Cypherpunks response to viral stimuli

Tyler Durden camera_lumina at hotmail.com
Tue Feb 3 10:57:07 PST 2004 

"Or would you instead, simply just stick a Carnivore machine at one hop 
above each CDR node that you're interested in, and gather the information 
you wanted with nearly zero risk of tipping your hand?  Or even simpler than 
that, get a hotmail or yahoomail account and just subscribe.  Which of the 
above scenarios makes the most sense in terms of Occam's?"

While you make some good points, you've way overstated both sides of your 
argument.
But this statement..."simply stick a Carnivore machine at one hop above each 
CDR node"...
Isn't that almost like saying "simply splice into the undersea cable"? Of 
course, if we're talking about hunting down Osama bin Laden a TLA (or 
whoever) would probably do that. But in terms of merely rounding up the 
names of potential trouble makers (particularly when they don't want anyone 
to know that they're doing this) it seems to be an awfully easy thing to do.

As for the fake virus part, all they need to do is go to some year-old virus 
list, select a virus, and send one directly through a non-de-mimed list 
server, and then watch what comes out. Seems a lot cheaper and easier.

But this misses the point: Even IF this would be "stupid", it would be 
stupider still to be aware that this is possible, and then not implement a 
fix (if a cheap fix is available). De-miming is now obvious.
In other words, the idea is not to compare dick sizes but to actually force 
them to spend huge amounts of money on trivial tasks, by raising aware of 
and plugging any holes that become evident. That assymetry is exactly what 
crypto is, in a nutshell.

-TD



>From: sunder <sunder at sunder.net>
>To: Tyler Durden <camera_lumina at hotmail.com>
>CC: petard at freeshell.org, cypherpunks at minder.net
>Subject: Re: Cypherpunks response to viral stimuli
>Date: Tue, 03 Feb 2004 13:28:47 -0500
>
>Tyler Durden wrote:
>
>>And in case it's not clear, I'm suggesting that it may be useful for them 
>>to deliberately create a "fake" virus that is easily detectable, and so 
>>cull the bounce messages.
>
>Right, why should they do something passive that doesn't tip their hand and 
>allows them to collect the information they need, when instead they can do 
>something active and stupid that could possibly give away their position.
>
>Think about it.  In fact, apply Occam's Razor to this, in fine, thin 
>slices:
>
>If you were a TLA and you'd want to send a "fake" virus, it would need to 
>be something that would trip every anti-virus software that anyone could 
>possibly run, but yet, not be a virus, and you'd need to do so without 
>giving away your IP address - while making it look like it came from lots 
>of sources.  If you'd only use a single IP address, the guy that runs the 
>node would likely block you as a virus source.
>
>Then, on top of it, you'd have to *HOPE* that none of your targets saw the 
>real version of the virus, and then bothered to compare the two, or worse 
>yet, dissect the decoy you've sent, and figure out that it isn't real.
>
>
>How's would you do this and have it be successful?  Unless, of course, you 
>wish to claim that the TLA's wrote the anti-SCO viruses?  In which case, 
>there's a lovely bridge between Brooklyn and Manhattan that I would gladly 
>sell you...  Real cheap...  it's a bit old, but it's in decent shape... No? 
>  How about some nice foil hats?  Real cheap...  For you, only $100 each 
>(plus tax of course)... guaranteed to be made of 100% aluminum foil.
>
>
>Or would you instead, simply just stick a Carnivore machine at one hop 
>above each CDR node that you're interested in, and gather the information 
>you wanted with nearly zero risk of tipping your hand?  Or even simpler 
>than that, get a hotmail or yahoomail account and just subscribe.  Which of 
>the above scenarios makes the most sense in terms of Occam's?
>
>
>P.S.: I stand by my original statement: the collective IQ of the posters on 
>list is dropping.

_________________________________________________________________
Check out the new MSN 9 Dial-up  fast & reliable Internet access with prime 
features! http://join.msn.com/?pgmarket=en-us&page=dialup/home&ST=1

More information about the cypherpunks-legacy mailing list