed through newly layered tropes, like green enviroprimitivism, or spiritual new age avant-garde romanticism. We see how what is produced has a place in a larger industrial music zone of commodity intensification, in this case artistic encounters with indigeneity, as made over in popular Western styles. In all, we see how world music participates in shaping a kind of consumer-friendly multicultural! ism, one that follows the market logic of expansion and consolidation." The peer-to-peer solution Perhaps the spread of peer-to-peer libraries should allay the concerns of anxious critics. Peer-to-peer music distribution - so far - has been all about decorporatisation and deregulation. Music corporations do not control the flow, prices, or terms of access anymore. Music distribution has lower barriers of entry than ever before, and offers the potential of direct, communal marketing and creolisation . We should acknowledge some key concepts about cultural globalisation: It's happening, but it's rolling out in ways that are alarming to those who hoped to profit the most from it. The prices and profits of globalisation are falling unevenly and unpredictably. Culture is not zero-sum. Using something does not prevent someone else from using it, and does not degrade its value. In fact, it might enhance it. Culture is anarchistic We often mistake the collection of end-products of culture - the symphonies and operas, novels and poems - that have survived the rigorous peer review of markets and critics as the culture itself . Culture is anarchistic if it is alive at all. It grows up from the common, everyday interactions among humans who share a condition or a set of common symbols and experiences. We often mistake the collection of end-products of culture - the symphonies and operas, novels and poems - that have survived the rigorous peer review of markets and critics as the culture itself . Culture is not the sum of its products. It is the process that generates those products. And if it is working properly, culture is radically democratic, vibrant, malleable, surprising, and fun. These two different visions of culture explain much of the difference between the assumptions behind information anarchy and information oligarchy. Anarchists - and many less radical democrats - believe that culture should flow with minimal impediments. Oligarchs, even if they seem politically liberal, favor a top-down approach to culture with massive intervention from powerful institutions such as the state, corporations, universities, or museums. All of these institutions may be used to construct and preserve free flows of culture and information. But all too often they are harnessed to the oligarchic cause, making winners into bigger winners, and thus rigging the cultural market. What Matthew Arnold thinks of P2P In 1867 the English critic Matthew Arnold published a treatise called Culture and Anarchy . The book was an extended argument with the cultural implications of John Stuart Mill 's 1859 book On Liberty . Arnold took Mill to task for endorsing a low level of cultural regulation. Culture, to Arnold, was all the good stuff that cultural authorities such as himself said it was. And culture, in the Arnoldian sense, was preferable - was in fact and antidote to - anarchy. Samuel Huntington expresses this same oligarchic theory of culture in his simplistic yet influential book, The Clash of Civilizations and the Remaking of World Order . Huntington sees cultures as grounded on certain immutable foundations. He sees the emphasis on cultural transmission, fluidity, and hybridity as "trivial" when compared to the deep, essential texts and beliefs of a culture. Huntington affirms the role of the Bible in what he calls "western civilization" and the role of the Analects of Confucius in what he calls "Confucian civilization." In this way, Huntington disregards how people who live in these cultures actually use the texts and symbols around them. "The essence of Western Civilization is the Magna Carta, not the Magna Mac," Huntington writes, despite the fact that most residents of the nations he labels "western" have no idea of the history or significance of the Magna Carta , yet no one can underestimate the cultural power of the Big Mac . Huntington is arguing against cultural globalisation, against fostering flows and exchanges of ideas and information. He looks at a dangerous and angry world and prescribes walls instead of paths. Huntington's preferred world might be quieter, but it would also be darker and dumber. The fact is, cultures change, grow, and revise themselves over time if they are allowed to. And cultural life is healthier when cultures are allowed to grow and revise themselves. Only during the European " Dark Ages " (5th to 12th centuries CE) have we seen a large portion of the world sever its cultural arteries and rely on internal and local signs and symbols. Europe was stuck in a time of crippling cultural stasis while the rest of the world, led by Persian and Arab traders, moved on. The Dark Ages in Europe were a time of mass illiteracy and not-coincidental concentrations of power among local elites. Every area of the world becomes more diverse in the local sense as long as people are free to borrow pieces of cultural expressions and re-use them in interesting ways. As Tyler Cowen explains in his book Creative Destruction: How Globalization Is Changing the World's Cultures , cultural exchange generates cultural change. Exchange might make disparate cultures more like each other, but it also infuses each culture with new choices, new ideas, and new languages. Every area of the world becomes more diverse in the local sense as long as people are free to borrow pieces of cultural expressions and re-use them in interesting ways. Culture as process This idea of culture as temporal, contingent, dynamic, and Creolised best describes how culture actually works in people's lives. No one lives in Matthew Arnold 's "culture"; and few would want to live in Samuel Huntington's. The fact is, most of us don't have a clue why the Magna Carta as a document is important to us, if it is at all any more. Many more of us can wax about how Madonna is important to us. And she is important to our culture in different ways to different people at different times. Madonna , like the culture that rewards and follows her, is temporal, contingent, and dynamic. As Lawrence Levine explains in Black Culture and Black Consciousness , "culture is not a fixed condition but a process: the product of interaction between the past and the present. Its toughness and resiliency are determined not by a culture's ability to withstand change, which indeed may be a sign of stagnation not life, but by its ability to react creatively and responsively to the realities of a new situation." If we use some instrument of technology or law to dampen that vibrancy, malleability, or dynamics, of culture, we risk cultural stasis. Deployed carelessly, such instruments can freeze-in winners and chill losers - or those merely waiting to play. return to the debate open easy read version download printable version (free to supporters) Got something to say about this article? Join the discussion Copyright ) Siva Vaidhyanathan ,2003. Published by openDemocracy Ltd. You may download and print extracts from this article for your own personal and non-commercial use only. If you are a library, university, teaching institution, business or media organisation, you must acquire an Academic License or Organisational License from openDemocracy , or seek permission directly from the author, before making copies, circulating or reproducing this article for teaching or commercial. openDemocracy Ltd | hello at openDemocracy.net -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Sat Aug 30 04:19:13 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Sat, 30 Aug 2003 07:19:13 -0400 Subject: The new information ecosystem Part 3: The anarchy and oligarchy of science Message-ID: 30/8/2003 search advanced search | join openDemocracy help P2P: the new information war? Journalism & war e-Democracy Politics of Digital TV The people vs. copyright The 9/11 media fall-out Public service futures Global media ownership Governing the Net feature articles web resources stories Solana Larsen Caspar Melville P2P: the new information war? Overview Articles Discussion Links return to the debate open easy read version download printable version (free to supporters) Part 3: The anarchy and oligarchy of science Siva Vaidhyanathan 24 - 7 - 2003 Part 3 of The new information ecosystem: cultures of anarchy and closure Siva Vaidhyanathan, author of the forthcoming The Anarchist in the Library and a true scholar of the internet age, presents a compelling, five-part panorama of the implications of electronic peer-to-peer networks for culture, science, security, and globalisation. His provocative argument registers peer-to-peer as a key site of contest over freedom and control of information. Bill Thompson of openDemocracy responds to Siva in a sparkling exchange of powerful, lucid intelligence. Part 1: It's a peer-to-peer world In the first of his five-part series, Siva Vaidhyanathan maps the fluid new territory of electronic peer-to-peer networks that are transforming the information ecosystem. Is this a landscape of enlarging freedoms where citizens shape the forms and meanings of social communication, or does it offer an invitation to entrenching state surveillance and closure? Part 2: 'Pro-gumbo': culture as anarchy Peer-to-peer technologies have precedents in the anarchistic and hybrid processes by which cultures have always been formed. Decoding anxious cultural preservationists from Matthew Arnold to Samuel Huntington, the second instalment of Siva Vaidhyanathan's five-part series reframes p2p in the light of other technologies and practices - cassettes, creolisation world music - which likewise reveal the energetic promiscuity of culture. Any attempt to censor or limit this flow would leave cultures stagnant. Part 3: The anarchy and oligarchy of science Science is knowledge in pursuit of truth that can expand human betterment. But part three of Siva Vaidhyanathan's powerful series sees the free information flows at the heart of science being pressured by the copyright economy, the post-9/11 security environment, proprietary capture of genetic databases, and science policies of governments and universities. If commerce and control defeat openness and accumulation, what happens to science impacts on democracy itself. Part 4: The nation-state vs. networks In the last decade, the nation-state has survived three challenges to its hegemony - from the Washington Consensus, the California Ideology, and Anarchy. The promise of a borderless globalisation unified by markets and new technology has been buried. The fourth part of Siva Vaidhyanathan's compelling series asks: what then remains of the utopian vision of global peer-to-peer networks that would bypass traditional structures of power? Part 3: The anarchy and oligarchy of science During the cold war, scientists behind the 'iron curtain' yearned for life in the United States. Not only were basic needs and conveniences better met in the 'free world', the principles of open dialogue and frank examination created fulfilling intellectual communities. Because Soviet scientists were among the few citizens allowed to travel frequently to Western Europe, North America, and India, they were among the first to see through the lies and exaggeration of Soviet tyranny. In early 2001 Russian scientist Elena Bonner gave a speech about the recent lurch back toward authoritarianism in Russia under President Vladimir Putin. In the speech, she pointed out that if not for Soviet scientists in the 1960s, anti-Soviet dissidents would not have had a sense of the shell of lies in which the government had encased Soviet society. Soviet scientists had communicated with the outside world. They had the power to let a little light and a little air into an otherwise blind and suffocating nation. Science is the most successful, open and distributed communicative system human beings have ever created and maintained. The cultural norms of science, and by extension academia in general, are anarchistic in the best sense of the word. Science and academia should be radically democratic. Although membership in these communities is effectively closed to a select few, the papers and books that come out of these communities are more often than not open to public perusal and commentary. And the traditions of blind peer-review do allow for motivated amateurs to participate occasionally in discourse and discovery, even if they can't get past the guards protecting labs and libraries. Science is a culture. It's also a method. And it's an ideology that supports the method and maintains the culture. But it's also an industry (or set of industries) through which billions of public and private dollars flow every year. The stakes of science have never been higher nor its justifications clearer. The second world war, we are told, was won because one side had a group of well-funded immigrant scientists who developed better radar than the other side did. And, ultimately, it developed a better bomb as well. The challenges of the 21st century - poverty, security, and disease -- can all be addressed with advances that start in the laboratory or computer and flow out to the market, the farm, the school, or the clinic. The great river of science Scientific knowledge often moves from a spring of open discourse into a stream of adoption and exploitation. The stream often moves from the public arena to the private sector. We have developed complex rules that guide this process. And each step embodies a tangle of values and ideologies. The rules and terms of discussion evolve from consensus-seeking processes within scientific communities. They then consider the demands of market forces to create and enforce scarcity and state demands for security. Different ideologies, habits, and rules govern the "upstream" source of knowledge and the "downstream" deployment of it. But the first step, the action in the lab and the library, depends very much on the academic devotion to radical democracy and openness. The essential question in this matrix of rules and norms is this: at what point in the knowledge stream should we install controls and restrict access to generate incentives and protect people from bad actors who would exploit dangerous knowledge? and its dams Within scientific communities, of course, members face significant real-world barriers to true and ideal openness and equality. The first is the relatively soft barrier of expertise. The rare amateur in theoretical physics must spend years mastering the body of work that preceded her or his curiosity. Without such mastery and the luxury of the time spent pursuing it, a potential contributor would not know where the gaps in knowledge lay or which questions are particularly interesting. Such time-intensive immersion, of course, would prevent someone from pursuing work that would pay the rent. So while scientific discourse is open to experts only, becoming an expert demands such an investment of time and money that it tempers the potential excesses of information anarchy: the persistence of rumour and error, and the cult of personality. The second, harder barrier is one of credentials. In a messy, crowded, busy world, degrees and titles serve as imperfect proxies for knowledge and connections. You might not know whether it is worth your time listening to a dissertation on the virtues of genetic engineering given by the person seated next to you on the train. But if she introduces herself as a professor of molecular biology at Rockefeller University, you might decide to listen. Of course, 'credentialism' is inherently oligarchic. Admission to the academy of credentials is severely restricted, as its members prefer to limit competition for jobs and resources. Credentialism can be self-fulfilling. A board of credentialed experts reviewing grant applications is likely to dismiss applicants who lack the same basic credentials they have earned and reward those who went to the right schools, regardless of more subtle measures of knowledge or expertise. Credentialism embodies all the potential excesses of oligarchy. That professor on the train could be full of crap, as many professors generally are. Even very bright, educated, licensed professionals can be wrong. The chief problem with credentialism comes from the synergy of status anxiety and arrogance: such professionals might be less willing to admit error than an amateur or novice might. Fortunately for scientific progress, any group of credentialed experts is likely to contain significant disagreement on the burning questions of the day. So credentialism trumps credentialism and real debate can occur. It's impossible to know which conversations and debates don't happen because of the inherent conservativism of communities of the credentialed. Despite some elements of oligarchy, science as a practice succeeds because of, not despite, its ideology of relative openness. Credentialism is more an imperfection rather than a corruption of science. A community of amateurs Science, as an ideology and culture, is supposed to be open to contributions from the non-licensed. Unlike the humanities, where credentialism is a much bigger problem and necessity, science can be somewhat free from the tyranny of credentials. It's supposed to be disinterested in questions of nationalism or commercial gain. While the public hails legends like Isaac Newton and Albert Einstein who have broken open scientific fields and rewritten textbooks, the truth about science is that it is most often done within and among teams of researchers, collaborating among even larger communities across borders and oceans. Science has always been global, cosmopolitan, messy, inefficient, and troublesome. And with the rise of global communicative technologies and more sophisticated methods of computer modeling within areas as diverse as cell biology and nuclear physics, the barriers of entry should be lower than ever and collaboration and criticism should be easier and cheaper than ever. Significantly, one community of researchers and creators - the Open Source or Free Software movement, has adopted radically democratic academic principles to its guiding philosophy. While professional and degreed computer scientists make significant and notable contributions to the evolution of free software, the amateur matters greatly. It's more often the community of amateurs that de-bugs and improves a piece of code, or finds a new way of using it in the new context. Computer science is new enough and its tools are cheap enough that thousands of amateurs who lack credentials are able to gain expertise through trial, error, experimentation, collaboration, and communication. It's the ideal scientific community, one Francis Bacon would have envied and Aristotle could not have even imagined. And recently it has emerged as a place-holding metaphor for values and habits that have much older currency in the sciences. Open source has become a model and an argument, yet its principles used to be unarticulated because they were the default within science. As in so many other areas of life - from music to political action - just as communicative technology has allowed the flowering of a new scientific revolution, the oligarchic concerns of commerce and national security have crowded out these democratic values at their sources - the university and laboratory. Government against enlightenment Now, more than a decade after Elena Bonner and her husband Andrei Sakharov helped end the cold war, we must start questioning how much of a scientific haven United States will be in the future. Citing legal threats against encryption researchers and the criminal prosecution of Russian computer scientist Dmitry Sklyarov and nuclear scientist Wen Ho Lee , and increasingly strict visa restrictions governing students and researchers, many scientist and mathematicians have been frightened away from traveling to or working in the United States. And scientists are finding it harder to do their jobs in the new security environment since 11 September 2001 and the still-mysterious anthrax attacks that quickly followed. Over the past two years, the US government has severed important links on federal World Wide Web sites, deleted information from other government websites, and even required librarians to destroy a CD-ROM on public water supplies. University of Michigan researchers lost access to an Environmental Protection Agency database with information they were using to study hazardous waste facilities. Unclassified technical reports have disappeared from the Los Alamos National Laboratory website. Rules regulating the use of dangerous materials or the distribution of information potentially open to abuse traditionally evolve slowly through the scientific process. Groups of scientists, in concert with government officials, will examine risks and propose restrictive protocols. Some are encoded in law. Others remain part of the self-regulating culture of science. But since 2001, the US government has taken to dictating the new security rules, regardless of the scientific merit of the restrictions. Many of these rules have generated criticism among scientists who fear a chill on certain essential research (on bioterrorism, for instance) and on the review process that requires other researchers to replicate previous experiments. If some data or conclusions are kept secret, then science cannot proceed in a self-correcting fashion. Most alarming, the US government has decided to restrict and monitor contacts with non-US scientists and graduate students. The global, cosmopolitan nature of science is at stake if the world's largest source of basic research explicitly favors its own citizens instead of letting the best American scientists collaborate with the best non-American scientists (see Peg Brickley, "New antiterrorism tenets trouble scientists", The Scientist , 28 October 2002). Yet even before the attacks of 2001, something serious was changing in the relationship between science and the United States government. Since the early 1980s, increasing emphasis on the potential profitability of publicly funded basic research and concern for the perceived security risks that open networks, open journals, and open discussion afford have pushed scientists to re-assert their principles and defend their peers. There have been battles over the content of journal articles, the control that journal publishers exercise over material, the role of foreign-born and ethnically suspect scientists, and the ethics of privatising basic information about the world and the human body. In other words, scientists are having to argue for the enlightenment all over again. The copyright economy: commerce and control As molecular biologist Roger Tatoud has written, "It is widely accepted that science should be an open field of knowledge and that communication between scientists is crucial to its progress. In practice, however, everything seems to be done to restrict access to scientific information and to promote commercial profit over intellectual benefits." Tatoud is most concerned with the increasing influence of two systems of regulation on the culture of science: copyrights and patents. Copyrights directly affect the price of scientific journals and thus their availability to researchers in developing nations, at poorer institutions, or those unaffiliated with a company or university. The absurd copyright economy forces scientists to assign all rights to a major commercial journal publisher for no remuneration, then buy back the work through monopolistic subscriptions. As a result, many scientists are forming free and open collaborations to distribute peer-reviewed scientific literature outside the traditional commercial journal system. The Gordon and Betty Moore Foundation is sponsoring the "public library of science" and the George Soros' foundation funds the Budapest Open Access Initiative . The website for the Budapest project declares: "An old tradition and a new technology have converged to make possible an unprecedented public good. The old tradition is the willingness of scientists and scholars to publish the fruits of their research in scholarly journals without payment, for the sake of inquiry and knowledge. The new technology is the internet. The public good they make possible is the world-wide electronic distribution of the peer-reviewed journal literature and completely free and unrestricted access to it by all scientists, scholars, teachers, students, and other curious minds. Removing access barriers to this literature will accelerate research, enrich education, share the learning of the rich with the poor and the poor with the rich, make this literature as useful as it can be, and lay the foundation for uniting humanity in a common intellectual conversation and quest for knowledge." While the copyright system benefits the publishing oligarchs at the expense of scientific openness, it has not had nearly the restrictive effects that the patent system has had on science. Since 1980, when the United States Congress passed the Bayh-Dole Act , which encourages universities to patent work generated with public funds, and the US Patent Office approved the patenting of living things and the genes that operate in them, there has been a mad rush to control information that might be medically relevant. An American company, Myriad Genetics Inc., that has managed to wrest control of two mutant genes that influence breast cancer in a small number of women has been able to reap immense monopoly rents from medical care providers who must pay the company $2,500 each time they screen a woman for these mutations. As British biologist John Sulston has written , "By claiming proprietary rights to the diagnostic tests for the two BRCA genes and charging for the tests Myriad is adding to total health-care costs. Even worse, once scientists really understand how the BRCA 1 and 2 mutations cause tumors to grow, they might be able to devise new therapies. But because of these patents, Myriad has exclusive marketing rights." In other words, researchers have a financial disincentive to act as free agents when developing new tests and therapies for these mutations. And throughout the world, these tests remain beyond the financial reach of billions of women (see also Sultston's 'the heritage of humanity' ). The privatisation of science While favouring centralised information control and efficient short-term commercial gain over openness and the long-term accumulation of knowledge is the major theme of this story, it's not the only one. In fact, in many of the battles between openness and control of processes and information, over-control has had a perverse effect on commerce. Proprietary control of databases of essential genetic information, for instance, raised the specter of redundant, imperfect, competitive private databases that would simultaneously lower the profits for companies that maintain them and raise transaction costs for companies that wish to use the information to develop drugs or therapies. For this reason, several pharmaceutical companies have joined with the Wellcome Trust in the United Kingdom to form a free, public database for SNPs (single nucleotide polymorphisms), the markers of difference among individuals who share a genome. By identifying the location of SNPs, researchers can pinpoint factors that might signal susceptibility to specific diseases that have genetic influences. Before the public SNP database obviated the "gold rush" to identify and patent hundreds of SNPs, lone companies were trying to hoard the information and patent the SNPs. Had they succeeded, research on particular SNPs would have been more expensive and potentially monopolistic. So the public SNP database is an example of companies heavily invested in a healthy and reliable patent system overtly avoiding the abuse of the system and investing in public domain information. They realised that too much control was bad for business. The United States government had nothing to do with the open public database, besides funding some of the research on SNPs. US science policies heavily encourage universities, public sector researchers, and private companies to file for patent protection on every step of the knowledge-producing process, upstream and downstream. These policies have generated an exponential increase in the number of patents owned by universities for work done with public funds. In 1979 American universities received 264 patents. By 1997, that number had increased tenfold, to 2,436. In that same time, the total number of US patents issues per year only doubled. US science policies have also erased any functional difference in the ways universities regulate and license basic science and commercially exploitable technology. Perhaps most importantly, the American people are paying at least twice for any research that generates a marketable technology or treatment - through the grant and through the market price of the procedure or drug). What if during the second world war the United States had considered scientists of German, Italian, or even Danish descent too suspicious or untrustworthy to be involved in code-breaking, radar development, or weapons research? What if during the cold war the United States had restricted - instead of encouraging - scientific communication between its scientists and those behind the iron curtain? What if Leibniz had had to ask Newton for permission to work on the calculus? return to the debate open easy read version download printable version (free to supporters) Got something to say about this article? Join the discussion Copyright ) Siva Vaidhyanathan ,2003. Published by openDemocracy Ltd. You may download and print extracts from this article for your own personal and non-commercial use only. If you are a library, university, teaching institution, business or media organisation, you must acquire an Academic License or Organisational License from openDemocracy , or seek permission directly from the author, before making copies, circulating or reproducing this article for teaching or commercial. openDemocracy Ltd | hello at openDemocracy.net -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Sat Aug 30 04:19:17 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Sat, 30 Aug 2003 07:19:17 -0400 Subject: The new information ecosystem Part 4: The nation-state vs. networks Message-ID: 30/8/2003 search advanced search | join openDemocracy help P2P: the new information war? Journalism & war e-Democracy Politics of Digital TV The people vs. copyright The 9/11 media fall-out Public service futures Global media ownership Governing the Net feature articles web resources stories Solana Larsen Caspar Melville P2P: the new information war? Overview Articles Discussion Links return to the debate open easy read version download printable version (free to supporters) Part 4: The nation-state vs. networks Siva Vaidhyanathan 28 - 8 - 2003 Part 4 of The new information ecosystem: the nation-state vs. networks Siva Vaidhyanathan, author of the forthcoming The Anarchist in the Library and a true scholar of the internet age, presents a compelling, five-part panorama of the implications of electronic peer-to-peer networks for culture, science, security, and globalisation. His provocative argument registers peer-to-peer as a key site of contest over freedom and control of information. Bill Thompson of openDemocracy responds to Siva in a sparkling exchange of powerful, lucid intelligence. Part 1: It's a peer-to-peer world In the first of his five-part series, Siva Vaidhyanathan maps the fluid new territory of electronic peer-to-peer networks that are transforming the information ecosystem. Is this a landscape of enlarging freedoms where citizens shape the forms and meanings of social communication, or does it offer an invitation to entrenching state surveillance and closure? Part 2: 'Pro-gumbo': culture as anarchy Peer-to-peer technologies have precedents in the anarchistic and hybrid processes by which cultures have always been formed. Decoding anxious cultural preservationists from Matthew Arnold to Samuel Huntington, the second instalment of Siva Vaidhyanathan's five-part series reframes p2p in the light of other technologies and practices - cassettes, creolisation world music - which likewise reveal the energetic promiscuity of culture. Any attempt to censor or limit this flow would leave cultures stagnant. Part 3: The anarchy and oligarchy of science Science is knowledge in pursuit of truth that can expand human betterment. But part three of Siva Vaidhyanathan's powerful series sees the free information flows at the heart of science being pressured by the copyright economy, the post-9/11 security environment, proprietary capture of genetic databases, and science policies of governments and universities. If commerce and control defeat openness and accumulation, what happens to science impacts on democracy itself. Part 4: The nation-state vs. networks In the last decade, the nation-state has survived three challenges to its hegemony - from the Washington Consensus, the California Ideology, and Anarchy. The promise of a borderless globalisation unified by markets and new technology has been buried. The fourth part of Siva Vaidhyanathan's compelling series asks: what then remains of the utopian vision of global peer-to-peer networks that would bypass traditional structures of power? Part 4: The nation-state vs. networks Just yesterday, it seems, influential thinkers were imagining a world in which the nation-state would wither, and many decisions that affect everyday life would be shifted up to multilateral institutions or down to market actors. Technologies were to play a leading part in that change - linking cosmopolitan citizens and transnational markets in a way that would enable more direct forms of governance, cultural creolisation , and efficient commercial transactions. Human beings were on the verge of finding new and exciting ways of relating to each other. Arbitrary barriers of ethnicity and geography would shrivel. Through technology, we were in the process of mastering the dynamics of, and therefore controlling, our "cultural evolution." This vision was informed by a sort of soft anarchism and techno-fundamentalism. It assumed that the state would slough away eventually. But in the mean time, we would have to push and prod it to relinquish centralised control over daily matters. The tautology worked as follows. This sort of radical globalisation is going to happen anyway. The technology would determine it, so we might as well make personal and policy choices that would guarantee it. In the meantime, if those outside the global, technocratic, educated elite suffered a bit, that would be the price of cultural evolution. We could wire their villages and gently inform them of the impending changes. Of course, in practice, the instruments of this particular form of globalisation did not actually serve the softly anarchistic vision of a decentralised species acting in concert. Like a Soviet-era ideologue's permanent deferral of rule by the working class until it was 'ready', this approach required a centralisation of authority within corporate boardrooms and multilateral confederacies until all the villages were wired. Of course, now we see that the nation-state is not going anywhere. And ethnicity and geography still matter quite a bit within and among states. We might even be experiencing some sort of "cultural devolution." If anything, the nation-state has capitalised on the mania of "globalisation" and "information" to reinforce its powers and jurisdictions. We might have had a moment of techno-globo-utopian idealism in the 1990s. But it should be clear by now that the nation-state is back with thunderous fury. And the dominant form of globalisation is oligarchic , not anarchistic. So the most pronounced forms of opposition to that dominant model are understandably informed by anarchism. That's not to say that the nation-state is what it was, or that it will behave the same ways in the future. The pressures on state sovereignty, identity, and security are significant. People, currencies, culture, and information are more portable and malleable than ever, and this has increased the anxieties that nation-states endure concerning identity and security. These pressures come from inside and outside: reactions to and from immigrant groups that retain interest in the politics and culture of their homeland, and expatriate communities dispersed around the globe, willingly funding and enabling new challenges to state security and integrity. Different pressures on sovereignty also come from above and below: from multilateral governing institutions and from teeming mobs of techno-libertarians and disgruntled rebels. The triple forces at work here are the "Washington Consensus" and a strange synergy between the " California Ideology " and the " Zapatista Swarm." Soft oligarchy: the Washington Consensus The Washington Consensus is a form of market fundamentalism complicated by some serious bad faith. Although its advocates claim to champion "free trade" and "open markets", there is nothing free or open about the Washington Consensus. It's more Washingtonian than consensual. It's a consensus among major institutions located in Washington, D.C., and represents the vested interests of developed nations. While it intends to empower market forces, it depends on coercion by institutions that resemble super-states, yet have no direct democratic accountability. In practice, increasingly powerful multilateral institutions such as the World Trade Organisation (WTO), the International Monetary Fund (IMF), and the World Bank determine policies for many nation-states. And clearly the multilateral institutions that enforce the Washington Consensus are only serving the interests of a handful of already rich and powerful states, chiefly in North America and western Europe. Techno-libertarianism: the California Ideology >From roughly 1981 to 2000, the Washington Consensus represented the potential of a new political order: a weakened, less relevant nation-state in the 21st century. Meanwhile, on the left coast of the United States, a revolution was brewing that encouraged the passive erosion of state influence on markets and people's lives. At least, everyone involved thought it was a revolution, declared it a revolution, and acted as if it were a revolution. It turned out to be less revolutionary in real terms than many hoped. Yet its ideological influence was undeniable. Political economist Christopher May has called it the "California Ideology", but it might more properly be called the " Northern California Ideology ". The California Ideology predicted that the new communicative technologies that linked consumers directly to producers (without middlemen) and allowed consumers more and faster information with which they might make decisions that would radically alter global capitalism. Transaction costs would fall. Consumers would demand better quality and service at lower prices. The smartest firms would offer them just that. Workers would no longer be tied to offices and plants. Managers would slough away as corporate hierarchies collapsed. Employees would find greater satisfaction working contract-to-contract for a variety of firms on individual projects rather than latching their fortunes and reputations on one firm. Firms would "outsource" much of their work, from printing to data storage, to shipping, to research, to accounting. At every level - consumers, labour, management, and the firm itself - everyone would be a "free agent." Firms that worked better with their minds than their muscles would win. Work would be flexible and workers would be free. Social needs would be better served through private ventures that capitalise on quick applications of knowledge and networks of experts. The nation-state would not only wither in importance because private firms would serve consumers, (what used to be called citizens) better, it would be actively dismantled because its interventions in many areas of life perverted the flows of information that would fuel this revolution in the first place. Every transaction would be a lot like shopping on eBay . The rise of caffeinated anarchy Anarchy - in some ways growing directly out of the new communicative technologies fostered by the California ideology, in other ways brewing up from the disgruntled subalterns in developing nations - burst into relevance and importance in 1999. It filled the streets of Seattle and shut down a round of negotiations at a meeting of the WTO. Taking inspiration from the 1994-1995 Zapatista uprising in the southern state of Chiapas in Mexico, activists from all corners of the earth had been communicating about ways to challenge the Washington Consensus. Using the slogan, "The Revolution will be Digitised," activists all over the globe took direct inspiration from the issues and success that the Zapatistas generated . Anti-Washington Consensus parties in Venezuela and Brazil won elections in the mid-1990s. Meanwhile Mexican voters, many of whom have benefited from increased trade with the United States, elected a conservative president who had once worked for Coca-Cola and lived in the United States. European anarchists and activists helped Zapatistas organise the First Intercontinental Encounter for Humanity and Against Neoliberalism in Chiapas in 1996. Through that and subsequent meetings in 1997 and 1998, the movement spread to include several important trade unions in Europe and Canada. These activists sought true and complete globalisation . Partial, rigged globalisation, as promulgated by the Washington Consensus, served only to bind workers to one place. The Washington Consensus encouraged the movement of money, resources, and goods. Yet it did not allow for the free flow of people and ideas (unless these ideas were encased in Hollywood films and music, and then only under strict market, legal, and technological controls). If there were such a free flow of people and ideas, then authoritarian states would sense deep threats grumbling up from their subjects and multinational corporations could not exploit wage differences effectively enough to undermine unions. These diverse groups forged a movement with a coherent message: that the appearance of incoherence was in fact coherent because it reflected the diversity of concerns and methods. "We declare", the founding document of the movement read, "that we will make a collective network of all our particular struggles and resistances, an intercontinental network of resistance against neoliberalism, an intercontinental network of resistance for humanity." The sociologist David Graeber , an anarchist activist working against the Washington Consensus, wrote that this new global anarchism is not only pro-globalisation - in the sense that it hopes to erode borders and allow people to seek fulfilment wherever and however they might imagine it; it is the first major social and ideological movement to spread from the south to the north, from the developing to developed nation-states, in many decades. And, in this effort to define in their first principles a bond with humanity over nation, these activists were echoing a sense of Diogenic cynicism . The Zapatista swarm hits Seattle Diogenes found an ideal playground in Seattle, whose economic success in the 1990s made it the ideal showcase for the Washington Consensus. The home of Microsoft, Boeing, and Starbucks was also a node of global communication and the flow of tourists and workers. But its proximity to Native American communities and old-growth forests made it a symbol of all that the Washington Consensus threatened. Moreover, the very technologies that the WTO celebrated in Seattle - intercontinental air travel, large quantities of cheaply grown caffeine, and unmediated global digital communication - undermined the institutions that supplied them. When anarchists, environmentalists, labour union members, farm workers, and general critics of the Washington Consensus shut down a meeting of the WTO in Seattle in the fall of 1999, the ruling institutions of the world were shocked and found themselves completely unprepared. They had read anti-Washington Consensus activists as fragmented, unsophisticated, and unable to tap into widespread public support. Most immediate accounts of the protests falsely labeled the protest movements as "anti-globalisation" instead of pro-globalisation. And they were falsely labeled "violent" uprisings when they were most definitely anti-violent. As in Chiapas, the government actually perpetrated the violence once the activists' tactics overwhelmed their abilities to make sense of the situation. For the most part, the Seattle activists practiced "direct democracy". The loosely-affiliated groups were themselves composed of loosely-affiliated members. They ruled themselves through protocols. When a member proposed an "action", she or he invited participation and criticism. After deliberation and debate, members who still opposed the revised proposal could still opt out of the action. In response to extreme proposals that violate the core principles of the group, members could propose a veto. And the group would then consider the validity of the concerns and decide whether to act. Such loose consensus could degenerate into organisational paralysis. But the more urgent the issue and more reasonable the action, the more effective these organisations would be. Once these movements shifted from the conference and seminar rooms - and chat rooms and web pages - to the streets of Seattle, they were much more diverse, flexible, impressive, and effective than anyone in power (or in universities) could have predicted. The Seattle activists were mostly, in Graeber's term, "small 'a' anarchists", as opposed to the more overtly ideologically-inspired "Anarchists". Like the Zapatistas, they dabbled in anarchistic tactics and methods without overtly endorsing a stateless world vision. A bend in the river Efforts since 1999 to replicate the triumphs of Seattle have been frustrated by events outside the activists' control. The protests in Quebec in the summer of 2001, intended to stop progress on a western hemispheric trade treaty on the model of the North American Free Trade Agreement ( Nafta ), were impressive. But those in New York who met up to protest the World Economic Forum meeting in early 2002 - when New Yorkers were in no mood for more chaos - were largely unimpressive and ineffective. Between these two events, of course, the World Trade Center fell and citizens and states around the world shifted their immediate concerns from freedom to security. In Genoa in July 2001, an Italian policeman shot and killed a young man named Carlo Giuliani who was protesting the meeting of the G8, the leaders of the eight most powerful nation-states in the world. Amid 80,000 protesters who were calling for cancellation of third world debt, a police vehicle ran through crowds of mostly peaceful protesters, chasing and beating many, to strike back against a handful of violent protesters. In Genoa , the idealised vision of "anarchists with a small 'a'" evaporated as more extreme and uncompromising anarchists reverted to violence against Italian security forces and world leaders, lobbing Molotov cocktails over barricades. These violent anarchists did not seem to be part of the global movement inspired by the Zapatistas. Yet their actions - and the blowback by the conservative Italian government - have become part of the governing mythology of the battle over globalisation. The protesters basked in glory after Seattle. And Italian authorities had no interest in seeming as overwhelmed, surprised, or incompetent as Seattle police had. This combination of hubris and militant defensiveness had fatal consequences for progressive forces in general, and Carlo Giuliani particularly. As global activist Nathan Newman explains , "There was, I think, a somewhat un-strategic overconfidence that developed among protesters post-Seattle. The Seattle cops were unprepared and played into the propaganda goals of the protesters. As Philadelphia and now Genoa showed, the cops are no longer unprepared and are developing both the repressive technology and propaganda to crush the Black Bloc-style protesters and the rest of the movement if we don't develop some new strategies to control the escalation of violence." No future beyond the nation-state? By 2003, these three ideological challenges to the power of the nation-state seemed stalled if not dead. Under the leadership of two very different powerful nation-states, the United States of America and the People's Republic of China, the 21st century would open with a clear call to think nationally first, and globally only if such strategies offered a clear and direct payoff to the nation-state. The ideologies and networks that seemed to threaten the nation-state all through the 1980s and 1990s faced challenges far greater than the nation-state ever did. return to the debate open easy read version download printable version (free to supporters) Got something to say about this article? Join the discussion Copyright ) Siva Vaidhyanathan ,2003. Published by openDemocracy Ltd. You may download and print extracts from this article for your own personal and non-commercial use only. If you are a library, university, teaching institution, business or media organisation, you must acquire an Academic License or Organisational License from openDemocracy , or seek permission directly from the author, before making copies, circulating or reproducing this article for teaching or commercial. openDemocracy Ltd | hello at openDemocracy.net -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From rah at shipwright.com Sat Aug 30 04:28:05 2003 From: rah at shipwright.com (R. A. Hettinga) Date: Sat, 30 Aug 2003 07:28:05 -0400 Subject: Responding to orders which include a secrecy requirement In-Reply-To: References: Message-ID: At 11:00 PM -0500 8/29/03, J.A. Terranson wrote: >And the sheer expense may in and of >itself be a controlling factor in such orders. Bingo. You can't make a hierarchical network out of a geodesic one again. To mangle Gilmore's words a bit, a geodesic network sees centralization as damage and routes around it. One node cannot switch all traffic, and, at it's heart, that's what they're trying to do with this stuff. They may not care, but I doubt, even these days when unpriced "common" resources are being wasted to such a degree by viruses and spam, that the market's going to let them kill off the internet just so they can watch everybody. Cheers, RAH -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' From timcmay at got.net Sat Aug 30 09:10:48 2003 From: timcmay at got.net (Tim May) Date: Sat, 30 Aug 2003 09:10:48 -0700 Subject: Responding to orders which include a secrecy requirement In-Reply-To: <20030830061014.A30391@slack.lne.com> Message-ID: <849259E2-DB04-11D7-87EC-000A956B4C74@got.net> On Saturday, August 30, 2003, at 06:10 AM, Eric Murray wrote: > On Fri, Aug 29, 2003 at 06:54:03PM -0700, Tim May wrote: > >> But when Big Brother commands that his Carnivore boxes be added, ISPs >> are afraid to shoot his agents who trespass. > >> I think my solution may be best: take a few ISPs who have bent over >> for >> Big Brother and kill their owners and staff. A few ISP owners found >> necklaced and smoking may send a message to others. > > The message it sends is to accept the cops offer of on-site > "protection" > when the ISP is faced with allowing the tap or being put in jail. > By upping the stakes you force the business > owner to accept the cops as the lesser of two evils. > > The mafia's actions tended to make business owners clamor for > more police and more intrusive police protection. Not less. > > This is a problem that's better solved with crypto. > If cops ask local neighborhood members to report any suspicious activity, the folks know that any benefits they gain from acting as informants tend to be a lot smaller than the danger of being beat up or even killed by the Mafia. When the cost of acting as an informant is zero, no risk, more people act as informants. I think restoring some risk to being a rat is a good thing. --Tim May From mv at cdc.gov Sat Aug 30 10:46:45 2003 From: mv at cdc.gov (Major Variola (ret)) Date: Sat, 30 Aug 2003 10:46:45 -0700 Subject: Responding to orders which include a secrecy requirement Message-ID: <3F50E305.8A6BCDDA@cdc.gov> At 06:54 PM 8/29/03 -0700, Tim May wrote: >On Friday, August 29, 2003, at 03:28 PM, Steve Schear wrote: >> All covered in my previous postings. This approach should be >> particularly applicable to ISPs as they generally have billing >> arrangement and can add this on as an extra service fee for each >> inquiry. Instead of court orders being a cost they become a revenue >> source. >> >This has been proposed for, but it fails for the usual reasons. > >An ISP is free to say "anyone requesting a tap is required to pay a >fee," just as any ISP is free to say that it will handle installation >of special Carnivore equipment for a certain fee. My (perhaps flawed) reading of Steve's post was different from Tims: the ISP bills the *tapped* person for "misc unplanned network work", not the *tappers*. The ISP puts it into their contract: if tapped by court order, we'll bill you for our effort. If your CPA has his time spent on govt things, can he bill you for it? If your ISP is hassled by RIAA, can they bill you? Certainly, if its in your contract. --- Got Mink? From jamesd at echeque.com Sat Aug 30 10:58:20 2003 From: jamesd at echeque.com (James A. Donald) Date: Sat, 30 Aug 2003 10:58:20 -0700 Subject: The Word Spy for 08/28/2003 -- darknet In-Reply-To: <6A6A5742-DA40-11D7-87EC-000A956B4C74@got.net> References: Message-ID: <3F50834C.31990.17788E0A@localhost> -- On 29 Aug 2003 at 9:47, Tim May wrote: > Not surprising that this "appropriation of the term" > (darknet) came from our friends in Redmond. No, no, they do not appropriate, they embrace and extend. You know all the ads for "the butterfly" (end user controlled censorware) Not only does their censorware technology have a striking resemblance to surfmonkey's technology, but their human actor playing the butterfly bears a striking resemblance to the CEO of surfmonkey, who made a presentation to them wearing a monkey suit, that somewhat resembles their butterfly suit. In defence of the brigands from Redmond, their extensions genuinely are improvements for the most part. "Darknet" is an improvement on "blacknet", since it really does come in shades of gray. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG 4QdufdOaOhUa+mGrceEOvnk1dbk9Z8V95fQLpJS4 4NUI3IV11A9C5CArRurHqpSq9Byspr52o2aXNMPzW From timcmay at got.net Sat Aug 30 11:46:19 2003 From: timcmay at got.net (Tim May) Date: Sat, 30 Aug 2003 11:46:19 -0700 Subject: "Terror Reading" In-Reply-To: <200308292356.15162.sfurlong@acmenet.net> Message-ID: <3EA00E07-DB1A-11D7-87EC-000A956B4C74@got.net> On Friday, August 29, 2003, at 08:56 PM, Steve Furlong wrote: > On Friday 29 August 2003 13:22, Tim May wrote: >> I am giving thought to visiting one of my local libraries and >> sauntering up the checkout desk and casually saying "So, what about >> this Patriot Act and librarians narcing us out to Big Brother?" >> >> Then, after hearing her explanation, just as casually saying "Well, I >> hope it never happens. Because if I ever learn that you have narced >> me out, I would of course have to lie in wait until you leave the >> library and then do what needs to be done." > > Yah, good thinking. Push the local librarian from siding with the > patrons against intrusive and unwarranted snooping, to thinking that > Asscruft may actually have a point if there are all these dangerous > wackos running around. Even the owner of my ISP is narcing me out. Read what he wrote recently to a Net.Nazi who wanted my speech limited: "I'm sorry that Tim is being a bother again. He has a long history of being obnoxious and threatening. So far, he has not broken any laws. We have talked to the authorities about him on numerous occasions. They have chosen to watch but not act. Please feel free to notify me if he does anything that is beyond rude and actually violates any laws and I will immediately inform the authorities." Thank You Don Frederickson (co-owner and CEO of got.net, Santa Cruz) From camera_lumina at hotmail.com Sat Aug 30 14:03:17 2003 From: camera_lumina at hotmail.com (Tyler Durden) Date: Sat, 30 Aug 2003 17:03:17 -0400 Subject: Responding to orders which include a secrecy requirement Message-ID: Tim May wrote... "If cops ask local neighborhood members to report any suspicious activity, the folks know that any benefits they gain from acting as informants tend to be a lot smaller than the danger of being beat up or even killed by the Mafia. When the cost of acting as an informant is zero, no risk, more people act as informants. I think restoring some risk to being a rat is a good thing." There is of course the old argument about states such as Nazi Germany: what percentage of the population would have participated had they known that in wearing the Nazi uniform (even just on the streets of Berlin), there'd be a nonzero chance of them coming home alive? The problem in the present situation of course is underlined by the fact that the mafia is a fairly coherent set of relational organizations, acting in conjunction with centrally identified aims, but actintg on those aims across a wide swath of territory/etc. A "restoration of risk" would require some form of large-scale activities along these lines. A "lone nut" or unabomber that does something like this can be ignored as insane. And indeed, his actions will probably end up being counter-productive. If it were commonly understood that lots of people (who may live next door) take offence at being narced, then (and only then) would things be a little different. How do you get there from here? Dunno, but the obvious paradigm these days is P2P. -TD PS: One possible thing missing from the "response" list. Anyway to make a virus that will install fake/random name lists? >From: Tim May >To: cypherpunks at lne.com >Subject: Re: Responding to orders which include a secrecy requirement >Date: Sat, 30 Aug 2003 09:10:48 -0700 > >On Saturday, August 30, 2003, at 06:10 AM, Eric Murray wrote: > >>On Fri, Aug 29, 2003 at 06:54:03PM -0700, Tim May wrote: >> >>>But when Big Brother commands that his Carnivore boxes be added, ISPs >>>are afraid to shoot his agents who trespass. >> >>>I think my solution may be best: take a few ISPs who have bent over for >>>Big Brother and kill their owners and staff. A few ISP owners found >>>necklaced and smoking may send a message to others. >> >>The message it sends is to accept the cops offer of on-site "protection" >>when the ISP is faced with allowing the tap or being put in jail. >>By upping the stakes you force the business >>owner to accept the cops as the lesser of two evils. >> >>The mafia's actions tended to make business owners clamor for >>more police and more intrusive police protection. Not less. >> >>This is a problem that's better solved with crypto. >> > >If cops ask local neighborhood members to report any suspicious activity, >the folks know that any benefits they gain from acting as informants tend >to be a lot smaller than the danger of being beat up or even killed by the >Mafia. > >When the cost of acting as an informant is zero, no risk, more people act >as informants. > >I think restoring some risk to being a rat is a good thing. > > >--Tim May _________________________________________________________________ Get MSN 8 and help protect your children with advanced parental controls. http://join.msn.com/?page=features/parental From timcmay at got.net Sat Aug 30 17:29:14 2003 From: timcmay at got.net (Tim May) Date: Sat, 30 Aug 2003 17:29:14 -0700 Subject: "Terror Reading" In-Reply-To: <200308301844.08067.sfurlong@acmenet.net> Message-ID: <25EA152E-DB4A-11D7-87EC-000A956B4C74@got.net> On Saturday, August 30, 2003, at 03:44 PM, Steve Furlong wrote: > On Saturday 30 August 2003 14:46, Tim May wrote: >> >> Even the owner of my ISP is narcing me out. >> >> Read what he wrote recently to a Net.Nazi who wanted my speech >> limited: > > (snip) > > Huh. Did the ISP cc you on that, or did the would-be censor forward it > to you as a warning that he held your access in his hands? The would-be censor forwarded it to me as a warning, that he was "in synch" with my own ISP and that I would likely soon be either losing my account or getting a visit from the cops (he claimed to have forwarded several of my posts to "law enforcement"). My larger point in this discussion here is the issue of what William Burroughs called "the policeman inside." Some librarians are probably now thinking they have a patriotic duty to see what people are reading and to report any "suspicious" behavior. Part of the intent of the Patriot Act and the Library Awareness Program was to bamboozle the nation's librarians into acting as the kind of "ward watchers" that were once so common in the Soviet Union (the babushkas who sat on each floor of apartment buildings and filed reports on the comings and goings of their flock). Just as some ISP owners seem to think it their duty to "talk to the police" about customers whom the DA has not charged with any crime but whom the "policeman inside" thinks may be committing thoughtcrime. I'm not hopeful that the evils of this "policeman inside" mentality can be demonstrated by mere, calm discussion. Reminding librarians that narcing out customers for reading magazines or books may result in violence against them may be useful. It may be that killing just a couple will make the point. Perhaps a small price to pay. --Tim May "Ben Franklin warned us that those who would trade liberty for a little bit of temporary security deserve neither. This is the path we are now racing down, with American flags fluttering."-- Tim May, on events following 9/11/2001 From sfurlong at acmenet.net Sat Aug 30 15:44:08 2003 From: sfurlong at acmenet.net (Steve Furlong) Date: Sat, 30 Aug 2003 18:44:08 -0400 Subject: "Terror Reading" In-Reply-To: <3EA00E07-DB1A-11D7-87EC-000A956B4C74@got.net> References: <3EA00E07-DB1A-11D7-87EC-000A956B4C74@got.net> Message-ID: <200308301844.08067.sfurlong@acmenet.net> On Saturday 30 August 2003 14:46, Tim May wrote: > > Even the owner of my ISP is narcing me out. > > Read what he wrote recently to a Net.Nazi who wanted my speech > limited: (snip) Huh. Did the ISP cc you on that, or did the would-be censor forward it to you as a warning that he held your access in his hands? -- Steve Furlong Computer Condottiere Have GNU, Will Travel "If someone is so fearful that, that they're going to start using their weapons to protect their rights, makes me very nervous that these people have these weapons at all!" -- Rep. Henry Waxman From cripto at ecn.org Sun Aug 31 00:20:22 2003 From: cripto at ecn.org (Anonymous) Date: Sun, 31 Aug 2003 09:20:22 +0200 (CEST) Subject: "Terror Reading" Message-ID: >Some librarians are probably now thinking they have a patriotic duty to >see what people are reading and to report any "suspicious" behavior. >Part of the intent of the Patriot Act and the Library Awareness Program >was to bamboozle the nation's librarians into acting as the kind of >"ward watchers" that were once so common in the Soviet Union (the >babushkas who sat on each floor of apartment buildings and filed >reports on the comings and goings of their flock). The purpose of this is purely a show and indoctrination. 1. No self-respecting terrorist would go to a fucking library to do terror reading (maybe there is something positive here - I think that we should get protected by pigs from extremely dumb terorists.) 2. No library that I am aware of requires ID to do on-site anything. The same goes for internet cafes and open wireless access points. 3. Buying books for cash is anonymous as it gets - it's unlikely that a library will have something that university bookstore or Internet doesn't have. Again, poor terorists should be caught. I want to be terorized by professionals. From timcmay at got.net Sun Aug 31 11:06:17 2003 From: timcmay at got.net (Tim May) Date: Sun, 31 Aug 2003 11:06:17 -0700 Subject: Responding to orders which include a secrecy requirement In-Reply-To: <3F505A06.3070207@comcast.net> Message-ID: On Saturday, August 30, 2003, at 01:02 AM, Tim wrote: > J.A. Terranson wrote: > >> On Fri, 29 Aug 2003, Tim May wrote: >> >> >>> But when Big Brother commands that his Carnivore boxes be added, >>> ISPs are afraid to shoot his agents who trespass. >>> >> >> Just for the record, as someone who is in a position to have >> first-hand >> personal knowledge of this... >> >> When the various plastic-id carrying critters came around asking to >> let ISPs >> install Carnivores just after 9/11, they were almost all turned away. >> The >> notable exceptions were from companies that are (not surprisingly) >> based >> outside of the US. >> >> I was *stunned* at how many ISPs told them to fuck off (including, I >> am happy >> to say, the one I work at).. >> > > So in other words, Tim May doesn't know what the hell he's talking > about (again)! A silly bit of logic on your part. The ISPs which have NOT narced out their customers, who may be in the majority, have nothing to fear. It's the ISPs which HAVE we are talking about. You confuse existence with magnitude. Logic eludes you. --Tim May From s.schear at comcast.net Sun Aug 31 11:32:49 2003 From: s.schear at comcast.net (Steve Schear) Date: Sun, 31 Aug 2003 11:32:49 -0700 Subject: Responding to orders which include a secrecy requirement In-Reply-To: References: Message-ID: <5.2.1.1.0.20030831112323.040e1008@mail.comcast.net> At 11:00 PM 8/29/2003 -0500, J.A. Terranson wrote: >I was *stunned* at how many ISPs told them to fuck off (including, I am happy >to say, the one I work at).. > >When a court order is present - that is a whole new ball game: nobody will >refuse that. Well maybe. What if a US ISP is incorporated with all foreign residents and no local employees (only trusted local contractors). No one to serve legal notice upon. ISP is housed in a standalone building which is owned outright (no landlord to serve). Site is monitored 24/7 via Internet and satellite links with remote controlled self-destruct devices (which to be effective must be capable of destroying the entire building). steve A foolish Constitutional inconsistency is the hobgoblin of freedom, adored by judges and demagogue statesmen. - Steve Schear From s.schear at comcast.net Sun Aug 31 11:46:56 2003 From: s.schear at comcast.net (Steve Schear) Date: Sun, 31 Aug 2003 11:46:56 -0700 Subject: Needed a WiFi "FidoNet" Message-ID: <5.2.1.1.0.20030831113332.04108ac0@mail.comcast.net> It would seems that the means may soon be at hand for using WiFi, or WiFi-like, equipment to create ad hoc, meshed, non-commercial networks. These, I believe would present particular difficulties for monitoring (law enforcement and otherwise) since routing and interconnections would be dynamic and there would be no ISP nor (potentially) any use of the Internet backbone. The DoD funded some research in the 80s and 90s (e.g., SRI's Packethop and MeshNetworks) which resulted in Metricom, Tetherless Access and Nokia's RoofTop's networks. Now some students at MIT have taken up the cause http://www.technologyreview.com/articles/print_version/wo_guizzo082903.asp. If a digital bearer cash system were to become available a means for pricing bandwidth and encouraging the establishment of such an infrastructure could well follow. steve "Any sufficiently advanced technology is indistinguishable from magic" -- Arthur C. Clarke From timcmay at got.net Sun Aug 31 12:02:51 2003 From: timcmay at got.net (Tim May) Date: Sun, 31 Aug 2003 12:02:51 -0700 Subject: Responding to orders which include a secrecy requirement In-Reply-To: <3F50E305.8A6BCDDA@cdc.gov> Message-ID: On Saturday, August 30, 2003, at 10:46 AM, Major Variola (ret) wrote: > At 06:54 PM 8/29/03 -0700, Tim May wrote: >> On Friday, August 29, 2003, at 03:28 PM, Steve Schear wrote: >>> All covered in my previous postings. This approach should be >>> particularly applicable to ISPs as they generally have billing >>> arrangement and can add this on as an extra service fee for each >>> inquiry. Instead of court orders being a cost they become a revenue >>> source. >>> >> This has been proposed for, but it fails for the usual reasons. >> >> An ISP is free to say "anyone requesting a tap is required to pay a >> fee," just as any ISP is free to say that it will handle installation >> of special Carnivore equipment for a certain fee. > > My (perhaps flawed) reading of Steve's post was different from Tims: > the > ISP bills the > *tapped* person for "misc unplanned network work", not the *tappers*. > The ISP puts it into their contract: if tapped by court order, we'll > bill you for our effort. I don't see any way to read what Steve wrote this way. He said: "An ISP is free to say "anyone requesting a tap is required to pay a fee," just as any ISP is free to say that it will handle installation of special Carnivore equipment for a certain fee." A customer of the ISP is certainly _not_ the one requesting a tap. And he is certainly not the one installing Carnivore equipment. Q.E.D. --Tim May "According to the FBI, there's a new wrinkle in prostitution: suburban teenage girls are now selling their white asses at the mall to make money to spend at the mall. ... Now, you see, the joke here, of course, is on White America, which always felt superior to blacks, and showed that with their feet, moving out of urban areas. "White flight," they called it. Whites feared blacks. They feared if they raised their kids around blacks, the blacks would turn their daughters and prostitutes. And now, through the miracle of MTV, damned if it didn't work out that way! " --Bill Maher, "Real Time with Bill Maher," HBO, 15 August 2003 From jamesd at echeque.com Sun Aug 31 16:20:59 2003 From: jamesd at echeque.com (James A. Donald) Date: Sun, 31 Aug 2003 16:20:59 -0700 Subject: Responding to orders which include a secrecy requirement In-Reply-To: <3F505A06.3070207@comcast.net> References: Message-ID: <3F52206B.25354.11C43DD@localhost> -- > Tim May is the perfect example why vigilante justice is > generally considered to be a bad thing -- stupid assholes > like Tim May spout off & take action based on paranoia > instead of facts & principles of anarchy instead of justice > and innocent parties get hurt. Talk is cheap. Actions are done more carefully. Tim implied he would kill stoolies that shopped him to the police, not that stoolies had shopped him to the police. Indeed, the one may be connected to the other -- the absence of stoolies may well be connected to the presence of hot talk. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG pXsE+dTMchTRGLEth/KG4Jybjex3fXnxmX/kW5ib 4kdDio/+p4tSHV+rTtDmhuzBJzAy9O9sadnf10+fR From timcmay at got.net Sun Aug 31 18:01:52 2003 From: timcmay at got.net (Tim May) Date: Sun, 31 Aug 2003 18:01:52 -0700 Subject: Responding to orders which include a secrecy requirement In-Reply-To: <3F52206B.25354.11C43DD@localhost> Message-ID: On Sunday, August 31, 2003, at 04:20 PM, James A. Donald wrote: > -- >> Tim May is the perfect example why vigilante justice is >> generally considered to be a bad thing -- stupid assholes >> like Tim May spout off & take action based on paranoia >> instead of facts & principles of anarchy instead of justice >> and innocent parties get hurt. > > Talk is cheap. Actions are done more carefully. Tim implied > he would kill stoolies that shopped him to the police, not that > stoolies had shopped him to the police. Indeed, the one may be > connected to the other -- the absence of stoolies may well be > connected to the presence of hot talk. And there is nothing immoral in discussing the fact that actions may have consequences. Take the work camps described in Solzhenitsyn's "One Day in the Life of Ivan Denisovitch." (Or, of course, the Nazi extermination camps. Or the U.S. concentration camps in Gitmo.) The camp management clearly sought a docile, "policeman inside," stoolie-oriented system where informers and "capos" (those who cooperate and act as de facto guards) see no reason NOT to be stoolies and capos. But merely the threat that stoolies and capos will be found with their throats slit is often enough to deter such behaviors. My point is that if librarians even think there is some small chance that someone they narc out to Big Brother will kill them or their families, such stoolie behavior may drop precipitously. --Tim May "A human being should be able to change a diaper, plan an invasion, butcher a hog, conn a ship, design a building, write a sonnet, balance accounts, build a wall, set a bone, comfort the dying, take orders, give orders, cooperate, act alone, solve equations, analyze a new problem, pitch manure, program a computer, cook a tasty meal, fight efficiently, die gallantly. Specialization is for insects." --Robert A. Heinlein From jdd at dixons.org Sun Aug 31 11:21:24 2003 From: jdd at dixons.org (Jim Dixon) Date: Sun, 31 Aug 2003 19:21:24 +0100 (BST) Subject: Responding to orders which include a secrecy requirement Message-ID: <20030831192027.G55235-100000@localhost> On Sat, 30 Aug 2003, Major Variola (ret) wrote: > >This has been proposed for, but it fails for the usual reasons. > > > >An ISP is free to say "anyone requesting a tap is required to pay a > >fee," just as any ISP is free to say that it will handle installation > >of special Carnivore equipment for a certain fee. > > My (perhaps flawed) reading of Steve's post was different from Tims: the > ISP bills the > *tapped* person for "misc unplanned network work", not the *tappers*. > The ISP puts it into their contract: if tapped by court order, we'll > bill you for our effort. In the UK ISPs certainly can bill the police for any taps installed at their standard rates, just as the telcos have always billed the police for the cost of wire taps. There was a lot of opposition from ISPs to taps 2-3 years ago; it largely disappeared when it became clear that they would be paid. The FBI made a presentation on Carnivore a couple of years ago at a NANOG conference in Washington. In a side remark, the guy giving the presentation made it clear that the practice in the US is the same: ISPs are paid by the police for any taps, paid at their normal rates. > If your CPA has his time spent on govt things, can he bill you for it? > If your ISP is hassled by RIAA, can they bill you? Certainly, if its in > your contract. I ran an ISP for seven years and was involved in a number of industry associations. Never heard of anyone anywhere billing a customer for the cost of taps, or of anyone putting such a provision in their contracts (I reviewed quite a few such contracts very carefully). It would amount to a form of tax without any basis in legislation and would, I believe, arouse very strong opposition. But perhaps I miss the point of the thread ;-) -- Jim Dixon jdd at dixons.org tel +44 117 982 0786 mobile +44 797 373 7881 From cpunk at lne.com Sun Aug 31 20:00:00 2003 From: cpunk at lne.com (cpunk at lne.com) Date: Sun, 31 Aug 2003 20:00:00 -0700 Subject: Cypherpunks List Info Message-ID: <200309010300.h81300W1016710@gw.lne.com> Cypherpunks Mailing List Information Last updated: Sep 12, 2002 This message is also available at http://www.lne.com/cpunk Instructions on unsubscribing from the list can be found below. 0. Introduction The Cypherpunks mailing list is a mailing list for discussing cryptography and its effect on society. It is not a moderated list (but see exceptions below) and the list operators are not responsible for the list content. Cypherpunks is a distributed mailing list. A subscriber can subscribe to one node of the list and thereby participate on the full list. Each node (called a "Cypherpunks Distributed Remailer", although they are not related to anonymous remailers) exchanges messages with the other nodes in addition to sending messages to its subscribers. A message posted to one node will be received by the list subscribers on the other nodes, and vice-versa. 1. Filtering The various CDRs follow different policies on filtering spam and to a lesser extent on modifying messages that go to/from their subscribers. Filtering is done, on nodes that do it, to reduce the huge amount of spam that the cypherpunks list is subjected to. There are three basic flavors of filtering CDRs: "raw", which send all messages to their subscribers. "cooked" CDRs try to eliminate the spam on that's on the regular list by automatically sending only messages that are from cypherpunks list subscribers (on any CDR) or people who are replying to list messages. Finally there are moderated lists, where a human moderator decides which messages from the raw list to pass on to subscribers. 2. Message Modification Message modification policy indicates what modifications, if any, beyond what is needed to operate the CDR are done (most CDRs add a tracking X-loop header on mail posted to their subscribers to prevent mail loops). Message modification usually happens on mail going in or out to each CDR's subscribers. CDRs should not modify mail that they pass from one CDR to the next, but some of them do, and others undo those modifications. 3. Privacy Privacy policy indicates if the list will allow anyone ("open"), or only list members, or no one ("private") , to retrieve the subscribers list. Note that if you post, being on a "private" list doesn't mean much, since your address is now out there. It's really only useful for keeping spammers from harvesting addresses from the list software. Digest mode indicates that the CDR supports digest mode, which is where the posts are batched up into a few large emails. Nodes that support only digest mode are noted. 4. Anonymous posting Cypherpunks encourages anonymous posting. You can use an anonymous remailer: http://www.andrebacard.com/remail.html http://anon.efga.org/Remailers http://www.gilc.org/speech/anonymous/remailer.html or you can send posts to the list via cpunks_anon at einstein.ssz.com and your mail's headers will be stripped before posting. Note that this doesn't provide complete anonymity since the receiving site will still have log file entries showing the source of the mail (or you have to trust that they delete them). You also will be 'sharing' a reputation with the other entities that post through this alias, and some of them are spammers, so some subscribers will have this alias filtered. 5. Unsubscribing Unsubscribing from the cypherpunks list: Since the list is run from a number of different CDRs, you have to figure out which CDR you are subscribed to. If you don't remember and can't figure it out from the mail headers (hint: the top Received: line should tell you), the easiest way to unsubscribe is to send unsubscribe messages to all the CDRs listed below. How to figure out which CDR you are subscribed to: Get your mail client to show all the headers (Microsoft calls this "internet headers"). Look for the Sender or X-loop headers. The Sender will say something like "Sender: owner-cypherpunks at lne.com". The X-loop line will say something like "X-Loop: cypherpunks at lne.com". Both of these inticate that you are subscribed to the lne.com CDR. If you were subscribed to the algebra CDR, they would have algebra.com in them. Once you have figured out which CDR you're subscribed to, look in the table below to find that CDRs unsubscribe instructions. 6. Lunatics, spammers and nut-cases "I'm subscribed to a filtering CDR yet I still see lots of junk postings". At this writing there are a few sociopaths on the cypherpunks list who are abusing the lists openness by dumping reams of propaganda on the list. The distinction between a spammer and a subscriber is nearly always very clear, but the dictinction between a subscriber who is abusing the list by posting reams of propaganda and a subscriber who is making lots of controversial posts is not clear. Therefore, we tolerate the crap. Subscribers with a low crap tolerance should check out mail filters. Procmail is a good one, although it works on Unix and Unix-like systems only. Eudora also has a capacity for filtering mail, as do many other mail readers. An example procmail recipie is below, you will of course want to make your own decisions on which (ab)users to filter. # mailing lists: # filter all cypherpunks mail into its own cypherspool folder, discarding # mail from loons. All CDRs set their From: line to 'owner-cypherpunks'. # /dev/null is unix for the trash can. :0 * ^From.*owner-cypherpunks at .* { :0: * (^From:.*ravage at ssz\.com.*|\ ^From:.*jchoate at dev.tivoli.com.*|\ ^From:.*mattd at useoz.com|\ ^From:.*proffr11 at bigpond.com|\ ^From:.*jei at cc.hut.fi) /dev/null :0: cypherspool } 7. List of current CDRs All commands are sent in the body of mail unless otherwise noted. --------------------------------------------------------------------------- Algebra: Operator: Subscription: "subscribe cypherpunks" to majordomo at algebra.com Unsubscription: "unsubscribe cypherpunks" to majordomo at algebra.com Help: "help cypherpunks" to majordomo at algebra.com Posting address: cypherpunks at algebra.com Filtering policy: raw Message Modification policy: no modification Privacy policy: ??? Info: ??? --------------------------------------------------------------------------- CCC: Operator: drt at un.bewaff.net Subscription: "subscribe [password of your choice]" to cypherpunks-request at koeln.ccc.de Unsubscription: "unsubscribe " to cypherpunks-request at koeln.ccc.de Help: "help" to to cypherpunks-request at koeln.ccc.de Web site: http://koeln.ccc.de/mailman/listinfo/cypherpunks Posting address: cypherpunks at koeln.ccc.de Filtering policy: This specific node drops messages bigger than 32k and every message with more than 17 recipients or just a line containing "subscribe" or "unsubscribe" in the subject. Digest mode: this node is digest-only NNTP: news://koeln.ccc.de/cbone.ml.cypherpunks Message Modification policy: no modification Privacy policy: ??? --------------------------------------------------------------------------- Infonex: Subscription: "subscribe cypherpunks" to majordomo at infonex.com Unsubscription: "unsubscribe cypherpunks" to majordomo at infonex.com Help: "help cypherpunks" to majordomo at infonex.com Posting address: cypherpunks at infonex.com Filtering policy: raw Message Modification policy: no modification Privacy policy: ??? --------------------------------------------------------------------------- Lne: Subscription: "subscribe cypherpunks" to majordomo at lne.com Unsubscription: "unsubscribe cypherpunks" to majordomo at lne.com Help: "help cypherpunks" to majordomo at lne.com Posting address: cypherpunks at lne.com Filtering policy: cooked Posts from all CDR subscribers & replies to threads go to lne CDR subscribers. All posts from other CDRs are forwarded to other CDRs unmodified. Message Modification policy: 1. messages are demimed (MIME attachments removed) when posted through lne or received by lne CDR subscribers 2. leading "CDR:" in subject line removed 3. "Reply-to:" removed Privacy policy: private Info: http://www.lne.com/cpunk; "info cypherpunks" to majordomo at lne.com Archive: http://archives.abditum.com/cypherpunks/index.html (thanks to Steve Furlong and Len Sassaman) --------------------------------------------------------------------------- Minder: Subscription: "subscribe cypherpunks" to majordomo at minder.net Unsubscription: "unsubscribe cypherpunks" to majordomo at minder.net Help: "help" to majordomo at minder.net Posting address: cypherpunks at minder.net Filtering policy: raw Message Modification policy: no modification Privacy policy: private Info: send mail to cypherpunks-info at minder.net --------------------------------------------------------------------------- Openpgp: [openpgp seems to have dropped off the end of the world-- it doesn't return anything from sending help queries. Ericm, 8/7/01] Subscription: "subscribe cypherpunks" to listproc at openpgp.net Unsubscription: "unsubscribe cypherpunks" to listproc at openpgp.net Help: "help" to listproc at openpgp.net Posting address: cypherpunks at openpgp.net Filtering policy: raw Message Modification policy: no modification Privacy policy: ??? --------------------------------------------------------------------------- Ssz: Subscription: "subscribe cypherpunks" to majordomo at ssz.com Unsubscription: "unsubscribe cypherpunks" to majordomo at ssz.com Help: "help cypherpunks" to majordomo at ssz.com Posting address: cypherpunks at ssz.com Filtering policy: raw Message Modification policy: Subject line prepended with "CDR:" Reply-to cypherpunks at ssz.com added. Privacy policy: open Info: http://www.ssz.com/cdr/ --------------------------------------------------------------------------- Sunder: Subscription: "subscribe" to sunder at sunder.net Unsubscription: "unsubscribe" to sunder at sunder.net Help: "help" to sunder at sunder.net Posting address: sunder at sunder.net Filtering policy: moderated Message Modification policy: ??? Privacy policy: ??? Info: ??? --------------------------------------------------------------------------- Pro-ns: Subscription: "subscribe cypherpunks" to majordomo at pro-ns.net Unsubscription: "unsubscribe cypherpunks" to majordomo at pro-ns.net Help: "help cypherpunks" to majordomo at pro-ns.net Posting address: cypherpunks at pro-ns.net Filtering policy: cooked Posts from all CDR subscribers & replies to threads go to local CDR subscribers. All posts from other CDRs are forwarded to other CDRs unmodified. Message Modification policy: 1. leading "CDR:" in subject line removed 2. "Reply-to:" removed Privacy policy: private Info: http://www.pro-ns.net/cpunk From timcmay at got.net Sun Aug 31 20:06:39 2003 From: timcmay at got.net (Tim May) Date: Sun, 31 Aug 2003 20:06:39 -0700 Subject: Responding to orders which include a secrecy requirement In-Reply-To: <200308312116.14417.sfurlong@acmenet.net> Message-ID: <4E3A2F0C-DC29-11D7-87EC-000A956B4C74@got.net> On Sunday, August 31, 2003, at 06:16 PM, Steve Furlong wrote: > On Sunday 31 August 2003 19:20, James A. Donald wrote: > >> Talk is cheap. ... >> Indeed, the one may be >> connected to the other -- the absence of stoolies may well be >> connected to the presence of hot talk. > > Dunno. I'm not sure that mere talk of killing a librarian would > dissuade > the potential stoolies. As you say, talk is cheap. Actions, reported > widely in the mass media, will grab people's attention. You're being way too unimaginative, or literal, or something. This is at the discussion stage, and probably will be followed-through by others (if at all). The too literal part comes from thinking that discussions here mean someone here is going to kill some librarians. The too unimaginative part comes from thinking that publicity about the idea will not itself have an effect. The Mob doesn't actually have to kill too many stoolies for it to be widely known that ratting can be a very dangerous business. Maybe Big Brother will create a Witness Relocation Program especially for librarians who turn state's evidence. (But we will still find their families...bawaaahaaahaaa!) --Tim May From sfurlong at acmenet.net Sun Aug 31 18:16:14 2003 From: sfurlong at acmenet.net (Steve Furlong) Date: Sun, 31 Aug 2003 21:16:14 -0400 Subject: Responding to orders which include a secrecy requirement In-Reply-To: <3F52206B.25354.11C43DD@localhost> References: <3F52206B.25354.11C43DD@localhost> Message-ID: <200308312116.14417.sfurlong@acmenet.net> On Sunday 31 August 2003 19:20, James A. Donald wrote: > Talk is cheap. ... > Indeed, the one may be > connected to the other -- the absence of stoolies may well be > connected to the presence of hot talk. Dunno. I'm not sure that mere talk of killing a librarian would dissuade the potential stoolies. As you say, talk is cheap. Actions, reported widely in the mass media, will grab people's attention. On a related note, does anyone have a recommendation for a nice chianti? -- Steve Furlong Computer Condottiere Have GNU, Will Travel "If someone is so fearful that, that they're going to start using their weapons to protect their rights, makes me very nervous that these people have these weapons at all!" -- Rep. Henry Waxman From camera_lumina at hotmail.com Sun Aug 31 18:52:49 2003 From: camera_lumina at hotmail.com (Tyler Durden) Date: Sun, 31 Aug 2003 21:52:49 -0400 Subject: Responding to orders which include a secrecy requirement Message-ID: "Tim May is the perfect example why vigilante justice is generally considered to be a bad thing -- stupid assholes like Tim May spout off & take action based on paranoia instead of facts & principles of anarchy instead of justice and innocent parties get hurt." Well, on one hand taking justice into one's own hands opens the doors to pretty much anything anybody can think of that ticks them off. On the other hand, there are clearly times and societies where such an approach is warranted. The usual exmples have already been given. These examples seem to have at their intersection a time where the government (and the powers that be) are themselves immune from legal consequence and above the law, while 'enforcing' laws that are innately evil. Such a society has pretty much boiled down to "might makes right", and such a government is a government in name only. The question then becomes, when do we know when we've entered such a time? More specifically, have we in the US entered such a time? And if we have not, does it not at least appear that we might, soon? If the answer to either of these questions is yes, then Tim May's suggestion is not a matter of "if", but "when". If the Koran becomes outlawed but a librarian rats on a Muslim trying to access the Koran online, then is this not much different from the Nazi days? Of course, we believe that the librarian is trying to "do the right thing". But do you really think that enthusiastic Hitler followers believed they were evil? No, Tim May's statement is not scary because he's suggesting anarchy. It's scary because sometime in the near future it may actually be a reasonable response. (Well, I dont agree with the 'killing the kids' thing.) If Mike Hawash can be grabbed off the streets without any acknowledgement by the Feds and then go to prison for NOT fighting against the US (but clearly thinking about it), then we are in deep trouble. -TD >From: Tim May >To: cypherpunks at lne.com >Subject: Re: Responding to orders which include a secrecy requirement >Date: Sun, 31 Aug 2003 18:01:52 -0700 > >On Sunday, August 31, 2003, at 04:20 PM, James A. Donald wrote: > >> -- >>>Tim May is the perfect example why vigilante justice is >>>generally considered to be a bad thing -- stupid assholes >>>like Tim May spout off & take action based on paranoia >>>instead of facts & principles of anarchy instead of justice >>>and innocent parties get hurt. >> >>Talk is cheap. Actions are done more carefully. Tim implied >>he would kill stoolies that shopped him to the police, not that >>stoolies had shopped him to the police. Indeed, the one may be >>connected to the other -- the absence of stoolies may well be >>connected to the presence of hot talk. > >And there is nothing immoral in discussing the fact that actions may have >consequences. > >Take the work camps described in Solzhenitsyn's "One Day in the Life of >Ivan Denisovitch." (Or, of course, the Nazi extermination camps. Or the >U.S. concentration camps in Gitmo.) The camp management clearly sought a >docile, "policeman inside," stoolie-oriented system where informers and >"capos" (those who cooperate and act as de facto guards) see no reason NOT >to be stoolies and capos. > >But merely the threat that stoolies and capos will be found with their >throats slit is often enough to deter such behaviors. > >My point is that if librarians even think there is some small chance that >someone they narc out to Big Brother will kill them or their families, such >stoolie behavior may drop precipitously. > > >--Tim May >"A human being should be able to change a diaper, plan an invasion, butcher >a hog, conn a ship, design a building, write a sonnet, balance accounts, >build a wall, set a bone, comfort the dying, take orders, give orders, >cooperate, act alone, solve equations, analyze a new problem, pitch manure, >program a computer, cook a tasty meal, fight efficiently, die gallantly. >Specialization is for insects." --Robert A. Heinlein _________________________________________________________________ Help protect your PC: Get a free online virus scan at McAfee.com. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 From measl at mfn.org Sun Aug 31 21:33:13 2003 From: measl at mfn.org (J.A. Terranson) Date: Sun, 31 Aug 2003 23:33:13 -0500 (CDT) Subject: [AntiSocial] Syracuse U tracks the Department of Homeland Security (fwd) Message-ID: Of interest to many here, I am sure. Tim: hide your eyes... -- Yours, J.A. Terranson sysadmin at mfn.org "Every living thing dies alone." Donnie Darko ------- FORWARDED MESSAGE ------------------- I don't know how many people have seen this already... Interesting new data released Monday by Syracuse University on the Dept. of Homeland Security. It includes employees by county for the entire country: http://trac.syr.edu/tracreports/tracdhs/030825/county_full.html which, curiously, shows Boulder with zero full-time DHS employees but San Miguel (Telluride) with 7! It also includes this, from http://trac.syr.edu/tracreports/tracdhs/aboutdata030825.html "TRACs direct experiences with the DHS in connection with the FOIA law thus far have not been encouraging. Most of our FOIA requests to the department, for example, have yet to be acted upon although -- given the short time that has elapsed since our initial requests -- this may not be entirely surprising. More disturbing is the fact that many of public records that the Freedom of Information Act requires be posted on the agencys web site are not yet available. "But there have been a number of additional specific incidents that heighten our concern. In an attempt to telephone the departments public affairs office in June, for example, TRAC was twice informed that the direct-dial number of this office was not a matter of public record. On a second occasion, after a FOIA officer in one of DHS sub-agencies promised to fax TRAC a list identifying documents that the FOIA specifically mandates be made public, the promise was withdrawn. Then another DHS sub-agency informed TRAC it would not act on our FOIA request -- an outcome flowing from its failure to classify Syracuse University as qualifying as an educational ...institution whose purpose is scholarly or scientific research. On yet another occasion, a TRAC request for more timely information to update material posted some months before on a sub-agencys public web site was summarily refused." They also track FBI and other govt ops... ---------- Forwarded message ---------- Date: Thu, 28 Aug 2003 13:30:43 -0400 (EDT) From: TRAC Subject: Department of Homeland Security (DHS) TRAC's first special report on the DHS is now available. This report provides comprehensive information about the staff of an agency which now employs one out of every twelve full-time federal workers: where they work, what they are paid, what they do and the agencies within the department that employ them. Analysis, maps, tables and graphs are available. Also presented are data documenting staff changes between 9/11 and March 31, 2003. For more information go to: http://trac.syr.edu/media David Burnham and Susan B. Long, co-directors Transactional Records Access Clearinghouse Syracuse University 488 Newhouse II Syracuse, NY 13244-2100 315-443-3563 trac at syr.edu http://trac.syr.edu From anmetet at freedom.gmsociety.org Sun Aug 31 22:54:59 2003 From: anmetet at freedom.gmsociety.org (An Metet) Date: Mon, 1 Sep 2003 01:54:59 -0400 Subject: Responding to orders which include a secrecy requirement Message-ID: Tim May: > If cops ask local neighborhood members to report any suspicious > activity, the folks know that any benefits they gain from acting as > informants tend to be a lot smaller than the danger of being beat up or > even killed by the Mafia. > > When the cost of acting as an informant is zero, no risk, more people > act as informants. > > I think restoring some risk to being a rat is a good thing. Unbelievable. The man who invented Blacknet, who has called for and supported the idea of offshore data havens, now tries to control the flow of information! What the hell do you call people who rat you out about your bad debts, if not informants? The whole point of the cypherpunk movement is to make it easier and less risky to spread information even when there are those who want to suppress it. This is just another example of May's hypocrisy and lack of critical thinking abilities. He's all for crypto anarchy until he realizes his own ass is vulnerable. Then he starts trying to think of ways to keep people from exchanging information he doesn't like. Here's a clue. If and when crypto anarchy ever becomes a reality, Tim May is going to be one of the first ones killed. He's pissed off too many people. Once they can get retribution anonymously, his days are numbered.